Vulnerability from csaf_opensuse
Published
2020-03-19 19:19
Modified
2020-03-19 19:19
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark and libmaxminddb fixes the following issues:
Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).
New features include:
- Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC
- Improved support for existing protocols, like HTTP/2
- Improved analytics and usability functionalities
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-362
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for wireshark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for wireshark and libmaxminddb fixes the following issues:\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).\n\nNew features include:\n\n- Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n- Improved support for existing protocols, like HTTP/2\n- Improved analytics and usability functionalities\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-362",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0362-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0362-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5IUFGOOBYOJSD6ELATYP2KAV4TMLYPWB/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0362-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5IUFGOOBYOJSD6ELATYP2KAV4TMLYPWB/"
},
{
"category": "self",
"summary": "SUSE Bug 1093733",
"url": "https://bugzilla.suse.com/1093733"
},
{
"category": "self",
"summary": "SUSE Bug 1094301",
"url": "https://bugzilla.suse.com/1094301"
},
{
"category": "self",
"summary": "SUSE Bug 1101776",
"url": "https://bugzilla.suse.com/1101776"
},
{
"category": "self",
"summary": "SUSE Bug 1101777",
"url": "https://bugzilla.suse.com/1101777"
},
{
"category": "self",
"summary": "SUSE Bug 1101786",
"url": "https://bugzilla.suse.com/1101786"
},
{
"category": "self",
"summary": "SUSE Bug 1101788",
"url": "https://bugzilla.suse.com/1101788"
},
{
"category": "self",
"summary": "SUSE Bug 1101791",
"url": "https://bugzilla.suse.com/1101791"
},
{
"category": "self",
"summary": "SUSE Bug 1101794",
"url": "https://bugzilla.suse.com/1101794"
},
{
"category": "self",
"summary": "SUSE Bug 1101800",
"url": "https://bugzilla.suse.com/1101800"
},
{
"category": "self",
"summary": "SUSE Bug 1101802",
"url": "https://bugzilla.suse.com/1101802"
},
{
"category": "self",
"summary": "SUSE Bug 1101804",
"url": "https://bugzilla.suse.com/1101804"
},
{
"category": "self",
"summary": "SUSE Bug 1101810",
"url": "https://bugzilla.suse.com/1101810"
},
{
"category": "self",
"summary": "SUSE Bug 1106514",
"url": "https://bugzilla.suse.com/1106514"
},
{
"category": "self",
"summary": "SUSE Bug 1111647",
"url": "https://bugzilla.suse.com/1111647"
},
{
"category": "self",
"summary": "SUSE Bug 1117740",
"url": "https://bugzilla.suse.com/1117740"
},
{
"category": "self",
"summary": "SUSE Bug 1121231",
"url": "https://bugzilla.suse.com/1121231"
},
{
"category": "self",
"summary": "SUSE Bug 1121232",
"url": "https://bugzilla.suse.com/1121232"
},
{
"category": "self",
"summary": "SUSE Bug 1121233",
"url": "https://bugzilla.suse.com/1121233"
},
{
"category": "self",
"summary": "SUSE Bug 1121234",
"url": "https://bugzilla.suse.com/1121234"
},
{
"category": "self",
"summary": "SUSE Bug 1121235",
"url": "https://bugzilla.suse.com/1121235"
},
{
"category": "self",
"summary": "SUSE Bug 1127367",
"url": "https://bugzilla.suse.com/1127367"
},
{
"category": "self",
"summary": "SUSE Bug 1127369",
"url": "https://bugzilla.suse.com/1127369"
},
{
"category": "self",
"summary": "SUSE Bug 1127370",
"url": "https://bugzilla.suse.com/1127370"
},
{
"category": "self",
"summary": "SUSE Bug 1131941",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "self",
"summary": "SUSE Bug 1131945",
"url": "https://bugzilla.suse.com/1131945"
},
{
"category": "self",
"summary": "SUSE Bug 1136021",
"url": "https://bugzilla.suse.com/1136021"
},
{
"category": "self",
"summary": "SUSE Bug 1141980",
"url": "https://bugzilla.suse.com/1141980"
},
{
"category": "self",
"summary": "SUSE Bug 1150690",
"url": "https://bugzilla.suse.com/1150690"
},
{
"category": "self",
"summary": "SUSE Bug 1156288",
"url": "https://bugzilla.suse.com/1156288"
},
{
"category": "self",
"summary": "SUSE Bug 1158505",
"url": "https://bugzilla.suse.com/1158505"
},
{
"category": "self",
"summary": "SUSE Bug 1161052",
"url": "https://bugzilla.suse.com/1161052"
},
{
"category": "self",
"summary": "SUSE Bug 1165241",
"url": "https://bugzilla.suse.com/1165241"
},
{
"category": "self",
"summary": "SUSE Bug 1165710",
"url": "https://bugzilla.suse.com/1165710"
},
{
"category": "self",
"summary": "SUSE Bug 957624",
"url": "https://bugzilla.suse.com/957624"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11354 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11355 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11356 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11357 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11359 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11360 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11361 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11362 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12086 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14339 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14340 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14341 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14342 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14342/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14343 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14344 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14367 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14368 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14369 