Bugzilla – Bug 1042300
VUL-0: CVE-2017-9345: wireshark: DNS dissector infinite loop (wnpa-sec-2017-26)
Last modified: 2017-07-13 14:48:15 UTC
rh#1458140 It was reported that Wireshark's DNS dissector could loop infinitely. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Upstream bug(s): https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633 External References: https://www.wireshark.org/security/wnpa-sec-2017-26.html References: https://bugzilla.redhat.com/show_bug.cgi?id=1458140 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9345 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9345
This is an autogenerated message for OBS integration: This bug (1042300) was mentioned in https://build.opensuse.org/request/show/500569 Factory / wireshark
openSUSE-SU-2017:1534-1: An update that solves 12 vulnerabilities and has one errata is now available. Category: security (low) Bug References: 1042298,1042299,1042300,1042301,1042302,1042303,1042304,1042305,1042306,1042307,1042308,1042309,1042330 CVE References: CVE-2017-9343,CVE-2017-9344,CVE-2017-9345,CVE-2017-9346,CVE-2017-9347,CVE-2017-9348,CVE-2017-9349,CVE-2017-9350,CVE-2017-9351,CVE-2017-9352,CVE-2017-9353,CVE-2017-9354 Sources used: openSUSE Leap 42.2 (src): wireshark-2.2.7-14.6.1
please see this link for update for SLE12
For SLE11: https://build.suse.de/request/show/134148 For SLE12: https://build.suse.de/request/show/134080
SUSE-SU-2017:1663-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1042298,1042299,1042300,1042301,1042302,1042303,1042304,1042305,1042306,1042307,1042308,1042309 CVE References: CVE-2017-9343,CVE-2017-9344,CVE-2017-9345,CVE-2017-9346,CVE-2017-9347,CVE-2017-9348,CVE-2017-9349,CVE-2017-9350,CVE-2017-9351,CVE-2017-9352,CVE-2017-9353,CVE-2017-9354 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): wireshark-2.2.7-47.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): wireshark-2.2.7-47.1 SUSE Linux Enterprise Server 12-SP2 (src): wireshark-2.2.7-47.1 SUSE Linux Enterprise Desktop 12-SP2 (src): wireshark-2.2.7-47.1
SUSE-SU-2017:1664-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1042298,1042299,1042300,1042301,1042302,1042303,1042304,1042305,1042306,1042307,1042308,1042309 CVE References: CVE-2017-9343,CVE-2017-9344,CVE-2017-9345,CVE-2017-9346,CVE-2017-9347,CVE-2017-9348,CVE-2017-9349,CVE-2017-9350,CVE-2017-9351,CVE-2017-9352,CVE-2017-9353,CVE-2017-9354 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): wireshark-2.0.13-39.1 SUSE Linux Enterprise Server 11-SP4 (src): wireshark-2.0.13-39.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): wireshark-2.0.13-39.1
MRs got accepted