In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libwsutil10": "3.0.7-1", "libwscodecs2": "3.0.7-1", "wireshark-dev": "3.0.7-1", "libwireshark12": "3.0.7-1", "wireshark-doc": "3.0.7-1", "libwireshark12-dbgsym": "3.0.7-1", "tshark": "3.0.7-1", "wireshark-common-dbgsym": "3.0.7-1", "libwiretap-dev": "3.0.7-1", "libwsutil-dev": "3.0.7-1", "tshark-dbgsym": "3.0.7-1", "libwireshark-dev": "3.0.7-1", "libwsutil10-dbgsym": "3.0.7-1", "libwiretap9": "3.0.7-1", "wireshark-qt": "3.0.7-1", "wireshark": "3.0.7-1", "wireshark-common": "3.0.7-1", "libwireshark-data": "3.0.7-1", "libwscodecs2-dbgsym": "3.0.7-1", "wireshark-gtk": "3.0.7-1", "wireshark-qt-dbgsym": "3.0.7-1", "libwiretap9-dbgsym": "3.0.7-1" } ] }