openSUSE-SU-2015:0936-1: moderate: Security update for Wireshark

openSUSE Security Update: Security update for Wireshark ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0936-1 Rating: moderate References: #930689 Cross-References: CVE-2015-3808 CVE-2015-3809 CVE-2015-3810 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-3815 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: Wireshark was updated to 1.12.5 to fix security issues and bugs. The following vulnerabilities have been fixed: * CVE-2015-3808, CVE-2015-3809: The LBMR dissector could go into an infinite loop. (wnpa-sec-2015-12) * CVE-2015-3810: The WebSocket dissector could recurse excessively. (wnpa-sec-2015-13) * CVE-2015-3811: The WCP dissector could crash while decompressing data. (wnpa-sec-2015-14) * CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15) * CVE-2015-3813: The packet reassembly code could leak memory. (wnpa-sec-2015-16) * CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop. (wnpa-sec-2015-17) * CVE-2015-3815: The Android Logcat file parser could crash. (wnpa-sec-2015-18) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-379=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): wireshark-1.12.5-15.1 wireshark-debuginfo-1.12.5-15.1 wireshark-debugsource-1.12.5-15.1 wireshark-devel-1.12.5-15.1 wireshark-ui-gtk-1.12.5-15.1 wireshark-ui-gtk-debuginfo-1.12.5-15.1 wireshark-ui-qt-1.12.5-15.1 wireshark-ui-qt-debuginfo-1.12.5-15.1 References: https://www.suse.com/security/cve/CVE-2015-3808.html https://www.suse.com/security/cve/CVE-2015-3809.html https://www.suse.com/security/cve/CVE-2015-3810.html https://www.suse.com/security/cve/CVE-2015-3811.html https://www.suse.com/security/cve/CVE-2015-3812.html https://www.suse.com/security/cve/CVE-2015-3813.html https://www.suse.com/security/cve/CVE-2015-3814.html https://www.suse.com/security/cve/CVE-2015-3815.html https://bugzilla.suse.com/930689