Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:2872-1

Опубликовано: 26 сент. 2018
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark fixes the following issues:

Update wireshark to version 2.2.17 (bsc#1106514):

Security issues fixed:

  • CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
  • CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
  • CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)

Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.17.html

Список пакетов

SUSE Linux Enterprise Server 11 SP4
libwireshark8-2.2.17-40.31.1
libwiretap6-2.2.17-40.31.1
libwscodecs1-2.2.17-40.31.1
libwsutil7-2.2.17-40.31.1
wireshark-2.2.17-40.31.1
wireshark-gtk-2.2.17-40.31.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libwireshark8-2.2.17-40.31.1
libwiretap6-2.2.17-40.31.1
libwscodecs1-2.2.17-40.31.1
libwsutil7-2.2.17-40.31.1
wireshark-2.2.17-40.31.1
wireshark-gtk-2.2.17-40.31.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libwireshark8-2.2.17-40.31.1
libwiretap6-2.2.17-40.31.1
libwscodecs1-2.2.17-40.31.1
libwsutil7-2.2.17-40.31.1
wireshark-2.2.17-40.31.1
wireshark-devel-2.2.17-40.31.1
wireshark-gtk-2.2.17-40.31.1

Ссылки

Описание

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.17-40.31.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.17-40.31.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libwireshark8-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwiretap6-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwscodecs1-2.2.17-40.31.1
SUSE Linux Enterprise Server 11 SP4:libwsutil7-2.2.17-40.31.1
Ссылки