RLSA-2023:7015

Synopsis

Moderate: wireshark security update

Description

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network.

Security Fix(es):

* wireshark: RTPS dissector crash (CVE-2023-0666)

* wireshark: VMS TCPIPtrace file parser crash (CVE-2023-2856)

* wireshark: NetScaler file parser crash (CVE-2023-2858)

* wireshark: XRA dissector infinite loop (CVE-2023-2952)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section.

Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2210824 2210829 2210832 2211406

CVEs

CVE-2023-0666 CVE-2023-2856 CVE-2023-2858 CVE-2023-2952

Affected packages

Rocky Linux 8 aarch64 - AppStream

wireshark-1:2.6.2-17.el8.aarch64.rpm wireshark-1:2.6.2-17.el8.src.rpm wireshark-cli-1:2.6.2-17.el8.aarch64.rpm wireshark-cli-debuginfo-1:2.6.2-17.el8.aarch64.rpm wireshark-debuginfo-1:2.6.2-17.el8.aarch64.rpm wireshark-debugsource-1:2.6.2-17.el8.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

wireshark-1:2.6.2-17.el8.src.rpm wireshark-1:2.6.2-17.el8.x86_64.rpm wireshark-cli-1:2.6.2-17.el8.i686.rpm wireshark-cli-1:2.6.2-17.el8.x86_64.rpm wireshark-cli-debuginfo-1:2.6.2-17.el8.i686.rpm wireshark-cli-debuginfo-1:2.6.2-17.el8.x86_64.rpm wireshark-debuginfo-1:2.6.2-17.el8.i686.rpm wireshark-debuginfo-1:2.6.2-17.el8.x86_64.rpm wireshark-debugsource-1:2.6.2-17.el8.i686.rpm wireshark-debugsource-1:2.6.2-17.el8.x86_64.rpm

Rocky Linux 8 aarch64 - PowerTools

wireshark-devel-1:2.6.2-17.el8.aarch64.rpm

Rocky Linux 8 x86_64 - PowerTools

wireshark-devel-1:2.6.2-17.el8.i686.rpm wireshark-devel-1:2.6.2-17.el8.x86_64.rpm