Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 639686 (CVE-2017-17083, CVE-2017-17084, CVE-2017-17085) - <net-analyzer/wireshark-2.4.3: Multiple vulnerabilities
Summary: <net-analyzer/wireshark-2.4.3: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-17083, CVE-2017-17084, CVE-2017-17085
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-12-04 01:28 UTC by GLSAMaker/CVETool Bot
Modified: 2018-03-25 18:48 UTC (History)
1 user (show)

See Also:
Package list:
net-analyzer/wireshark-2.4.3-r1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-12-04 01:28:05 UTC
CVE-2017-17085 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17085):
  In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector
  could crash. This was addressed in epan/dissectors/packet-cipsafety.c by
  validating the packet length.

CVE-2017-17084 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17084):
  In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector
  could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by
  validating a ULPDU length.

CVE-2017-17083 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17083):
  In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could
  crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring
  that write operations are bounded by the beginning of a buffer.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-12-04 01:28:56 UTC
@Maintainers please call for stabilization when ready.

Thank you
Comment 2 Frank Krömmelbein 2017-12-25 22:41:54 UTC
Sorry for the noise, but it was apparently forgotten to start the stabilization process for version 2.4.3?

I have no issues with this new version:
[ebuild   R   ~] net-analyzer/wireshark-2.4.3:0/2.4.3::gentoo  USE="androiddump capinfos caps captype dftest dumpcap editcap filecaps geoip lz4 mergecap netlink pcap qt5 randpkt randpktdump reordercap sharkd ssl text2pcap tshark udpdump zlib -adns -ciscodump -doc -doc-pdf -gtk -kerberos -libssh -libxml2 -lua -nghttp2 -portaudio -sbc (-selinux) -smi -snappy -spandsp -sshdump -tfshark" CPU_FLAGS_X86="sse4_2" 0 KiB
Comment 3 Thomas Deutschmann gentoo-dev Security 2017-12-26 13:13:47 UTC
@ Arches,

please test and mark stable: =net-analyzer/wireshark-2.4.3
Comment 4 Thomas Deutschmann gentoo-dev Security 2017-12-26 18:46:24 UTC
x86 stable
Comment 5 Sergei Trofimovich gentoo-dev 2017-12-26 21:35:08 UTC
ia64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2017-12-27 08:52:42 UTC
amd64 stable
Comment 7 Sergei Trofimovich gentoo-dev 2017-12-27 12:23:15 UTC
ppc/ppc64 stable
Comment 8 Markus Meier gentoo-dev 2018-01-07 20:51:47 UTC
arm stable
Comment 9 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-03-25 18:48:24 UTC
GLSA Vote: No

HPPA has a newer stable version.

2.2.x has been dekeyworded for all arches except alpha.  Cleanup of that version will be tracked in a newer bug.