Mailinglist Archive: opensuse-updates (102 mails)

< Previous Next >
openSUSE-SU-2014:0382-1: moderate: wireshark to 1.8.13/1.10.6
openSUSE Security Update: wireshark to 1.8.13/1.10.6
______________________________________________________________________________

Announcement ID: openSUSE-SU-2014:0382-1
Rating: moderate
References: #867485
Cross-References: CVE-2014-2281 CVE-2014-2282 CVE-2014-2283
CVE-2014-2299
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________

An update that fixes four vulnerabilities is now available.

Description:


Wireshark was updated to version 1.8.13 on openSUSE 12.3
and 1.10.6 on openSUSE 13.1 to fix security issues and bugs.

Wireshark update to 1.8.13 [bnc#867485]
+ vulnerabilities fixed:
* The NFS dissector could crash wnpa-sec-2014-01
CVE-2014-2281
* The RLC dissector could crash wnpa-sec-2014-03
CVE-2014-2283
* The MPEG file parser could overflow a buffer
wnpa-sec-2014-04 CVE-2014-2299
+ Further bug fixes and updated protocol support as
listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.13.htm
l

Wireshark update to 1.10.6 [bnc#867485]
+ vulnerabilities fixed:
* The NFS dissector could crash wnpa-sec-2014-01
CVE-2014-2281
* The M3UA dissector could crash wnpa-sec-2014-02
CVE-2014-2282
* The RLC dissector could crash wnpa-sec-2014-03
CVE-2014-2283
* The MPEG file parser could overflow a buffer
wnpa-sec-2014-04 CVE-2014-2299
+ Further bug fixes and updated protocol support as
listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.6.htm
l


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-214

- openSUSE 12.3:

zypper in -t patch openSUSE-2014-214

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

wireshark-1.10.6-8.1
wireshark-debuginfo-1.10.6-8.1
wireshark-debugsource-1.10.6-8.1
wireshark-devel-1.10.6-8.1

- openSUSE 12.3 (i586 x86_64):

wireshark-1.8.13-1.32.1
wireshark-debuginfo-1.8.13-1.32.1
wireshark-debugsource-1.8.13-1.32.1
wireshark-devel-1.8.13-1.32.1


References:

http://support.novell.com/security/cve/CVE-2014-2281.html
http://support.novell.com/security/cve/CVE-2014-2282.html
http://support.novell.com/security/cve/CVE-2014-2283.html
http://support.novell.com/security/cve/CVE-2014-2299.html
https://bugzilla.novell.com/867485


< Previous Next >
This Thread
  • No further messages