Mailinglist Archive: opensuse-updates (200 mails)

< Previous Next >
openSUSE-SU-2013:1084-1: moderate: update for wireshark
openSUSE Security Update: update for wireshark
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:1084-1
Rating: moderate
References: #823932
Cross-References: CVE-2013-3555 CVE-2013-3556 CVE-2013-3557
CVE-2013-3558 CVE-2013-3559 CVE-2013-3560
CVE-2013-3561 CVE-2013-3562
Affected Products:
openSUSE 12.3
openSUSE 12.2
______________________________________________________________________________

An update that fixes 8 vulnerabilities is now available.

Description:

This update of wireshark includes several security and bug
fixes.
- update to 1.8.8 [bnc#823932]
+ vulnerabilities fixed:
* The CAPWAP dissector could crash. wnpa-sec-2013-32
* The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33
* The PPP dissector could crash. wnpa-sec-2013-34
* The NBAP dissector could crash. wnpa-sec-2013-35
* The RDP dissector could crash. wnpa-sec-2013-36
* The GSM CBCH dissector could crash. wnpa-sec-2013-37
* The Assa Abloy R3 dissector could consume excessive
memory and CPU. wnpa-sec-2013-38
* The HTTP dissector could overrun the stack.
wnpa-sec-2013-39
* The Ixia IxVeriWave file parser could overflow the
heap. wnpa-sec-2013-40
* The DCP ETSI dissector could crash. wnpa-sec-2013-41
+ Further bug fixes and updated protocol support as
listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html


wnpa-sec-2013-24 CVE-2013-3555 wnpa-sec-2013-25
CVE-2013-3556 CVE-2013-3557 wnpa-sec-2013-26 CVE-2013-3558
wnpa-sec-2013-27 CVE-2013-3559 wnpa-sec-2013-28
CVE-2013-3560 wnpa-sec-2013-29 CVE-2013-3561 CVE-2013-3562
wnpa-sec-2013-30 CVE-2013-3561 wnpa-sec-2013-31
CVE-2013-3561


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.3:

zypper in -t patch openSUSE-2013-536

- openSUSE 12.2:

zypper in -t patch openSUSE-2013-536

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.3 (i586 x86_64):

wireshark-1.8.8-1.12.1
wireshark-debuginfo-1.8.8-1.12.1
wireshark-debugsource-1.8.8-1.12.1
wireshark-devel-1.8.8-1.12.1

- openSUSE 12.2 (i586 x86_64):

wireshark-1.8.8-1.31.1
wireshark-debuginfo-1.8.8-1.31.1
wireshark-debugsource-1.8.8-1.31.1
wireshark-devel-1.8.8-1.31.1


References:

http://support.novell.com/security/cve/CVE-2013-3555.html
http://support.novell.com/security/cve/CVE-2013-3556.html
http://support.novell.com/security/cve/CVE-2013-3557.html
http://support.novell.com/security/cve/CVE-2013-3558.html
http://support.novell.com/security/cve/CVE-2013-3559.html
http://support.novell.com/security/cve/CVE-2013-3560.html
http://support.novell.com/security/cve/CVE-2013-3561.html
http://support.novell.com/security/cve/CVE-2013-3562.html
https://bugzilla.novell.com/823932


< Previous Next >
This Thread
  • No further messages