Описание
Security update for wireshark
This update for wireshark fixes the following issues:
- wireshark was updated to 3.2.8:
- CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)
- CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)
- Infinite memory allocation while parsing this tcp packet
Список пакетов
Image SLES15-SAP-Azure-LI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
wireshark-3.2.8-3.44.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
wireshark-3.2.8-3.44.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
wireshark-3.2.8-3.44.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
wireshark-3.2.8-3.44.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
wireshark-3.2.8-3.44.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
wireshark-3.2.8-3.44.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
libwireshark13-3.2.8-3.44.1
libwiretap10-3.2.8-3.44.1
libwsutil11-3.2.8-3.44.1
wireshark-3.2.8-3.44.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
libwireshark13-3.2.8-3.44.1
libwiretap10-3.2.8-3.44.1
libwsutil11-3.2.8-3.44.1
wireshark-3.2.8-3.44.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
wireshark-devel-3.2.8-3.44.1
wireshark-ui-qt-3.2.8-3.44.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
wireshark-devel-3.2.8-3.44.1
wireshark-ui-qt-3.2.8-3.44.1
Ссылки
- Link for SUSE-SU-2020:3376-1
- E-Mail link for SUSE-SU-2020:3376-1
- SUSE Security Ratings
- SUSE Bug 1177406
- SUSE Bug 1178291
- SUSE CVE CVE-2020-26575 page
- SUSE CVE CVE-2020-28030 page
Описание
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-3.2.8-3.44.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.8-3.44.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.2.8-3.44.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.8-3.44.1
Ссылки
- CVE-2020-26575
- SUSE Bug 1177406
- SUSE Bug 1178290
Описание
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:wireshark-3.2.8-3.44.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.8-3.44.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.2.8-3.44.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:wireshark-3.2.8-3.44.1
Ссылки
- CVE-2020-28030
- SUSE Bug 1178291