Overview

File _patchinfo of Package patchinfo.7214

<patchinfo incident="7214">
  <issue id="1056251" tracker="bnc">VUL-1: wireshark: IrCOMM dissector buffer overrun</issue>
  <issue id="1056249" tracker="bnc">VUL-1: wireshark: Profinet I/O buffer overrun</issue>
  <issue id="1056248" tracker="bnc">VUL-1: wireshark: MSDP dissector infinite loop</issue>
  <issue id="2017-13766" tracker="cve" />
  <issue id="2017-13767" tracker="cve" />
  <issue id="2017-13765" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for wireshark to version 2.2.9 fixes the following issues:

Minor vulnerabilities that could be used to trigger dissector crashes, infinite loops,
or cause excessive use of memory resources by making Wireshark read specially crafted
packages from the network or a capture file:

* CVE-2017-13767: MSDP dissector infinite loop (boo#1056248)
* CVE-2017-13766: Profinet I/O buffer overrun (boo#1056249)
* CVE-2017-13765: IrCOMM dissector buffer overrun (boo#1056251)
* Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-2.2.9.html
</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places