Oval Definition:oval:org.opensuse.security:def:79093
Revision Date:2017-09-22Version:1
Title:Security update for wireshark (Moderate)
Description:

This update for wireshark to version 2.2.9 fixes several issues.

These security issues were fixed:

- CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation (bsc#1056248). - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of-bounds write. This was addressed by adding string validation (bsc#1056249). - CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application crash. This was addressed by adding length validation (bsc#1056251). - CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function (bsc#1045341). - CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in the DAAP dissector (bsc#1044417).
Family:unixClass:patch
Status:Reference(s):1044417
1045341
1056248
1056249
1056251
CVE-2017-13765
CVE-2017-13766
CVE-2017-13767
CVE-2017-9617
CVE-2017-9766
SUSE-SU-2017:2555-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libwireshark8-2.2.9-48.9.2 is installed
  • OR libwiretap6-2.2.9-48.9.2 is installed
  • OR libwscodecs1-2.2.9-48.9.2 is installed
  • OR libwsutil7-2.2.9-48.9.2 is installed
  • OR wireshark-2.2.9-48.9.2 is installed
  • OR wireshark-gtk-2.2.9-48.9.2 is installed
  • BACK