The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/wireshark-1.2.15-1.fc13
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
https://admin.fedoraproject.org/updates/logwatch-7.3.6-55.fc13
https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13
https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13
https://admin.fedoraproject.org/updates/patch-2.6.1-8.fc13
https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/pywebdav-0.9.4.1-1.fc13
https://admin.fedoraproject.org/updates/mailman-2.1.12-17.fc13
https://admin.fedoraproject.org/updates/asterisk-1.6.2.17-1.fc13
https://admin.fedoraproject.org/updates/xulrunner-1.9.2.14-1.fc13,firefox-3.6.14-1.fc13,mozvoikko-1.0-18.fc13,gnome-web-photo-0.9-16.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.21,gnome-python2-extras-2.25.3-26.fc13,galeon-2.0.7-37.fc13
https://admin.fedoraproject.org/updates/thunderbird-3.1.8-3.fc13
https://admin.fedoraproject.org/updates/perl-Mail-Box-2.097-1.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.4-3.fc13
https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc13
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
https://admin.fedoraproject.org/updates/samba-3.5.7-73.fc13
https://admin.fedoraproject.org/updates/moin-1.9.3-4.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.8-68.fc13
https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
https://admin.fedoraproject.org/updates/vsftpd-2.3.4-1.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.997-1.fc13
https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.4-3.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/nss-3.12.9-8.fc13,nss-softokn-3.12.9-5.fc13,nss-util-3.12.9-1.fc13,nspr-4.8.7-1.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.8-68.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13
https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13
https://admin.fedoraproject.org/updates/less-436-9.fc13
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13
https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13
https://admin.fedoraproject.org/updates/patch-2.6.1-8.fc13
https://admin.fedoraproject.org/updates/file-5.04-7.fc13
https://admin.fedoraproject.org/updates/tzdata-2011b-1.fc13
https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/libfprint-0.3.0-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13
The following builds have been pushed to Fedora 13 updates-testing
NetworkManager-0.8.3.997-1.fc13
apiextractor-0.10.0-1.fc13
fuse-2.8.5-5.fc13
generatorrunner-0.6.7-1.fc13
libcgroup-0.35.1-5.fc13
manchu-fonts-2.006-3.fc13
openscada-0.7.0.2-1.fc13
perl-CGI-Emulate-PSGI-0.11-1.fc13
perl-Eval-Closure-0.03-1.fc13
perl-Image-ExifTool-8.50-1.fc13
perl-Plack-0.9973-1.fc13
pyside-tools-0.2.7-1.fc13
python-pyside-1.0.0-1.fc13
qemu-0.13.0-1.fc13
samba-3.5.7-73.fc13
shiboken-1.0.0-1.fc13
sil-nuosu-fonts-2.1.1-3.fc13
task-1.9.4-1.fc13
ukij-tuz-fonts-2.0.0-5.fc13
vsftpd-2.3.4-1.fc13
wireshark-1.2.15-1.fc13
Details about builds:
================================================================================
NetworkManager-0.8.3.997-1.fc13 (FEDORA-2011-2595)
Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:
Update to NetworkManager 0.8.4-beta3.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.3.997-1
- Update to 0.8.3.997 (0.8.4-beta3)
- editor: fix crash requesting VPN secrets (rh #680707)
- core: keep connection timestamps in lookaside file, not in /etc
* Fri Feb 25 2011 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.3.996-1
- Update to 0.8.3.996 (0.8.4-beta2)
- core: fix secrets handling (rh #680385)
* Thu Feb 24 2011 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.3.995-1
- Update to 0.8.3.995 (0.8.4-beta1)
- core: send hostname to DHCP server by default (rh #488975)
- core: fix updating resolv.conf (rh #672282)
- core: ensure devices are cleaned up when removed
