diff options
author | Gerald Combs <gerald@wireshark.org> | 2007-09-06 18:26:04 +0000 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2007-09-06 18:26:04 +0000 |
commit | 3120e42f6ee1ef0fa4a559da97db6d73a7f82459 (patch) | |
tree | cda1f0bd4293a9dff1993385f5be40c79956528a /docbook/release-notes.xml | |
parent | e6f1cf9384bbfff9bbbe624c2e50fb1c15d9f7f2 (diff) |
Fix problems found by Beyond Security:
Instead of overflowing an unsigned int when determining the number of
items in a range, use a signed int and check for a negative value. Make
sure our offset increments as we step through each item. This should
avoid large/inifinite loops.
Fix the size of hf_dnp3_al_range_stop32.
svn path=/trunk/; revision=22811
Diffstat (limited to 'docbook/release-notes.xml')
-rw-r--r-- | docbook/release-notes.xml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/docbook/release-notes.xml b/docbook/release-notes.xml index 5245a29c00..a553ee9044 100644 --- a/docbook/release-notes.xml +++ b/docbook/release-notes.xml @@ -47,6 +47,18 @@ Wireshark Info </para> </listitem> + <listitem> + <para> + Beyond Security discovered that Wireshark could loop + excessively while reading a malformed DNP packet. + <!-- Fixed in r22811 --> + </para> + <para>Versions affected: 0.10.12 to 0.99.6</para> + <para> + <!-- <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-????">CVE-2007-????</ulink> --> + </para> + </listitem> + </itemizedlist> </para> |