Bug 1042331

Summary: VUL-0: TRACKERBUG: wireshark: 2.0.13 security update
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Lingshan Zhu <lszhu>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium    
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on: 1042298, 1042299, 1042300, 1042301, 1042302, 1042304, 1042305, 1042307, 1042309    
Bug Blocks:    

Description Alexander Bergmann 2017-06-02 09:15:33 UTC 
[Wireshark-announce] Wireshark 2.0.13 is now available

https://www.wireshark.org/lists/wireshark-announce/201706/msg00001.html

The following security issues were fixed in this version:

bsc#1042304: CVE-2017-9352: Bazaar dissector infinite loop (wnpa-sec-2017-22)
bsc#1042302: CVE-2017-9351: DHCP dissector read overflow (wnpa-sec-2017-24)
bsc#1042301: CVE-2017-9346: SoulSeek dissector infinite loop (wnpa-sec-2017-25)
bsc#1042300: CVE-2017-9345: DNS dissector infinite loop (wnpa-sec-2017-26)
bsc#1042305: CVE-2017-9349: DICOM dissector infinite loop (wnpa-sec-2017-27)
bsc#1042299: CVE-2017-9350: openSAFETY dissector memory exh.. (wnpa-sec-2017-28)
bsc#1042298: CVE-2017-9344: BT L2CAP dissector divide by zero (wnpa-sec-2017-29)
bsc#1042309: CVE-2017-9343: MSNIP dissector crash (wnpa-sec-2017-30)
bsc#1042307: CVE-2017-9354: RGMP dissector crash (wnpa-sec-2017-32)
Comment 1 Lingshan Zhu 2017-06-13 09:26:23 UTC 
please see this link for update for SLE12
Comment 2 Lingshan Zhu 2017-06-14 03:28:05 UTC 
For SLE11:  https://build.suse.de/request/show/134148
For SLE12: https://build.suse.de/request/show/134080
Comment 3 Lingshan Zhu 2017-06-27 06:03:12 UTC 
MRs got accepted