ELA-862-1 wireshark security update

several vulnerabilities

2023-06-03
Packagewireshark
Version2.6.20-0+deb9u6 (stretch)
Related CVEs CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2952


Several vulnerabilities were fixed in the network traffic analyzer Wireshark.

CVE-2023-2856

VMS TCPIPtrace file parser crash

CVE-2023-2858

NetScaler file parser crash

CVE-2023-2879

GDSDB infinite loop

CVE-2023-2952

XRA dissector infinite loop


For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u6.

We recommend that you upgrade your wireshark packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.