Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
patchinfo.5699
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5699
<patchinfo incident="5699"> <issue id="1044417" tracker="bnc">VUL-0: CVE-2017-9617: wireshark: in version 2.2.7, deeply nested DAAP data may cause stack exhaustion</issue> <issue id="1045341" tracker="bnc">VUL-1: CVE-2017-9766: wireshark: PROFINET IO data with a high recursion depth allows to cause a denial of service in thedissect_IODWriteReq</issue> <issue id="1056251" tracker="bnc">VUL-1: CVE-2017-13765: wireshark: IrCOMM dissector buffer overrun</issue> <issue id="1056249" tracker="bnc">VUL-1: CVE-2017-13766: wireshark: Profinet I/O buffer overrun</issue> <issue id="1056248" tracker="bnc">VUL-1: CVE-2017-13767: wireshark: MSDP dissector infinite loop</issue> <issue id="2017-9766" tracker="cve" /> <issue id="2017-9617" tracker="cve" /> <issue id="2017-13766" tracker="cve" /> <issue id="2017-13767" tracker="cve" /> <issue id="2017-13765" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>LSZhu</packager> <description>This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation (bsc#1056248). - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of-bounds write. This was addressed by adding string validation (bsc#1056249). - CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application crash. This was addressed by adding length validation (bsc#1056251). - CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function (bsc#1045341). - CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in the DAAP dissector (bsc#1044417). </description> <summary>Security update for wireshark</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
