Debian Security Advisory
DSA-4060-1 wireshark -- security update
- Date Reported:
- 09 Dec 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-11408, CVE-2017-13766, CVE-2017-17083, CVE-2017-17084, CVE-2017-17085.
- More information:
It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code.
For the oldstable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u12.
For the stable distribution (stretch), these problems have been fixed in version 2.2.6+g32dac6a-2+deb9u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wireshark