CVE-2017-15193 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15193): In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. CVE-2017-15192 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15192): In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level. CVE-2017-15191 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15191): In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
*** Bug 633992 has been marked as a duplicate of this bug. ***
2.2.x has been dekeyworded for all arches except alpha. Cleanup of that version will be tracked in a newer bug.