- core: handle reverse DNS in local caching nameserver configurations
- core: IPv6 addressing, routing, and compliance fixes
- core: stop touching /etc/hosts (rh #648725)
- core: fix shutdown crashes (rh #676316)
- core: suppress messages about missing user settings service (rh #655322)
- core: seamless support for RFC3442 classless static routes (rh #639935)
- wifi: fix validity checks for Ad-Hoc APs (rh #632123)
- modem: fixes for T-Mobile Rocket 2.0 modems
- keyfile: ignore MAC address case for unmanaged-devices (rh #654714)
- ifcfg-rh: fix crash when writing connections with missing IPv4 settings (rh #655002)
- ifcfg-rh: allow missing or 0.0.0.0 GATEWAYx keys (rh #647992)
- ifcfg-rh: respect GATEWAYDEV for ibft/iSCSI configurations (rh #665027)
- ifcfg-rh: read/write IPv6 gateway correctly (rh #604334, rh #666078)
- ifcfg-rh: fix missing connections when an unmanaged interface is present
- applet: fix crashes related to missing icons (rh #657352)
- applet: show IPv6 details in Connection Information dialog (rh #591929)
* Wed Nov 3 2010 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.2-1
- Update to 0.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #680707 - [abrt] NetworkManager-gnome-1:0.8.3.996-1.fc14: type_check_is_value_type_U: Process /usr/bin/nm-connection-editor was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=680707
[ 2 ] Bug #680385 - The key is not saved anymore after package update
https://bugzilla.redhat.com/show_bug.cgi?id=680385
[ 3 ] Bug #488975 - Send a hostname to DHCP server by default
https://bugzilla.redhat.com/show_bug.cgi?id=488975
[ 4 ] Bug #672282 - /etc/resolv.conf is not updated with nameserver during ipv6-only static network configuration in anaconda
https://bugzilla.redhat.com/show_bug.cgi?id=672282
[ 5 ] Bug #648725 - NetworkManager adds hostname to /etc/hosts pointing to localhost
https://bugzilla.redhat.com/show_bug.cgi?id=648725
[ 6 ] Bug #676316 - NM crashes on every shutdown: dbus_g_proxy_new_for_name: assertion `connection != NULL' failed
https://bugzilla.redhat.com/show_bug.cgi?id=676316
[ 7 ] Bug #655322 - NetworkManager[1135]: <error> [1290255985.317100] [nm-manager.c:1368] user_proxy_init(): could not init user settings proxy: (3) Could not get owner of name 'org.freedesktop.NetworkManagerUserSettings': no such name
https://bugzilla.redhat.com/show_bug.cgi?id=655322
[ 8 ] Bug #639935 - RFC3442 (The Classless Static Route Option) support in dhclient
https://bugzilla.redhat.com/show_bug.cgi?id=639935
[ 9 ] Bug #632123 - [abrt] NetworkManager-gnome-1:0.8.1-6.git20100831.fc14: IA__gtk_tree_model_get_valist: Process /usr/bin/nm-applet was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=632123
[ 10 ] Bug #654714 - Can't get NM to ignore any interfaces
https://bugzilla.redhat.com/show_bug.cgi?id=654714
[ 11 ] Bug #655002 - Crash in NetworkManager trying to create invalid connection
https://bugzilla.redhat.com/show_bug.cgi?id=655002
[ 12 ] Bug #647992 - NetworkManager brings eth0 down until I login to X
https://bugzilla.redhat.com/show_bug.cgi?id=647992
[ 13 ] Bug #665027 - ifcfg-rh: honor DEFROUTE setting in BOOTPROTO="ibft" case too
https://bugzilla.redhat.com/show_bug.cgi?id=665027
[ 14 ] Bug #604334 - Network Manager IPV6 Gateway cannot be set/used in Manual mode
https://bugzilla.redhat.com/show_bug.cgi?id=604334
[ 15 ] Bug #657352 - [abrt] NetworkManager-gnome-1:0.8.1-10.git20100831.fc14: nma_icons_reload: Process /usr/bin/nm-applet was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=657352
[ 16 ] Bug #591929 - [enh] display IPv6 information in the connection information GUI box
https://bugzilla.redhat.com/show_bug.cgi?id=591929
--------------------------------------------------------------------------------
================================================================================
