openSUSE-SU-2017:0664-1: Security update for Wireshark
![](https://seccdn.libravatar.org/avatar/099a17325bdf082b643d1a6bbacde279.jpg?s=120&d=mm&r=g)
openSUSE Security Update: Security update for Wireshark ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0664-1 Rating: low References: #1027998 Cross-References: CVE-2017-6467 CVE-2017-6468 CVE-2017-6469 CVE-2017-6470 CVE-2017-6471 CVE-2017-6472 CVE-2017-6473 CVE-2017-6474 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for Wireshark fixes minor vulnerabilities that could be used to trigger a dissector crash or infinite loops by sending specially crafted packages over the network or into a capture file: - CVE-2017-6467: NetScaler file parser infinite loop (wnpa-sec-2017-11) - CVE-2017-6468: NetScaler file parser crash (wnpa-sec-2017-08) - CVE-2017-6469: LDSS dissector crash (wnpa-sec-2017-03) - CVE-2017-6470: IAX2 dissector infinite loop (wnpa-sec-2017-10) - CVE-2017-6471: WSP dissector infinite loop (wnpa-sec-2017-05) - CVE-2017-6472: RTMTP dissector infinite loop (wnpa-sec-2017-04) - CVE-2017-6473: K12 file parser crash (wnpa-sec-2017-09) - CVE-2017-6474: NetScaler file parser infinite loop (wnpa-sec-2017-07) - wnpa-sec-2017-06: STANAG 4607 file parser infinite loop Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-326=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): wireshark-2.2.5-12.1 wireshark-debuginfo-2.2.5-12.1 wireshark-debugsource-2.2.5-12.1 wireshark-devel-2.2.5-12.1 wireshark-ui-gtk-2.2.5-12.1 wireshark-ui-gtk-debuginfo-2.2.5-12.1 wireshark-ui-qt-2.2.5-12.1 wireshark-ui-qt-debuginfo-2.2.5-12.1 References: https://www.suse.com/security/cve/CVE-2017-6467.html https://www.suse.com/security/cve/CVE-2017-6468.html https://www.suse.com/security/cve/CVE-2017-6469.html https://www.suse.com/security/cve/CVE-2017-6470.html https://www.suse.com/security/cve/CVE-2017-6471.html https://www.suse.com/security/cve/CVE-2017-6472.html https://www.suse.com/security/cve/CVE-2017-6473.html https://www.suse.com/security/cve/CVE-2017-6474.html https://bugzilla.suse.com/1027998
participants (1)
-
opensuse-security@opensuse.org