Wireshark Security Update for Debian 7 ELTS

Debian 10225 Published 2019-06-03 07:34 by Philipp Esselbach

News

Updated wireshark packages has been released for Debian GNU/Linux 7 Extended LTS

Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u18
Related CVE: CVE-2017-9345 CVE-2017-9352 CVE-2017-9617 CVE-2017-13767 CVE-2019-12295

Several vulnerabilities have been found in wireshark, a network traffic analyzer.

CVE-2017-9345: infinite loop in DNS dissector.
CVE-2017-9352: infinite loop in Bazaar dissector.
CVE-2017-9617: stack exhaustion in adissect_daap_one_tag (DAAP dissector).
CVE-2017-13767: infinite loop in MSDP dissector.
CVE-2019-12295: stack overflow in the dissection engine.

These vulnerabilities might be leveraged by remote attackers to cause denial of service (DoS) via a crafted packet or PCAP file.

For Debian 7 Wheezy, these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u6~deb7u18.

We recommend that you upgrade your wireshark packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

Kernel Updates for Oracle Linux 6 and 7

Mageia 7 Release Candidate

Wireshark Security Update for Debian 7 ELTS

Windows

Linux

macOS

Community