Overview

File _patchinfo of Package patchinfo.6469

<patchinfo incident="6469">
  <packager>AndreasStieger</packager>
  <issue tracker="bnc" id="1027998">VUL-1: wireshark: multiple dissector crashes and infinite loops fixed in 2.2.5, 2.0.11</issue>
  <issue tracker="cve" id="2017-6467" />
  <issue tracker="cve" id="2017-6468" />
  <issue tracker="cve" id="2017-6469" />
  <issue tracker="cve" id="2017-6470" />
  <issue tracker="cve" id="2017-6471" />
  <issue tracker="cve" id="2017-6472" />
  <issue tracker="cve" id="2017-6473" />
  <issue tracker="cve" id="2017-6474" />
  <category>security</category>
  <rating>low</rating>
  <summary>Security update for Wireshark</summary>
  <description>This update for Wireshark fixes minor vulnerabilities that could be used to trigger a dissector crash or infinite loops by sending specially crafted packages over the network or into a capture file:

- CVE-2017-6467: NetScaler file parser infinite loop (wnpa-sec-2017-11)
- CVE-2017-6468: NetScaler file parser crash (wnpa-sec-2017-08)
- CVE-2017-6469: LDSS dissector crash (wnpa-sec-2017-03)
- CVE-2017-6470: IAX2 dissector infinite loop (wnpa-sec-2017-10)
- CVE-2017-6471: WSP dissector infinite loop (wnpa-sec-2017-05)
- CVE-2017-6472: RTMTP dissector infinite loop (wnpa-sec-2017-04)
- CVE-2017-6473: K12 file parser crash (wnpa-sec-2017-09)
- CVE-2017-6474: NetScaler file parser infinite loop (wnpa-sec-2017-07)
- wnpa-sec-2017-06: STANAG 4607 file parser infinite loop
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places