Overview

File _patchinfo of Package patchinfo.9591

<patchinfo incident="9591">
  <issue tracker="bnc" id="1117740">VUL-0: wireshark: multipe dissector crashes and infinite loops fixed in Wireshark 2.6.5 and 2.4.11</issue>
  <issue tracker="cve" id="2018-19622"/>
  <issue tracker="cve" id="2018-19623"/>
  <issue tracker="cve" id="2018-19626"/>
  <issue tracker="cve" id="2018-19627"/>
  <issue tracker="cve" id="2018-19624"/>
  <issue tracker="cve" id="2018-19625"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for wireshark fixes the following issues:

Update to Wireshark 2.4.11 (bsc#1117740).

Security issues fixed:

- CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)
- CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)
- CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53) 
- CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)
- CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55) 
- CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)

Further bug fixes and updated protocol support as listed in:

- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html
</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places