Debian Security Advisory
DLA-1729-1 wireshark -- LTS security update
- Date Reported:
- 25 Mar 2019
- Affected Packages:
- wireshark
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-9344, CVE-2017-9349, CVE-2019-9209.
- More information:
-
Several vulnerabilities have been found in wireshark, a network traffic analyzer.
- CVE-2019-9209:
Preventing the crash of the ASN.1 BER and related dissectors by avoiding a buffer overflow associated with excessive digits in time values.
- CVE-2017-9349:
Fixing an infinite loop in the DICOM dissector by validating a length value.
- CVE-2017-9344:
Avoid a divide by zero, by validating an interval value in the Bluetooth L2CAP dissector.
For Debian 8
Jessie
, these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u18.We recommend that you upgrade your wireshark packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
- CVE-2019-9209: