Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Wireshark
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Wireshark
ID: FEDORA-2018-bfdad62cd6
Distribution: Fedora
Plattformen: Fedora 28
Datum: Di, 17. April 2018, 07:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7418
https://bugzilla.redhat.com/show_bug.cgi?id=1555323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9616
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7419
https://bugzilla.redhat.com/show_bug.cgi?id=1542775
https://bugzilla.redhat.com/show_bug.cgi?id=1554818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9617
https://bugzilla.redhat.com/show_bug.cgi?id=1548665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17997
https://bugzilla.redhat.com/show_bug.cgi?id=1506859
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7320
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7420
Applikationen: Wireshark

Originalnachricht

 
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-bfdad62cd6
2018-04-17 00:11:16.750638
-------------------------------------------------------------------------------
-

Name        : wireshark
Product     : Fedora 28
Version     : 2.4.5
Release     : 3.fc28
URL         : http://www.wireshark.org/
Summary     : Network traffic analyzer
Description :
Metapackage with installs wireshark-cli and wireshark-qt.

-------------------------------------------------------------------------------
-
Update Information:

Removing dependency on wireshark metapackage from wireshark-cli  ----  Added
wireshark-qt to wireshark metapackage  ----  - New version 2.4.5 - Contains
fixes for CVE-2018-7419, CVE-2018-7418, CVE-2018-7417, CVE-2018-7420,
CVE-2018-7320, CVE-2018-7336, CVE-2018-7337, CVE-2018-7334, CVE-2018-7335,
CVE-2018-6836, CVE-2018-5335, CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,
CVE-2017-9617, CVE-2017-9766
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1555323 - WTF is wireshark-qt pulled as dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=1555323
  [ 2 ] Bug #1554818 - tshark (wireshark-cli) should be installable without any
 GUI bits
        https://bugzilla.redhat.com/show_bug.cgi?id=1554818
  [ 3 ] Bug #1506859 - wireshark meta package is missing wireshark-qt
 dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=1506859
  [ 4 ] Bug #1549309 - CVE-2018-7419 wireshark: NBAP dissector crash in
 nbap.cnf [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549309
  [ 5 ] Bug #1549306 - CVE-2018-7418 wireshark: SIGCOMP dissector crash in
 packet-sigcomp.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549306
  [ 6 ] Bug #1549302 - CVE-2018-7417 wireshark: IPMI dissector crash in
 packet-ipmi-picmg.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549302
  [ 7 ] Bug #1549286 - CVE-2018-7420 wireshark: Pcapng file parser crash in
 pcapng.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549286
  [ 8 ] Bug #1549278 - CVE-2018-7320 wireshark: Heap-based Buffer Overflow in
 SIGCOMP dissector crash in packet-sigcomp.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549278
  [ 9 ] Bug #1549271 - CVE-2018-7336 wireshark: FCP dissector crash in
 packet-fcp.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549271
  [ 10 ] Bug #1549266 - CVE-2018-7337 wireshark: DOCSIS dissector crash in
 packet-docsis.c by injecting a malformed packet [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549266
  [ 11 ] Bug #1549256 - CVE-2018-7334 wireshark: out of bounds access in UMTS
 MAC dissector in packet-umts_mac.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549256
  [ 12 ] Bug #1549246 - CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in
 airpdcap.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1549246
  [ 13 ] Bug #1543583 - CVE-2018-6836 wireshark: free operation on an
 uninitialized memory address in wiretap/netmon.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1543583
  [ 14 ] Bug #1534365 - CVE-2018-5335 wireshark: WCP dissector crash
 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1534365
  [ 15 ] Bug #1534362 - CVE-2018-5334 wireshark: IxVeriWave file parser crash
 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1534362
  [ 16 ] Bug #1425376 - CVE-2017-6014 wireshark: Memory exhaustion/infinite
 loop via malformed STANAG 4607 capture file [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1425376
  [ 17 ] Bug #1464052 - CVE-2017-9616 CVE-2017-9617 CVE-2017-9766 wireshark:
 various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1464052
  [ 18 ] Bug #1548665 - wireshark: Partial Fedora build flags injection
        https://bugzilla.redhat.com/show_bug.cgi?id=1548665
  [ 19 ] Bug #1542775 - wireshark-2.4.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1542775
  [ 20 ] Bug #1530895 - CVE-2017-17997 wireshark: Misuse of NULL pointer in
 MRDISC dissector [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1530895
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade wireshark' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung