Mailinglist Archive: opensuse-updates (82 mails)

< Previous Next >
openSUSE-SU-2018:0899-1: moderate: Security update for wireshark
openSUSE Security Update: Security update for wireshark
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:0899-1
Rating: moderate
References: #1088200
Cross-References: CVE-2018-9256 CVE-2018-9259 CVE-2018-9260
CVE-2018-9261 CVE-2018-9262 CVE-2018-9263
CVE-2018-9264 CVE-2018-9265 CVE-2018-9266
CVE-2018-9267 CVE-2018-9268 CVE-2018-9269
CVE-2018-9270 CVE-2018-9271 CVE-2018-9272
CVE-2018-9273 CVE-2018-9274
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 17 vulnerabilities is now available.

Description:

This update for wireshark fixes the following issues:

Minor vulnerabilities that could be used to trigger dissector crashes or
cause dissectors to go into large infinite loops by making Wireshark read
specially crafted packages from the network or capture files (boo#1088200):

- CVE-2018-9264: ADB dissector crash
- CVE-2018-9260: IEEE 802.15.4 dissector crash
- CVE-2018-9261: NBAP dissector crash
- CVE-2018-9262: VLAN dissector crash
- CVE-2018-9256: LWAPP dissector crash
- CVE-2018-9263: Kerberos dissector crash
- CVE-2018-9259: MP4 dissector crash
- Memory leaks in multiple dissectors: CVE-2018-9265, CVE-2018-9266,
CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270,
CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274

This update also contains all upstream bug fixes and updated protocol
support as listed in:

https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-347=1



Package List:

- openSUSE Leap 42.3 (x86_64):

wireshark-2.2.14-38.1
wireshark-debuginfo-2.2.14-38.1
wireshark-debugsource-2.2.14-38.1
wireshark-devel-2.2.14-38.1
wireshark-ui-gtk-2.2.14-38.1
wireshark-ui-gtk-debuginfo-2.2.14-38.1
wireshark-ui-qt-2.2.14-38.1
wireshark-ui-qt-debuginfo-2.2.14-38.1


References:

https://www.suse.com/security/cve/CVE-2018-9256.html
https://www.suse.com/security/cve/CVE-2018-9259.html
https://www.suse.com/security/cve/CVE-2018-9260.html
https://www.suse.com/security/cve/CVE-2018-9261.html
https://www.suse.com/security/cve/CVE-2018-9262.html
https://www.suse.com/security/cve/CVE-2018-9263.html
https://www.suse.com/security/cve/CVE-2018-9264.html
https://www.suse.com/security/cve/CVE-2018-9265.html
https://www.suse.com/security/cve/CVE-2018-9266.html
https://www.suse.com/security/cve/CVE-2018-9267.html
https://www.suse.com/security/cve/CVE-2018-9268.html
https://www.suse.com/security/cve/CVE-2018-9269.html
https://www.suse.com/security/cve/CVE-2018-9270.html
https://www.suse.com/security/cve/CVE-2018-9271.html
https://www.suse.com/security/cve/CVE-2018-9272.html
https://www.suse.com/security/cve/CVE-2018-9273.html
https://www.suse.com/security/cve/CVE-2018-9274.html
https://bugzilla.suse.com/1088200


< Previous Next >
This Thread
  • No further messages