lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20170318130817.hidiswmkqlarrg7d@pisco.westfalen.local>
Date: Sat, 18 Mar 2017 14:08:17 +0100
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3811-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3811-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 18, 2017                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wireshark
CVE ID         : CVE-2017-5596 CVE-2017-5597 CVE-2017-6014 CVE-2017-6467 
                 CVE-2017-6468 CVE-2017-6469 CVE-2017-6470 CVE-2017-6471 
                 CVE-2017-6472 CVE-2017-6473 CVE-2017-6474

It was discovered that wireshark, a network protocol analyzer, contained
several vulnerabilities in the dissectors for ASTERIX , DHCPv6,
NetScaler, LDSS, IAX2, WSP, K12 and STANAG 4607, that could lead to
various crashes, denial-of-service or execution of arbitrary code.

For the stable distribution (jessie), these problems have been fixed in
version 1.12.1+g01b65bf-4+deb8u11.

For the unstable distribution (sid), these problems have been fixed in
version 2.2.5+g440fd4d-2.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAljNMJUACgkQEMKTtsN8
TjZbnw/9GcgQAEQEe+ZI9Ue8oEs5YF+28yPF+KYRpR/4SvlV8xfqQvonWNJvfBet
rWmI0lwx4BfuF5KGlh1iB3EukN3ah56Pd6486nfhSvL5mGlRpBe9nm3ARNAE4y0g
rC8/XpplRqzKX2gJYEm9n2QIBP7+4NRwkFJ9DG+S656E33z9amRFII6+p/Q5t6Ii
LgXSymq3Zty9D/F1JtwnDyq+jzxIOlduyYwkhXziZWx4sjtvDvj67fe0cEFXYDBy
yzEaYDqAVxY7/3AlkcskOXCo77hrgvTfGj9PSB3AcCnZksT9QKYTQpM+gThaa31G
dBMV9zIcBY7f8D0yOiAYAEIMhtDMwpQGOvMBRAq8Mpml3vh2RZaEe9CPdbngLdxf
mmWBpFFLhjBbEzP/APw/rrQWF1ONFzh4L5PxLI7zF+EHs7sRTLbMIuGOzLByJdhN
/d1iNeifWqEMfkXJa2r+GIi1g11eBGii5uKuIU1duVNo2aJypWFATuYDWvu6dogH
k5qD8PfNOWUQTdc5wuj5sgVi2FgD/G7ecuA5kViOuSJI4xkh+323Nui3kG9oWFae
xrb5l5wPnW1gk3gcOp1WkwO6hf2ENitzAW16BtsJf7HtDZtjOt5bjnvDNro/FkuZ
Wy2ZIPOroVmeK4TtJlcgSaD+qDy8tS0NEa3EMml2NF+htVoGGsU=
=JPix
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