Wireshark upstream has released 1.8.7, 1.6.15 versions, correcting multiple security flaws: 1) http://www.wireshark.org/security/wnpa-sec-2013-31.html https://bugzilla.redhat.com/show_bug.cgi?id=965110 2) http://www.wireshark.org/security/wnpa-sec-2013-30.html https://bugzilla.redhat.com/show_bug.cgi?id=965111 3) http://www.wireshark.org/security/wnpa-sec-2013-29.html https://bugzilla.redhat.com/show_bug.cgi?id=965112 4) http://www.wireshark.org/security/wnpa-sec-2013-28.html https://bugzilla.redhat.com/show_bug.cgi?id=965186 5) http://www.wireshark.org/security/wnpa-sec-2013-27.html https://bugzilla.redhat.com/show_bug.cgi?id=965190 6) http://www.wireshark.org/security/wnpa-sec-2013-26.html https://bugzilla.redhat.com/show_bug.cgi?id=965192 7) http://www.wireshark.org/security/wnpa-sec-2013-25.html https://bugzilla.redhat.com/show_bug.cgi?id=965193 8) http://www.wireshark.org/security/wnpa-sec-2013-24.html https://bugzilla.redhat.com/show_bug.cgi?id=965194 9) http://www.wireshark.org/security/wnpa-sec-2013-23.html https://bugzilla.redhat.com/show_bug.cgi?id=965195 Further Note regarding 9): The CVE-2013-2486 && CVE-2013-2487 identifiers have been originally assigned for the 9) issue for the fix in v1.8.6. The patch should contain two patches, but only one was applied. Not sure if a new CVE identifier should be assigned for this case. Could you allocate CVE identifiers for these? Thank you && Regards, Jan.