Описание
Security update for wireshark
This update for wireshark fixes the following issues:
- CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. (bsc#1070727)
- CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. (bsc#1070727)
- CVE-2017-17085: the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. (bsc#1070727)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP3
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Server 12 SP2
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Server 12 SP3
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libwireshark8-2.2.11-48.15.3
libwiretap6-2.2.11-48.15.3
libwscodecs1-2.2.11-48.15.3
libwsutil7-2.2.11-48.15.3
wireshark-2.2.11-48.15.3
wireshark-gtk-2.2.11-48.15.3
SUSE Linux Enterprise Software Development Kit 12 SP2
wireshark-devel-2.2.11-48.15.3
SUSE Linux Enterprise Software Development Kit 12 SP3
wireshark-devel-2.2.11-48.15.3
Ссылки
- Link for SUSE-SU-2017:3436-1
- E-Mail link for SUSE-SU-2017:3436-1
- SUSE Security Ratings
- SUSE Bug 1070727
- SUSE CVE CVE-2017-17083 page
- SUSE CVE CVE-2017-17084 page
- SUSE CVE CVE-2017-17085 page
Описание
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.11-48.15.3
Ссылки
- CVE-2017-17083
- SUSE Bug 1070727
Описание
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.11-48.15.3
Ссылки
- CVE-2017-17084
- SUSE Bug 1070727
Описание
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.11-48.15.3
SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.11-48.15.3
Ссылки
- CVE-2017-17085
- SUSE Bug 1070727