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16056 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16057 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16058 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18225 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18226 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18227 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19622 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19623 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19624 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19625 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19626 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19627 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19628 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10894 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10895 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10896 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10897 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10898 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10899 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10900 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10901 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10902 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13619 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16319 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19553 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5721 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9208 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9209 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9214 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7044 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9428 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9428/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9429 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9430 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9430/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9431 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9431/"
}
],
"title": "Security update for wireshark",
"tracking": {
"current_release_date": "2020-03-19T19:19:35Z",
"generator": {
"date": "2020-03-19T19:19:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0362-1",
"initial_release_date": "2020-03-19T19:19:35Z",
"revision_history": [
{
"date": "2020-03-19T19:19:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"product": {
"name": "libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"product_id": "libmaxminddb-devel-1.4.2-lp151.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"product": {
"name": "libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"product_id": "libmaxminddb0-1.4.2-lp151.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libspandsp2-0.0.6-lp151.3.3.1.i586",
"product": {
"name": "libspandsp2-0.0.6-lp151.3.3.1.i586",
"product_id": "libspandsp2-0.0.6-lp151.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libwireshark13-3.2.2-lp151.2.9.1.i586",
"product": {
"name": "libwireshark13-3.2.2-lp151.2.9.1.i586",
"product_id": "libwireshark13-3.2.2-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "libwiretap10-3.2.2-lp151.2.9.1.i586",
"product": {
"name": "libwiretap10-3.2.2-lp151.2.9.1.i586",
"product_id": "libwiretap10-3.2.2-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "libwsutil11-3.2.2-lp151.2.9.1.i586",
"product": {
"name": "libwsutil11-3.2.2-lp151.2.9.1.i586",
"product_id": "libwsutil11-3.2.2-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "mmdblookup-1.4.2-lp151.3.3.1.i586",
"product": {
"name": "mmdblookup-1.4.2-lp151.3.3.1.i586",
"product_id": "mmdblookup-1.4.2-lp151.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "spandsp-devel-0.0.6-lp151.3.3.1.i586",
"product": {
"name": "spandsp-devel-0.0.6-lp151.3.3.1.i586",
"product_id": "spandsp-devel-0.0.6-lp151.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "wireshark-3.2.2-lp151.2.9.1.i586",
"product": {
"name": "wireshark-3.2.2-lp151.2.9.1.i586",
"product_id": "wireshark-3.2.2-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "wireshark-devel-3.2.2-lp151.2.9.1.i586",
"product": {
"name": "wireshark-devel-3.2.2-lp151.2.9.1.i586",
"product_id": "wireshark-devel-3.2.2-lp151.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"product": {
"name": "wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"product_id": "wireshark-ui-qt-3.2.2-lp151.2.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"product": {
"name": "spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"product_id": "spandsp-doc-0.0.6-lp151.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"product": {
"name": "libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"product_id": "libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"product": {
"name": "libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"product_id": "libmaxminddb0-1.4.2-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"product": {
"name": "libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"product_id": "libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"product": {
"name": "libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"product_id": "libspandsp2-0.0.6-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"product": {
"name": "libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"product_id": "libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"product": {
"name": "libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"product_id": "libwireshark13-3.2.2-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"product": {
"name": "libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"product_id": "libwiretap10-3.2.2-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"product": {
