The following Fedora 18 Security updates need testing: Age URL 146 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 57 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18 41 https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3.fc18 28 https://admin.fedoraproject.org/updates/FEDORA-2013-14794/filezilla-3.7.3-1.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-15567/asterisk-11.5.1-2.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-15673/libtiff-4.0.3-9.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-15713/graphite-web-0.9.12-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-15881/pyOpenSSL-0.13.1-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-15877/python-pyrad-2.0-3.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-15994/mediawiki-1.19.8-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-16192/roundcubemail-0.9.4-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16336/kernel-3.10.11-100.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16356/polarssl-1.2.8-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16316/rubygems-1.8.25-7.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16371/xen-4.2.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-16464/moodle-2.3.9-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-16587/wireshark-1.10.2-3.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-16575/glpi-0.83.9.1-4.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-16381/lightdm-1.4.3-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 215 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-15553/keyutils-1.5.6-1.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2013-15622/libfm-1.1.2.2-2.fc18,pcmanfm-1.1.2-2.D20130830gitfc8adaab77.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-15653/libdrm-2.4.46-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-15766/linux-firmware-20130724-0.3.git31f6b30.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-15881/pyOpenSSL-0.13.1-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-16214/gdb-7.5.1-42.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-16208/curl-7.27.0-12.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-16211/rpm-4.10.3.1-3.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-16204/sane-backends-1.0.23-18.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16344/selinux-policy-3.11.1-103.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16336/kernel-3.10.11-100.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-16335/gstreamer1-plugins-bad-free-1.0.10-1.fc18,gstreamer1-plugins-good-1.0.10-1.fc18,gstreamer1-plugins-base-1.0.10-1.fc18,gstreamer1-1.0.10-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-16499/vim-7.4.027-2.fc18 The following builds have been pushed to Fedora 18 updates-testing ghc-indents-0.3.3-1.fc18 glpi-0.83.9.1-4.fc18 gnomeradio-1.8-22.fc18 ldapvi-1.7-17.fc18 licq-1.8.0-1.fc18 lightdm-1.4.3-1.fc18 mate-icon-theme-faenza-1.6.1-0.1.gitc147867.fc18 mate-panel-1.6.1-4.fc18 openscap-0.9.12-1.fc18 openvpn-2.3.2-4.fc18 osm2pgsql-0.82.0-1.fc18 perl-File-KeePass-2.03-3.fc18 perl-Hash-MoreUtils-0.03-1.fc18 perl-Parallel-Scoreboard-0.04-1.fc18 php-htmLawed-1.1.16-1.fc18 python-rtslib-2.1.fb39-1.fc18 qt5-qttools-5.1.1-3.fc18 wireshark-1.10.2-3.fc18 Details about builds: ================================================================================ ghc-indents-0.3.3-1.fc18 (FEDORA-2013-16604) Indentation sensitive parser-combinators for parsec -------------------------------------------------------------------------------- Update Information: - Indentation sensitive parser-combinators for parsec - http://hackage.haskell.org/package/indents -------------------------------------------------------------------------------- References: [ 1 ] Bug #982192 - Review Request: ghc-indents - Indentation sensitive parser-combinators for parsec https://bugzilla.redhat.com/show_bug.cgi?id=982192 -------------------------------------------------------------------------------- ================================================================================ glpi-0.83.9.1-4.fc18 (FEDORA-2013-16575) Free IT asset management software -------------------------------------------------------------------------------- Update Information: Security improvement: restrict access to installation wizard from local server only. Remote access need to be explicitly allowed in configuration (/etc/httpd/conf.d/glpi.conf). -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.83.9.1-4 - restrict access for install to local for security - drop bundled Flash files files, #1000251 - Add a missing requirement on crontabs to spec file -------------------------------------------------------------------------------- ================================================================================ gnomeradio-1.8-22.fc18 (FEDORA-2013-16597) Graphical FM-Tuner program for GNOME -------------------------------------------------------------------------------- Update Information: This is an update that fixes the "no window" bug, which prevented the gui to appear on screen. