Описание
Security update for wireshark
This update for wireshark fixes the following issues:
- Wireshark to 3.2.5:
- CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)
- CVE-2020-13164: NFS dissector crash (bsc#1171899)
- CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)
- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html
Список пакетов
Image SLES15-SAP-Azure-LI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
wireshark-3.2.5-3.38.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
wireshark-3.2.5-3.38.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
wireshark-3.2.5-3.38.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
wireshark-3.2.5-3.38.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
wireshark-3.2.5-3.38.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.5-3.38.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
libwireshark13-3.2.5-3.38.1
libwiretap10-3.2.5-3.38.1
libwsutil11-3.2.5-3.38.1
wireshark-3.2.5-3.38.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
libwireshark13-3.2.5-3.38.1
libwiretap10-3.2.5-3.38.1
libwsutil11-3.2.5-3.38.1
wireshark-3.2.5-3.38.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
wireshark-devel-3.2.5-3.38.1
wireshark-ui-qt-3.2.5-3.38.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
wireshark-devel-3.2.5-3.38.1
wireshark-ui-qt-3.2.5-3.38.1
Ссылки
- Link for SUSE-SU-2020:2144-1
- E-Mail link for SUSE-SU-2020:2144-1
- SUSE Security Ratings
- SUSE Bug 1169063
- SUSE Bug 1171899
- SUSE Bug 1173606
- SUSE CVE CVE-2020-11647 page
- SUSE CVE CVE-2020-13164 page
- SUSE CVE CVE-2020-15466 page
Описание
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.5-3.38.1
Ссылки
- CVE-2020-11647
- SUSE Bug 1169063
Описание
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.5-3.38.1
Ссылки
- CVE-2020-13164
- SUSE Bug 1171899
Описание
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.2.5-3.38.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.5-3.38.1
Ссылки
- CVE-2020-15466
- SUSE Bug 1173606