Advisories ยป MGASA-2016-0223

Updated wireshark packages fix security vulnerability

Publication date: 13 Jun 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5350 , CVE-2016-5351 , CVE-2016-5352 , CVE-2016-5353 , CVE-2016-5354 , CVE-2016-5355 , CVE-2016-5356 , CVE-2016-5357 , CVE-2016-5358 , CVE-2016-5359

Description

Updated wireshark packages fix security vulnerabilities:

The SPOOLS dissector could go into an infinite loop (CVE-2016-5350).

The IEEE 802.11 dissector could crash (CVE-2016-5351).

The IEEE 802.11 dissector could crash (CVE-2016-5352).

The UMTS FP dissector could crash (CVE-2016-5353).

Some USB dissectors could crash (CVE-2016-5354).

The Toshiba file parser could crash (CVE-2016-5355).

The CoSine file parser could crash (CVE-2016-5356).

The NetScreen file parser could crash (CVE-2016-5357).

The Ethernet dissector could crash (CVE-2016-5358).

Infinite loop in parse_wbxml_tag_defined() in WBXML Dissector
(CVE-2016-5359).
                

References

SRPMS

5/core