openSUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:1428-1 Rating: low References: #941500 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Wireshark was updated to fix several security vulnerabilities and bugs. - Wireshark 1.12.7 [boo#941500] The following vulnerabilities have been fixed: * Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 * Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 * Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 * The ZigBee dissector could crash. wnpa-sec-2015-24 * The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 * The WaveAgent dissector could crash. wnpa-sec-2015-26 * The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 * Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 * The WCCP dissector could crash. wnpa-sec-2015-29 * Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-554=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): wireshark-1.12.7-21.1 wireshark-debuginfo-1.12.7-21.1 wireshark-debugsource-1.12.7-21.1 wireshark-devel-1.12.7-21.1 wireshark-ui-gtk-1.12.7-21.1 wireshark-ui-gtk-debuginfo-1.12.7-21.1 wireshark-ui-qt-1.12.7-21.1 wireshark-ui-qt-debuginfo-1.12.7-21.1 References: https://bugzilla.suse.com/941500