[SECURITY] [DSA 3367-1] wireshark security update

2015-09-2418:34:42

lists.debian.org

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.1%

JSON

Debian Security Advisory DSA-3367-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
September 24, 2015 https://www.debian.org/security/faq

Package : wireshark
CVE ID : CVE-2015-6241 CVE-2015-6242 CVE-2015-6243 CVE-2015-6244
CVE-2015-6245 CVE-2015-6246 CVE-2015-6247 CVE-2015-6248
CVE-2015-6249

Multiple vulnerabilities were discovered in the dissectors/parsers for
ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal
functions which could result in denial of service.

For the stable distribution (jessie), these problems have been fixed in
version 1.12.1+g01b65bf-4+deb8u3.

For the testing distribution (stretch), these problems have been fixed
in version 1.12.7+g7fc8978-1.

For the unstable distribution (sid), these problems have been fixed in
version 1.12.7+g7fc8978-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8kfreebsd-i386libwireshark-dev< 1.12.1+g01b65bf-4+deb8u3libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_kfreebsd-i386.deb
Debian8mipswireshark-qt< 1.12.1+g01b65bf-4+deb8u3wireshark-qt_1.12.1+g01b65bf-4+deb8u3_mips.deb
Debian8ppc64ellibwireshark-dev< 1.12.1+g01b65bf-4+deb8u3libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_ppc64el.deb
Debian8armhfwireshark-common< 1.12.1+g01b65bf-4+deb8u3wireshark-common_1.12.1+g01b65bf-4+deb8u3_armhf.deb
Debian8powerpclibwireshark-dev< 1.12.1+g01b65bf-4+deb8u3libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_powerpc.deb
Debian8armelwireshark-dbg< 1.12.1+g01b65bf-4+deb8u3wireshark-dbg_1.12.1+g01b65bf-4+deb8u3_armel.deb
Debian8i386libwsutil-dev< 1.12.1+g01b65bf-4+deb8u3libwsutil-dev_1.12.1+g01b65bf-4+deb8u3_i386.deb
Debian8armhflibwireshark-dev< 1.12.1+g01b65bf-4+deb8u3libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_armhf.deb
Debian8i386tshark< 1.12.1+g01b65bf-4+deb8u3tshark_1.12.1+g01b65bf-4+deb8u3_i386.deb
Debian8ppc64elwireshark-dbg< 1.12.1+g01b65bf-4+deb8u3wireshark-dbg_1.12.1+g01b65bf-4+deb8u3_ppc64el.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	kfreebsd-i386	libwireshark-dev	< 1.12.1+g01b65bf-4+deb8u3	libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_kfreebsd-i386.deb
Debian	8	mips	wireshark-qt	< 1.12.1+g01b65bf-4+deb8u3	wireshark-qt_1.12.1+g01b65bf-4+deb8u3_mips.deb
Debian	8	ppc64el	libwireshark-dev	< 1.12.1+g01b65bf-4+deb8u3	libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_ppc64el.deb
Debian	8	armhf	wireshark-common	< 1.12.1+g01b65bf-4+deb8u3	wireshark-common_1.12.1+g01b65bf-4+deb8u3_armhf.deb
Debian	8	powerpc	libwireshark-dev	< 1.12.1+g01b65bf-4+deb8u3	libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_powerpc.deb
Debian	8	armel	wireshark-dbg	< 1.12.1+g01b65bf-4+deb8u3	wireshark-dbg_1.12.1+g01b65bf-4+deb8u3_armel.deb
Debian	8	i386	libwsutil-dev	< 1.12.1+g01b65bf-4+deb8u3	libwsutil-dev_1.12.1+g01b65bf-4+deb8u3_i386.deb
Debian	8	armhf	libwireshark-dev	< 1.12.1+g01b65bf-4+deb8u3	libwireshark-dev_1.12.1+g01b65bf-4+deb8u3_armhf.deb
Debian	8	i386	tshark	< 1.12.1+g01b65bf-4+deb8u3	tshark_1.12.1+g01b65bf-4+deb8u3_i386.deb
Debian	8	ppc64el	wireshark-dbg	< 1.12.1+g01b65bf-4+deb8u3	wireshark-dbg_1.12.1+g01b65bf-4+deb8u3_ppc64el.deb