apiextractor-0.10.0-1.fc13 (FEDORA-2011-2579)
Library headers parser to extract API information
--------------------------------------------------------------------------------
Update Information:
An update of PySide (Python bindings for Qt) to the stable version 1.0.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Kalev Lember <kalev@xxxxxxxxxxxx> - 0.10.0-1
- Update to 0.10.0
--------------------------------------------------------------------------------
================================================================================
fuse-2.8.5-5.fc13 (FEDORA-2011-2563)
File System in Userspace (FUSE) utilities
--------------------------------------------------------------------------------
Update Information:
- Use noreplace for /etc/fuse.conf
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Peter Lemenkov <lemenkov@xxxxxxxxx> - 2.8.5-5
- Use noreplace for /etc/fuse.conf
--------------------------------------------------------------------------------
================================================================================
generatorrunner-0.6.7-1.fc13 (FEDORA-2011-2579)
Plugin-based application to run apiextractor-based generators
--------------------------------------------------------------------------------
Update Information:
An update of PySide (Python bindings for Qt) to the stable version 1.0.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Kalev Lember <kalev@xxxxxxxxxxxx> - 0.6.7-1
- Update to 0.6.7
--------------------------------------------------------------------------------
================================================================================
libcgroup-0.35.1-5.fc13 (FEDORA-2011-2570)
Tools and libraries to control and monitor control groups
--------------------------------------------------------------------------------
Update Information:
Two security bugs were fixed in this release:
* CVE-2011-1006: Heap-based buffer overflow by converting list of controllers for given task into an array of strings
* CVE-2011-1022: Unchecked origin of NETLINK messages
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Jan Safranek <jsafrane@xxxxxxxxxx> 0.35-5
- Fixed CVE-2011-1022 and CVE-2011-1006
* Mon Nov 22 2010 Jan Safranek <jsafrane@xxxxxxxxxx> 0.35-4
- Fix cgconfigparser not to change current working directory (#655210)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #680409 - CVE-2011-1022 libcgroup: Uncheck origin of NETLINK messages
https://bugzilla.redhat.com/show_bug.cgi?id=680409
[ 2 ] Bug #678107 - CVE-2011-1006 libcgroup: Heap-based buffer overflow by converting list of controllers for given task into an array of strings
https://bugzilla.redhat.com/show_bug.cgi?id=678107
--------------------------------------------------------------------------------
================================================================================
manchu-fonts-2.006-3.fc13 (FEDORA-2011-2566)
A Manchu OpenType (TrueType-flavored) font
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673027 - Review Request: manchu-fonts - A Manchu OpenType (TrueType-flavored) font
https://bugzilla.redhat.com/show_bug.cgi?id=673027
--------------------------------------------------------------------------------
================================================================================
openscada-0.7.0.2-1.fc13 (FEDORA-2011-2609)
Open SCADA system project
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 2 2011 Aleksey Popkov <aleksey@xxxxxxxxxx> - 0.7.0.2-1
- Build of 0.7.0.2 version.
--------------------------------------------------------------------------------
================================================================================
perl-CGI-Emulate-PSGI-0.11-1.fc13 (FEDORA-2011-2612)
PSGI adapter for CGI applications
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Ralf CorsÃpius <corsepiu@xxxxxxxxxxxxxxxxx> 0.11-1
- Upstream update.
- Spec cleanup.
