Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="5208">
  <issue id="983671" tracker="bnc">VUL-1: wireshark: June 2016 releases (1.12.12 and 2.0.4)</issue>
  <issue id="2016-5358" tracker="cve" />
  <issue id="2016-5355" tracker="cve" />
  <issue id="2016-5354" tracker="cve" />
  <issue id="2016-5357" tracker="cve" />
  <issue id="2016-5356" tracker="cve" />
  <issue id="2016-5351" tracker="cve" />
  <issue id="2016-5350" tracker="cve" />
  <issue id="2016-5353" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for wireshark fixes an number of security issues.

Issues in protocol dissectors could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.

- CVE-2016-5350: The SPOOLS dissector could go into an infinite loop
- CVE-2016-5351: The IEEE 802.11 dissector could crash
- CVE-2016-5353: The UMTS FP dissector could crash
- CVE-2016-5354: Some USB dissectors could crash
- CVE-2016-5355: The Toshiba file parser could crash
- CVE-2016-5356: The CoSine file parser could crash
- CVE-2016-5357: The NetScreen file parser could crash
- CVE-2016-5358: The Ethernet dissector could crash
</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places