Debian Security Advisory
DSA-2324-1 wireshark -- programming error
- Date Reported:
- 20 Oct 2011
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2011-3360.
- More information:
The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code.
For the oldstable distribution (lenny), this problem has been fixed in version 1.0.2-3+lenny15. This build will be released shortly.
For the stable distribution (squeeze), this problem has been fixed in version 1.2.11-6+squeeze4.
For the unstable distribution (sid), this problem has been fixed in version 1.6.2-1.
We recommend that you upgrade your wireshark packages.