Updated wireshark packages fix security vulnerabilities
Publication date: 26 Apr 2016Modification date: 26 Apr 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-4076 , CVE-2016-4077 , CVE-2016-4078 , CVE-2016-4079 , CVE-2016-4080 , CVE-2016-4081 , CVE-2016-4006 , CVE-2016-4082 , CVE-2016-4083 , CVE-2016-4084
Description
Updated wireshark packages fix security vulnerabilities:
The NCP dissector could crash (CVE-2016-4076).
TShark could crash due to a packet reassembly bug (CVE-2016-4077).
The IEEE 802.11 dissector could crash (CVE-2016-4078).
The PKTC dissector could crash (CVE-2016-4079).
The PKTC dissector could crash (CVE-2016-4080).
The IAX2 dissector could go into an infinite loop (CVE-2016-4081).
Wireshark and TShark could exhaust the stack (CVE-2016-4006).
The GSM CBCH dissector could crash (CVE-2016-4082).
MS-WSP dissector crash (CVE-2016-4083, CVE-2016-4084).
References
- https://bugs.mageia.org/show_bug.cgi?id=18260
- https://www.wireshark.org/security/wnpa-sec-2016-19.html
- https://www.wireshark.org/security/wnpa-sec-2016-20.html
- https://www.wireshark.org/security/wnpa-sec-2016-21.html
- https://www.wireshark.org/security/wnpa-sec-2016-22.html
- https://www.wireshark.org/security/wnpa-sec-2016-23.html
- https://www.wireshark.org/security/wnpa-sec-2016-24.html
- https://www.wireshark.org/security/wnpa-sec-2016-25.html
- https://www.wireshark.org/security/wnpa-sec-2016-26.html
- https://www.wireshark.org/security/wnpa-sec-2016-27.html
- https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html
- https://www.wireshark.org/news/20160422.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4076
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4077
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4078
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4079
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4080
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4081
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4006
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4082
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4083
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4084
SRPMS
5/core
- wireshark-2.0.3-1.mga5