Package: wireshark Version: 1.2.1-2 Severity: serious Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for wireshark. CVE-2009-3242[0]: | Unspecified vulnerability in packet.c in the GSM A RR dissector in | Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of | service (application crash) via unknown vectors related to "an | uninitialized dissector handle," which triggers an assertion failure. CVE-2009-3241[1]: | Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark | 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers | to cause a denial of service (memory and CPU consumption) via | malformed OPCUA Service CallRequest packets. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3242 http://security-tracker.debian.net/tracker/CVE-2009-3242 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3241 http://security-tracker.debian.net/tracker/CVE-2009-3241 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkq3s9oACgkQNxpp46476ar3XACgimktu1HPD5B4aaWP9JGiU3FT MT4An1NufYTYUSDhOOgV+lUw9zAeIYOU =1idt -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