"name": "libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"product_id": "libwsutil11-3.2.2-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"product": {
"name": "mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"product_id": "mmdblookup-1.4.2-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"product": {
"name": "spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"product_id": "spandsp-devel-0.0.6-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-3.2.2-lp151.2.9.1.x86_64",
"product": {
"name": "wireshark-3.2.2-lp151.2.9.1.x86_64",
"product_id": "wireshark-3.2.2-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"product": {
"name": "wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"product_id": "wireshark-devel-3.2.2-lp151.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64",
"product": {
"name": "wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64",
"product_id": "wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmaxminddb-devel-1.4.2-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586"
},
"product_reference": "libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64"
},
"product_reference": "libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmaxminddb0-1.4.2-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586"
},
"product_reference": "libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmaxminddb0-1.4.2-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64"
},
"product_reference": "libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64"
},
"product_reference": "libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libspandsp2-0.0.6-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586"
},
"product_reference": "libspandsp2-0.0.6-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libspandsp2-0.0.6-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64"
},
"product_reference": "libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64"
},
"product_reference": "libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwireshark13-3.2.2-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586"
},
"product_reference": "libwireshark13-3.2.2-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwireshark13-3.2.2-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64"
},
"product_reference": "libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwiretap10-3.2.2-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586"
},
"product_reference": "libwiretap10-3.2.2-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwiretap10-3.2.2-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64"
},
"product_reference": "libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwsutil11-3.2.2-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586"
},
"product_reference": "libwsutil11-3.2.2-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwsutil11-3.2.2-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64"
},
"product_reference": "libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mmdblookup-1.4.2-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586"
},
"product_reference": "mmdblookup-1.4.2-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mmdblookup-1.4.2-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64"
},
"product_reference": "mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spandsp-devel-0.0.6-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586"
},
"product_reference": "spandsp-devel-0.0.6-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spandsp-devel-0.0.6-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64"
},
"product_reference": "spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spandsp-doc-0.0.6-lp151.3.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch"
},
"product_reference": "spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-3.2.2-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586"
},
"product_reference": "wireshark-3.2.2-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-3.2.2-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64"
},
"product_reference": "wireshark-3.2.2-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-3.2.2-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586"
},
"product_reference": "wireshark-devel-3.2.2-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-3.2.2-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64"
},
"product_reference": "wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-ui-qt-3.2.2-lp151.2.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586"
},
"product_reference": "wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
},
"product_reference": "wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11354"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11354",
"url": "https://www.suse.com/security/cve/CVE-2018-11354"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11354",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11354"
},
{
"cve": "CVE-2018-11355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11355"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11355",
"url": "https://www.suse.com/security/cve/CVE-2018-11355"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11355",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11355"
},
{
"cve": "CVE-2018-11356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11356"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11356",
"url": "https://www.suse.com/security/cve/CVE-2018-11356"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11356",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11356"
},
{
"cve": "CVE-2018-11357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11357"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11357",
"url": "https://www.suse.com/security/cve/CVE-2018-11357"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11357",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11357"
},
{
"cve": "CVE-2018-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11358"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11358",
"url": "https://www.suse.com/security/cve/CVE-2018-11358"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11358",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11358"
},
{
"cve": "CVE-2018-11359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11359"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11359",
"url": "https://www.suse.com/security/cve/CVE-2018-11359"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11359",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11359"
},
{
"cve": "CVE-2018-11360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11360"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11360",
"url": "https://www.suse.com/security/cve/CVE-2018-11360"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11360",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11360"
},
{
"cve": "CVE-2018-11361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11361"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11361",
"url": "https://www.suse.com/security/cve/CVE-2018-11361"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11361",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11361"
},
{
"cve": "CVE-2018-11362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11362"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing \u0027\\0\u0027 character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11362",
"url": "https://www.suse.com/security/cve/CVE-2018-11362"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11362",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-11362"
},
{
"cve": "CVE-2018-12086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12086"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12086",
"url": "https://www.suse.com/security/cve/CVE-2018-12086"
},
{
"category": "external",
"summary": "SUSE Bug 1111647 for CVE-2018-12086",
"url": "https://bugzilla.suse.com/1111647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-12086"
},
{
"cve": "CVE-2018-14339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14339"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14339",
"url": "https://www.suse.com/security/cve/CVE-2018-14339"
},
{
"category": "external",
"summary": "SUSE Bug 1101810 for CVE-2018-14339",
"url": "https://bugzilla.suse.com/1101810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14339"
},
{
"cve": "CVE-2018-14340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14340"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14340",
"url": "https://www.suse.com/security/cve/CVE-2018-14340"
},
{
"category": "external",
"summary": "SUSE Bug 1101804 for CVE-2018-14340",
"url": "https://bugzilla.suse.com/1101804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14340"
},
{
"cve": "CVE-2018-14341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14341"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14341",
"url": "https://www.suse.com/security/cve/CVE-2018-14341"
},
{
"category": "external",
"summary": "SUSE Bug 1101776 for CVE-2018-14341",
"url": "https://bugzilla.suse.com/1101776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14341"
},
{
"cve": "CVE-2018-14342",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14342"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14342",
"url": "https://www.suse.com/security/cve/CVE-2018-14342"
},
{
"category": "external",
"summary": "SUSE Bug 1101777 for CVE-2018-14342",
"url": "https://bugzilla.suse.com/1101777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14342"
},
{
"cve": "CVE-2018-14343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14343"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14343",
"url": "https://www.suse.com/security/cve/CVE-2018-14343"
},
{
"category": "external",
"summary": "SUSE Bug 1101786 for CVE-2018-14343",
"url": "https://bugzilla.suse.com/1101786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14343"
},
{
"cve": "CVE-2018-14344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14344"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14344",
"url": "https://www.suse.com/security/cve/CVE-2018-14344"
},
{
"category": "external",
"summary": "SUSE Bug 1101788 for CVE-2018-14344",
"url": "https://bugzilla.suse.com/1101788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14344"
},
{
"cve": "CVE-2018-14367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14367"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14367",
"url": "https://www.suse.com/security/cve/CVE-2018-14367"
},
{
"category": "external",
"summary": "SUSE Bug 1101791 for CVE-2018-14367",
"url": "https://bugzilla.suse.com/1101791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14367"
},
{
"cve": "CVE-2018-14368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14368"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14368",
"url": "https://www.suse.com/security/cve/CVE-2018-14368"
},
{
"category": "external",
"summary": "SUSE Bug 1101794 for CVE-2018-14368",
"url": "https://bugzilla.suse.com/1101794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14368"
},
{
"cve": "CVE-2018-14369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14369"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14369",
"url": "https://www.suse.com/security/cve/CVE-2018-14369"
},
{
"category": "external",
"summary": "SUSE Bug 1101800 for CVE-2018-14369",
"url": "https://bugzilla.suse.com/1101800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14369"
},
{
"cve": "CVE-2018-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14370"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14370",
