Bug 7780 - [UPDATE REQUEST] wireshark 2.0.12 CVE-2017-6014
: [UPDATE REQUEST] wireshark 2.0.12 CVE-2017-6014
Status: RESOLVED FIXED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Fresh
: All Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
https://advisories.mageia.org/MGASA-2...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-03-13 02:13 MSK by Zombie Ryushu
Modified: 2017-04-27 13:29 MSD (History)
3 users (show)

See Also:
RPM Package: wireshark
ISO-related:
Bad POT generating:
Upstream:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Zombie Ryushu 2017-03-13 02:13:03 MSK
The wireshark package has been updated to version 2.0.11, which fixes two
security issues where a malformed packet trace could cause it to crash or
go into an infinite loop, and fixes several other bugs as well.  See the
release notes for details.

 CVE-2017-6014
Comment 1 Zombie Ryushu 2017-03-22 16:15:40 MSK
Additional CVEs.

CVE ID         : CVE-2017-5596 CVE-2017-5597 CVE-2017-6014 CVE-2017-6467 
                 CVE-2017-6468 CVE-2017-6469 CVE-2017-6470 CVE-2017-6471 
                 CVE-2017-6472 CVE-2017-6473 CVE-2017-6474

It was discovered that wireshark, a network protocol analyzer, contained
several vulnerabilities in the dissectors for ASTERIX , DHCPv6,
NetScaler, LDSS, IAX2, WSP, K12 and STANAG 4607, that could lead to
various crashes, denial-of-service or execution of arbitrary code.
Comment 3 Denis Silakov 2017-04-27 13:29:12 MSD
Updated.