Wireshark mailing list archives

Re: CVE-2011-2597

From: Gerald Combs <gerald () wireshark org>
Date: Mon, 18 Jul 2011 16:32:06 -0700

Wireshark 1.6.1 and 1.4.8 were released a few minutes ago. They both fix
this bug.

On 7/18/11 2:34 PM, Code Six wrote:

The vulnerability CVE-2011-2597 states that 1.6.0 is also affected by this.
But there is no "fixed" release.
In looking at the website, I'm seeing on page
 
https://www.wireshark.org/security/wnpa-sec-2011-09.html
 
That it also states 1.6.0 is vulnerable to this and to install 1.2.18?
 
Please tell me this is a typo?
 
The first Versions Affected state

*Versions affected:* 1.2.0 up to and including 1.2.17

But later in the same page

Versions affected: 1.2.0 to 1.2.17, 1.4.0 to 1.4.7, and 1.6.0

 Pease confirm

 

Sincerly,

Alicia





___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

CVE-2011-2597 Code Six (Jul 18)
- Re: CVE-2011-2597 Gerald Combs (Jul 18)
- Re: CVE-2011-2597 Guy Harris (Jul 18)