The following updates has been released for Debian GNU/Linux:
Debian GNU/Linux 8 and 9:
DSA 4217-1: wireshark security update
It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code.
Debian GNU/Linux 9:
DSA 4191-2: redmine regression update
The previous security update for redmine caused regressions with multi-value fields while doing queries on project issues due to an bug in the patch to address CVE-2017-15569. Updated packages are now available to correct this issue.
Debian GNU/Linux 8 and 9:
DSA 4217-1: wireshark security update
It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code.
Debian GNU/Linux 9:
DSA 4191-2: redmine regression update
The previous security update for redmine caused regressions with multi-value fields while doing queries on project issues due to an bug in the patch to address CVE-2017-15569. Updated packages are now available to correct this issue.
DSA 4191-2: redmine regression update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4191-2 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
June 03, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : redmine
Debian Bug : 900283
The redmine security update announced as DSA-4191-1 caused regressions
with multi-value fields while doing queries on project issues due to an
bug in the patch to address CVE-2017-15569. Updated packages are now
available to correct this issue.
For the stable distribution (stretch), this problem has been fixed in
version 3.3.1-4+deb9u2.
We recommend that you upgrade your redmine packages.
For the detailed security status of redmine please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/redmine
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
DSA 4217-1: wireshark security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4217-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 03, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : wireshark
CVE ID : CVE-2018-9273 CVE-2018-7320 CVE-2018-7334 CVE-2018-7335
CVE-2018-7419 CVE-2018-9261 CVE-2018-9264 CVE-2018-11358
CVE-2018-11360 CVE-2018-11362
For the oldstable distribution (jessie), these problems have been fixed
in version 1.12.1+g01b65bf-4+deb8u14.
For the stable distribution (stretch), these problems have been fixed in
version 2.2.6+g32dac6a-2+deb9u3.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
