Updated wireshark packages fix security vulnerabilities
Publication date: 03 Jun 2018Modification date: 03 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-11356 , CVE-2018-11357 , CVE-2018-11358 , CVE-2018-11359 , CVE-2018-11360 , CVE-2018-11362
Description
Updated wireshark packages fix security vulnerabilities:
The DNS dissector could crash (CVE-2018-11356).
Multiple dissectors could consume excessive memory (CVE-2018-11357).
The Q.931 dissector could crash (CVE-2018-11358).
Multiple dissectors could crash (CVE-2018-11359).
The GSM A DTAP dissector could crash (CVE-2018-11360).
The LDSS dissector could crash (CVE-2018-11362).
References
- https://bugs.mageia.org/show_bug.cgi?id=23080
- https://www.wireshark.org/security/wnpa-sec-2018-25.html
- https://www.wireshark.org/security/wnpa-sec-2018-28.html
- https://www.wireshark.org/security/wnpa-sec-2018-29.html
- https://www.wireshark.org/security/wnpa-sec-2018-30.html
- https://www.wireshark.org/security/wnpa-sec-2018-31.html
- https://www.wireshark.org/security/wnpa-sec-2018-33.html
- https://www.wireshark.org/docs/relnotes/wireshark-2.2.15.html
- https://www.wireshark.org/news/20180522.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11356
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11357
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11358
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11359
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11360
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11362
SRPMS
6/core
- wireshark-2.2.15-1.mga6