Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:2860-1

Опубликовано: 26 окт. 2017
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark fixes the following issues:

Wireshark was updated to 2.2.10, fixing security issues and bugs:

  • CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44)
  • CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42)
  • CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP3
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Server 12 SP2
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Server 12 SP3
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libwireshark8-2.2.10-48.12.1
libwiretap6-2.2.10-48.12.1
libwscodecs1-2.2.10-48.12.1
libwsutil7-2.2.10-48.12.1
wireshark-2.2.10-48.12.1
wireshark-gtk-2.2.10-48.12.1
SUSE Linux Enterprise Software Development Kit 12 SP2
wireshark-devel-2.2.10-48.12.1
SUSE Linux Enterprise Software Development Kit 12 SP3
wireshark-devel-2.2.10-48.12.1

Ссылки

Описание

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.10-48.12.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.10-48.12.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.10-48.12.1
SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.10-48.12.1
Ссылки