[Git][security-tracker-team/security-tracker][master] wireshark DSA
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed May 6 22:07:00 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aa466c8b by Moritz Mühlenhoff at 2026-05-06T23:06:34+02:00
wireshark DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -4015,23 +4015,21 @@ CVE-2026-6127 (The Elementor Website Builder plugin for WordPress is vulnerable
NOT-FOR-US: WordPress plugin
CVE-2026-5656 (Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-21.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/21115
CVE-2026-5405 (RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
- wireshark 4.6.5-1 (bug #1135323)
+ [bookworm] - wireshark 4.0.17-0+deb12u3
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-17.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/21105
CVE-2026-5404 (K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-15.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/21094
CVE-2026-5403 (SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-16.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/21103
@@ -4319,61 +4317,51 @@ CVE-2026-7400 (A security vulnerability has been detected in geekgod382 filesyst
NOT-FOR-US: filesystem-mcp-server
CVE-2026-7379 (Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-47.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21214
CVE-2026-7378 (Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of se ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-49.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21207
CVE-2026-7376 (Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of se ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-48.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21206
CVE-2026-7375 (UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-50.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21225
CVE-2026-6870 (GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-43.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21189
CVE-2026-6869 (WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-44.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21190
CVE-2026-6868 (HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-46.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21185
CVE-2026-6867 (SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-45.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21191
CVE-2026-6538 (BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-23.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21120
CVE-2026-6537 (ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-24.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21125
@@ -4385,39 +4373,36 @@ CVE-2026-6536 (DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21065
CVE-2026-6535 (Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-26.html
CVE-2026-6534 (USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 a ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-27.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/21121
CVE-2026-6533 (Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-28.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21127
CVE-2026-6532 (Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-29.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21129
CVE-2026-6531 (SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-30.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21139
CVE-2026-6530 (DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4. ...)
- wireshark 4.6.5-1 (bug #1135323)
+ [bookworm] - wireshark 4.0.17-0+deb12u3
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-31.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21144
CVE-2026-6529 (iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 ...)
- wireshark 4.6.5-1 (bug #1135323)
+ [bookworm] - wireshark 4.0.17-0+deb12u3
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-32.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21145
CVE-2026-6528 (TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allow ...)
@@ -4429,7 +4414,6 @@ CVE-2026-6528 (TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21147
CVE-2026-6527 (ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-34.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21149
@@ -4448,38 +4432,32 @@ CVE-2026-6525 (IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/21008
CVE-2026-6524 (MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 t ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-37.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21172
CVE-2026-6523 (GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-38.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21177
CVE-2026-6522 (RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-42.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21186
CVE-2026-6521 (OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4. ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-39.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21182
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21188
CVE-2026-6520 (OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-40.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21181
CVE-2026-6519 (MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-41.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21184
@@ -4487,7 +4465,6 @@ CVE-2026-6221
REJECTED
CVE-2026-5657 (iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allow ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-20.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21113
@@ -4499,35 +4476,31 @@ CVE-2026-5655 (SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows d
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21112
CVE-2026-5654 (AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 all ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-18.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21111
CVE-2026-5653 (DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4. ...)
- wireshark 4.6.5-1 (bug #1135323)
+ [bookworm] - wireshark 4.0.17-0+deb12u3
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-22.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21122
CVE-2026-5409 (Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-08.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21066
CVE-2026-5408 (BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-09.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21067
CVE-2026-5407 (SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-11.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21073
CVE-2026-5406 (FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4. ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-10.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21070
@@ -4539,13 +4512,11 @@ CVE-2026-5402 (TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21090
CVE-2026-5401 (AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-13.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21088
CVE-2026-5299 (ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4. ...)
- wireshark 4.6.5-1 (bug #1135323)
- [trixie] - wireshark <no-dsa> (Minor issue)
[bookworm] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2026-12.html
NOTE: https://gitlab.com/wireshark/wireshark/-/work_items/21077
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[06 May 2026] DSA-6249-1 wireshark - security update
+ {CVE-2026-5299 CVE-2026-5401 CVE-2026-5403 CVE-2026-5404 CVE-2026-5405 CVE-2026-5406 CVE-2026-5407 CVE-2026-5408 CVE-2026-5409 CVE-2026-5653 CVE-2026-5654 CVE-2026-5656 CVE-2026-5657 CVE-2026-6519 CVE-2026-6520 CVE-2026-6521 CVE-2026-6522 CVE-2026-6523 CVE-2026-6524 CVE-2026-6527 CVE-2026-6529 CVE-2026-6530 CVE-2026-6531 CVE-2026-6532 CVE-2026-6533 CVE-2026-6534 CVE-2026-6535 CVE-2026-6537 CVE-2026-6538 CVE-2026-6867 CVE-2026-6868 CVE-2026-6869 CVE-2026-6870 CVE-2026-7375 CVE-2026-7376 CVE-2026-7378 CVE-2026-7379}
+ [trixie] - wireshark 4.4.15-0+deb13u1
[06 May 2026] DSA-6248-1 apache2 - security update
{CVE-2026-24072 CVE-2026-28780 CVE-2026-29168 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059}
[bookworm] - apache2 2.4.67-1~deb12u2
=====================================
data/dsa-needed.txt
=====================================
@@ -120,7 +120,5 @@ tomcat10 (apo)
--
tomcat11/stable (apo)
--
-wireshark (jmm)
---
xrdp
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa466c8b24712bd99a3cc253cbb01d3fcf392f6c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa466c8b24712bd99a3cc253cbb01d3fcf392f6c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/a85f6f0d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list