[SRU] Update to bugfix release 1.10.14 in Trusty
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wireshark (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
Upstream provides micro-releases on the 1.10.x branch to fix bugs and security vulnerabilities.
1.10.14 News
https:/
__
Wireshark 1.10.14 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-14
The WCP dissector could crash while decompressing data. ([2]Bug
10978) [3]CVE-2015-3811
* [4]wnpa-sec-2015-15
The X11 dissector could leak memory. ([5]Bug 11088)
* [7]wnpa-sec-2015-17
The IEEE 802.11 dissector could go into an infinite loop. ([8]Bug
11110) [9]CVE-2015-3814
The following bugs have been fixed:
* Wireshark crashes if "Update list of packets in real time" is
disabled and a display filter is applied while capturing. ([10]Bug
6217)
* Wireshark relative ISN set incorrectly if raw ISN set to 0.
([11]Bug 10713)
* Buffer overrun in encryption code. ([12]Bug 10849)
* ICMP Parameter Problem message contains Length of original datagram
is treated as the total IPv4 length. ([13]Bug 10991)
* ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. ([14]Bug
10992)
* Interface Identifier incorrectly represented by Wireshark. ([15]Bug
11053)
* Annoying popup when trying to capture on bonding devices on Linux.
([16]Bug 11058)
* CanOpen dissector fails on frames with RTR and 0 length. ([17]Bug
11083)
* Typo in secp521r1 curve wrongly identified as sect521r1. ([18]Bug
11106)
* packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn't filter ENUM. ([19]Bug
11120)
* Typo: "LTE Positioning Protocol" abbreviated as "LPP", not "LLP".
([20]Bug 11141)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ASN.1 PER, CANopen, GSM RLC/MAC, GSMTAP, ICMP, IEEE 802.11, LPP,
MEGACO, PKCS-1, PPP IPv6CP, SRVLOC, SSL, TCP, WCP, X11, and ZigBee ZCL
New and Updated Capture File Support
and Savvius OmniPeek Visual Networks
__
Wireshark 1.10.13 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-07
The WCP dissector could crash. ([2]Bug 10844) [3]CVE-2015-2188
* [4]wnpa-sec-2015-08
The pcapng file parser could crash. ([5]Bug 10895) [6]CVE-2015-2189
* [7]wnpa-sec-2015-10
The TNEF dissector could go into an infinite loop. Discovered by
Vlad Tsyrklevich. ([8]Bug 11023) [9]CVE-2015-2190
The following bugs have been fixed:
* IPv6 AUTH mobility option parses Mobility SPI and Authentication
Data incorrectly. ([10]Bug 10626)
* DHCP Option 125 Suboption: (1) option-len always expects 1 but
* Little-endian OS X Bluetooth PacketLogger files aren't handled.
([12]Bug 10861)
* X.509 certificate serial number incorrectly interpreted as negative
number. ([13]Bug 10862)
* H.248 "ServiceChangeR
generated by tshark. ([14]Bug 10879)
* Clang ASAN : AddressSanitizer: global-
([15]Bug 10897)
* MEGACO wrong decoding on media port. ([16]Bug 10898)
* Wrong media format. ([17]Bug 10899)
* BSSGP Status PDU decoding fault (missing Mandatory element (0x04)
BVCI for proper packet). ([18]Bug 10903)
* Packets on OpenBSD loopback decoded as raw not null. ([19]Bug
10956)
* Display Filter Macro unable to edit. ([20]Bug 10957)
* IPv6 Local Mobility Anchor Address mobility option code is treated
incorrectly. ([21]Bug 10961)
* Juniper Packet Mirror dissector expects ipv6 flow label = 0.
([22]Bug 10976)
* Infinite loop DoS in TNEF dissector. ([23]Bug 11023)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ANSI IS-637-A, DHCP, GSM MAP, H.248, IPv6, Juniper Jmirror, and X.509AF
New and Updated Capture File Support
PacketLogger, and Pcapng
__
Wireshark 1.10.12 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. ([2]Bug 10724)
* [4]wnpa-sec-2015-04
The SMTP dissector could crash. ([5]Bug 10823) [6]CVE-2015-0563
* [7]wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions. Discovered
by Noam Rathaus. [8]CVE-2015-0564
The following bugs have been fixed:
* WebSocket dissector: empty payload causes
* SMTP decoder can dump binary data to terminal in TShark. ([10]Bug
10536)
* IPv6 Vendor Specific Mobility Option includes the next mobility
option type. ([11]Bug 10618)
* Save PCAP to PCAPng with commentary fails. ([12]Bug 10656)
* Multipath TCP: checksum displayed when it's not there. ([13]Bug
10692)
* LTE APN-AMBR is decoded incorrectly. ([14]Bug 10699)
* IPv6 Experimental mobility header data is interpreted as options.
