[3.5] wireshark: Multiple issues (CVE-2016-7957, CVE-2016-7958, CVE-2016-9372, CVE-2016-9374, CVE-2016-9376, CVE-2016-9373, CVE-2016-9375)
CVE-2016-7957: Bluetooth L2CAP dissector crash
Affected versions: 2.2.0
Fixed versions: 2.2.1
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-56.html
CVE-2016-7958: NCP dissector crash
Affected versions: 2.2.0
Fixed versions: 2.2.1
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-57.html
CVE-2016-9372: Profinet I/O long loop
Affected versions: 2.2.0 to 2.2.1
Fixed versions: 2.2.2
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-58.html
CVE-2016-9374: AllJoyn crash
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-59.html
CVE-2016-9376: OpenFlow crash
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-60.html
CVE-2016-9373: DCERPC crash
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-61.html
CVE-2016-9375: DTN infinite loop
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
Reference:
https://www.wireshark.org/security/wnpa-sec-2016-62.html
(from redmine: issue id 6480, created on 2016-11-22, closed on 2016-12-15)
- Relations:
- parent #6479 (closed)
- Changesets:
- Revision a3c70e41 on 2016-12-01T06:58:43Z:
main/wireshark: security upgrade to 2.2.2
fixes #6480
CVE-2016-7957, CVE-2016-7958, CVE-2016-9372, CVE-2016-9374,
CVE-2016-9376, CVE-2016-9373, CVE-2016-9375