- Bump to version 1.12.6
- Update hash file
The following vulnerabilities have been fixed in 1.12.6:
- wnpa-sec-2015-19
WCCP dissector crash. (Bug 11153)
- wnpa-sec-2015-20
GSM DTAP dissector crash. (Bug 11201)
[Thomas: indicate that this is a security related updated in the
commit log, as suggested by Gustavo.]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2015-3808 CVE-2015-3809 - The LBMR dissector could go into an
infinite loop.
CVE-2015-3811 - The WCP dissector could crash while decompressing data.
CVE-2015-3812 - The X11 dissector could leak memory.
CVE-2015-3813 - The packet reassembly code could leak memory.
CVE-2015-3814 - The IEEE 802.11 dissector could go into an infinite
loop.
CVE-2015-3815 - The Android Logcat file parser could crash.
Patch upstream so drop and disable autoreconf.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-2187 - The ATN-CPDLC dissector could crash.
CVE-2015-2188 - The WCP dissector could crash.
CVE-2015-2189 - The pcapng file parser could crash.
CVE-2015-2190 - The LLDP dissector could crash.
CVE-2015-2191 - The TNEF dissector could go into an infinite loop.
CVE-2015-2192 - The SCSI OSD dissector could go into an infinite loop.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2015-0559, CVE-2015-0560 - The WCCP dissector could crash.
CVE-2015-0561 - The LPP dissector could crash.
CVE-2015-0562 - The DEC DNA Routing Protocol dissector could crash.
CVE-2015-0563 - The SMTP dissector could crash.
CVE-2015-0564 - Wireshark could crash while decypting TLS/SSL sessions.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