([15]Bug 10703)
* Buildbot crash output: fuzz-2014-
* Buildbot crash output: fuzz-2014-
* Buildbot crash output: fuzz-2014-
* Decoding of longitude value in LCSAP (3GPP TS 29.171) is incorrect.
([19]Bug 10767)
* Crash when enabling FCoIB manual settings without filling address
field. ([20]Bug 10796)
* RSVP RECORD_ROUTE IPv4 Subobject Flags field incorrect decoding.
([21]Bug 10799)
* Wireshark Lua engine can't access protocol field type. ([22]Bug
10801)
* Lua: getting fieldinfo.value for FT_NONE causes assert. ([23]Bug
10815)
* Buildbot crash output: fuzz-2015-
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
DEC DNA, DECT, FCoIB, Infiniband, IrDA, LCSAP, MIPv6, NAS EPS, RDM,
RSVP, and TCP
New and Updated Capture File Support
__
Wireshark 1.10.11 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2014-20
SigComp UDVM buffer overflow. ([2]Bug 10662)
* [4]wnpa-sec-2014-21
AMQP crash. ([5]Bug 10582) [6]CVE-2014-8711
* [7]wnpa-sec-2014-22
NCP crashes. ([8]Bug 10552, [9]Bug 10628) [10]CVE-2014-8712
* [12]wnpa-
TN5250 infinite loops. ([13]Bug 10596) [14]CVE-2014-8714
The following bugs have been fixed:
* 6LoWPAN Mesh headers not treated as encapsulating address.
([15]Bug 10462)
* UCP dissector bug of operation 31 - PID 0639 not
recognized. ([16]Bug 10463)
* iSCSI dissector rejects PDUs with "expected data transfer
length" > 16M. ([17]Bug 10469)
* GTPv2: trigging_tree under Trace information has wrong
length. ([18]Bug 10470)
* Attempt to render an SMS-DELIVER-REPORT instead of an
SMS-DELIVER. ([19]Bug 10547)
* IPv6 Mobility Option IPv6 Address/Prefix marks too many
bytes for the address/prefix field. ([20]Bug 10576)
* IPv6 Mobility Option Binding Authorization Data for FMIPv6
([21]Bug 10577)
* IPv6 Mobility Option Mobile Node Link Layer Identifier
Link-layer Identifier field is read beyond the option data.
([22]Bug 10578)
* Malformed PTPoE announce packet. ([23]Bug 10611)
* IPv6 Permanent Home Keygen Token mobility option includes
too many bytes for the token field. ([24]Bug 10619)
* IPv6 Redirect Mobility Option K and N bits are parsed
incorrectly. ([25]Bug 10622)
* IPv6 Care Of Test mobility option includes too many bytes
for the Keygen Token field. ([26]Bug 10624)
* IPv6 MESG-ID mobility option is parsed incorrectly.
([27]Bug 10625)
* IPv6 AUTH mobility option parses Mobility SPI and
* IPv6 DNS-UPDATE-TYPE mobility option includes too many
bytes for the MD identity field. ([29]Bug 10629)
* IPv6 Local Mobility Anchor Address mobility option's code
and reserved fields are parsed as 2 bytes instead of 1.
([30]Bug 10630)
* TShark crashes when running with PDML on a specific packet.
([31]Bug 10651)
* IPv6 Mobility Option Context Request reads an extra
request. ([32]Bug 10676)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
6LoWPAN, AMQP, GSM MAP, GTPv2, H.223, IEEE 802.11, iSCSI, MIH,
Mobile IPv6, PTPoE, TN5250, and UCP
New and Updated Capture File Support
Catapult DCT2000, HP-UX nettl, pcap-ng, and Sniffer (DOS)
__
Wireshark 1.10.10 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2014-12
RTP dissector crash. ([2]Bug 9920) [3]CVE-2014-6421
* [5]wnpa-sec-2014-13
MEGACO dissector infinite loop. ([6]Bug 10333)
* [8]wnpa-sec-2014-14
Netflow dissector crash. ([9]Bug 10370) [10]CVE-2014-6424
* [11]wnpa-
RTSP dissector crash. ([12]Bug 10381) [13]CVE-2014-6427
* [14]wnpa-
SES dissector crash. ([15]Bug 10454) [16]CVE-2014-6428
* [17]wnpa-
Sniffer file parser crash. ([18]Bug 10461)
The following bugs have been fixed:
* Wireshark can crash during remote capture (rpcap)
* MIPv6 Service Selection Identifier parse error. ([25]Bug
10323)
* 802.11 BA sequence number decode is broken. ([26]Bug 10334)
* TRILL NLPID 0xc0 unknown to Wireshark. ([27]Bug 10382)
* Wrong decoding of RPKI RTR End of Data PDU. ([28]Bug 10411)
* Misparsed NTP control assignments with empty values.
