File _patchinfo of Package patchinfo.30350

<patchinfo incident="30350">
  <issue tracker="cve" id="2023-4512"/>
  <issue tracker="cve" id="2023-4511"/>
  <issue tracker="cve" id="2023-4513"/>
  <issue tracker="cve" id="2023-2906"/>
  <issue tracker="bnc" id="1214562">VUL-0: CVE-2023-4513: wireshark: BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file</issue>
  <issue tracker="bnc" id="1214652">VUL-0: CVE-2023-2906: wireshark: Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.</issue>
  <issue tracker="bnc" id="1214560">VUL-0: CVE-2023-4511: wireshark: BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file</issue>
  <issue tracker="bnc" id="1214561">VUL-0: CVE-2023-4512: wireshark: CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file</issue>
  <packager>rfrohl</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for wireshark</summary>
  <description>This update for wireshark fixes the following issues:

- Wireshark update to v3.6.16.
- CVE-2023-4512: Fixed a bug in CBOR dissector which could lead to crash. (bsc#1214561)
- CVE-2023-4511: Fixed a bug in BT SDP dissector which could lead to an infinite loop. (bsc#1214560)
- CVE-2023-4513: Fixed a bug in BT SDP dissector which could lead to a memory leak. (bsc#1214562)
- CVE-2023-2906: Fixed a bug in CP2179 dissector which could lead to crash. (bsc#1214652)
</description>
</patchinfo>