[3.3] wireshark: Mutiple issues (CVE-2016-4076, CVE-2016-4077, CVE-2016-4083, CVE-2016-4084)
CVE-2016-4076: The NCP dissector could crash.
It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Affected versions: 2.0.0 to 2.0.2
Fixed versions: 2.0.3
References:
https://www.wireshark.org/security/wnpa-sec-2016-19.html
CVE-2016-4077: TShark could crash due to a packet reassembly bug.
Affected versions: 2.0.0 to 2.0.2
Fixed versions: 2.0.3
References:
https://www.wireshark.org/security/wnpa-sec-2016-20.html
CVE-2016-4083, CVE-2016-4084: The MS-WSP dissector could crash.
Affected versions: 2.0.0 to 2.0.2
Fixed versions: 2.0.3
References:
https://www.wireshark.org/security/wnpa-sec-2016-27.html
(from redmine: issue id 5622, created on 2016-05-24, closed on 2016-06-23)
- Relations:
- parent #5621 (closed)
- Changesets:
- Revision 7ead5e2a on 2016-06-21T11:43:13Z:
main/wireshark: security upgrade to 2.0.4
CVE-2016-4076
CVE-2016-4077
CVE-2016-4083
CVE-2016-4084
CVE-2016-4006
CVE-2016-4078
CVE-2016-4079
CVE-2016-4080
CVE-2016-4081
CVE-2016-4082
Fixes #5622
Fixes #5624