[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1634-1] wireshark security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wireshark
Version        : 1.12.1+g01b65bf-4+deb8u16
CVE ID         : CVE-2017-7700 CVE-2017-7703 CVE-2017-7746 CVE-2017-7747
                 CVE-2017-9766 CVE-2017-11406 CVE-2017-11407 CVE-2017-11409
                 CVE-2017-13765 CVE-2017-15191 CVE-2017-17935 CVE-2017-17997
                 CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325
                 CVE-2018-7331 CVE-2018-7336 CVE-2018-7417 CVE-2018-7418
                 CVE-2018-7420 CVE-2018-9256 CVE-2018-9259 CVE-2018-9260
                 CVE-2018-9262 CVE-2018-9263 CVE-2018-9265 CVE-2018-9267
                 CVE-2018-9268 CVE-2018-9269 CVE-2018-9270 CVE-2018-11356
                 CVE-2018-11357 CVE-2018-11359 CVE-2018-16057 CVE-2018-16058
                 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625
                 CVE-2018-19626


Several issues in wireshark, a tool that captures and analyzes packets off the wire, have been found by different people. These are basically issues with length checks or invalid memory access in different dissectors. This could result in infinite loops or crashes by malicious packets.

For Debian 8 "Jessie", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u16.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlw+MCZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEelWA/+NCrvIRdJkPcl9pH/ALCH6A5j5+CjLhZ/1ej0kQUv91YGqPHZhfJ9GnHp
8VQfwdmJXCXw4lmF1DpN2T/q3KqG6qwGowfxeWBoinfJgsCTIpY1r5n+dff/syu7
OIV5swZAiR3ivk/Pm6U3j3sX2HTFCPqsHi9atxaWDIcllMibM1FKgHr2SIXe991x
eCax5J3UPv594V+42j4hYIbLg28dhbGKGWKuONGhbW0aRWFoj6J9gOR3r+dVdKnI
mAKAbPrM6/t75VNsr0L6FJCDX+7eJPImgGjTFL1e/Ue8AZTRCma2Zyg8bVEcHsSq
5HEAPFAjdOqSW6XqlTDF1J1E+7dA1nIX+uCA/3nZK7HM+IRqaXXMADisO1oVnQyl
NJ7dwsGbpTuZSOF8cbdDptyBxz4R3z3Zo3bg+e9mvcwDPzrEQbPsXFpmtmtbbVsX
ELH9G8AOEBGeGc3pz14+XMFMI/OskoletTLWyTGBv7MvQtmUtHc+e/RpL1GvFrHf
APfmCZQdDhqpk9O1EcApIFpNuBlzrqlCfzUi8nSlJxjCsT0fQey54dadORn5eYd1
K/9Gnj+AMqFr6irYa/G9BGQ/u3bV+XvyNytNlgM2/lbOyUSjPKAL+6OJa7AIYXM5
tw18Zuiq8FEH2UqMEzCuzxovoGJKIEPDQEmKM5COvvlIIJAO2UU=
=5QMF
-----END PGP SIGNATURE-----


Reply to: