-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.1872
                  [DLA 1802-1] wireshark security update
                                27 May 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           wireshark
Publisher:         Debian
Operating System:  Debian GNU/Linux 8
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-10903 CVE-2019-10901 CVE-2019-10899
                   CVE-2019-10895 CVE-2019-10894 

Reference:         ASB-2019.0097
                   ESB-2019.1761
                   ESB-2019.1411

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wireshark
Version        : 1.12.1+g01b65bf-4+deb8u19
CVE ID         : CVE-2019-10894 CVE-2019-10895 CVE-2019-10899 CVE-2019-10901 
                 CVE-2019-10903
Debian Bug     : 926718

Several vulnerabilities have been found in wireshark, a network traffic analyzer.

CVE-2019-10894

    Assertion failure in dissect_gssapi_work (packet-gssapi.c) leading to
    crash of the GSS-API dissector. Remote attackers might leverage this
    vulnerability to trigger DoS via a packet containing crafted GSS-API
    payload.

CVE-2019-10895

    Insufficient data validation leading to large number of heap buffer
    overflows read and write in the NetScaler trace handling module
    (netscaler.c). Remote attackers might leverage these vulnerabilities to
    trigger DoS, or any other unspecified impact via crafted packets.

CVE-2019-10899

    Heap-based buffer under-read vulnerability in the Service Location
    Protocol dissector. Remote attackers might leverage these
    vulnerabilities to trigger DoS, or any other unspecified impact via
    crafted SRVLOC packets.

CVE-2019-10901

    NULL pointer dereference in the Local Download Sharing Service
    protocol dissector. Remote attackers might leverage these flaws to
    trigger DoS via crafted LDSS packets.

CVE-2019-10903

    Missing boundary checks leading to heap out-of-bounds read
    vulnerability in the Microsoft Spool Subsystem protocol dissector.
    Remote attackers might leverage these vulnerabilities to trigger DoS,
    or any other unspecified impact via crafted SPOOLSS packets.

For Debian 8 "Jessie", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u19.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlzo2PkACgkQZYVUZx9w
0DRlwwf+L49dVzkhsvHzwrMZkHXJiYE1Jvuve6tr0FO/d3ZgYzT6W0E6vo17MrIG
lZRhyuatjiUe7KPZ4IGfqRYXuZSmK9+ApHziWon+5HhPpz3dDX0tjUMbmm6qh7eO
2Rz5u1NGKBoK4hiQaMXMc1M6U6F+Ome/iuSuI/YQFkfvf+YuHrnMRPotSkPfB3TO
bCPv9LCFE3fkvoIFtGaGfA+jgWGu7VCflSXKDxdq7pBvKS+wYyTjdqXJ1COONoH4
CpN3AMFD1nPqCp5+0WqCrUYZzHtfsgIlDgO/ACZyTSvRCbRUc1dqmw3HTsHuGSHM
8YYvvUG06nSPDnVgBTXzI0OUhbNrmQ==
=tdK7
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXOsqEmaOgq3Tt24GAQi2yBAA0eeFkqXriewxPhU8eBXfX564HOqQVdld
ZJ6dLY4lwRJvgKJcKgA7dmf4JqE0TRPGpZ7J/wuZW755y4LQGoCIxInYSqeusDm9
jttX9K1dvYL/UWmNzX+wHfQZv87Vu5ylbBTbIxAav6JKvEjHj9Pb4nYvm3l5vWPR
emYVqnBJ5F+EEVOLWl3276WoHxcxvgpmgmUcFvivVgqozQe+mP77hhEkUZ+xDalv
WR4Ve4j8U2bOtYPAt0HodzZRxYNahI8k/OAJP/n+bRsVqLaRgpS9dG6N2O9624lT
UtHJfTOcJVnr4TNhFAV1hPJ33+JaLW/hl9q+QXmLWoh4RsoIWnaoh/Cy46eG3jkS
cI851DWSgo/QJ075YBSd95eWtdOTZOJNseuF8lQwmF2hpeO/Pr0aIkzz6vDR8KU+
E9ysS0poCBY2wd7wx2bumibbDP2ggz0wnkN76IWSVoEFSmPM/taq7hD8U+RyEJhi
fuoYHYne9eZlA0NU1i8P+3ZpNclL1/OuoZRjjzAbP4wizebxCyljfTRz4yCLFcuJ
iVdDVRRdovq2WYYjdWIe+2fFLUxphK5f0E+s//CLi8BLrAKf82QTpPsJa9r9uy5s
Dg4m5mF0L3kpD0RMcXFkpRYoSF8bNEhG4w5n/5xcqHjK6MMSrFndJDHQDePHU2z6
SRnJrQh7gww=
=0HXg
-----END PGP SIGNATURE-----