Security update for wireshark (moderate)

2018-08-03T21:15:11
ID OPENSUSE-SU-2018:2184-1
Type suse
Reporter Suse
Modified 2018-08-03T21:15:11

Description

This update for wireshark fixes the following issues:

Security issues fixed:

  • CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, boo#1101777)
  • CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, boo#1101788)
  • CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, boo#1101804)
  • CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, boo#1101786)
  • CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, boo#1101810)
  • CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, boo#1101776)
  • CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, boo#1101794)
  • CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, boo#1101800)
  • CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, boo#1101791)
  • CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, boo#1101802)

Bug fixes:

  • Further bug fixes and updated protocol support as listed in: <a rel="nofollow" href="https://www.wireshark.org/docs/relnotes/wireshark-2.4.8.html">https://www.wireshark.org/docs/relnotes/wireshark-2.4.8.html</a>