Gentoo: GLSA-201604-05: Wireshark: Multiple vulnerabilities
Summary
Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.
Resolution
All Wireshark users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-2.0.2"
References
[ 1 ] CVE-2015-8711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8711 [ 2 ] CVE-2015-8712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8712 [ 3 ] CVE-2015-8713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8713 [ 4 ] CVE-2015-8714 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8714 [ 5 ] CVE-2015-8715 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8715 [ 6 ] CVE-2015-8716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8716 [ 7 ] CVE-2015-8717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8717 [ 8 ] CVE-2015-8718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8718 [ 9 ] CVE-2015-8719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8719 [ 10 ] CVE-2015-8720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8720 [ 11 ] CVE-2015-8721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8721 [ 12 ] CVE-2015-8722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8722 [ 13 ] CVE-2015-8723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8723 [ 14 ] CVE-2015-8724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8724 [ 15 ] CVE-2015-8725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8725 [ 16 ] CVE-2015-8726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8726 [ 17 ] CVE-2015-8727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8727 [ 18 ] CVE-2015-8728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8728 [ 19 ] CVE-2015-8729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8729 [ 20 ] CVE-2015-8730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8730 [ 21 ] CVE-2015-8731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8731 [ 22 ] CVE-2015-8732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8732 [ 23 ] CVE-2015-8733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8733 [ 24 ] CVE-2015-8734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8734 [ 25 ] CVE-2015-8735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8735 [ 26 ] CVE-2015-8736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8736 [ 27 ] CVE-2015-8737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8737 [ 28 ] CVE-2015-8738 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8738 [ 29 ] CVE-2015-8739 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8739 [ 30 ] CVE-2015-8740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8740 [ 31 ] CVE-2015-8741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8741 [ 32 ] CVE-2015-8742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8742 [ 33 ] CVE-2016-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2521 [ 34 ] CVE-2016-2522 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2522 [ 35 ] CVE-2016-2523 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2523 [ 36 ] CVE-2016-2524 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2524 [ 37 ] CVE-2016-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2525 [ 38 ] CVE-2016-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2526 [ 39 ] CVE-2016-2527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2527 [ 40 ] CVE-2016-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2528 [ 41 ] CVE-2016-2529 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2529 [ 42 ] CVE-2016-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2530 [ 43 ] CVE-2016-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2531 [ 44 ] CVE-2016-2532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2532
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201604-05
Concerns
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
![Dist Gentoo](/images/distros/dist-gentoo.png)
Synopsis
Multiple vulnerabilities have been found in Wireshark, allowing local attackers to escalate privileges and remote attackers to cause Denial of Service.
Background
Wireshark is a network protocol analyzer formerly known as ethereal.
Affected Packages
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/wireshark < 2.0.2 >= 2.0.2
Impact
===== Remote attackers could cause Denial of Service and local attackerscould escalate privileges.
Workaround
There is no known workaround at this time.