Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 28: Wireshark 2.6.1 Critical: Multiple Buffer Overflows

fedora
Calendar Grey May 30, 2018
Dist Fedora Esm H88
The latest security release of Wireshark for Fedora 28 addresses several vulnerabilities and comes with an upgraded version.
New version 2.6.1, contains fixes for multiple CVEs

Summary

Metapackage with installs wireshark-cli and wireshark-qt.

New version 2.6.1, contains fixes for multiple CVEs. ---- Fixed undefined

reference in tshark, corrected build flags usage

* Thu May 24 2018 Michal Ruprich - 1:2.6.1-1

- New version 2.6.1

* Tue May 15 2018 Michal Ruprich - 1:2.6.0-2

- Fixed undefined reference error in tshark (rhbz#1573906)

- Correcting usage of build flags (rhbz#1548665)

* Fri Apr 27 2018 Michal Ruprich - 1:2.6.0-1

- New version 2.6.0

- Removed GeoIP support, libmaxminddb is used instead

- Removed dftest binary

[ 1 ] Bug #1581787 - CVE-2018-11362 wireshark: Out-of-bounds Read in packet-ldss.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581787

[ 2 ] Bug #1581782 - CVE-2018-11361 wireshark: Heap-based Buffer Overflow in dot11decrypt.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581782

[ 3 ] Bug #1581781 - CVE-2018-11360 wireshark: Heap-based Buffer Overflow in packet-gsm_a_dtap.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581781

[ 4 ] Bug #1581778 - CVE-2018-11359 wireshark: Out-of-bounds Read in proto.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581778

[ 5 ] Bug #1581773 - CVE-2018-11358 wireshark: Use after free in packet-q931.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581773

[ 6 ] Bug #1581771 - CVE-2018-11357 wireshark: Uncontrolled Resource Consumption in epan/tvbuff.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581771

[ 7 ] Bug #1581768 - CVE-2018-11356 wireshark: DNS dissector crash in packet-dns.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581768

[ 8 ] Bug #1581758 - CVE-2018-11355 wireshark: Heap-based Buffer Overflow in packet-rtcp.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581758

[ 9 ] Bug #1581752 - CVE-2018-11354 wireshark: Out-of-bounds Read in packet-ieee1905.c

https://bugzilla.redhat.com/show_bug.cgi?id=1581752

su -c 'dnf upgrade --advisory FEDORA-2018-3dfee621af' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZPDRUOAYITN6VBAAICJJ4KSGAKGGCHH/

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora critical update exploit fix network analysis Wireshark

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 28
Version: 2.6.1
Release: 1.fc28
URL: https://www.wireshark.org/
Summary: Network traffic analyzer

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora critical update exploit fix network analysis Wireshark

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here