Fedora 28: wireshark Security Update 2018-bfdad62cd6
Summary
Metapackage with installs wireshark-cli and wireshark-qt.
Removing dependency on wireshark metapackage from wireshark-cli ---- Added
wireshark-qt to wireshark metapackage ---- - New version 2.4.5 - Contains
fixes for CVE-2018-7419, CVE-2018-7418, CVE-2018-7417, CVE-2018-7420,
CVE-2018-7320, CVE-2018-7336, CVE-2018-7337, CVE-2018-7334, CVE-2018-7335,
CVE-2018-6836, CVE-2018-5335, CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,
CVE-2017-9617, CVE-2017-9766
[ 1 ] Bug #1555323 - WTF is wireshark-qt pulled as dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1555323
[ 2 ] Bug #1554818 - tshark (wireshark-cli) should be installable without any GUI bits
https://bugzilla.redhat.com/show_bug.cgi?id=1554818
[ 3 ] Bug #1506859 - wireshark meta package is missing wireshark-qt dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1506859
[ 4 ] Bug #1549309 - CVE-2018-7419 wireshark: NBAP dissector crash in nbap.cnf [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549309
[ 5 ] Bug #1549306 - CVE-2018-7418 wireshark: SIGCOMP dissector crash in packet-sigcomp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549306
[ 6 ] Bug #1549302 - CVE-2018-7417 wireshark: IPMI dissector crash in packet-ipmi-picmg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549302
[ 7 ] Bug #1549286 - CVE-2018-7420 wireshark: Pcapng file parser crash in pcapng.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549286
[ 8 ] Bug #1549278 - CVE-2018-7320 wireshark: Heap-based Buffer Overflow in SIGCOMP dissector crash in packet-sigcomp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549278
[ 9 ] Bug #1549271 - CVE-2018-7336 wireshark: FCP dissector crash in packet-fcp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549271
[ 10 ] Bug #1549266 - CVE-2018-7337 wireshark: DOCSIS dissector crash in packet-docsis.c by injecting a malformed packet [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549266
[ 11 ] Bug #1549256 - CVE-2018-7334 wireshark: out of bounds access in UMTS MAC dissector in packet-umts_mac.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549256
[ 12 ] Bug #1549246 - CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549246
[ 13 ] Bug #1543583 - CVE-2018-6836 wireshark: free operation on an uninitialized memory address in wiretap/netmon.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1543583
[ 14 ] Bug #1534365 - CVE-2018-5335 wireshark: WCP dissector crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1534365
[ 15 ] Bug #1534362 - CVE-2018-5334 wireshark: IxVeriWave file parser crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1534362
[ 16 ] Bug #1425376 - CVE-2017-6014 wireshark: Memory exhaustion/infinite loop via malformed STANAG 4607 capture file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1425376
[ 17 ] Bug #1464052 - CVE-2017-9616 CVE-2017-9617 CVE-2017-9766 wireshark: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1464052
[ 18 ] Bug #1548665 - wireshark: Partial Fedora build flags injection
https://bugzilla.redhat.com/show_bug.cgi?id=1548665
[ 19 ] Bug #1542775 - wireshark-2.4.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1542775
[ 20 ] Bug #1530895 - CVE-2017-17997 wireshark: Misuse of NULL pointer in MRDISC dissector [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1530895
su -c 'dnf upgrade wireshark' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2018-bfdad62cd6 2018-04-17 00:11:16.750638 Product : Fedora 28 Version : 2.4.5 Release : 3.fc28 URL : https://www.wireshark.org/ Summary : Network traffic analyzer Description : Metapackage with installs wireshark-cli and wireshark-qt. Removing dependency on wireshark metapackage from wireshark-cli ---- Added wireshark-qt to wireshark metapackage ---- - New version 2.4.5 - Contains fixes for CVE-2018-7419, CVE-2018-7418, CVE-2018-7417, CVE-2018-7420, CVE-2018-7320, CVE-2018-7336, CVE-2018-7337, CVE-2018-7334, CVE-2018-7335, CVE-2018-6836, CVE-2018-5335, CVE-2018-5334, CVE-2017-6014, CVE-2017-9616, CVE-2017-9617, CVE-2017-9766 [ 1 ] Bug #1555323 - WTF is wireshark-qt pulled as dependency https://bugzilla.redhat.com/show_bug.cgi?id=1555323 [ 2 ] Bug #1554818 - tshark (wireshark-cli) should be installable without any GUI bits https://bugzilla.redhat.com/show_bug.cgi?id=1554818 [ 3 ] Bug #1506859 - wireshark meta package is missing wireshark-qt dependency https://bugzilla.redhat.com/show_bug.cgi?id=1506859 [ 4 ] Bug #1549309 - CVE-2018-7419 wireshark: NBAP dissector crash in nbap.cnf [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549309 [ 5 ] Bug #1549306 - CVE-2018-7418 wireshark: SIGCOMP dissector crash in packet-sigcomp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549306 [ 6 ] Bug #1549302 - CVE-2018-7417 wireshark: IPMI dissector crash in packet-ipmi-picmg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549302 [ 7 ] Bug #1549286 - CVE-2018-7420 wireshark: Pcapng file parser crash in pcapng.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549286 [ 8 ] Bug #1549278 - CVE-2018-7320 wireshark: Heap-based Buffer Overflow in SIGCOMP dissector crash in packet-sigcomp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549278 [ 9 ] Bug #1549271 - CVE-2018-7336 wireshark: FCP dissector crash in packet-fcp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549271 [ 10 ] Bug #1549266 - CVE-2018-7337 wireshark: DOCSIS dissector crash in packet-docsis.c by injecting a malformed packet [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549266 [ 11 ] Bug #1549256 - CVE-2018-7334 wireshark: out of bounds access in UMTS MAC dissector in packet-umts_mac.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549256 [ 12 ] Bug #1549246 - CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549246 [ 13 ] Bug #1543583 - CVE-2018-6836 wireshark: free operation on an uninitialized memory address in wiretap/netmon.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1543583 [ 14 ] Bug #1534365 - CVE-2018-5335 wireshark: WCP dissector crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1534365 [ 15 ] Bug #1534362 - CVE-2018-5334 wireshark: IxVeriWave file parser crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1534362 [ 16 ] Bug #1425376 - CVE-2017-6014 wireshark: Memory exhaustion/infinite loop via malformed STANAG 4607 capture file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1425376 [ 17 ] Bug #1464052 - CVE-2017-9616 CVE-2017-9617 CVE-2017-9766 wireshark: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1464052 [ 18 ] Bug #1548665 - wireshark: Partial Fedora build flags injection https://bugzilla.redhat.com/show_bug.cgi?id=1548665 [ 19 ] Bug #1542775 - wireshark-2.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1542775 [ 20 ] Bug #1530895 - CVE-2017-17997 wireshark: Misuse of NULL pointer in MRDISC dissector [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1530895 su -c 'dnf upgrade wireshark' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References