Changelog
wireshark (1.12.1+g01b65bf-4+deb8u11) jessie-security; urgency=high
[ Balint Reczey ]
* security fixes from Wireshark 2.0.10:
- The ASTERIX dissector could go into an infinite loop.
Discovered by Antti Levomäki and Christian Jalio, Forcepoint.
(CVE-2017-5596)
- The DHCPv6 dissector could go into a large loop. Discovered by
Antti Levomäki and Christian Jalio, Forcepoint.(CVE-2017-5597)
* security fixes from Wireshark 2.0.11:
- The NetScaler file parser could enter an infinite loop
(CVE-2017-6467)
- The NetScaler file parser could crash (CVE-2017-6468)
- The LDSS dissector could crash (CVE-2017-6469)
- The IAX2 dissector could enter an infinite loop (CVE-2017-6470)
- The WSP dissector could enter an infinite loop (CVE-2017-6471)
- The K12 file parser could crash (CVE-2017-6473)
- The NetScaler file parser could enter an infinite loop
(CVE-2017-6474)
* security fixes from Wireshark 2.2.5:
- The RTMPT dissector could enter an infinite loop (CVE-2017-6472)
[ Chris Lamb ]
* CVE-2017-6014: Fix memory exhausion/infinite loop via malformed STANAG 4607
capture file. (Closes: #855408)
-- Balint Reczey <email address hidden> Thu, 16 Mar 2017 01:46:19 +0100