Security update for wireshark (moderate)

2020-11-29T17:17:24
ID OPENSUSE-SU-2020:2107-1
Type suse
Reporter Suse
Modified 2020-11-29T17:17:24

Description

An update that fixes two vulnerabilities is now available.

Description:

This update for wireshark fixes the following issues:

  • wireshark was updated to 3.2.8:
    • CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)
    • CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)
    • Infinite memory allocation while parsing this tcp packet

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2020-2107=1