Updated wireshark package fixes security vulnerabilies
Publication date: 27 Mar 2015Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-2188 , CVE-2015-2189 , CVE-2015-2191
Description
The WCP dissector could crash (CVE-2015-2188). The pcapng file parser could crash (CVE-2015-2189). The TNEF dissector could go into an infinite loop (CVE-2015-2191).
References
- https://bugs.mageia.org/show_bug.cgi?id=15429
- https://www.wireshark.org/security/wnpa-sec-2015-07.html
- https://www.wireshark.org/security/wnpa-sec-2015-08.html
- https://www.wireshark.org/security/wnpa-sec-2015-10.html
- https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html
- https://www.wireshark.org/news/20150304.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2189
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2191
SRPMS
4/core
- wireshark-1.10.13-1.mga4