[3.4] wireshark: Multiple vulnerabilities (CVE-2017-13765, CVE-2017-13767)
CVE-2017-13765: IrCOMM dissector buffer overrun
Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14
Fixed versions: 2.4.1, 2.2.9, 2.0.15
References:
https://www.wireshark.org/security/wnpa-sec-2017-41.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=13929
CVE-2017-13767: MSDP dissector infinite loop
Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14
Fixed versions: 2.4.1, 2.2.9, 2.0.15
References:
https://www.wireshark.org/security/wnpa-sec-2017-38.html
(from redmine: issue id 7913, created on 2017-09-26, closed on 2017-10-24)
- Relations:
- parent #7909 (closed)
- Changesets:
- Revision e01525f7 on 2017-10-23T10:24:27Z:
main/wireshark: security upgrade to 2.0.16
(CVE-2017-15191, CVE-2017-15192, CVE-2017-15193)
(CVE-2017-13765, CVE-2017-13766, CVE-2017-13767)
fixes #8016 #7913