Moderate CentOS wireshark Security Update

Metadata

medium
unknown
wireshark-1.10.14-7.el7.i686.rpm, wireshark-1.10.14-7.el7.x86_64.rpm, wireshark-devel-1.10.14-7.el7.i686.rpm, wireshark-devel-1.10.14-7.el7.x86_64.rpm, wireshark-gnome-1.10.14-7.el7.x86_64.rpm
rhn.redhat.com, lists.centos.org
2015-11-30
2018-01-18 11:11
2017-07-27 19:10
2017-04-01 19:09
2017-01-05 20:13

Description


Updated wireshark packages that fix multiple security issues, several bugs,
and add various enhancements are now available for Red Hat Enterprise
Linux 7.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

The wireshark packages contain a network protocol analyzer used to capture
and browse the traffic running on a computer network.

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191,
CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710,
CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562,
CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244,
CVE-2015-6245, CVE-2015-6246, CVE-2015-6248)

The CVE-2015-3182 issue was discovered by Martin ┼Żember of Red Hat.

The wireshark packages have been upgraded to upstream version 1.10.14,
which provides a number of bug fixes and enhancements over the previous
version. (BZ#1238676)

This update also fixes the following bug:

* Prior to this update, when using the tshark utility to capture packets
over the interface, tshark failed to create output files in the .pcap
format even if it was specified using the "-F" option. This bug has been
fixed, the "-F" option is now honored, and the result saved in the .pcap
format as expected. (BZ#1227199)

In addition, this update adds the following enhancement:

* Previously, wireshark included only microseconds in the .pcapng format.
With this update, wireshark supports nanosecond time stamp precision to
allow for more accurate time stamps. (BZ#1213339)

All wireshark users are advised to upgrade to these updated packages, which
correct these issues and add these enhancements. All running instances of
Wireshark must be restarted for the update to take effect.
Please see https://www.redhat.com/footer/terms-of-use.html

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
7 wireshark wireshark-1.10.14-7.el7.i686.rpm
wireshark wireshark-1.10.14-7.el7.x86_64.rpm
wireshark-devel wireshark-devel-1.10.14-7.el7.i686.rpm
wireshark-devel wireshark-devel-1.10.14-7.el7.x86_64.rpm
wireshark-gnome wireshark-gnome-1.10.14-7.el7.x86_64.rpm