[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2423-1] wireshark security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2423-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
October 31, 2020                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : wireshark
Version        : 2.6.8-1.1~deb9u1
CVE ID         : CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899 
                 CVE-2019-10901 CVE-2019-10903 CVE-2019-12295
Debian Bug     : 926718 929446

Several vulnerabilities were fixed in the Wireshark network
protocol analyzer.

CVE-2019-10894

    GSS-API dissector crash

CVE-2019-10895

    NetScaler file parser crash

CVE-2019-10896

    DOF dissector crash

CVE-2019-10899

    SRVLOC dissector crash

CVE-2019-10901

    LDSS dissector crash

CVE-2019-10903

    DCERPC SPOOLSS dissector crash

CVE-2019-12295

    Dissection engine could crash

For Debian 9 stretch, these problems have been fixed in version
2.6.8-1.1~deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl+d0bQACgkQiNJCh6LY
mLFSTRAAhG8eQHwfoIkgR5pCsNrqp+9/AI1KoPPb831KYJjXxxKxaN/kE4JSYpKm
yxcRoryuBGAbCJUWaVPuWkztIWnStJW+ERZ0V6laKJpP65uVtY8Hm5359m6mrnG3
dpfOIVlfPE6yYu0l08olnVlOBwFu6SIhHCI/51KeiXEK0hwRb0dYYgpicar1qMJM
tJO4P92IA0kskXBIR8DirlHYUwV0BZo5KAkazFHdrsneWzlSBwbXVcqXVqfusAj2
OUJSKqJViVI/a38KgF+qvTA1s02fCiU73IWQBjBqtF2cQh62ddm07dovTIO9Jj67
iUyNZUqf/26LfD8dGrdAqvlo9SrPEZoyabO3yXWMof0g2EaWlhGuxGQd+uo97Svv
FzYKKaJtnOXFiM5YE7bZHZc3N7F1dtQSkK6S2kXRJG00Nw9Tm0LBjEOhWZHmyvw/
zf1cpHRD6X48d2RLVadylERkDASz5c4aSuhk1t7eOCqhKI4SQv9uh5dgXAoc3lNM
N+ltiE5YOP0muApdvOjp7ahs/dLcrIzTCJG6C3dygAWLoYWPOVMI/k+rWdS2bzQI
blJRE/jvjhTXI4vQ9jQjIvbf880Xt4tJPFGQuA5DfNwsOj0OvK+l0cmVMUzbHXde
ZmBHTh0+MXqCiVmZEy1j4l+upvf0G30/4mZ4Kclw+/eIA/C2alw=
=k3kL
-----END PGP SIGNATURE-----


Reply to: