[Richard Brooks <richardbuk@xxxxxxx>]

Hello Bill, in my last email I neglected to add the Secunia report information you asked for.

 

 

Regards

Richard

<RichardBUK@xxxxxxx>

 

 

 

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Bill Meier
Sent: 06 January 2010 21:21
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Security issue being reported by the Secunia PSI scanner.

 

Richard Brooks wrote:

> A security issue is being reported by the 'Secunia PSI' vulnerability

> scanner (free non-commercial download available at their website).

>

> The vulnerability is located in  'C:\Program

> Files\Wireshark\libgdk-win32-2.0-0.dll' which is part of GTK2+.

>

> Are there any plans to code this issue out of the Wireshark installer with a

> later version of the GTK+ library?

>

 

Windows Wireshark releases stay reasonably current with GTK/Glib versions.

 

So:

 

1. Please provide the details as to the version of Wireshark and the

various libraries you are using (Wireshark ! Help ! About).

 

2. Can you provide a bit more detail as to the specific Secunia Advisory

ID being reported.

 

A quick look at the Secunia database didn't show any advisories for libgdk.

 

___________________________________________________________________________

Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>

Archives:    http://www.wireshark.org/lists/wireshark-dev

Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev

             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

__________ Information from ESET NOD32 Antivirus, version of virus signature database 4749 (20100106) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com