Overview

File _patchinfo of Package patchinfo.29417

<patchinfo incident="29417">
  <issue tracker="bnc" id="1211703">VUL-0: CVE-2023-2855: wireshark: Candump log file parser crash</issue>
  <issue tracker="bnc" id="1211705">VUL-0: CVE-2023-2857: wireshark: BLF file parser crash</issue>
  <issue tracker="bnc" id="1211706">VUL-0: CVE-2023-2858: wireshark: NetScaler file parser crash</issue>
  <issue tracker="bnc" id="1211707">VUL-0: CVE-2023-2856: wireshark: VMS TCPIPtrace file parser crash</issue>
  <issue tracker="bnc" id="1211710">VUL-0: CVE-2023-0668: wireshark: IEEE C37.118 Synchrophasor dissector crash</issue>
  <issue tracker="bnc" id="1211793">VUL-0: CVE-2023-2879: wireshark: GDSDB dissector infinite loop</issue>
  <issue tracker="bnc" id="1211844">VUL-0: CVE-2023-2952: wireshark: XRA dissector could go into an infinite loop</issue>
  <issue tracker="bnc" id="1212084">VUL-0: CVE-2023-0667: wireshark: failure to validate length in MSMMS packet</issue>
  <issue tracker="bnc" id="1213319">VUL-0: CVE-2023-3648: wireshark: Kafka dissector crash</issue>
  <issue tracker="cve" id="2023-0667"/>
  <issue tracker="cve" id="2023-0668"/>
  <issue tracker="cve" id="2023-2855"/>
  <issue tracker="cve" id="2023-2856"/>
  <issue tracker="cve" id="2023-2857"/>
  <issue tracker="cve" id="2023-2858"/>
  <issue tracker="cve" id="2023-2879"/>
  <issue tracker="cve" id="2023-2952"/>
  <issue tracker="cve" id="2023-3648"/>
  <packager>rfrohl</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for wireshark</summary>
  <description>This update for wireshark fixes the following issues:

Update to Wireshark 3.6.15:
- Further features, bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-3.6.15.html

Security fixes:
  - CVE-2023-0667: Fixed failure to validate MS-MMS packet length (bsc#1212084).
  - CVE-2023-0668: Fixed IEEE C37.118 Synchrophasor dissector crash (bsc#1211710).
  - CVE-2023-2855: Fixed Candump log file parser crash (bsc#1211703).
  - CVE-2023-2856: Fixed VMS TCPIPtrace file parser crash (bsc#1211707).
  - CVE-2023-2857: Fixed BLF file parser crash (bsc#1211705).
  - CVE-2023-2858: Fixed NetScaler file parser crash (bsc#1211706).
  - CVE-2023-2879: Fixed GDSDB dissector infinite loop (bsc#1211793).
  - CVE-2023-2952: Fixed XRA dissector infinite loop (bsc#1211844).
  - CVE-2023-3648: Fixed Kafka dissector crash (bsc#1213319).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places