Debian Long Term Support / LTS Security Information / 2015 / Security Information -- DLA-198-1 wireshark

Debian Security Advisory

DLA-198-1 wireshark -- LTS security update

Date Reported:

22 Apr 2015

Affected Packages:

wireshark

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2015-2191, CVE-2015-2188, CVE-2015-0564, CVE-2015-0562, CVE-2014-8714, CVE-2014-8713, CVE-2014-8712, CVE-2014-8711, CVE-2014-8710, CVE-2014-6432, CVE-2014-6431, CVE-2014-6430, CVE-2014-6429, CVE-2014-6428, CVE-2014-6423, CVE-2014-6422.

More information:

The following vulnerabilities were discovered in the Squeeze's Wireshark version:

• CVE-2015-2188 The WCP dissector could crash
• CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions
• CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash
• CVE-2014-8714 TN5250 infinite loops
• CVE-2014-8713 NCP crashes
• CVE-2014-8712 NCP crashes
• CVE-2014-8711 AMQP crash
• CVE-2014-8710 SigComp UDVM buffer overflow
• CVE-2014-6432 Sniffer file parser crash
• CVE-2014-6431 Sniffer file parser crash
• CVE-2014-6430 Sniffer file parser crash
• CVE-2014-6429 Sniffer file parser crash
• CVE-2014-6428 SES dissector crash
• CVE-2014-6423 MEGACO dissector infinite loop
• CVE-2014-6422 RTP dissector crash

Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix all the outstanding issues and some issues are not even tracked publicly the LTS Team decided to sync squeeze-lts's wireshark package with wheezy-security to provide the best possible security support.

Note that upgrading Wireshark from 1.2.x to 1.8.x introduces several backward-incompatible changes in package structure, shared library API/ABI, availability of dissectors and in syntax of command line parameters.