([29]Bug 10417)
* 6LoWPAN multicast address decompression problems. ([30]Bug
10426)
* GUI Hangs when Selecting Path to GeoIP Files. ([31]Bug
10434)
* 6LoWPAN context handling not working. ([32]Bug 10443)
* SIP: When export to a CSV, Info is changed to differ.
([33]Bug 10453)
* Typo in packet-netflow.c. ([34]Bug 10458)
* UCP dissector bug of operation 30 - data not decoded.
([35]Bug 10464)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
6LoWPAN, DVB-CI, IEEE 802.11, MEGACO, MIPv6, Netflow, NTP, OSI,
RPKI RTR, RTP, RTSP, SES, SIP, and UCP
New and Updated Capture File Support
DOS Sniffer, and NetScaler
__
Wireshark 1.10.9 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2014-08
The Catapult DCT2000 and IrDA dissectors could underrun a
buffer.
Versions affected: 1.10.0 to 1.10.8
* [2]wnpa-sec-2014-09
The GSM Management dissector could crash. ([3]Bug 10216)
Versions affected: 1.10.0 to 1.10.8
* [4]wnpa-sec-2014-10
The RLC dissector could crash. ([5]Bug 9795)
Versions affected: 1.10.0 to 1.10.8
* [6]wnpa-sec-2014-11
The ASN.1 BER dissector could crash. ([7]Bug 10187)
Versions affected: 1.10.0 to 1.10.8
The following bugs have been fixed:
* GSM MAP: ensure that p2p_dir is always initialized before
calling GSM SMS dissector ([8]Bug 10234)
* BFCP: include padding length in calculation of correct
attribute length ([9]Bug 10240)
* GTP: allow empty Data Record Packet IE ([10]Bug 10277)
* WebSocket: increase max unmask payload size to 256K and
indicate that packet is truncated is going above the new
limit ([11]Bug 10283)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
New and Updated Capture File Support
__
Wireshark 1.10.8 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2014-07
The frame metadissector could crash. ([2]Bug 9999, [3]Bug
10030)
Versions affected: 1.10.0 to 1.10.7
The following bugs have been fixed:
* VoIP flow graph crash upon opening. ([5]Bug 9179)
* Tshark with "-F pcap" still generates a pcapng file.
([6]Bug 9991)
* IPv6 Next Header 0x3d recognized as SHIM6. ([7]Bug 9995)
* Failed to export pdml on large pcap. ([8]Bug 10081)
* TCAP: set a fence on info column after calling sub
dissector ([9]Bug 10091)
* Dissector bug in JSON protocol. ([10]Bug 10115)
* GSM RLC MAC: do not skip too many lines of the CSN_DESCR
when the field is missing ([11]Bug 10120)
* Wireshark PEEKREMOTE incorrectly decoding QoS data packets
from Cisco Sniffer APs. ([12]Bug 10139)
* IEEE 802.11: fix dissection of HT Capabilities ([13]Bug
10166)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
CIP, EtherNet/IP, GSM RLC MAC, IEEE 802.11, IPv6, and TCAP
New and Updated Capture File Support
pcap-ng, and PEEKREMOTE
__
Wireshark 1.10.7 Release Notes
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2014-06
The RTP dissector could crash. ([2]Bug 9885)
Versions affected: 1.10.0 to 1.10.6
The following bugs have been fixed:
* RTP not decoded inside the conversation in v.1.10.1 ([4]Bug
9021)
* SIP/SDP: disabled second media stream disables all media
streams ([5]Bug 9835)
* Lua: trying to get/access a Preference before its
registered causes a segfault ([6]Bug 9853)
* Some value_string strings contain newlines. ([7]Bug 9878)
* Tighten the NO_MORE_DATA_CHECK macros ([8]Bug 9932)
* Fix crash when calling "MAP Summary" dialog when no file is
open ([9]Bug 9934)
* Fix comparing a sequence number of TCP fragment when its
value wraps over uint32_t limit ([10]Bug 9936)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ANSI A, DVB-CI, GSM DTAP, GSM MAP, IEEE 802.11, LCSAP, LTE RRC,
MAC LTE, Prism, RTP, SDP, SIP, and TCP
New and Updated Capture File Support
and There are no changes in this release.
__
information type: | Public → Public Security |
description: | updated |
description: | updated |
1.10 branch https:/ /code.wireshark .org/review/ gitweb? p=wireshark. git;a=shortlog; h=refs/ heads/master- 1.10