Overview

File _patchinfo of Package patchinfo.8119

<patchinfo incident="8119">
  <issue tracker="bnc" id="1101777">VUL-1: CVE-2018-14342: wireshark: BGP protocol dissector could go into a large loop</issue>
  <issue tracker="bnc" id="1101788">VUL-1: CVE-2018-14344: wireshark: ISMP dissector could crash</issue>
  <issue tracker="bnc" id="1101804">VUL-1: CVE-2018-14340: wireshark: dissectors that support zlib decompression could crash</issue>
  <issue tracker="bnc" id="1101791"></issue>
  <issue tracker="bnc" id="1101810"></issue>
  <issue tracker="bnc" id="1101786"></issue>
  <issue tracker="bnc" id="1101794"></issue>
  <issue tracker="bnc" id="1101802">VUL-1: CVE-2018-14370: wireshark: IEEE 802.11 protocol dissector could crash</issue>
  <issue tracker="bnc" id="1101800"></issue>
  <issue tracker="bnc" id="1101776"></issue>
  <issue tracker="cve" id="2018-14367"/>
  <issue tracker="cve" id="2018-14368"/>
  <issue tracker="cve" id="2018-14369"/>
  <issue tracker="cve" id="2018-14342"/>
  <issue tracker="cve" id="2018-14343"/>
  <issue tracker="cve" id="2018-14340"/>
  <issue tracker="cve" id="2018-14341"/>
  <issue tracker="cve" id="2018-14344"/>
  <issue tracker="cve" id="2018-14370"/>
  <issue tracker="cve" id="2018-14339"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for wireshark fixes the following issues:

Security issues fixed:

- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)

Bug fixes:

- Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-2.4.8.html
</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places