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Paulo Roma <roma@xxxxxxxxxxx> - 1.8-22 - Applied gnomeradio-1.8-expose-event.patch and gnomeradio-1.8-gui.patch * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Apr 11 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.8-20 - Drop desktop vendor tag. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #826690 - Gnomeradio problem - no window! https://bugzilla.redhat.com/show_bug.cgi?id=826690 -------------------------------------------------------------------------------- ================================================================================ ldapvi-1.7-17.fc18 (FEDORA-2013-16613) An interactive LDAP client -------------------------------------------------------------------------------- Update Information: Add fix of double free() crash (#949157), also fix old FSF address -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 11 2013 Matěj Cepl <mcepl@xxxxxxxxxx> - 1.7-17 - Add fix of double free() crash (#949157) - Fix old FSF address * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #949157 - [PATCH] fix use-after-free in sasl code https://bugzilla.redhat.com/show_bug.cgi?id=949157 -------------------------------------------------------------------------------- ================================================================================ licq-1.8.0-1.fc18 (FEDORA-2013-16625) A graphical ICQ client with multiple protocols support -------------------------------------------------------------------------------- Update Information: New version with Obsolete -console as no longer maintained by upstream. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Christopher Meng <rpm@xxxxxxxx> - 1.8.0-1 - New bugfix release introduces support for multiple accounts per protocol. - Removed console plugin (no longer maintained) -------------------------------------------------------------------------------- ================================================================================ lightdm-1.4.3-1.fc18 (FEDORA-2013-16381) Lightweight Display Manager -------------------------------------------------------------------------------- Update Information: This is a stable update in the 1.4 series adding a few important fixes backported from later versions. Overview of changes in lightdm 1.4.2 include: * Correctly set permissions on Xauthority file. * Stop using g_file_set_replace - it can leave intermediate files around See also: http://lists.freedesktop.org/archives/lightdm/2013-September/000438.html http://lists.freedesktop.org/archives/lightdm/2013-September/000446.html -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.4.3-1 - lightdm-1.4.3 - Word-readable .Xauthority (#1007187, CVE-2013-4331) * Fri Sep 6 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.4.2-1 - lightdm-1.4.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007187 - lightdm: lightdm : Word-readable .Xauthority : [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1007187 -------------------------------------------------------------------------------- ================================================================================ mate-icon-theme-faenza-1.6.1-0.1.gitc147867.fc18 (FEDORA-2013-16578) Extra set of icon themes for MATE Desktop -------------------------------------------------------------------------------- Update Information: - update to latest git snapshot - fix mate-icon-theme-faenza included Trademark and non-free logo, rhbz (#1005464) -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1005464 - mate-icon-theme-faenza included Trademark and non-free logo. https://bugzilla.redhat.com/show_bug.cgi?id=1005464 -------------------------------------------------------------------------------- ================================================================================ mate-panel-1.6.1-4.fc18 (FEDORA-2013-16607) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information: - add runtime require mate-file-manager-schemas, fix rhbz (#1007219) -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-4 - add runtime require mate-file-manager-schemas, fix rhbz (#1007219) * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007219 - mate-panel needs mate-file-manager-schemas to run https://bugzilla.redhat.com/show_bug.cgi?id=1007219 -------------------------------------------------------------------------------- ================================================================================ openscap-0.9.12-1.fc18 (FEDORA-2013-16617) Set of open source libraries enabling integration of the SCAP line of standards -------------------------------------------------------------------------------- Update Information: Update to new upstream release. Bug fixes and smaller improvements. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 11 2013 Šimon Lukašík <slukasik@xxxxxxxxxx> 0.9.12-1 - upgrade -------------------------------------------------------------------------------- ================================================================================ openvpn-2.3.2-4.fc18 (FEDORA-2013-16598) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: Enable --enable-x509-alt-username. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Jon Ciesla <limburgher@xxxxxxxxx> 2.3.2-4 - Enable --enable-x509-alt-username, BZ 1007184. * Wed Aug 7 2013 Jon Ciesla <limburgher@xxxxxxxxx> 2.3.2-3 - Fix find syntax to fix FTBFS, BZ 992411. * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007184 - Request to enable the "--enable-x509-alt-username" compile-time option https://bugzilla.redhat.com/show_bug.cgi?id=1007184 -------------------------------------------------------------------------------- ================================================================================ osm2pgsql-0.82.0-1.fc18 (FEDORA-2013-16584) Imports map data from OpenStreetMap to a PostgreSQL database -------------------------------------------------------------------------------- Update Information: * Thu Sep 12 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.82.0-1 - Updated to latest upstream version 0.82.0 - Spec file updated -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.82.0-1 - Updated to latest upstream version 0.82.0 - Spec file updated * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.70.5-0.14.20121021svn - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Mar 6 2013 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 0.70.5-0.13.20121021svn - Rebuild with new geos. * Sat Jan 26 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.70.5-0.12.20121021svn - Rebuilt for geos * Mon Nov 19 2012 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 0.70.5-0.11.20121021svn - Rebuild with newer geos. * Thu Nov 15 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.70.5-0.10.20121021svn - Rebuilt for geos -------------------------------------------------------------------------------- ================================================================================ perl-File-KeePass-2.03-3.fc18 (FEDORA-2013-16582) Interface to KeePass V1 and V2 database files -------------------------------------------------------------------------------- Update Information: Interface to KeePass V1 and V2 database files -------------------------------------------------------------------------------- References: [ 1 ] Bug #1002321 - Review Request: perl-File-KeePass - Interface to KeePass V1 and V2 database files https://bugzilla.redhat.com/show_bug.cgi?id=1002321 -------------------------------------------------------------------------------- ================================================================================ perl-Hash-MoreUtils-0.03-1.fc18 (FEDORA-2013-16620) Provide the stuff missing in Hash::Util -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.03-1 - Upstream update. - Reflect upstream having abandoned pod-, manifest-testing and RELEASE_TESTING. - Modernize spec. -------------------------------------------------------------------------------- ================================================================================ perl-Parallel-Scoreboard-0.04-1.fc18 (FEDORA-2013-16595) Scoreboard for monitoring status of many processes -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.04-1 - Upstream update. - Modernize spec. * Mon Jul 22 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 0.03-9 - Perl 5.18 rebuild - Remove bundled modules Test::Builder and Test::Builder::Module