Re: [SECURITY] [DLA 1634-1] wireshark security update

Tue, 15 Jan 2019 12:24:21 -0800 

Thank you

Le Mar 15 Jan 2019 20:39, Thorsten Alteholz <deb...@alteholz.de> a écrit :

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Package        : wireshark
> Version        : 1.12.1+g01b65bf-4+deb8u16
> CVE ID         : CVE-2017-7700 CVE-2017-7703 CVE-2017-7746 CVE-2017-7747
>                   CVE-2017-9766 CVE-2017-11406 CVE-2017-11407
> CVE-2017-11409
>                   CVE-2017-13765 CVE-2017-15191 CVE-2017-17935
> CVE-2017-17997
>                   CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325
>                   CVE-2018-7331 CVE-2018-7336 CVE-2018-7417 CVE-2018-7418
>                   CVE-2018-7420 CVE-2018-9256 CVE-2018-9259 CVE-2018-9260
>                   CVE-2018-9262 CVE-2018-9263 CVE-2018-9265 CVE-2018-9267
>                   CVE-2018-9268 CVE-2018-9269 CVE-2018-9270 CVE-2018-11356
>                   CVE-2018-11357 CVE-2018-11359 CVE-2018-16057
> CVE-2018-16058
>                   CVE-2018-19622 CVE-2018-19623 CVE-2018-19624
> CVE-2018-19625
>                   CVE-2018-19626
>
>
> Several issues in wireshark, a tool that captures and analyzes packets
> off the wire, have been found by different people.
> These are basically issues with length checks or invalid memory access in
> different dissectors. This could result in infinite loops or crashes by
> malicious packets.
>
> For Debian 8 "Jessie", these problems have been fixed in version
> 1.12.1+g01b65bf-4+deb8u16.
>
> We recommend that you upgrade your wireshark packages.
>
> Further information about Debian LTS security advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: https://wiki.debian.org/LTS
>
> -----BEGIN PGP SIGNATURE-----
>
> iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlw+MCZfFIAAAAAALgAo
> aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
> MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
> WEelWA/+NCrvIRdJkPcl9pH/ALCH6A5j5+CjLhZ/1ej0kQUv91YGqPHZhfJ9GnHp
> 8VQfwdmJXCXw4lmF1DpN2T/q3KqG6qwGowfxeWBoinfJgsCTIpY1r5n+dff/syu7
> OIV5swZAiR3ivk/Pm6U3j3sX2HTFCPqsHi9atxaWDIcllMibM1FKgHr2SIXe991x
> eCax5J3UPv594V+42j4hYIbLg28dhbGKGWKuONGhbW0aRWFoj6J9gOR3r+dVdKnI
> mAKAbPrM6/t75VNsr0L6FJCDX+7eJPImgGjTFL1e/Ue8AZTRCma2Zyg8bVEcHsSq
> 5HEAPFAjdOqSW6XqlTDF1J1E+7dA1nIX+uCA/3nZK7HM+IRqaXXMADisO1oVnQyl
> NJ7dwsGbpTuZSOF8cbdDptyBxz4R3z3Zo3bg+e9mvcwDPzrEQbPsXFpmtmtbbVsX
> ELH9G8AOEBGeGc3pz14+XMFMI/OskoletTLWyTGBv7MvQtmUtHc+e/RpL1GvFrHf
> APfmCZQdDhqpk9O1EcApIFpNuBlzrqlCfzUi8nSlJxjCsT0fQey54dadORn5eYd1
> K/9Gnj+AMqFr6irYa/G9BGQ/u3bV+XvyNytNlgM2/lbOyUSjPKAL+6OJa7AIYXM5
> tw18Zuiq8FEH2UqMEzCuzxovoGJKIEPDQEmKM5COvvlIIJAO2UU=
> =5QMF
> -----END PGP SIGNATURE-----
>
>

Reply via email to