[SECURITY] [DLA 826-1] wireshark security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 826-1] wireshark security update
From: Chris Lamb <lamby@debian.org>
Date: Sat, 18 Feb 2017 12:03:37 +1300
Message-id: <[🔎] 1487372617.1163540.884774440.3E052FDB@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : wireshark
Version        : 1.12.1+g01b65bf-4+deb8u6~deb7u6
CVE ID         : CVE-2017-6014
Debian Bug     : 855408

It was discovered that there was denial of service vulnerability in wireshark,
a network traffic analyzer.

A malformed NATO Ground Moving Target Indicator Format ("STANAG 4607") capture
file could cause a memory exhausion/infinite loop.

For Debian 7 "Wheezy", this issue has been fixed in wireshark version
1.12.1+g01b65bf-4+deb8u6~deb7u6.

We recommend that you upgrade your wireshark packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlinf48ACgkQHpU+J9Qx
HlhQAw/5AeO/Gv0f0rqwTr60+ojMeSIvnY+Zhq0dNcXS9Xdl8niPlQDAEGKwqQMK
RtXg7H81znEzQVzvg3huuRTTR6ObzhAmzJg3bZTCw5FMKpvxKSia0HPMw4m4NU6C
XXADUkRt8WwtggKtFPLEAY+6rFww2N6K9LbO+XDaZxcQhj+rOXWfsR+ckYqVbZUt
+oGq3HJLjhYdbTACzb5Nas6AZxpw6FVkzBLrKmBDz/H3bPqIANHcRYokw8mc9qsc
GqQH2vhDh4VcGD8NFmjn/exPhPK5O+kpimy1xIixF/6Xwkf2NH335dqQH3eG+QnY
+n71y8iYGJEO/8T2ne969PZp/cpXbe/ccFwZj99bdkzkjGoA+aiH+Jdsrdyvi9pR
JUBiHdebYQVGB8h8ZtqMrgS6UChKpq8AUTjnK7vC1Z+/QJuTEp1js0Ml1JvFf7a3
4w3L/0ZC9p26AHE2Nu7+/4jeRvi/A50u18QX9YoTow3xjhE013DFRDwIkRvO2+uD
wJfH9pY4Aco/Grj5bv9+YCsrXPnvQaK7NnZpSzdwSiVd8KrUIlj+4Ifa0sW+FHiA
BEGXdC7u1jncv+9gcPMj4V6IW/FuhurMeNR1Tc6jyqjJI7Itp/dcXiZPqbArSZKA
Ukg1apBbxDe/vC6YkZtXj3iTXMmE+tzah4wLsHfd+ZJwYl58wW4=
=nljk
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 825-1] spice security update
Next by Date: [SECURITY] [DLA 827-1] gst-plugins-base0.10 security update
Previous by thread: [SECURITY] [DLA 825-1] spice security update
Next by thread: [SECURITY] [DLA 827-1] gst-plugins-base0.10 security update
Index(es):
- Date
- Thread