-
Wireshark updates close security holes
The Wireshark development team hasannounced the release of versions 1.2.17 and1.4.7 of its open source, cross-platform network protocol analyser.
According to the developers, these maintenance and security updates address multiple vulnerabilities that could, for example, cause the application to crash “by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file”. These include issues related to a large/infinite loop in the DICOM dissector in Wireshark 1.4.x, and, in the 1.2.x branch, bugs in the X.509if dissector. A number of bugs in some of the 1.4.x dissectors have also been fixed. All users are advised to update to the latest versions.
