aports issues
https://gitlab.alpinelinux.org/alpine/aports/-/issues
2019-07-23T11:24:48Z
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9159
[3.8] wireshark: Multiple vulnerabilities (CVE-2018-14339, CVE-2018-14340, CV...
2019-07-23T11:24:48Z
Alicha CH
[3.8] wireshark: Multiple vulnerabilities (CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370)
**CVE-2018-14339**: MMSE dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-38.html
**CVE-...
**CVE-2018-14339**: MMSE dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-38.html
**CVE-2018-14340**: Multiple dissectors could crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-36.html
**CVE-2018-14341**: DICOM dissector large loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-39.html
**CVE-2018-14342**: BGP dissector large loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-34.html
**CVE-2018-14343**: ASN.1 BER and related dissectors crash.
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-37.html
**CVE-2018-14344**: ISMP dissector crash.
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-35.html
**CVE-2018-14367**: CoAP dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7
Fixed versions: 2.6.2, 2.4.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-42.html
**CVE-2018-14368**: Bazaar dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-40.html
**CVE-2018-14369**: HTTP2 dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-41.html
**CVE-2018-14370**: IEEE 802.11 dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7
Fixed versions: 2.6.2, 2.4.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-43.html
*(from redmine: issue id 9159, created on 2018-07-30, closed on 2018-07-31)*
* Relations:
* copied_to #9157
* parent #9157
* Changesets:
* Revision e7881754327e3e28822148252165ca22085a230d by Natanael Copa on 2018-07-30T13:22:57Z:
```
community/wireshark: upgrade to 2.4.8
CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342,
CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368,
CVE-2018-14369, CVE-2018-14370
fixes #9159
```
* Revision de7f79ec7d1faf81ba538ae2ea1262eeaee24972 by Natanael Copa on 2019-02-06T13:35:45Z:
```
community/wireshark: upgrade to 2.4.8
CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342,
CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368,
CVE-2018-14369, CVE-2018-14370
fixes #9159
```
3.8.1
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9158
[3.9] wireshark: Multiple vulnerabilities (CVE-2018-14339, CVE-2018-14340, CV...
2019-07-23T11:24:50Z
Alicha CH
[3.9] wireshark: Multiple vulnerabilities (CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370)
**CVE-2018-14339**: MMSE dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-38.html
**CVE-...
**CVE-2018-14339**: MMSE dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-38.html
**CVE-2018-14340**: Multiple dissectors could crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-36.html
**CVE-2018-14341**: DICOM dissector large loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-39.html
**CVE-2018-14342**: BGP dissector large loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-34.html
**CVE-2018-14343**: ASN.1 BER and related dissectors crash.
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-37.html
**CVE-2018-14344**: ISMP dissector crash.
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-35.html
**CVE-2018-14367**: CoAP dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7
Fixed versions: 2.6.2, 2.4.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-42.html
**CVE-2018-14368**: Bazaar dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-40.html
**CVE-2018-14369**: HTTP2 dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-41.html
**CVE-2018-14370**: IEEE 802.11 dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7
Fixed versions: 2.6.2, 2.4.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-43.html
*(from redmine: issue id 9158, created on 2018-07-30, closed on 2018-07-31)*
* Relations:
* copied_to #9157
* parent #9157
3.9.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9157
wireshark: Multiple vulnerabilities (CVE-2018-14339, CVE-2018-14340, CVE-2018...
2019-07-23T11:24:51Z
Alicha CH
wireshark: Multiple vulnerabilities (CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370)
**CVE-2018-14339**: MMSE dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-38.html
**CVE-...
**CVE-2018-14339**: MMSE dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-38.html
**CVE-2018-14340**: Multiple dissectors could crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-36.html
**CVE-2018-14341**: DICOM dissector large loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-39.html
**CVE-2018-14342**: BGP dissector large loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-34.html
**CVE-2018-14343**: ASN.1 BER and related dissectors crash.
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-37.html
**CVE-2018-14344**: ISMP dissector crash.
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-35.html
**CVE-2018-14367**: CoAP dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7
Fixed versions: 2.6.2, 2.4.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-42.html
**CVE-2018-14368**: Bazaar dissector infinite loop
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-40.html
**CVE-2018-14369**: HTTP2 dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15
Fixed versions: 2.6.2, 2.4.8, 2.2.16
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-41.html
**CVE-2018-14370**: IEEE 802.11 dissector crash
Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7
Fixed versions: 2.6.2, 2.4.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2018-43.html
*(from redmine: issue id 9157, created on 2018-07-30, closed on 2018-07-31)*
* Relations:
* copied_to #9158
* copied_to #9159
* child #9158
* child #9159
Natanael Copa
Natanael Copa