[gentoo-announce] [ GLSA 201604-05 ] Wireshark: Multiple vulnerabilities

Fabricante: Gentoo
Fecha: 26/04/2016
Identificador: GLSA 201604-05
[gentoo-announce] [ GLSA 201604-05 ] Wireshark: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201604-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Wireshark: Multiple vulnerabilities Date: April 26, 2016 Bugs: #570564, #575780 ID: 201604-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Wireshark, allowing local attackers to escalate privileges and remote attackers to cause Denial of Service. Background ========== Wireshark is a network protocol analyzer formerly known as ethereal. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/wireshark < 2.0.2 >= 2.0.2 Description =========== Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact ====== Remote attackers could cause Denial of Service and local attackers could escalate privileges. Workaround ========== There is no known workaround at this time. Resolution ========== All Wireshark users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-2.0.2" References ========== [ 1 ] CVE-2015-8711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8711 [ 2 ] CVE-2015-8712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8712 [ 3 ] CVE-2015-8713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8713 [ 4 ] CVE-2015-8714 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8714 [ 5 ] CVE-2015-8715 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8715 [ 6 ] CVE-2015-8716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8716 [ 7 ] CVE-2015-8717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8717 [ 8 ] CVE-2015-8718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8718 [ 9 ] CVE-2015-8719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8719 [ 10 ] CVE-2015-8720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8720 [ 11 ] CVE-2015-8721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8721 [ 12 ] CVE-2015-8722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8722 [ 13 ] CVE-2015-8723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8723 [ 14 ] CVE-2015-8724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8724 [ 15 ] CVE-2015-8725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8725 [ 16 ] CVE-2015-8726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8726 [ 17 ] CVE-2015-8727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8727 [ 18 ] CVE-2015-8728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8728 [ 19 ] CVE-2015-8729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8729 [ 20 ] CVE-2015-8730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8730 [ 21 ] CVE-2015-8731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8731 [ 22 ] CVE-2015-8732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8732 [ 23 ] CVE-2015-8733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8733 [ 24 ] CVE-2015-8734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8734 [ 25 ] CVE-2015-8735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8735 [ 26 ] CVE-2015-8736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8736 [ 27 ] CVE-2015-8737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8737 [ 28 ] CVE-2015-8738 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8738 [ 29 ] CVE-2015-8739 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8739 [ 30 ] CVE-2015-8740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8740 [ 31 ] CVE-2015-8741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8741 [ 32 ] CVE-2015-8742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8742 [ 33 ] CVE-2016-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2521 [ 34 ] CVE-2016-2522 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2522 [ 35 ] CVE-2016-2523 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2523 [ 36 ] CVE-2016-2524 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2524 [ 37 ] CVE-2016-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2525 [ 38 ] CVE-2016-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2526 [ 39 ] CVE-2016-2527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2527 [ 40 ] CVE-2016-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2528 [ 41 ] CVE-2016-2529 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2529 [ 42 ] CVE-2016-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2530 [ 43 ] CVE-2016-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2531 [ 44 ] CVE-2016-2532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2532 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201604-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5