reinit the tree, so we can have metadata

author: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
commit: 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree: ba5f07bf3f9d22d82e54a462313f5d244036c768 /metadata/glsa/glsa-200712-23.xml
1 files changed, 89 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-200712-23.xml b/metadata/glsa/glsa-200712-23.xml
new file mode 100644
index 000000000000..5b80997ed4bd
--- /dev/null
+++ b/metadata/glsa/glsa-200712-23.xml
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="200712-23">
+  <title>Wireshark: Multiple vulnerabilities</title>
+  <synopsis>
+    Multiple vulnerabilities have been discovered in Wireshark, allowing for
+    the remote execution of arbitrary code and a Denial of Service.
+  </synopsis>
+  <product type="ebuild">wireshark</product>
+  <announced>2007-12-30</announced>
+  <revised>2007-12-30: 01</revised>
+  <bug>199958</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/wireshark" auto="yes" arch="*">
+      <unaffected range="ge">0.99.7</unaffected>
+      <vulnerable range="lt">0.99.7</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>
+    Wireshark is a network protocol analyzer with a graphical front-end.
+    </p>
+  </background>
+  <description>
+    <p>
+    Multiple buffer overflows and infinite loops were discovered in
+    multiple dissector and parser components, including those for MP3 and
+    NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and
+    iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP
+    (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP
+    (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119),
+    Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB
+    (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441),
+    RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were
+    discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming,
+    Steve and ainsley.
+    </p>
+  </description>
+  <impact type="high">
+    <p>
+    A remote attacker could send specially crafted packets on a network
+    being monitored with Wireshark or entice a user to open a specially
+    crafted file, possibly resulting in the execution of arbitrary code
+    with the privileges of the user running Wireshark (which might be the
+    root user), or a Denial of Service.
+    </p>
+  </impact>
+  <workaround>
+    <p>
+    There is no known workaround at this time.
+    </p>
+  </workaround>
+  <resolution>
+    <p>
+    All Wireshark users should upgrade to the latest version:
+    </p>
+    <code>
+    # emerge --sync
+    # emerge --ask --oneshot --verbose "&gt;=net-analyzer/wireshark-0.99.7"</code>
+  </resolution>
+  <references>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111">CVE-2007-6111</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112">CVE-2007-6112</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113">CVE-2007-6113</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114">CVE-2007-6114</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115">CVE-2007-6115</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116">CVE-2007-6116</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117">CVE-2007-6117</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118">CVE-2007-6118</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119">CVE-2007-6119</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120">CVE-2007-6120</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121">CVE-2007-6121</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438">CVE-2007-6438</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439">CVE-2007-6439</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441">CVE-2007-6441</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450">CVE-2007-6450</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451">CVE-2007-6451</uri>
+  </references>
+  <metadata tag="requester" timestamp="2007-12-26T11:44:15Z">
+    keytoaster
+  </metadata>
+  <metadata tag="submitter" timestamp="2007-12-29T21:41:40Z">
+    rbu
+  </metadata>
+  <metadata tag="bugReady" timestamp="2007-12-29T22:00:22Z">
+    rbu
+  </metadata>
+</glsa>
author	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
commit	4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree	ba5f07bf3f9d22d82e54a462313f5d244036c768 /metadata/glsa/glsa-200712-23.xml