Описание
ELSA-2015-2393: wireshark security, bug fix, and enhancement update (MODERATE)
[1.10.14-7.0.1]
- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect
[1.10.14-7]
- Rebase some tvbuff API from upstream to 1.10.14
- Fixes crash when tvb_length_remaining() is used
- Related: CVE-2015-6244
[1.10.14-6]
- Security patch
- Resolves: CVE-2015-3182
[1.10.14-5]
- Fix crash caused by -DGDK_PIXBUF_DEPRECATED on startup
- Resolves: rhbz#1267959
[1.10.14-4]
- Security patches
- Resolves: CVE-2015-6243 CVE-2015-6244 CVE-2015-6245 CVE-2015-6246 CVE-2015-6248
[1.10.14-3]
- Security patches
- Resolves: CVE-2015-3810 CVE-2015-3813
[1.10.14-2]
- Add certificate verify message decoding in TLS extension
- Resolves: #1239150
[1.10.14-1]
- Upgrade to 1.10.14
- Resolves: #1238676
[1.10.3-20]
- add master secret extension decoding in TLS extension
- add encrypt-then-mac extension decoding in TLS extension
- Resolves: #1222901
[1.10.3-19]
- create pcap file if -F pcap specified
- Resolves: #1227199
[1.10.3-18]
- add key exchange algorithms decoding in TLS extension
- Resolves: #1222600
[1.10.3-17]
- add signature algorithms decoding in TLS extension
- Resolves: #1221701
[1.10.3-16]
- add relro check
- Resolves: #1092532
[1.10.3-15]
- add elliptic curves decoding in DTLS HELLO
- Resolves: #1131202
[1.10.3-14]
- introduced nanosecond time precision
- Resolves: #1213339
[1.10.3-13]
- security patches
- Resolves: #1148267
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
wireshark
1.10.14-7.0.1.el7
wireshark-devel
1.10.14-7.0.1.el7
wireshark-gnome
1.10.14-7.0.1.el7
Ссылки на источники
Связанные уязвимости
ELSA-2015-1460: wireshark security, bug fix, and enhancement update (MODERATE)
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
The build_expert_data function in epan/dissectors/packet-ncp2222.inc i ...