Wireshark-dev: Re: [Wireshark-dev] Request for details on security issues in 0.99.0
From: Gerald Combs <[email protected]>
Date: Tue, 18 Jul 2006 13:40:47 -0500
Frederic Peters wrote:
> Hello,
> 
> http://www.wireshark.org/security/wnpa-sec-2006-01.html lists several
> vulnerabilities and announces affected versions range from 0.8.16 up
> to and including 0.99.0.
> 
> However the detailed listing of vulnerabilities doesn't list any one
> for 0.99.0.  Perhaps the 'Versions affected' info should include a
> range, like it was for example done in last Ethereal report, example:
>   The H.245 dissector could crash.  Versions affected: 0.10.13-0.10.14.
> 
> This would help immensely my packaging job.

The vulnerabilities listed in the advisory at

  http://www.wireshark.org/security/wnpa-sec-2006-01.html

and the release notes at

  http://www.wireshark.org/docs/relnotes/wireshark-0.99.2.html

Have been updated to include ranges.  I'll try to include ranges in
future documentation as well.