Security update for wireshark
This update for wireshark and libmaxminddb fixes the following issues:
Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).
New features include:
- Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC
- Improved support for existing protocols, like HTTP/2
- Improved analytics and usability functionalities
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Robert Frohl (rfrohl)
Fixed bugs
bnc#1101794
VUL-1: CVE-2018-14368: wireshark: Bazaar protocol dissector could go into an infinite loop
bnc#1161052
VUL-1: CVE-2020-7044: wireshark: WASSP dissector could crash
bnc#1165241
VUL-0: CVE-2020-9428, CVE-2020-9429, CVE-2020-9430, CVE-2020-9431: wireshark: Update to 3.2.2
bnc#1101777
VUL-1: CVE-2018-14342: wireshark: BGP protocol dissector could go into a large loop
bnc#1127369
VUL-0: CVE-2019-9209: wireshark: ASN.1 BER and related dissectors could crash
bnc#1101800
VUL-1: CVE-2018-14369: wireshark: HTTP2 dissector could crash
bnc#1093733
wireshark fails to build against Qt 5.11
bnc#1136021
VUL-0: wireshark: update to versions 3.0.2 and 2.4.15
bnc#1101810
VUL-1: CVE-2018-14339: wireshark: MMSE dissector could go into an infinite loop
bnc#1101788
VUL-1: CVE-2018-14344: wireshark: ISMP dissector could crash
bnc#1131945
VUL-0: wireshark: security update to versions 2.4.14
bnc#1101786
VUL-1: CVE-2018-14343: wireshark: ASN.1 BER dissector could crash
bnc#1101804
VUL-1: CVE-2018-14340: wireshark: dissectors that support zlib decompression could crash
bnc#1121234
VUL-0: CVE-2019-5719: wireshark: ISAKMP dissector could crash (wnpa-sec-2019-04)
bnc#1121235
VUL-0: CVE-2019-5721: wireshark: ENIP dissector could crash (wnpa-sec-2019-05)
bnc#1150690
VUL-0: CVE-2019-16319: wireshark: Gryphon dissector infinite loop (wnpa-sec-2019-21)
bnc#1158505
VUL-1: CVE-2019-19553: wireshark: CMS dissector crash (wnpa-sec-2019-22)
bnc#1121233
VUL-0: CVE-2019-5718: wireshark: RTSE dissector and other ASN.1 dissectors could crash (wnpa-sec-2019-03)
bnc#1101802
VUL-1: CVE-2018-14370: wireshark: IEEE 802.11 protocol dissector could crash
bnc#957624
AUDIT-0: wireshark: review dumpcap for capabilities based Wireshark privilege separation
bnc#1117740
VUL-0: wireshark: multipe dissector crashes and infinite loops fixed in Wireshark 2.6.5 and 2.4.11
bnc#1094301
VUL-0: wireshark: multiple vulnerabilities fixed in 2.6.1, 2.4.7, 2.2.15.
bnc#1121232
VUL-0: CVE-2019-5717: wireshark: P_MUL dissector could crash (wnpa-sec-2019-02)
bnc#1101776
VUL-1: CVE-2018-14341: wireshark: DICOM dissector could go into a large or infinite loop
bnc#1121231
VUL-0: CVE-2019-5716: wireshark: 6LoWPAN dissector could crash (wnpa-sec-2019-01)
bnc#1111647
VUL-1: CVE-2018-12086: wireshark: wireshark 2.4.10,2.6.4 update
bnc#1127370
VUL-0: CVE-2019-9208: wireshark: TCAP dissector could crash
bnc#1101791
VUL-1: CVE-2018-14367: wireshark: CoAP protocol dissector could crash
bnc#1141980
VUL-0: CVE-2019-13619: wireshark: AN.1 BER dissector crash (wnpa-sec-2019-20)
bnc#1127367
VUL-0: CVE-2019-9214: wireshark: RPCAP dissector could crash
bnc#1131941
VUL-0: wireshark: security update to version 3.0.1
bnc#1106514
VUL-0: wireshark: 2.6.3, 2.4.9, 2.2.17 releases
bnc#1156288
wireshark: GeoIP support is discontinued
bnc#1165710
[TRACKERBUG] ECO-1203 update Wireshark to 3.2