"url": "https://www.suse.com/security/cve/CVE-2018-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1101802 for CVE-2018-14370",
"url": "https://bugzilla.suse.com/1101802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "low"
}
],
"title": "CVE-2018-14370"
},
{
"cve": "CVE-2018-16056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16056"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16056",
"url": "https://www.suse.com/security/cve/CVE-2018-16056"
},
{
"category": "external",
"summary": "SUSE Bug 1106514 for CVE-2018-16056",
"url": "https://bugzilla.suse.com/1106514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-16056"
},
{
"cve": "CVE-2018-16057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16057"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16057",
"url": "https://www.suse.com/security/cve/CVE-2018-16057"
},
{
"category": "external",
"summary": "SUSE Bug 1106514 for CVE-2018-16057",
"url": "https://bugzilla.suse.com/1106514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-16057"
},
{
"cve": "CVE-2018-16058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16058"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16058",
"url": "https://www.suse.com/security/cve/CVE-2018-16058"
},
{
"category": "external",
"summary": "SUSE Bug 1106514 for CVE-2018-16058",
"url": "https://bugzilla.suse.com/1106514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-16058"
},
{
"cve": "CVE-2018-18225",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18225"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18225",
"url": "https://www.suse.com/security/cve/CVE-2018-18225"
},
{
"category": "external",
"summary": "SUSE Bug 1111647 for CVE-2018-18225",
"url": "https://bugzilla.suse.com/1111647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-18225"
},
{
"cve": "CVE-2018-18226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18226"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18226",
"url": "https://www.suse.com/security/cve/CVE-2018-18226"
},
{
"category": "external",
"summary": "SUSE Bug 1111647 for CVE-2018-18226",
"url": "https://bugzilla.suse.com/1111647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-18226"
},
{
"cve": "CVE-2018-18227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18227"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18227",
"url": "https://www.suse.com/security/cve/CVE-2018-18227"
},
{
"category": "external",
"summary": "SUSE Bug 1111647 for CVE-2018-18227",
"url": "https://bugzilla.suse.com/1111647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-18227"
},
{
"cve": "CVE-2018-19622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19622"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19622",
"url": "https://www.suse.com/security/cve/CVE-2018-19622"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19622",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-19622"
},
{
"cve": "CVE-2018-19623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19623"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19623",
"url": "https://www.suse.com/security/cve/CVE-2018-19623"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19623",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-19623"
},
{
"cve": "CVE-2018-19624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19624"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19624",
"url": "https://www.suse.com/security/cve/CVE-2018-19624"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19624",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-19624"
},
{
"cve": "CVE-2018-19625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19625"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19625",
"url": "https://www.suse.com/security/cve/CVE-2018-19625"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19625",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-19625"
},
{
"cve": "CVE-2018-19626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19626"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding \u0027\\0\u0027 termination.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19626",
"url": "https://www.suse.com/security/cve/CVE-2018-19626"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19626",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-19626"
},
{
"cve": "CVE-2018-19627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19627"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19627",
"url": "https://www.suse.com/security/cve/CVE-2018-19627"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19627",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-19627"
},
{
"cve": "CVE-2018-19628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19628"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19628",
"url": "https://www.suse.com/security/cve/CVE-2018-19628"
},
{
"category": "external",
"summary": "SUSE Bug 1117740 for CVE-2018-19628",
"url": "https://bugzilla.suse.com/1117740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2018-19628"
},
{
"cve": "CVE-2019-10894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10894"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10894",
"url": "https://www.suse.com/security/cve/CVE-2019-10894"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10894",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "external",
"summary": "SUSE Bug 1131943 for CVE-2019-10894",
"url": "https://bugzilla.suse.com/1131943"
},
{
"category": "external",
"summary": "SUSE Bug 1131945 for CVE-2019-10894",
"url": "https://bugzilla.suse.com/1131945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10894"
},
{
"cve": "CVE-2019-10895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10895"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10895",