because they have to match Test::More (CPAN RT#87136) -------------------------------------------------------------------------------- ================================================================================ php-htmLawed-1.1.16-1.fc18 (FEDORA-2013-16590) PHP code to purify and filter HTML -------------------------------------------------------------------------------- Update Information: htmLawed 1.1.16, 29 August 2013: - fix for a potential security vulnerability arising from specialy encoded space characters in URL schemes/protocols -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.16-1 - update to 1.1.16, fix for a potential security vulnerability arising from specialy encoded space characters in URL schemes/protocols -------------------------------------------------------------------------------- ================================================================================ python-rtslib-2.1.fb39-1.fc18 (FEDORA-2013-16626) API for Linux kernel LIO SCSI target -------------------------------------------------------------------------------- Update Information: fix fcoe Fix disk partition size issue. Fix disk partition size issue. Fix disk partition size issue. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 11 2013 Andy Grover <agrover@xxxxxxxxxx> - 2.1.fb39-1 - New upstream version, fixes fcoe * Tue Sep 10 2013 Andy Grover <agrover@xxxxxxxxxx> - 2.1.fb38-1 - New upstream version * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.fb37-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1006077 - targetcli fails when attempt to list non standard block device partitions https://bugzilla.redhat.com/show_bug.cgi?id=1006077 -------------------------------------------------------------------------------- ================================================================================ qt5-qttools-5.1.1-3.fc18 (FEDORA-2013-16605) Qt5 - QtTool components -------------------------------------------------------------------------------- Update Information: Fix lrelease for cmake projects. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 11 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.1.1-3 - wrong path to lrelease (#1006254) - %check: first try * Tue Sep 10 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.1.1-2 - ExclusiveArch: i386 i486 i586 i686 pentium3 pentium4 athlon geode x86_64 armv3l armv4b armv4l armv4tl armv5tel armv5tejl armv6l armv7l armv7hl armv7hnl - epel-6 love -------------------------------------------------------------------------------- References: [ 1 ] Bug #1006254 - wrong path to lrelease https://bugzilla.redhat.com/show_bug.cgi?id=1006254 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.10.2-3.fc18 (FEDORA-2013-16587) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: * Ver. 1.10.2 * Various security fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 12 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.2-3 - Fix building on Fedora 18 (no perl-podlators) * Thu Sep 12 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.2-2 - Add an OpenFlow dissector * Wed Sep 11 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10-2-1 - Ver. 1.10.2 - Actually remove the console helper * Mon Sep 9 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.1-1 - Ver. 1.10.1 - Backported rtpproxy dissector module * Wed Sep 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.0-11 - fix missing ws_symbol_export.h * Wed Sep 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.0-10 - fix tap iostat overflow * Wed Sep 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.0-9 - fix sctp bytes graph crash * Wed Sep 4 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.0-8 - fix string overrun in plugins/profinet * Tue Sep 3 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.0-7 - fix BuildRequires - libgcrypt-devel * Tue Sep 3 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.0-6 - fix build parameter -fstack-protector-all * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jun 24 2013 Peter Hatina <phatina@xxxxxxxxxx> 1.10.0-4 - fix pod2man build error * Mon Jun 24 2013 Peter Hatina <phatina@xxxxxxxxxx> 1.10.0-3 - fix bogus date -------------------------------------------------------------------------------- References: [ 1 ] Bug #972679 - CVE-2013-4074 wireshark: DoS (crash) in the CAPWAP dissector (wnpa-sec-2013-32) https://bugzilla.redhat.com/show_bug.cgi?id=972679 [ 2 ] Bug #972680 - CVE-2013-4075 wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33) https://bugzilla.redhat.com/show_bug.cgi?id=972680 [ 3 ] Bug #972681 - CVE-2013-4076 wireshark: Invalid free in the PPP dissector (wnpa-sec-2013-34) https://bugzilla.redhat.com/show_bug.cgi?id=972681 [ 4 ] Bug #972682 - CVE-2013-4077 wireshark: Array index error in the NBAP dissector (wnpa-sec-2013-35) https://bugzilla.redhat.com/show_bug.cgi?id=972682 [ 5 ] Bug #972683 - CVE-2013-4078 wireshark: DoS (infinite loop) in the RDP dissector (wnpa-sec-2013-36) https://bugzilla.redhat.com/show_bug.cgi?id=972683 [ 6 ] Bug #972684 - CVE-2013-4079 wireshark: DoS (infinite loop, application hang) in the GSM CBCH dissector (wnpa-sec-2013-37) https://bugzilla.redhat.com/show_bug.cgi?id=972684 [ 7 ] Bug #972685 - CVE-2013-4080 wireshark: DoS (infinite loop, CPU & memory consumption) in the Assa Abloy R3 dissector (wnpa-sec-2013-38) https://bugzilla.redhat.com/show_bug.cgi?id=972685 [ 8 ] Bug #972686 - CVE-2013-4081 wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39) https://bugzilla.redhat.com/show_bug.cgi?id=972686 [ 9 ] Bug #972687 - CVE-2013-4082 wireshark: Heap-based buffer overflow in the Ixia IxVeriWave file parser (wnpa-sec-2013-40) https://bugzilla.redhat.com/show_bug.cgi?id=972687 [ 10 ] Bug #972688 - CVE-2013-4083 wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41) https://bugzilla.redhat.com/show_bug.cgi?id=972688 [ 11 ] Bug #990155 - CVE-2013-4920 wireshark: DoS (application crash) in the P1 dissector (wnpa-sec-2013-42) https://bugzilla.redhat.com/show_bug.cgi?id=990155 [ 12 ] Bug #990166 - CVE-2013-4927 wireshark: Integer signedness error in the Bluetooth SDP dissector (wnpa-sec-2013-45) https://bugzilla.redhat.com/show_bug.cgi?id=990166 [ 13 ] Bug #990167 - CVE-2013-4928 wireshark: Integer signedness error in the Bluetooth OBEX dissector (wnpa-sec-2013-46) https://bugzilla.redhat.com/show_bug.cgi?id=990167 [ 14 ] Bug #990168 - CVE-2013-4929 wireshark: DoS (infinite loop) in the DIS dissector (wnpa-sec-2013-47) https://bugzilla.redhat.com/show_bug.cgi?id=990168 [ 15 ] Bug #990169 - CVE-2013-4930 wireshark: Assertion failure in the DVB-CI dissector (wnpa-sec-2013-48) https://bugzilla.redhat.com/show_bug.cgi?id=990169 [ 16 ] Bug #990170 - CVE-2013-4931 wireshark: DoS (infinite loop) in the GSM RR dissector (wnpa-sec-2013-49) https://bugzilla.redhat.com/show_bug.cgi?id=990170 [ 17 ] Bug #990172 - CVE-2013-4932 wireshark: Multiple array index errors in the GSM A Common dissector (wnpa-sec-2013-50) https://bugzilla.redhat.com/show_bug.cgi?id=990172 [ 18 ] Bug #990175 - CVE-2013-4933 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) https://bugzilla.redhat.com/show_bug.cgi?id=990175 [ 19 ] Bug #990178 - CVE-2013-4934 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933) https://bugzilla.redhat.com/show_bug.cgi?id=990178 [ 20 ] Bug #990179 - CVE-2013-4935 wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52) https://bugzilla.redhat.com/show_bug.cgi?id=990179 [ 21 ] Bug #965111 - wireshark: DoS (infinite loop) in the MySQL dissector (wnpa-sec-2013-30, upstream #8458) https://bugzilla.redhat.com/show_bug.cgi?id=965111 [ 22 ] Bug #965190 - CVE-2013-3559 wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541) https://bugzilla.redhat.com/show_bug.cgi?id=965190 [ 23 ] Bug #965192 - CVE-2013-3558 wireshark: DoS (crash) in the PPP CCP dissector (wnpa-sec-2013-26, upstream #8638) https://bugzilla.redhat.com/show_bug.cgi?id=965192 [ 24 ] Bug #965193 - CVE-2013-3557 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599) https://bugzilla.redhat.com/show_bug.cgi?id=965193 [ 25 ] Bug #965194 - CVE-2013-3555 wireshark: DoS (crash) in the GTPv2 dissector (wnpa-sec-2013-24, upstream #8493) https://bugzilla.redhat.com/show_bug.cgi?id=965194 [ 26 ] Bug #965195 - wireshark: DoS (excessive CPU consumption) in the RELOAD dissector (wnpa-sec-2013-23, upstream #8362, #8546) https://bugzilla.redhat.com/show_bug.cgi?id=965195 [ 27 ] Bug #965110 - wireshark: DoS (large loop) in the ETCH dissector (wnpa-sec-2013-31, upstream #8464) https://bugzilla.redhat.com/show_bug.cgi?id=965110 [ 28 ] Bug #965112 - CVE-2013-3562 wireshark: DoS (stack overflow, crash) in the Websocket dissector (wnpa-sec-2013-29, upstream #8448, #8499) https://bugzilla.redhat.com/show_bug.cgi?id=965112 [ 29 ] Bug #965186 - CVE-2013-3560 wireshark: DoS (crash) in the MPEG DSM-CC dissector (wnpa-sec-2013-28, upstream #8481) https://bugzilla.redhat.com/show_bug.cgi?id=965186 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
