From owner-svn-ports-head@FreeBSD.ORG Fri Aug 31 10:59:19 2012 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2897D106566C; Fri, 31 Aug 2012 10:59:19 +0000 (UTC) (envelope-from rea@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id EE0D38FC16; Fri, 31 Aug 2012 10:59:18 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q7VAxIng019117; Fri, 31 Aug 2012 10:59:18 GMT (envelope-from rea@svn.freebsd.org) Received: (from rea@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q7VAxIds019115; Fri, 31 Aug 2012 10:59:18 GMT (envelope-from rea@svn.freebsd.org) Message-Id: <201208311059.q7VAxIds019115@svn.freebsd.org> From: Eygene Ryabinkin Date: Fri, 31 Aug 2012 10:59:18 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r303414 - head/security/vuxml X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Aug 2012 10:59:19 -0000 Author: rea Date: Fri Aug 31 10:59:18 2012 New Revision: 303414 URL: http://svn.freebsd.org/changeset/ports/303414 Log: VuXML: document CVE-2012-3548, DoS in Wireshark Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Fri Aug 31 10:22:36 2012 (r303413) +++ head/security/vuxml/vuln.xml Fri Aug 31 10:59:18 2012 (r303414) @@ -51,6 +51,51 @@ Note: Please add new entries to the beg --> + + wireshark -- denial of service in DRDA dissector + + + wireshark + 1.51.9 + + + wireshark-lite + 1.51.9 + + + tshark + 1.51.9 + + + tshark-lite + 1.51.9 + + + + +

RedHat security team reports:

+
+

A denial of service flaw was found in the way Distributed + Relational Database Architecture (DRDA) dissector of + Wireshark, a network traffic analyzer, performed processing + of certain DRDA packet capture files. A remote attacker + could create a specially-crafted capture file that, when + opened could lead to wireshark executable to consume + excessive amount of CPU time and hang with an infinite + loop.

+
+ + + + CVE-2012-3548 + https://bugzilla.redhat.com/show_bug.cgi?id=849926 + + + 2012-08-21 + 2012-08-31 + + + chromium -- multiple vulnerabilities