--------------------------------------------------------------------------------
================================================================================
perl-Eval-Closure-0.03-1.fc13 (FEDORA-2011-2606)
Safely and cleanly create closures via string eval
--------------------------------------------------------------------------------
Update Information:
This update avoids adding #line directives when the debugger is active.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.03-1
- update to latest upstream version
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.02-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Image-ExifTool-8.50-1.fc13 (FEDORA-2011-2591)
Utility for reading and writing image meta info
--------------------------------------------------------------------------------
Update Information:
Update to 8.50. Full changelog here: http://owl.phy.queensu.ca/~phil/exiftool/history.html
Notable bugfixes:
Fixed problems with format of binary data in lists for some
output options
Fixed bug reading/writing some IPTC binary data tags
Fixed problem copying XMP:Thumbnails structure
Fixed conversion of MXF:ByteOrder value
Fixed potential "Undefined subroutine ConvertStruct" crash bug
Fixed bug introduced in 8.46 when calling GetValue(xxx,'Raw')
Relaxed structure validation to allow a structure to be written even if there were errors with some fields
Patched problem with formatting of very large numbers in JSON (-j) output
Fixed a few problems reading and writing structured information
Fixed bug which could cause hang with some user-defined tag definitions
Fixed a couple of minor bugs with the new -struct option
Fixed bug writing alternate languages for XMP-iptcExt:ArtworkTitle tag
Fixed problem where console echo was disabled when using -k option from a bash script
Fixed minor quirk in HtmlDump output
Fixed race condition with -stay_open when reading options requiring additional arguments from the argfile
Fixed problem copying makernotes from Nikon NRW image to JPEG
Fixed incorrect decoding of some AEInfo tags for newer Pentax DSLR's
Fixed bug where time could be wrong by up to 2 seconds when shifting multiple date/time values containing fractional seconds
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 8.50-1
- update to 8.50
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 8.40-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Plack-0.9973-1.fc13 (FEDORA-2011-2624)
Perl Superglue for Web frameworks and Web Servers (PSGI toolkit)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Ralf CorsÃpius <corsepiu@xxxxxxxxxxxxxxxxx> 0.9973-1
- Upstream update.
- Reflect upstream not shipping Plack/Handler/Net/FastCGI.pm anymore.
- Spec file cleanup.
--------------------------------------------------------------------------------
================================================================================
pyside-tools-0.2.7-1.fc13 (FEDORA-2011-2579)
Development tools for PySide
--------------------------------------------------------------------------------
Update Information:
An update of PySide (Python bindings for Qt) to the stable version 1.0.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Kalev Lember <kalev@xxxxxxxxxxxx> - 0.2.7-1
- Update to 0.2.7
- Added man pages
--------------------------------------------------------------------------------
================================================================================
python-pyside-1.0.0-1.fc13 (FEDORA-2011-2579)
Python bindings for Qt4
--------------------------------------------------------------------------------
Update Information:
An update of PySide (Python bindings for Qt) to the stable version 1.0.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Kalev Lember <kalev@xxxxxxxxxxxx> - 1.0.0-1
- Update to 1.0.0
- Dropped upstreamed patches
- Force Release build type to make sure NDEBUG is defined
- Require Qt version greater or equal than the package was built with
--------------------------------------------------------------------------------
================================================================================
qemu-0.13.0-1.fc13 (FEDORA-2011-2607)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
This update includes a large number of fixes from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Justin M. Forbes <jforbes@xxxxxxxxxx> - 2:0.13.0-1
- Update to 0.13.0 to remove 50+ patches and catch several bugfixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #586836 - BSOD when trying to boot Windows 2008 R2 installer in smp guest
https://bugzilla.redhat.com/show_bug.cgi?id=586836
[ 2 ] Bug #558281 - KSM init script error [/sys/kernel/mm/ksm/max_kernel_pages: No such file or directory]
https://bugzilla.redhat.com/show_bug.cgi?id=558281
[ 3 ] Bug #626658 - ksmtuned misinterprets /proc/meminfo
https://bugzilla.redhat.com/show_bug.cgi?id=626658
--------------------------------------------------------------------------------
================================================================================
samba-3.5.7-73.fc13 (FEDORA-2011-2634)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.7-73
- Security update to 3.5.7 to address CVE-2011-0719
- resolves: #681852
* Thu Jan 6 2011 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.6-72
- Fix GSSAPI checksum for some SMB servers
- resolves: #667644
* Thu Nov 18 2010 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.6-71
- Fix libsmbclient SMB signing
- resolves: #598620
* Mon Nov 1 2010 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.6-70
- Handle no network case in init scripts
- resolves: #604147
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #681852 - CVE-2011-0719 Samba unsafe fd_set usage [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=681852
[ 2 ] Bug #598620 - Nautilus fails to write to windows share
https://bugzilla.redhat.com/show_bug.cgi?id=598620
[ 3 ] Bug #604147 - Error message from initscript
https://bugzilla.redhat.com/show_bug.cgi?id=604147
--------------------------------------------------------------------------------
================================================================================
shiboken-1.0.0-1.fc13 (FEDORA-2011-2579)
CPython bindings generator for C++ libraries
--------------------------------------------------------------------------------
Update Information:
An update of PySide (Python bindings for Qt) to the stable version 1.0.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Kalev Lember <kalev@xxxxxxxxxxxx> - 1.0.0-1
- Update to 1.0.0
- Dropped upstreamed pkgconfig patch
--------------------------------------------------------------------------------
================================================================================
sil-nuosu-fonts-2.1.1-3.fc13 (FEDORA-2011-2568)
The Nuosu SIL Font
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673029 - Review Request: sil-nuosu-fonts - The Nuosu SIL Font
https://bugzilla.redhat.com/show_bug.cgi?id=673029
--------------------------------------------------------------------------------
================================================================================
task-1.9.4-1.fc13 (FEDORA-2011-2587)
A command-line to do list manager
--------------------------------------------------------------------------------
Update Information:
New upstream version 1.9.4.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 4 2011 Federico Hernandez <ultrafredde@xxxxxxxxx> - 1.9.4-1
Intial RPM for task release 1.9.4
--------------------------------------------------------------------------------
================================================================================
ukij-tuz-fonts-2.0.0-5.fc13 (FEDORA-2011-2588)
Uyghur Computer Science Association (UKIJ) Unicode fonts
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673026 - Review Request: ukij-tuz-fonts - Uyghur Computer Science Association (UKIJ) Unicode fonts
https://bugzilla.redhat.com/show_bug.cgi?id=673026
--------------------------------------------------------------------------------
================================================================================
vsftpd-2.3.4-1.fc13 (FEDORA-2011-2615)
Very Secure Ftp Daemon
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Jiri Skala <jskala@xxxxxxxxxx> - 2.3.4-1
- update to latest upstream 2.3.4
- fixes #681935 - CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #681667 - CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern
https://bugzilla.redhat.com/show_bug.cgi?id=681667
--------------------------------------------------------------------------------
================================================================================
wireshark-1.2.15-1.fc13 (FEDORA-2011-2620)
Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:
Several security bugs were fixed in this release:
* CVE-2011-0538: memory corruption when reading a malformed pcap file
* CVE-2010-3445: stack overflow in BER dissector
* CVE-2011-1143: Null pointer dereference causing application crash when reading malformed pcap file
* CVE-2011-1140: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet
* CVE-2011-1138: Off-by-one error in the dissect_6lowpan_iphc function causes application crash (Denial Of Service)
* CVE-2011-1139: Denial Of Service (application crash) via a pcap-ng file that contains a large packet-length field
* CVE-2011-0713: heap-based buffer overflow when reading malformed Nokia DCT3 phone signalling traces
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 3 2011 Jan Safranek <jsafrane@xxxxxxxxxx> - 1.2.15-1
- upgrade to 1.2.15
- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #676232 - CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
https://bugzilla.redhat.com/show_bug.cgi?id=676232
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
