Overview

File _patchinfo of Package patchinfo.5232

<patchinfo incident="5232">
  <issue id="1049621" tracker="bnc">VUL-1: CVE-2017-11411: wireshark: The openSAFETY dissector could crash or exhaust system memory because of missing length validation</issue>
  <issue id="1049255" tracker="bnc">VUL-0: wireshark: multiple vulnerabilties fixed in 2.2.8, 2.0.14</issue>
  <issue id="2017-11411" tracker="cve" />
  <issue id="2017-11410" tracker="cve" />
  <issue id="2017-11408" tracker="cve" />
  <issue id="2017-11407" tracker="cve" />
  <issue id="2017-11406" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>LSZhu</packager>
  <description>This wireshark update to version 2.2.8 fixes the following issues:

Security issues fixed:
- CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing
  length validation. (bsc#1049621)
- CVE-2017-11410: The WBXML dissector could go into an infinite loop. (bsc#1049255)
- CVE-2017-11408: The AMQP dissector could crash. (bsc#1049255)
- CVE-2017-11407: The MQ dissector could crash. (bsc#1049255)
- CVE-2017-11406: The DOCSIS dissector could go into an infinite loop. (bsc#1049255)

</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places