Debian Security Advisory
DLA-2423-1 wireshark -- LTS security update
- Date Reported:
- 31 Oct 2020
- Affected Packages:
- wireshark
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 926718, Bug 929446.
In Mitre's CVE dictionary: CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903, CVE-2019-12295. - More information:
-
Several vulnerabilities were fixed in the Wireshark network protocol analyzer.
- CVE-2019-10894
GSS-API dissector crash
- CVE-2019-10895
NetScaler file parser crash
- CVE-2019-10896
DOF dissector crash
- CVE-2019-10899
SRVLOC dissector crash
- CVE-2019-10901
LDSS dissector crash
- CVE-2019-10903
DCERPC SPOOLSS dissector crash
- CVE-2019-12295
Dissection engine could crash
For Debian 9 stretch, these problems have been fixed in version 2.6.8-1.1~deb9u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wireshark
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
- CVE-2019-10894