SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for wireshark-3.4.6-2.1.i586.rpm :

* Thu Jun 03 2021 Andreas Stieger - Wireshark 3.4.6:
* Fix DVB-S2-BB dissector infinite loop (boo#1186790, wnpa-sec-2021-04)
* Fix Macro filters handling of escaped characters
* Fix Display filter crash
* Fix IEEE-1588 Signalling Unicast TLV incorrectly reported as being malformed
* Fix IETF QUIC TLS decryption error with extraneous packets during the handshake
* Fix Statistics - Resolved Addresses: multi-protocol (TCP/UDP/...) ports not displayed
* Thu Apr 22 2021 Andreas Stieger - Wireshark 3.4.5:
* CVE-2021-22207: MS-WSP dissector excessive memory consumption (boo#1185128, wnpa-sec-2021-04)
* Fix TShark not printing GeoIP information
* FIx TShark error when piping to \"head\"
* Fix missing parts of ASCII representation in Packet Bytes pane
* Fix dissection of NDPE attribute of NAN packet
* Fix TECMP: reserved flag interpreted as part of timestamp
* Fix DNS IXFR/AXFR multiple response
* Fix File too large issue- drop patches:
* cmake_3-20_compatibility_1.patch
* cmake_3-20_compatibility_2.patch
* wireshark-0008-move-glib.patch
* Wed Mar 31 2021 Robert Frohl - cmake 3.20 compatibility (boo#1184110) add cmake_3-20_compatibility_1.patch and cmake_3-20_compatibility_2.patch
* Tue Mar 30 2021 Neal Gompa - Add patch from Fedora to fix build with glib2-2.68 + Patch: wireshark-0008-move-glib.patch
* Thu Mar 11 2021 Robert Frohl - Wireshark 3.4.4:
* CVE-2021-22191: Wireshark could open unsafe URLs (boo#1183353).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.4.4.html
* Fri Feb 19 2021 Robert Frohl - Enable ITU G.729 Annex A/B speech codec for Tumbleweed only
* Sat Jan 30 2021 Andreas Stieger - Wireshark 3.4.3:
* CVE-2021-22173: fix USB HID dissector memory leak (wnpa-sec-2021-01, boo#1181598)
* CVE-2021-22174: fix USB HID dissector crash (wnpa-sec-2021-02, boo#1181599)
* Fix bugs in SIP, Telephony, QUIC, SOMEIP-SD, SRv6, TECMP, AUTOSAR-NM, Fibre Channel, f5ethtrailer, ZVT dissectors.
* fix TShark crashes with -T ek option
* Fri Jan 22 2021 Robert Frohl - Disable ITU G.729 Annex A/B speech codec for SUSE based distros, but keep enabled for openSUSE.
* Wed Jan 13 2021 Robert Frohl - provide helpful error message if user doesn\'t have permissions to run dumpcap (bsc#1180102) add wireshark-0001-dumpcap-permission-denied.patch
* Sat Dec 19 2020 Andreas Stieger - Wireshark 3.4.2
* CVE-2020-26422: QUIC dissector crash (boo#1180232)
* Fix IETF QUIC TLS decryption errors when packets are coalesced with random data
* QUIC: missing dissection of some coalesced SH packets
* Fix false expect error seen on FCoE frames
* Updated Protocol Support DOCSIS, FC-dNS, FC-SWILS, FCoE, QUIC, SNMP, and USBHID
* Fri Dec 11 2020 Andreas Stieger - Wireshark 3.4.1:
* CVE-2020-26418: Kafka dissector memory leak (wnpa-sec-2020-16, boo#1179930)
* CVE-2020-26419: Multiple dissector memory leaks (wnpa-sec-2020-19, boo#1179931)
* CVE-2020-26420: RTPS dissector memory leak (wnpa-sec-2020-18, boo#1179932)
* CVE-2020-26421: USB HID dissector crash (wnpa-sec-2020-17, boo#1179933)
* Fix IETF QUIC TLS decryption errors
* Fix failures or crashes in various dissectors
* Fri Oct 30 2020 Andreas Stieger - Wireshark 3.4.0:
* Save RTP stream to .au supports any codec with 8000 Hz rate supported by Wireshark (shown in RTP player). If save of audio is not possible (unsupported codec or rate), silence of same length is saved and warning is shown.
* Asynchronous DNS resolution is always enabled
* Protobuf fields can be dissected as Wireshark (header) fields that allows user input the full names of Protobuf fields or messages in Filter toolbar for searching.
* Dissectors based on Protobuf can register themselves to a new \'protobuf_field\' dissector table, which is keyed with the full names of fields, for further parsing fields of BYTES or STRING type.
* UI improvements
* sshdump can now be copied to multiple instances. Each instance will show up a different interface and will have its own
* decode, play, and save opus payloads- features not enabled in the openSUSE package:
* decode, play, and save iLBC payloads
* Fri Oct 30 2020 Robert Frohl - wireshark 3.2.8:
* CVE-2020-26575: FBZERO dissector crash (boo#1177406)
* CVE-2020-28030: GQUIC dissector crash (boo#1178291)
* Infinite memory allocation while parsing this tcp packet- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.8.html
* Thu Sep 24 2020 Robert Frohl - wireshark 3.2.7:
* CVE-2020-25863: MIME Multipart dissector crash (boo#1176908)
* CVE-2020-25862: TCP dissector crash (boo#1176909)
* CVE-2020-25866: BLIP dissector crash (boo#1176910)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html
* Wed Aug 12 2020 Andreas Stieger - Wireshark 3.2.6:
* CVE-2020-17498: Kafka dissector crash (boo#1175204)
* Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.6.html
* Wed Jul 01 2020 Andreas Stieger - Wireshark 3.2.5:
* CVE-2020-15466: GVCP dissector infinite loop (boo#1173606)
* Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html- make verification of package source signatures compatible with source_validator
* Fri Jun 05 2020 Michel Normand - Add _constraints for ppc/ppc64le that need more than 3GB to build
* Wed May 20 2020 Robert Frohl - wireshark 3.2.4
* CVE-2020-13164: NFS dissector crash (boo#1171899)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.4.html
* Thu Apr 09 2020 Robert Frohl - wireshark 3.2.3 (boo#1169063)
* CVE-2020-11647: The BACapp dissector could crash- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.3.html
* Fri Mar 06 2020 Robert Frohl - Remove dependency on brotli, only the library is needed.
* Thu Feb 27 2020 Robert Frohl - wireshark 3.2.2 (boo#1165241)
* CVE-2020-9431: LTE RRC dissector memory leak.
* CVE-2020-9430: WiMax DLMAP dissector crash.
* CVE-2020-9428: EAP dissector crash.
* CVE-2020-9429: WireGuard dissector crash.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.2.html
* Thu Jan 23 2020 Robert Frohl - Fixed build against SLE flavors
* Thu Jan 16 2020 Robert Frohl - wireshark 3.2.1
* CVE-2020-7044: WASSP dissector crash (boo#1161052)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.1.html
* Thu Dec 19 2019 Robert Frohl - wireshark 3.2.0
* Brotli decompression support in HTTP/HTTP2 (requires the brotli library).
* You can now follow HTTP/2 and QUIC streams.
* HTTP2 support streaming mode reassembly. To use this feature, subdissectors can register itself to \"streaming_content_type\" dissector table and return pinfo→desegment_len and pinfo→desegment_offset to tell HTTP2 when to start and how many additional bytes requires when next called.
* IOGraph automatically adds a graph for the selected display filter if no previous graph exists
* WireGuard decryption can now be enabled through keys embedded in a pcapng in addition to the existing key log preference (Bug 15571).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.0.html
* Thu Dec 05 2019 seanlewAATTopensuse.org- wireshark 3.0.7:
* CVE-2019-19553: CMS dissector crash (boo#1158505).
* ws_pipe_wait_for_pipe() can wait on closed handles
* suport for 11ax in PEEKREMOTE
* reassembling of the two TLS records not working correctly- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.7.html
* Tue Dec 03 2019 Marcus Rueckert - since we only have one gui package now move the gui related files to that package, which in turn reduces the requires in the main package for headless installations.
* Thu Oct 24 2019 Robert Frohl - wireshark 3.0.6:
* extcap: Several issues when capturing from multiple extcap interfaces.
* Expert Infos Incorrectly Displays Info Column instead of comment.
* Wireshark does not support USB packets with size greater than 256 KiB.
