SUSE-SU-2023:1931-1

Опубликовано: 20 апр. 2023

Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark fixes the following issues:

CVE-2023-1992: Fixed RPCoRDMA dissector crash (bsc#1210405).
CVE-2023-1993: Fixed LISP dissector large loop (bsc#1210404).
CVE-2023-1994: Fixed GQUIC dissector crash (bsc#1210403).

Update to 3.6.13:

Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.13.html

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP5-SAP-Azure-LI-BYOS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

SUSE Enterprise Storage 7

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Enterprise Storage 7.1

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Real Time 15 SP3

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Server 15 SP2-LTSS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Server 15 SP3-LTSS

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

SUSE Manager Proxy 4.2

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

SUSE Manager Server 4.2

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

openSUSE Leap 15.4

libwireshark15-3.6.13-150000.3.89.1

libwiretap12-3.6.13-150000.3.89.1

libwsutil13-3.6.13-150000.3.89.1

wireshark-3.6.13-150000.3.89.1

wireshark-devel-3.6.13-150000.3.89.1

wireshark-ui-qt-3.6.13-150000.3.89.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20231931-1/
Link for SUSE-SU-2023:1931-1
https://lists.suse.com/pipermail/sle-security-updates/2023-April/014538.html
E-Mail link for SUSE-SU-2023:1931-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1210403
SUSE Bug 1210403
https://bugzilla.suse.com/1210404
SUSE Bug 1210404
https://bugzilla.suse.com/1210405
SUSE Bug 1210405
https://www.suse.com/security/cve/CVE-2023-1992/
SUSE CVE CVE-2023-1992 page
https://www.suse.com/security/cve/CVE-2023-1993/
SUSE CVE CVE-2023-1993 page
https://www.suse.com/security/cve/CVE-2023-1994/
SUSE CVE CVE-2023-1994 page

Описание

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.13-150000.3.89.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-1992.html
CVE-2023-1992
https://bugzilla.suse.com/1210405
SUSE Bug 1210405

Описание

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.13-150000.3.89.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-1993.html
CVE-2023-1993
https://bugzilla.suse.com/1210404
SUSE Bug 1210404

Описание

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.13-150000.3.89.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.13-150000.3.89.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-1994.html
CVE-2023-1994
https://bugzilla.suse.com/1210403
SUSE Bug 1210403

SUSE-SU-2023:1931-1

Описание

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP4-SAP-Azure-LI-BYOS

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

Image SLES15-SP4-SAP-Azure-VLI-BYOS

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP5-SAP-Azure-LI-BYOS

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

Image SLES15-SP5-SAP-Azure-VLI-BYOS

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Enterprise Storage 7

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

SUSE Linux Enterprise Real Time 15 SP3

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Manager Proxy 4.2

SUSE Manager Server 4.2

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2023-1992

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-1993

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-1994

Описание

Затронутые продукты

Ссылки