[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- wireshark: wnpa-sec-2012-08, wnpa-sec-2012-09, wnpa-sec-2012-10
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2012-05-23 18:17:38
Message-ID: 4FBD29C2.6090305 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/23/2012 06:38 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> the following recent Wireshark upstream advisories:
> 
> A) http://www.wireshark.org/security/wnpa-sec-2012-08.html
> 
> References (upstream bugs and Red Hat bugzilla entry): [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 (802.11) 
> [2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118
> (802.3) [3]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119 (ANSIMAP) 
> [4] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120 (ASF) 
> [5] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121
> (BACAPP) [6]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122 (HCIEVT) 
> [7] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124 (LTP) 
> [8] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125 (R3) 
> [9] https://bugzilla.redhat.com/show_bug.cgi?id=824411

Please use CVE-2012-2392 for these issues.

> B) http://www.wireshark.org/security/wnpa-sec-2012-09.html
> 
> References: [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138 [2]
> https://bugzilla.redhat.com/show_bug.cgi?id=824413

Please use CVE-2012-2393 for these issues.

> C) http://www.wireshark.org/security/wnpa-sec-2012-10.html
> 
> References: [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7221 [2]
> https://bugzilla.redhat.com/show_bug.cgi?id=824419

Please use CVE-2012-2394 for these issues.

> doesn't seem to have CVE identifiers yet.
> 
> Could you allocate three of them?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPvSnCAAoJEBYNRVNeJnmT3WAP/ROKsmmsrbgxlmkXmcIu5ybM
mdh19/1trkaU3l/jqeBlY1hIF1R4N6qvfNRwa2SdoPWaa3StubXlMHQ4XThMNQze
0yAQ2E/GD4LvnYjUBp9VLZbSYHDc61IJ5umwpU/cf9LPYSV+nBl5yVGLY/ynnidP
EGDFJqYodmpfPCvTBdD3eZI2/gSqyy+kVznYUnduZZw30k7tvL0cVc9Vw3BA6DDG
QtoSxCyzNQM872QI11xilaBAEbqhNfnjepIE6U7ar8SyX2TnEi7vw/J0Ex4w3PMu
CYC/JZeRQxCh30oimcZFQWHsC5lbNvdyUzg1T1xGJvE1TDXkWLorGw9hkFZ/kjZW
zjto/CtyfXgNo9VwNWZuH6JckNShG/k2nraYNfjcmbEUlyyJkE/xVG0u2rXg1XO3
KHNqegvWfyRv4+pxbdPYQ/A+UmVaBnrwosTzMmOrtWXYQzYoT+SYCHjugdLyoP7l
7Indj4SoOKMFz4FilYDb98JOiU/NUtuGvMk34Q+ugbCsoRRcxx5oioNhs0IDpvaz
TPbNlhBMb1mvoz6/CHkoditwCrsjzidbj8m7Mdx8P2KSx2k+SVm4+A5T+NnxCPb7
77em0xfs+GWzbpLJPPXqgwjnxJv6voQFUpiZMSBOYwUeYYfJIU7FPnriEMW+Pqu9
xuEQJNO16mRlotD/gUnl
=ppUO
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]