* IS-IS: add support for decoding TE TLV Type 138 as per RFC 5307.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.6.html
* Sat Sep 21 2019 Andreas Stieger - wireshark 3.0.5:
* Fix Qt interface crashes on a profile with packet list only
* NET-SNMP EngineID Length handling Warning
* fix Crash SIGSEGV when decrypting IEEE 802.11 EAP re-authentications
* Mon Sep 16 2019 Robert Frohl - wireshark 3.0.4
* CVE-2019-16319: Fixed an infinite loop in the Gryphon dissector (boo#1150690).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.4.html
* Tue Jul 23 2019 Johannes Segitz - Added BuildRequires for spandsp-devel to enable decoding of various VoIP codecs
* Thu Jul 18 2019 Robert Frohl - wireshark 3.0.3
* CVE-2019-13619: ASN.1 BER and related dissectors crash. (bsc#1141980)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.3.html
* Wed Jun 12 2019 Dominique Leuenberger - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini
* Thu May 23 2019 Robert Frohl - Wireshark 3.0.2 (bsc#1136021)
* Wireshark dissection engine crash.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.2.html
* Wed Apr 17 2019 Robert Frohl - Added config.h again, which got lost during the wireshark 3 update.
* Tue Apr 09 2019 Robert Frohl - Wireshark 3.0.1 (bsc#1131941)
* CVE-2019-10895: NetScaler file parser crash.
* CVE-2019-10899: SRVLOC dissector crash.
* CVE-2019-10897: IEEE 802.11 dissector infinite loop.
* CVE-2019-10898: GSUP dissector infinite loop.
* CVE-2019-10900: Rbm dissector infinite loop.
* CVE-2019-10894: GSS-API dissector crash.
* CVE-2019-10896: DOF dissector crash.
* CVE-2019-10902: TSDNS dissector crash.
* CVE-2019-10901: LDSS dissector crash.
* CVE-2019-10903: DCERPC SPOOLSS dissector crash.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.1.html
* Thu Mar 21 2019 Robert Frohl - Wireshark 3.0.0
* The IP map feature (the \"Map\" button in the \"Endpoints\" dialog) has been added back in a modernized form.
* Initial support for using PKCS #11 tokens for RSA decryption in TLS. This can be configured at Preferences, RSA Keys.
* Conversation timestamps are supported for UDP/UDP-Lite protocols.
* TShark now supports the -G elastic-mapping option which generates an ElasticSearch mapping file.
* The Ethernet and IEEE 802.11 dissectors no longer validate the frame check sequence (checksum) by default.
* The TCP dissector gained a new \"Reassemble out-of-order segments\" preference to fix dissection and decryption issues in case TCP segments are received out-of-order.
* Decryption support for the new WireGuard dissector.
* The BOOTP dissector has been renamed to DHCP. With the exception of \"bootp.dhcp\", the old \"bootp.
*\" display filter fields are still supported but may be removed in a future release.
* The SSL dissector has been renamed to TLS. As with BOOTP the old \"ssl.
*\" display filter fields are supported but may be removed in a future release.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.0.html- removed wireshark-1.10.0-enable_lua.patch, because LUA is enabled by default.
* Thu Feb 28 2019 Robert Frohl - Wireshark 2.6.7
* CVE-2019-9214: RPCAP dissector could crash (bnc#1127367)
* CVE-2019-9209: ASN.1 BER and related dissectors could crash (bnc#1127369)
* CVE-2019-9208: TCAP dissector could crash (bnc#1127370)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.7.html
* Wed Jan 09 2019 Robert Frohl - Wireshark 2.6.6
* CVE-2019-5716: The 6LoWPAN dissector could crash (bsc#1121231)
* CVE-2019-5717: The P_MUL dissector could crash (bsc#1121232)
* CVE-2019-5718: The RTSE dissector and other dissectors could crash (bsc#1121233)
* CVE-2019-5719: The ISAKMP dissector could crash (bsc#1121234)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.6.html
* Thu Nov 29 2018 astiegerAATTsuse.com- Wireshark 2.6.5 (bsc#1117740):
* CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)
* CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)
* CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)
* CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)
* CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)
* CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)
* CVE-2018-19628: The ZigBee ZCL dissector could crash (wnpa-sec-2018-57)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html
* Fri Oct 12 2018 astiegerAATTsuse.com- Wireshark 2.6.4 (bsc#1111647):
* CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)
* CVE-2018-18226: Steam IHS Discovery dissector memory leak (wnpa-sec-2018-48)
* CVE-2018-18225: CoAP dissector crash (wnpa-sec-2018-49)
* CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html
* Wed Aug 29 2018 astiegerAATTsuse.com- Update to 2.6.3 (boo#1106514):
* CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
* CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
* CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.3.html
* Fri Jul 20 2018 astiegerAATTsuse.com- update to 2.6.2:
* CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, boo#1101777)
* CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, boo#1101788)
* CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, boo#1101804)
* CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, boo#1101786)
* CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, boo#1101810)
* CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, boo#1101776)
* CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, boo#1101794)
* CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, boo#1101800)
* CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, boo#1101791)
* CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, boo#1101802)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.2.html- drop wireshark-2.6.1-fix-Qt-5.11.patch, upstream
* Wed May 23 2018 astiegerAATTsuse.com- Fix build with Qt 5.11 (boo#1093733) add wireshark-2.6.1-fix-Qt-5.11.patch
* Wed May 23 2018 astiegerAATTsuse.com- update to 2.6.1: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1094301):
* CVE-2018-11354: IEEE 1905.1a dissector crash
* CVE-2018-11355: RTCP dissector crash
* CVE-2018-11356: DNS dissector crash
* CVE-2018-11357: Multiple dissectors could consume excessive memory
* CVE-2018-11358: Q.931 dissector crash
* CVE-2018-11359: The RRC dissector and other dissectors could crash
* CVE-2018-11360: GSM A DTAP dissector crash
* CVE-2018-11361: IEEE 802.11 dissector crash
* CVE-2018-11362: LDSS dissector crash- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html
* Mon May 07 2018 astiegerAATTsuse.com- Turn on ssh, maxminddb, c-ares, snappy, lz4, HTTP2 support- Use capabilities to be able to run capture as a non-root user. In easy system permissions mode all users can capture traffic. In secure system permissions mode, must be added to the wireshark group to capture. bsc#957624 Drop wireshark-1.2.0-disable-warning-dialog.patch
* Tue May 01 2018 ecsosAATTopensuse.org- update to 2.6.0
* Bug Fixes - The following bugs have been fixed: - Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
* New and Updated Features The following features are new (or have been significantly updated) since version 2.5.0: - HTTP Request sequences are now supported. - Wireshark now supports MaxMind DB files. Support for GeoIP and GeoLite Legacy databases has been removed. - The Windows packages are now built using Microsoft Visual Studio 2017. - The IP map feature (the “Map” button in the “Endpoints” dialog) has been removed. The following features are new (or have been significantly updated) since version 2.4.0: - Display filter buttons can now be edited, disabled, and removed via a context menu directly from the toolbar - Drag & Drop filter fields to the display filter toolbar or edit to create a button on the fly or apply the filter as a display filter. - Application startup time has been reduced. - Some keyboard shortcut mix-ups have been resolved by assigning new shortcuts to Edit → Copy methods. - TShark now supports color using the --color option. - The \"matches\" display filter operator is now case-insensitive. - Display expression (button) preferences have been converted to a UAT. This puts the display expressions in their own file. Wireshark still supports preference files that contain the old preferences, but new preference files will be written without the old fields. - SMI private enterprise numbers are now read from the “enterprises.tsv” configuration file. - The QUIC dissector has been renamed to Google QUIC (quic → gquic). - The selected packet number can now be shown in the Status Bar by enabling Preferences → Appearance → Layout → Show selected packet number. - File load time in the Status Bar is now disabled by default and can be enabled in Preferences → Appearance → Layout → Show file load time. - Support for the G.729A codec in the RTP Player is now added via the bcg729 library. - Support for hardware-timestamping of packets has been added. - Improved NetMon .cap support with comments, event tracing, network filter, network info types and some Message Analyzer exported types. - The personal plugins folder on Linux/Unix is now ~/.local/lib/wireshark/plugins. - TShark can print flow graphs using -z flow… - Capinfos now prints SHA256 hashes in addition to RIPEMD160 and SHA1. MD5 output has been removed. - The packet editor has been removed. (This was a GTK+ only experimental feature.) - Support BBC micro:bit Bluetooth profile - The Linux and UNIX installation step for Wireshark will now install headers required to build plugins. A pkg-config file is provided to help with this (see “doc/plugins.example” for details). Note you must still rebuild all plugins between minor releases (X.Y). - The Windows installers and packages now ship with Qt 5.9.4. - The generic data dissector can now uncompress zlib compressed data. - DNS Stats now supports service level statistics. - DNS filters for retransmissions and unsolicited responses have been added. - The “tcptrace” TCP Stream graph now shows duplicate ACKS and zero window advertisements. - The membership operator now supports ranges, allowing display filters such as tcp.port in {4430..4434} to be expressed. See the User’s Guide, chapter Building display filter expressions for details.
* New Protocol Support
* Updated Protocol Support - Too many protocols have been updated to list here.
