From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] wireshark: bump version to 2.2.14 (security)
Date: Wed, 11 Apr 2018 17:44:14 +0200 [thread overview]
Message-ID: <877epd3fzl.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <1523105943-2483-1-git-send-email-nerv@dawncrow.de> ("André Hentschel"'s message of "Sat, 7 Apr 2018 14:59:03 +0200")
>>>>> "Andr?" == Andr? Hentschel <nerv@dawncrow.de> writes:
> Security fixes since 2.2.12:
> - wnpa-sec-2018-15
> The MP4 dissector could crash. (Bug 13777)
> - wnpa-sec-2018-16
> The ADB dissector could crash. (Bug 14460)
> - wnpa-sec-2018-17
> The IEEE 802.15.4 dissector could crash. (Bug 14468)
> - wnpa-sec-2018-18
> The NBAP dissector could crash. (Bug 14471)
> - wnpa-sec-2018-19
> The VLAN dissector could crash. (Bug 14469)
> - wnpa-sec-2018-20
> The LWAPP dissector could crash. (Bug 14467)
> - wnpa-sec-2018-23
> The Kerberos dissector could crash. (Bug 14576)
> - wnpa-sec-2018-05
> The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335
> - wnpa-sec-2018-06
> Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible.
> - wnpa-sec-2018-07
> The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334
> - wnpa-sec-2018-09
> The FCP dissector could crash. Bug 14374, CVE-2018-7336
> - wnpa-sec-2018-10
> The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320
> - wnpa-sec-2018-11
> The pcapng file parser could crash. Bug 14403, CVE-2018-7420
> - wnpa-sec-2018-12
> The IPMI dissector could crash. Bug 14409, CVE-2018-7417
> - wnpa-sec-2018-13
> The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418
> - wnpa-sec-2018-14
> The NBAP disssector could crash. Bug 14443, CVE-2018-7419
> Full release notes:
> https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html
> Signed-off-by: Andr? Hentschel <nerv@dawncrow.de>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
prev parent reply other threads:[~2018-04-11 15:44 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-07 12:59 [Buildroot] [PATCH] wireshark: bump version to 2.2.14 (security) André Hentschel
2018-04-09 9:12 ` Thomas Petazzoni
2018-04-09 15:39 ` Peter Korsgaard
2018-04-11 15:44 ` Peter Korsgaard [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877epd3fzl.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox