MGASA-2021-0518 - Updated wireshark packages fix security vulnerability

Publication date: 20 Nov 2021
URL: https://advisories.mageia.org/MGASA-2021-0518.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-39920,
     CVE-2021-39921,
     CVE-2021-39922,
     CVE-2021-39924,
     CVE-2021-39925,
     CVE-2021-39926,
     CVE-2021-39928,
     CVE-2021-39929

IPPUSB dissector crash (CVE-2021-39920).
Modbus dissector crash (CVE-2021-39921).
C12.22 dissector crash (CVE-2021-39922).
PNRP dissector large loop (wnpa-sec-2021-11).
Bluetooth DHT dissector large loop (CVE-2021-39924).
Bluetooth SDP dissector crash (CVE-2021-39925).
Bluetooth HCI_ISO dissector crash (CVE-2021-39926).
IEEE 802.11 dissector crash (CVE-2021-39928).
Bluetooth DHT dissector crash (CVE-2021-39929).

References:
- https://bugs.mageia.org/show_bug.cgi?id=29670
- https://www.wireshark.org/security/wnpa-sec-2021-07
- https://www.wireshark.org/security/wnpa-sec-2021-08
- https://www.wireshark.org/security/wnpa-sec-2021-09
- https://www.wireshark.org/security/wnpa-sec-2021-10
- https://www.wireshark.org/security/wnpa-sec-2021-11
- https://www.wireshark.org/security/wnpa-sec-2021-12
- https://www.wireshark.org/security/wnpa-sec-2021-13
- https://www.wireshark.org/security/wnpa-sec-2021-14
- https://www.wireshark.org/security/wnpa-sec-2021-15
- https://www.wireshark.org/docs/relnotes/wireshark-3.4.8.html
- https://www.wireshark.org/docs/relnotes/wireshark-3.4.9.html
- https://www.wireshark.org/docs/relnotes/wireshark-3.4.10.html
- https://www.wireshark.org/news/20210825.html
- https://www.wireshark.org/news/20211006.html
- https://www.wireshark.org/news/20211117.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39920
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39921
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39922
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39924
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39925
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39926
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39928
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39929

SRPMS:
- 8/core/wireshark-3.4.10-1.mga8