Overview

File _patchinfo of Package patchinfo.8479

<patchinfo incident="8479">
  <issue tracker="bnc" id="1101810">VUL-1: CVE-2018-14339: wireshark: MMSE dissector could go into an infinite loop</issue>
  <issue tracker="bnc" id="1101776">VUL-1: CVE-2018-14341: wireshark: DICOM dissector could go into a large or infinite loop</issue>
  <issue tracker="bnc" id="1101777">VUL-1: CVE-2018-14342: wireshark: BGP protocol dissector could go into a large loop</issue>
  <issue tracker="bnc" id="1101788">VUL-1: CVE-2018-14344: wireshark: ISMP dissector could crash</issue>
  <issue tracker="bnc" id="1101804">VUL-1: CVE-2018-14340: wireshark: dissectors that support zlib decompression could crash</issue>
  <issue tracker="bnc" id="1101786">VUL-1: CVE-2018-14343: wireshark: ASN.1 BER dissector could crash</issue>
  <issue tracker="bnc" id="1101802">VUL-1: CVE-2018-14370: wireshark: IEEE 802.11 protocol dissector could crash</issue>
  <issue tracker="bnc" id="1101800">VUL-1: CVE-2018-14369: wireshark: HTTP2 dissector could crash</issue>
  <issue tracker="bnc" id="1101791">VUL-1: CVE-2018-14367: wireshark: CoAP protocol dissector could crash</issue>
  <issue tracker="bnc" id="1101794">VUL-1: CVE-2018-14368: wireshark: Bazaar protocol dissector could go into an infinite loop</issue>
  <issue tracker="cve" id="2018-14341"/>
  <issue tracker="cve" id="2018-14368"/>
  <issue tracker="cve" id="2018-14369"/>
  <issue tracker="cve" id="2018-14342"/>
  <issue tracker="cve" id="2018-14343"/>
  <issue tracker="cve" id="2018-14340"/>
  <issue tracker="cve" id="2018-14367"/>
  <issue tracker="cve" id="2018-14344"/>
  <issue tracker="cve" id="2018-14370"/>
  <issue tracker="cve" id="2018-14339"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for wireshark fixes the following issues:

Security issues fixed:

- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, boo#1101777)
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, boo#1101788)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, boo#1101804)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, boo#1101786)
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, boo#1101810)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, boo#1101776)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, boo#1101794)
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, boo#1101800)
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, boo#1101791)
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, boo#1101802)

Bug fixes:

- Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-2.4.8.html
</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places