{"affected":[{"ecosystem_specific":{"binaries":[{"libwireshark9":"2.4.9-48.29.1","libwiretap7":"2.4.9-48.29.1","libwscodecs1":"2.4.9-48.29.1","libwsutil8":"2.4.9-48.29.1","wireshark":"2.4.9-48.29.1","wireshark-gtk":"2.4.9-48.29.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.9-48.29.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for wireshark to version 2.4.9 fixes the following issues:\n\nWireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514).\n\nSecurity issues fixed:\n\n- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)\n- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)\n- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)\n- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).\n- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)\n- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)\n- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).\n- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).\n- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).\n- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)\n- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)\n- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)\n- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)\n- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).\n- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)\n- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).\n- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).\n- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)\n- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).\n- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)\n- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).\n- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)\n\nFurther bug fixes and updated protocol support as listed in:\n  https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html\n","id":"SUSE-SU-2018:2891-2","modified":"2018-10-18T12:48:30Z","published":"2018-10-18T12:48:30Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20182891-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1094301"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101776"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101777"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101786"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101788"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101791"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101794"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101800"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101802"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101804"},{"type":"REPORT","url":"https://bugzilla.suse.com/1101810"},{"type":"REPORT","url":"https://bugzilla.suse.com/1106514"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11354"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11355"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11356"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11357"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11358"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11359"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11360"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11361"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11362"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14339"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14340"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14341"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14342"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14343"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14344"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14367"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14368"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14369"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14370"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-16056"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-16057"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-16058"}],"related":["CVE-2018-11354","CVE-2018-11355","CVE-2018-11356","CVE-2018-11357","CVE-2018-11358","CVE-2018-11359","CVE-2018-11360","CVE-2018-11361","CVE-2018-11362","CVE-2018-14339","CVE-2018-14340","CVE-2018-14341","CVE-2018-14342","CVE-2018-14343","CVE-2018-14344","CVE-2018-14367","CVE-2018-14368","CVE-2018-14369","CVE-2018-14370","CVE-2018-16056","CVE-2018-16057","CVE-2018-16058"],"summary":"Security update for wireshark","upstream":["CVE-2018-11354","CVE-2018-11355","CVE-2018-11356","CVE-2018-11357","CVE-2018-11358","CVE-2018-11359","CVE-2018-11360","CVE-2018-11361","CVE-2018-11362","CVE-2018-14339","CVE-2018-14340","CVE-2018-14341","CVE-2018-14342","CVE-2018-14343","CVE-2018-14344","CVE-2018-14367","CVE-2018-14368","CVE-2018-14369","CVE-2018-14370","CVE-2018-16056","CVE-2018-16057","CVE-2018-16058"]}