openSUSE-SU-2014:0382-1: moderate: wireshark to 1.8.13/1.10.6
openSUSE Security Update: wireshark to 1.8.13/1.10.6 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0382-1 Rating: moderate References: #867485 Cross-References: CVE-2014-2281 CVE-2014-2282 CVE-2014-2283 CVE-2014-2299 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: Wireshark was updated to version 1.8.13 on openSUSE 12.3 and 1.10.6 on openSUSE 13.1 to fix security issues and bugs. Wireshark update to 1.8.13 [bnc#867485] + vulnerabilities fixed: * The NFS dissector could crash wnpa-sec-2014-01 CVE-2014-2281 * The RLC dissector could crash wnpa-sec-2014-03 CVE-2014-2283 * The MPEG file parser could overflow a buffer wnpa-sec-2014-04 CVE-2014-2299 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.13.htm l Wireshark update to 1.10.6 [bnc#867485] + vulnerabilities fixed: * The NFS dissector could crash wnpa-sec-2014-01 CVE-2014-2281 * The M3UA dissector could crash wnpa-sec-2014-02 CVE-2014-2282 * The RLC dissector could crash wnpa-sec-2014-03 CVE-2014-2283 * The MPEG file parser could overflow a buffer wnpa-sec-2014-04 CVE-2014-2299 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.10.6.htm l Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-214 - openSUSE 12.3: zypper in -t patch openSUSE-2014-214 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): wireshark-1.10.6-8.1 wireshark-debuginfo-1.10.6-8.1 wireshark-debugsource-1.10.6-8.1 wireshark-devel-1.10.6-8.1 - openSUSE 12.3 (i586 x86_64): wireshark-1.8.13-1.32.1 wireshark-debuginfo-1.8.13-1.32.1 wireshark-debugsource-1.8.13-1.32.1 wireshark-devel-1.8.13-1.32.1 References: http://support.novell.com/security/cve/CVE-2014-2281.html http://support.novell.com/security/cve/CVE-2014-2282.html http://support.novell.com/security/cve/CVE-2014-2283.html http://support.novell.com/security/cve/CVE-2014-2299.html https://bugzilla.novell.com/867485
participants (1)
-
opensuse-security@opensuse.org