Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.1624 wireshark security update 24 June 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: wireshark Publisher: Debian Operating System: Debian GNU/Linux 8 UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2015-4652 CVE-2015-4651 Original Bulletin: http://www.debian.org/security/2015/dsa-3294 Comment: This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running wireshark check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-3294-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 23, 2015 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2015-4651 CVE-2015-4652 Multiple vulnerabilities were discovered in the dissectors for WCCP and GSM DTAP, which could result in denial of service. The oldstable distribution (wheezy) is not affected. For the stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 1.12.6+gee1fce6-1. For the unstable distribution (sid), these problems have been fixed in version 1.12.6+gee1fce6-1. We recommend that you upgrade your wireshark packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVib/kAAoJEBDCk7bDfE42iZ0P/101nUT2U0EE0NVjzshto+OF 0RXqIacu+9GURRRvYZbcB/vjdY/1qtfRA1go/PGxX7V9YqQ5t7j+iDgak2/w1TIg ZyVGEZZSFrp48cZRoQbTEkZ9aHwClNTOdZrcH++FtHlNP8Xc8G4W3ssIbwc9PrBL ZNlAMQbEyzIbqIIWiw4VUpuNoN3kglt6iMDkfzLdLSG+hRkSX03srFGrD0WtVa0J U+EAZbOeAEeAHNTMwR2Rj4OOzBZAd6ac1UKZcasf/URwYQFBQStPTFLnlbLbI10g KHDUo7S4Nzxo9oJq/g9J/ud7vg2eLP3DrgYRagub9wsVvTwUjujxudbOmGqQIc37 rR9U8f26YCjXagQ+SMMuLyv4kuWaP+y4oMobgUbEB2NsNECEi2TXLi/RysDAoEOP Vh1E+yHyPVkqxd+jfzB+Wc3bqWxiNmzC/PynOH3diGEUl51fl4fjYs/73rn6OPsv H9Kj4sfYua8rEOnvFIVM1tyeQBum1JJNzd1Sb01Dp7/Ps6XQhTuu+TJu7tMMGPfw ZkIjm6EOTOaBnqSGu93Sw/NU9UQnoB/nRYOSNKuawV3Dom3zKHoKh+GEd66cFtqd ybd15z3hTyacvTRirr7jSnXxB+VlwspjFhiY5X6bEu+VJCQJeSYoLQYtcURb+45S yF9XEYjusfHQX6TeA++h =0wI6 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVYnpEH6ZAP0PgtI9AQKi3hAAzxIHJ6V1sLEPo7Oekq038Tdt2Bal7iWe 3tc7+PABwHa2eJHap+mPU2H+ew/YhfwgLiFfOS2sLrqkpwEmql9y4AcJOYnkSkWK tPTMuxjU0yQZxl1FCae9Gu0WYKH2lwPMuvpExlKtwKtmIAU3xEVh1uVyBPeASBxg KnUWmDuGQ2fnA3ecNAjnntAJp4ZDWdKNK6QTQB1jz+fzWiRV3HJHdYpt0F14SEDY MsoHb7sFnkz++3T/xiRxtVX10hfzhwzjfklgZWTtxI+6aubGg6rVKGaenhi+TaXx 1SCd30XkkcYF2xD+7bT5h1cKuKZn9aMAAPsbDHpuwsoePQZU/Scc8VKxscw7OgxH ny+LZIfbLkdc0vtctAQhbkm4XmN5iDxZ0iv6rZTG0Lz5hiKQgSxvinVBBMoQWz2M YupzYLGdEAukLS62VwNPXq4Ew6lByIqjIFoAmWHmxrKRBmH0J8hK8vm6uOuMGiLS uSV5eCEnaxWPdEgy0Tr8y8eW6zdU5y49g8C9r0FLT8T/6kGKPNcSGsigsH29MIJo 1soMjMLwFBONcrzf9WGg08Jv9z4jKlfQP6R0BHXZ9mx06DnTJahooHfQ/d1SN7Ga Dy1RD4/8TzwyiCycPl7xihaZ1+a3jVZSXfciXapfmgMSnrb9ikQDxLtUZqpEjQR/ TbMxZfhsK3o= =Fyhn -----END PGP SIGNATURE-----