svn commit: r418023 - head/security/vuxml
Jason Unovitch
junovitch at FreeBSD.org
Mon Jul 4 13:25:49 UTC 2016
Author: junovitch
Date: Mon Jul 4 13:25:47 2016
New Revision: 418023
URL: https://svnweb.freebsd.org/changeset/ports/418023
Log:
Document wnpa-sec-2016-29 through wnpa-sec-2016-37 for issues fixed in
Wireshark 2.0.4
Security: CVE-2016-5350
Security: CVE-2016-5351
Security: CVE-2016-5352
Security: CVE-2016-5353
Security: CVE-2016-5354
Security: CVE-2016-5355
Security: CVE-2016-5356
Security: CVE-2016-5357
Security: CVE-2016-5358
Security: https://vuxml.FreeBSD.org/freebsd/313e9557-41e8-11e6-ab34-002590263bf5.html
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 4 13:24:26 2016 (r418022)
+++ head/security/vuxml/vuln.xml Mon Jul 4 13:25:47 2016 (r418023)
@@ -58,6 +58,71 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="313e9557-41e8-11e6-ab34-002590263bf5">
+ <topic>wireshark -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>wireshark</name>
+ <name>wireshark-lite</name>
+ <name>wireshark-qt5</name>
+ <name>tshark</name>
+ <name>tshark-lite</name>
+ <range><lt>2.0.4</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Wireshark development team reports:</p>
+ <blockquote cite="https://www.wireshark.org/docs/relnotes/wireshark-2.0.4.html">
+ <p>The following vulnerabilities have been fixed:</p>
+ <ul>
+ <li><p>wnpa-sec-2016-29</p>
+ <p>The SPOOLS dissector could go into an infinite loop. Discovered
+ by the CESG.</p></li>
+ <li><p>wnpa-sec-2016-30</p>
+ <p>The IEEE 802.11 dissector could crash. (Bug 11585)</p></li>
+ <li><p>wnpa-sec-2016-31</p>
+ <p>The IEEE 802.11 dissector could crash. Discovered by Mateusz
+ Jurczyk. (Bug 12175)</p></li>
+ <li><p>wnpa-sec-2016-32</p>
+ <p>The UMTS FP dissector could crash. (Bug 12191)</p></li>
+ <li><p>wnpa-sec-2016-33</p>
+ <p>Some USB dissectors could crash. Discovered by Mateusz
+ Jurczyk. (Bug 12356)</p></li>
+ <li><p>wnpa-sec-2016-34</p>
+ <p>The Toshiba file parser could crash. Discovered by iDefense
+ Labs. (Bug 12394)</p></li>
+ <li><p>wnpa-sec-2016-35</p>
+ <p>The CoSine file parser could crash. Discovered by iDefense
+ Labs. (Bug 12395)</p></li>
+ <li><p>wnpa-sec-2016-36</p>
+ <p>The NetScreen file parser could crash. Discovered by iDefense
+ Labs. (Bug 12396)</p></li>
+ <li><p>wnpa-sec-2016-37</p>
+ <p>The Ethernet dissector could crash. (Bug 12440)</p></li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2016-5350</cvename>
+ <cvename>CVE-2016-5351</cvename>
+ <cvename>CVE-2016-5352</cvename>
+ <cvename>CVE-2016-5353</cvename>
+ <cvename>CVE-2016-5354</cvename>
+ <cvename>CVE-2016-5355</cvename>
+ <cvename>CVE-2016-5356</cvename>
+ <cvename>CVE-2016-5357</cvename>
+ <cvename>CVE-2016-5358</cvename>
+ <url>https://www.wireshark.org/docs/relnotes/wireshark-2.0.4.html</url>
+ <url>http://www.openwall.com/lists/oss-security/2016/06/09/4</url>
+ </references>
+ <dates>
+ <discovery>2016-06-07</discovery>
+ <entry>2016-07-04</entry>
+ </dates>
+ </vuln>
+
<vuln vid="8656cf5f-4170-11e6-8dfe-002590263bf5">
<topic>moodle -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list