[SECURITY] [DSA 4416-1] wireshark security update

Salvatore Bonaccorso <carnil@xxxxxxxxxx> · Sun, 24 Mar 2019 13:01:21 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4416-1                   security@xxxxxxxxxx
https://www.debian.org/security/                     Salvatore Bonaccorso
March 24, 2019                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wireshark
CVE ID         : CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 
                 CVE-2019-9208 CVE-2019-9209 CVE-2019-9214
Debian Bug     : 923611

It was discovered that Wireshark, a network traffic analyzer, contained
several vulnerabilities in the dissectors for 6LoWPAN, P_MUL, RTSE,
ISAKMP, TCAP, ASN.1 BER and RPCAP, which could result in denial of
service.

For the stable distribution (stretch), these problems have been fixed in
version 2.6.7-1~deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlyXfvVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Ralw//YQ+Yq8jUMhu8aczj9gl84MLH/ddCC0LhUVbY9WjQgNasV4ZWa7n+ptxa
GGYAU4uRNZCvuXsXeG5/oiF9tAF0YuZgKLdyDDmLqqa39jA+ngFpim+cId3lDNiY
pNUY0wQrdrcREvJrssaiBUvZ7d5O9VYPa8RoSzGo/zuvKohRI41vW0p3YvgVXhiA
eHGmGaijnfHPMa/nYyUCy1MrNf3+2o0eA7rDmeeWTtOk+Q7K4Q969cyFDeR4b7s7
jaMBHaRaNFdIya2OsK7D3dwa9xeZJDuR/MeZk2enC8BsB5Is/wMvDwh5k0OIjj6i
W88dtPcKCq6KnmJOv9qy3uLt3QR4NMsBZElnbpYN9MBdnoTsG7TdMn6qQurUSw6c
fHvbDEVOCPrQ1uEM6yG+oD4Gc8ql4maXeb8pBzaaxuqGzu2uBuYi/Hg+cKcqCNJe
0rs0Q2itkPHvlj02FsxmNXq44y4v1gev61cbblZPdDeK1EGbNCKI7/u0uuQqjaEN
LmxozyblmfmDxJxLyg/cuwQSo1OQuAg5hwA3u9PGQ6bDYnenonWR0KCEv8qmThVB
XZyAUqGQNK0mwIL3/IVLGzhmPKMtkUeolFg5chrb99wJtD8tyNoiED7xpfA4paoO
WOMR1LygowgMedoWWE/akmpfTdneLjSOe9RneBl9t0iTp/IXg9w=
=7sHL
-----END PGP SIGNATURE-----