* New and Updated Capture File Support - Microsoft Network Monitor
* New and Updated Capture Interfaces support - LoRaTap- drop patch wireshark-1.2.0-geoip.patch, because file to patch no more exists- accumulating fixes from previous versions:
* wireshark 2.4.16: - CVE-2019-13619: ASN.1 BER and related dissectors crash (bsc#1141980).
* wireshark 2.4.15 (bsc#1136021): - Wireshark dissection engine crash.
* wireshark 2.4.14 (bsc#1131945): - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector crash. - CVE-2019-10903: DCERPC SPOOLSS dissector crash.
* wireshark 2.4.13: - CVE-2019-9214: RPCAP dissector could crash (bsc#1127367) - CVE-2019-9209: ASN.1 BER and related dissectors could crash (bsc#1127369) - CVE-2019-9208: TCAP dissector could crash (bsc#1127370)
* wireshark 2.4.12: - CVE-2019-5717: The P_MUL dissector could crash (bsc#1121232) - CVE-2019-5718: The RTSE dissector and other dissectors could crash (bsc#1121233) - CVE-2019-5719: The ISAKMP dissector could crash (bsc#1121234) - CVE-2019-5721: The ENIP dissector could crash (bsc#1121235)
* wireshark 2.4.11 (bsc#1117740): - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE dissector could go into an infinite loop - CVE-2018-19627: The IxVeriWave file parser could crash - CVE-2018-19624: The PVFS dissector could crash
* wireshark 2.4.10 (bsc#1111647): - CVE-2018-18227: MS-WSP dissector crash - CVE-2018-12086: OpcUA dissector crash
* wireshark 2.4.9 (bsc#1106514): - CVE-2018-16058: Bluetooth AVDTP dissector crash - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash - CVE-2018-16057: Radiotap dissector crash
* wireshark 2.4.8: - CVE-2018-14342: BGP dissector large loop (boo#1101777) - CVE-2018-14344: ISMP dissector crash (boo#1101788) - CVE-2018-14340: Multiple dissectors could crash (boo#1101804) - CVE-2018-14343: ASN.1 BER dissector crash (boo#1101786) - CVE-2018-14339: MMSE dissector infinite loop (boo#1101810) - CVE-2018-14341: DICOM dissector crash (boo#1101776) - CVE-2018-14368: Bazaar dissector infinite loop (boo#1101794) - CVE-2018-14369: HTTP2 dissector crash (boo#1101800) - CVE-2018-14367: CoAP dissector crash (boo#1101791) - CVE-2018-14370: IEEE 802.11 dissector crash (boo#1101802)
* wireshark 2.4.7 (bsc#1094301): - CVE-2018-11356: DNS dissector crash - CVE-2018-11357: Multiple dissectors could consume excessive memory - CVE-2018-11358: Q.931 dissector crash - CVE-2018-11359: The RRC dissector and other dissectors could crash - CVE-2018-11360: GSM A DTAP dissector crash - CVE-2018-11362: LDSS dissector crash
* Wed Apr 04 2018 astiegerAATTsuse.com- Wireshark 2.4.6: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1088200):
* CVE-2018-9264: ADB dissector crash
* CVE-2018-9260: IEEE 802.15.4 dissector crash
* CVE-2018-9261: NBAP dissector crash
* CVE-2018-9262: VLAN dissector crash
* CVE-2018-9256: LWAPP dissector crash
* CVE-2018-9263: Kerberos dissector crash
* CVE-2018-9258: TCP dissector crash
* CVE-2018-9257: CQL infinite loop
* Memory leaks in multiple dissectors: CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html
* Sat Feb 24 2018 astiegerAATTsuse.com- Wireshark 2.4.5: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1082692):
* CVE-2018-7335: The IEEE 802.11 dissector could crash
* CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7421: Multiple dissectors could go into large infinite loops
* CVE-2018-7334: The UMTS MAC dissector could crash
* CVE-2018-7337: The DOCSIS dissector could crash
* CVE-2018-7336: The FCP dissector could crash
* CVE-2018-7320: The SIGCOMP dissector could crash
* CVE-2018-7420: The pcapng file parser could crash
* CVE-2018-7417: The IPMI dissector could crash
* CVE-2018-7418: The SIGCOMP dissector could crash
* CVE-2018-7419: The NBAP disssector could crash
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html
* Fri Jan 12 2018 astiegerAATTsuse.com- Wireshark 2.4.4:
* fixes for dissector crashes: + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) + CVE-2018-5335: WCP dissector could crash (bsc#1075738) + CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
* No longer enable the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html
  
ICM