"url": "https://www.suse.com/security/cve/CVE-2019-10895"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10895",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "external",
"summary": "SUSE Bug 1131943 for CVE-2019-10895",
"url": "https://bugzilla.suse.com/1131943"
},
{
"category": "external",
"summary": "SUSE Bug 1131945 for CVE-2019-10895",
"url": "https://bugzilla.suse.com/1131945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10895"
},
{
"cve": "CVE-2019-10896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10896"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10896",
"url": "https://www.suse.com/security/cve/CVE-2019-10896"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10896",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "external",
"summary": "SUSE Bug 1131943 for CVE-2019-10896",
"url": "https://bugzilla.suse.com/1131943"
},
{
"category": "external",
"summary": "SUSE Bug 1131945 for CVE-2019-10896",
"url": "https://bugzilla.suse.com/1131945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10896"
},
{
"cve": "CVE-2019-10897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10897"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10897",
"url": "https://www.suse.com/security/cve/CVE-2019-10897"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10897",
"url": "https://bugzilla.suse.com/1131941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10897"
},
{
"cve": "CVE-2019-10898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10898"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10898",
"url": "https://www.suse.com/security/cve/CVE-2019-10898"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10898",
"url": "https://bugzilla.suse.com/1131941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10898"
},
{
"cve": "CVE-2019-10899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10899"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10899",
"url": "https://www.suse.com/security/cve/CVE-2019-10899"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10899",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "external",
"summary": "SUSE Bug 1131943 for CVE-2019-10899",
"url": "https://bugzilla.suse.com/1131943"
},
{
"category": "external",
"summary": "SUSE Bug 1131945 for CVE-2019-10899",
"url": "https://bugzilla.suse.com/1131945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10899"
},
{
"cve": "CVE-2019-10900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10900"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10900",
"url": "https://www.suse.com/security/cve/CVE-2019-10900"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10900",
"url": "https://bugzilla.suse.com/1131941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10900"
},
{
"cve": "CVE-2019-10901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10901"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10901",
"url": "https://www.suse.com/security/cve/CVE-2019-10901"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10901",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "external",
"summary": "SUSE Bug 1131943 for CVE-2019-10901",
"url": "https://bugzilla.suse.com/1131943"
},
{
"category": "external",
"summary": "SUSE Bug 1131945 for CVE-2019-10901",
"url": "https://bugzilla.suse.com/1131945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10901"
},
{
"cve": "CVE-2019-10902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10902"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10902",
"url": "https://www.suse.com/security/cve/CVE-2019-10902"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10902",
"url": "https://bugzilla.suse.com/1131941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10902"
},
{
"cve": "CVE-2019-10903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10903"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10903",
"url": "https://www.suse.com/security/cve/CVE-2019-10903"
},
{
"category": "external",
"summary": "SUSE Bug 1131941 for CVE-2019-10903",
"url": "https://bugzilla.suse.com/1131941"
},
{
"category": "external",
"summary": "SUSE Bug 1131943 for CVE-2019-10903",
"url": "https://bugzilla.suse.com/1131943"
},
{
"category": "external",
"summary": "SUSE Bug 1131945 for CVE-2019-10903",
"url": "https://bugzilla.suse.com/1131945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-10903"
},
{
"cve": "CVE-2019-13619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13619"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13619",
"url": "https://www.suse.com/security/cve/CVE-2019-13619"
},
{
"category": "external",
"summary": "SUSE Bug 1141980 for CVE-2019-13619",
"url": "https://bugzilla.suse.com/1141980"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-13619"
},
{
"cve": "CVE-2019-16319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16319"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16319",
"url": "https://www.suse.com/security/cve/CVE-2019-16319"
},
{
"category": "external",
"summary": "SUSE Bug 1150690 for CVE-2019-16319",
"url": "https://bugzilla.suse.com/1150690"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-16319"
},
{
"cve": "CVE-2019-19553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19553"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19553",
"url": "https://www.suse.com/security/cve/CVE-2019-19553"
},
{
"category": "external",
"summary": "SUSE Bug 1158505 for CVE-2019-19553",
"url": "https://bugzilla.suse.com/1158505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2019-19553"
},
{
"cve": "CVE-2019-5716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5716"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5716",
"url": "https://www.suse.com/security/cve/CVE-2019-5716"
},
{
"category": "external",
"summary": "SUSE Bug 1121231 for CVE-2019-5716",
"url": "https://bugzilla.suse.com/1121231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-5716"
