Wireshark-users: Re: [Wireshark-users] CVE-2011-2597

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Mon, 18 Jul 2011 16:32:06 -0700
Wireshark 1.6.1 and 1.4.8 were released a few minutes ago. They both fix
this bug.

On 7/18/11 2:34 PM, Code Six wrote:
> The vulnerability CVE-2011-2597 states that 1.6.0 is also affected by this.
> But there is no "fixed" release.
> In looking at the website, I'm seeing on page
>  
> https://www.wireshark.org/security/wnpa-sec-2011-09.html
>  
> That it also states 1.6.0 is vulnerable to this and to install 1.2.18?
>  
> Please tell me this is a typo?
>  
> The first Versions Affected state
> 
> *Versions affected:* 1.2.0 up to and including 1.2.17
> 
> But later in the same page
> 
> Versions affected: 1.2.0 to 1.2.17, 1.4.0 to 1.4.7, and 1.6.0
> 
>  Pease confirm
> 
>  
> 
> Sincerly,
> 
> Alicia
> 
> 
> 
> 
> 
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>              mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe