Debian Security Advisory

DLA-198-1 wireshark -- LTS security update

Date Reported:
22 Apr 2015
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2015-2191, CVE-2015-2188, CVE-2015-0564, CVE-2015-0562, CVE-2014-8714, CVE-2014-8713, CVE-2014-8712, CVE-2014-8711, CVE-2014-8710, CVE-2014-6432, CVE-2014-6431, CVE-2014-6430, CVE-2014-6429, CVE-2014-6428, CVE-2014-6423, CVE-2014-6422.
More information:

The following vulnerabilities were discovered in the Squeeze's Wireshark version:

Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix all the outstanding issues and some issues are not even tracked publicly the LTS Team decided to sync squeeze-lts's wireshark package with wheezy-security to provide the best possible security support.

Note that upgrading Wireshark from 1.2.x to 1.8.x introduces several backward-incompatible changes in package structure, shared library API/ABI, availability of dissectors and in syntax of command line parameters.