Overview

File _patchinfo of Package patchinfo.6272

<patchinfo incident="6272">
  <issue id="1070727" tracker="bnc">VUL-0: CVE-2017-17083, CVE-2017-17084, CVE-2017-17085: wireshark: Version 2.2.11 fixes three crashes</issue>
  <issue id="2017-17083" tracker="cve" />
  <issue id="2017-17085" tracker="cve" />
  <issue id="2017-17084" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>LSZhu</packager>
  <description>This update for wireshark fixes the following issues:
 
 - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in 
   epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. (bsc#1070727)
 - CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by 
   validating a ULPDU length. (bsc#1070727)
 - CVE-2017-17085: the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c 
   by validating the packet length. (bsc#1070727)

 </description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places