},
{
"cve": "CVE-2019-5717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5717"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5717",
"url": "https://www.suse.com/security/cve/CVE-2019-5717"
},
{
"category": "external",
"summary": "SUSE Bug 1121232 for CVE-2019-5717",
"url": "https://bugzilla.suse.com/1121232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-5717"
},
{
"cve": "CVE-2019-5718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5718"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5718",
"url": "https://www.suse.com/security/cve/CVE-2019-5718"
},
{
"category": "external",
"summary": "SUSE Bug 1121233 for CVE-2019-5718",
"url": "https://bugzilla.suse.com/1121233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-5718"
},
{
"cve": "CVE-2019-5719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5719"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5719",
"url": "https://www.suse.com/security/cve/CVE-2019-5719"
},
{
"category": "external",
"summary": "SUSE Bug 1121234 for CVE-2019-5719",
"url": "https://bugzilla.suse.com/1121234"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-5719"
},
{
"cve": "CVE-2019-5721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5721"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5721",
"url": "https://www.suse.com/security/cve/CVE-2019-5721"
},
{
"category": "external",
"summary": "SUSE Bug 1121235 for CVE-2019-5721",
"url": "https://bugzilla.suse.com/1121235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-5721"
},
{
"cve": "CVE-2019-9208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9208"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9208",
"url": "https://www.suse.com/security/cve/CVE-2019-9208"
},
{
"category": "external",
"summary": "SUSE Bug 1127370 for CVE-2019-9208",
"url": "https://bugzilla.suse.com/1127370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-9208"
},
{
"cve": "CVE-2019-9209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9209"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9209",
"url": "https://www.suse.com/security/cve/CVE-2019-9209"
},
{
"category": "external",
"summary": "SUSE Bug 1127369 for CVE-2019-9209",
"url": "https://bugzilla.suse.com/1127369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-9209"
},
{
"cve": "CVE-2019-9214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9214"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9214",
"url": "https://www.suse.com/security/cve/CVE-2019-9214"
},
{
"category": "external",
"summary": "SUSE Bug 1127367 for CVE-2019-9214",
"url": "https://bugzilla.suse.com/1127367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-9214"
},
{
"cve": "CVE-2020-7044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7044"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using \u003e= and \u003c= to resolve off-by-one errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7044",
"url": "https://www.suse.com/security/cve/CVE-2020-7044"
},
{
"category": "external",
"summary": "SUSE Bug 1161052 for CVE-2020-7044",
"url": "https://bugzilla.suse.com/1161052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2020-7044"
},
{
"cve": "CVE-2020-9428",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9428"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9428",
"url": "https://www.suse.com/security/cve/CVE-2020-9428"
},
{
"category": "external",
"summary": "SUSE Bug 1165241 for CVE-2020-9428",
"url": "https://bugzilla.suse.com/1165241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2020-9428"
},
{
"cve": "CVE-2020-9429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9429"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9429",
"url": "https://www.suse.com/security/cve/CVE-2020-9429"
},
{
"category": "external",
"summary": "SUSE Bug 1165241 for CVE-2020-9429",
"url": "https://bugzilla.suse.com/1165241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2020-9429"
},
{
"cve": "CVE-2020-9430",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9430"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9430",
"url": "https://www.suse.com/security/cve/CVE-2020-9430"
},
{
"category": "external",
"summary": "SUSE Bug 1165241 for CVE-2020-9430",
"url": "https://bugzilla.suse.com/1165241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2020-9430"
},
{
"cve": "CVE-2020-9431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9431"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9431",
"url": "https://www.suse.com/security/cve/CVE-2020-9431"
},
{
"category": "external",
"summary": "SUSE Bug 1165241 for CVE-2020-9431",
"url": "https://bugzilla.suse.com/1165241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb-devel-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libmaxminddb0-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libmaxminddb0-32bit-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libspandsp2-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libspandsp2-32bit-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwireshark13-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwiretap10-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:libwsutil11-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.i586",
"openSUSE Leap 15.1:mmdblookup-1.4.2-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.i586",
"openSUSE Leap 15.1:spandsp-devel-0.0.6-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:spandsp-doc-0.0.6-lp151.3.3.1.noarch",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-devel-3.2.2-lp151.2.9.1.x86_64",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.i586",
"openSUSE Leap 15.1:wireshark-ui-qt-3.2.2-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-19T19:19:35Z",
"details": "important"
}
],
"title": "CVE-2020-9431"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.