Wireshark-bugs: [Wireshark-bugs] [Bug 3521] Wireshark has a possible vulnerability in a Kerberos

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 9 Jun 2009 18:40:53 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3521


Gerald Combs <gerald@xxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |gerald@xxxxxxxxxxxxx
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED
            Summary|Wireshark has a             |Wireshark has a possible
                   |vulnerability in a Kerberos |vulnerability in a Kerberos
                   |link library.               |link library.




--- Comment #1 from Gerald Combs <gerald@xxxxxxxxxxxxx>  2009-06-09 18:40:43 PDT ---
I read through the list of advisories at
http://web.mit.edu/Kerberos/advisories/ and didn't see any that directly
affected us. (We use a very small portion of the Kerberos libraries.) Just to
be on the safe side I've updated the version of KFW that we include with
Wireshark to 3.2.2, which includes krb5_32.dll 1.6.3.16. The update has been
scheduled for 1.0.9 and 1.2.0.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.