MGASA-2016-0091

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0091.html

Import Source

https://advisories.mageia.org/MGASA-2016-0091.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0091

Related

Published

2016-03-02T18:28:46Z

Modified

2016-03-02T18:20:25Z

Summary

Updated wireshark packages fix security vulnerabilities

Details

Updated wireshark packages fix security vulnerabilities:

ASN.1 BER dissector crash (CVE-2016-2522).

DNP dissector infinite loop (CVE-2016-2523).

X.509AF dissector crash (CVE-2016-2524).

HTTP/2 dissector crash (CVE-2016-2525).

HiQnet dissector crash (CVE-2016-2526).

3GPP TS 32.423 Trace file parser crash (CVE-2016-2527).

LBMC dissector crash (CVE-2016-2528).

iSeries file parser crash (CVE-2016-2529).

RSL dissector crash (CVE-2016-2530, CVE-2016-2531).

LLRP dissector crash (CVE-2016-2532).

The wireshark package has been updated to version 2.0.2, fixing these issues as well as other dissector crashes, a dissector loop issue, another file parser crash, and several other bugs. See the upstream release notes for details.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / wireshark

Package

Name: wireshark
Purl: pkg:rpm/mageia/wireshark?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.2-1.mga5

Ecosystem specific

{
    "section": "core"
}