Overview
Request 500569 accepted
- Wireshark 2.2.7 (bsc#1042330):
This release fixes minor vulnerabilities that could be used to
trigger dissector crashes, infinite loopsm or cause excessive use
of CPU resources by making Wireshark read specially crafted
packages from the network or a capture file:
* CVE-2017-9352: Bazaar dissector infinite loop (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exhaustion (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (bsc#1042307)
* CVE-2017-9353: IPv6 dissector crash (bsc#1042306)
- Created by AndreasStieger
- In state accepted
- Supersedes 500566
Request History
AndreasStieger created request
- Wireshark 2.2.7 (bsc#1042330):
This release fixes minor vulnerabilities that could be used to
trigger dissector crashes, infinite loopsm or cause excessive use
of CPU resources by making Wireshark read specially crafted
packages from the network or a capture file:
* CVE-2017-9352: Bazaar dissector infinite loop (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exhaustion (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (bsc#1042307)
* CVE-2017-9353: IPv6 dissector crash (bsc#1042306)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
staging-bot added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:79"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:79
factory-repo-checker accepted review
Builds for repo network:utilities/openSUSE_Factory
dimstar accepted review
staging-bot accepted review
ready to accept
staging-bot approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory