Описание
Security update for wireshark
This update for wireshark fixes the following issues:
Updated to version 3.6.14:
- CVE-2023-2855: Fixed a crash in the Candump log file parser (boo#1211703).
- CVE-2023-2856: Fixed a crash in the VMS TCPIPtrace file parser (boo#1211707).
- CVE-2023-2857: Fixed a crash in the BLF file parser (boo#1211705).
- CVE-2023-2858: Fixed a crash in the NetScaler file parser (boo#1211706).
- CVE-2023-0668: Fixed a crash in the IEEE C37.118 Synchrophasor dissector (boo#1211710).
- CVE-2023-2879: GDSDB dissector infinite loop (boo#1211793).
Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.14.html
Список пакетов
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
wireshark-devel-3.6.14-150000.3.92.1
wireshark-ui-qt-3.6.14-150000.3.92.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
wireshark-devel-3.6.14-150000.3.92.1
wireshark-ui-qt-3.6.14-150000.3.92.1
SUSE Linux Enterprise Real Time 15 SP3
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
wireshark-devel-3.6.14-150000.3.92.1
wireshark-ui-qt-3.6.14-150000.3.92.1
openSUSE Leap 15.4
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
wireshark-devel-3.6.14-150000.3.92.1
wireshark-ui-qt-3.6.14-150000.3.92.1
openSUSE Leap 15.5
libwireshark15-3.6.14-150000.3.92.1
libwiretap12-3.6.14-150000.3.92.1
libwsutil13-3.6.14-150000.3.92.1
wireshark-3.6.14-150000.3.92.1
wireshark-devel-3.6.14-150000.3.92.1
wireshark-ui-qt-3.6.14-150000.3.92.1
Ссылки
- Link for SUSE-SU-2023:2320-1
- E-Mail link for SUSE-SU-2023:2320-1
- SUSE Security Ratings
- SUSE Bug 1211703
- SUSE Bug 1211705
- SUSE Bug 1211706
- SUSE Bug 1211707
- SUSE Bug 1211710
- SUSE Bug 1211793
- SUSE CVE CVE-2023-0668 page
- SUSE CVE CVE-2023-2855 page
- SUSE CVE CVE-2023-2856 page
- SUSE CVE CVE-2023-2857 page
- SUSE CVE CVE-2023-2858 page
- SUSE CVE CVE-2023-2859 page
Описание
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.14-150000.3.92.1
Ссылки
- CVE-2023-0668
- SUSE Bug 1211710
Описание
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.14-150000.3.92.1
Ссылки
- CVE-2023-2855
- SUSE Bug 1211703
Описание
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.14-150000.3.92.1
Ссылки
- CVE-2023-2856
- SUSE Bug 1211707
Описание
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.14-150000.3.92.1
Ссылки
- CVE-2023-2857
- SUSE Bug 1211705
Описание
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.14-150000.3.92.1
Ссылки
- CVE-2023-2858
- SUSE Bug 1211706
Описание
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwireshark15-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwiretap12-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libwsutil13-3.6.14-150000.3.92.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:wireshark-3.6.14-150000.3.92.1
Ссылки
- CVE-2023-2859