Debian 10225 Published by

The following updates has been released for Debian:

[DLA 632-1] wireshark security update
[DSA 3672-1] irssi security update



[DLA 632-1] wireshark security update

Package : wireshark
Version : 1.12.1+g01b65bf-4+deb8u6~deb7u4
CVE ID : CVE-2016-7176 CVE-2016-7177 CVE-2016-7178
CVE-2016-7179 CVE-2016-7180

Multiple vulnerabilities were discovered in the dissectors for H.225,
Catapult DCT2000, UMTS FP and IPMI, which could result in denial of
service or the execution of arbitrary code.

For Debian 7 "Wheezy", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u6~deb7u4.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[DSA 3672-1] irssi security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3672-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 21, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : irssi
CVE ID : CVE-2016-7044 CVE-2016-7045

Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely
exploitable crash and heap corruption vulnerabilities in the format
parsing code in Irssi, a terminal based IRC client.

For the stable distribution (jessie), these problems have been fixed in
version 0.8.17-1+deb8u1.

We recommend that you upgrade your irssi packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/