Hello community, here is the log from the commit of package wireshark for openSUSE:11.3 checked in at Mon Apr 11 10:30:14 CEST 2011. -------- --- old-versions/11.3/UPDATES/all/wireshark/wireshark.changes 2010-12-08 18:31:24.000000000 +0100 +++ 11.3/wireshark/wireshark.changes 2011-04-11 02:55:24.000000000 +0200 @@ -1,0 +2,28 @@ +Tue Mar 8 10:59:35 CST 2011 - cyliu@novell.com + +- updated to 1.4.4 + * security fixes + o The DOCSIS dissector could crash (CVE-2010-1455, bnc#603251) + o Crash when receiving a malformed SNMP packet + (CVE-2010-3445, bnc#643078) + o Multiple buffer overflow and dereference vulnerabilities + (bnc#655121) + o LDSS dissector overflow (CVE-2010-4300, bnc#655448) + o ZCL dissector infinite loop (CVE-2010-4301, bnc#655448) + o Buffer overflows in ENTTEC DMX Data RLE and others + (CVE-2010-4538, bnc#662029) + o Freeing uninitialized pointer (CVE-2011-0538, bnc#669908) + o dct3trace buffer overflow (CVE-2011-0713, bnc#672916) + o Off-by-one in dissect_6lowpan_iphc (CVE-2011-1138, bnc#678567) + o Crash via corrupted pcap file (CVE-2011-1139, bnc#678568) + o Crash via SMB or CLDAP packet (CVE-2011-1140, bnc#678569) + o Crash in NTLMSSP via crafted pcap file (CVE-2011-1143, bnc#678571) + o Wireshark pcap buffer overflow (CVE-2011-0024, bnc#683335) + * Updated Protocol Support + ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM + Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, + NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP + * New and Updated Capture File Support + LANalyzer, Nokia DCT3, Pcap-ng + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 Old: ---- wireshark-1.4.2.tar.bz2 New: ---- wireshark-1.4.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wireshark.spec ++++++ --- /var/tmp/diff_new_pack.62SOoW/_old 2011-04-11 10:29:54.000000000 +0200 +++ /var/tmp/diff_new_pack.62SOoW/_new 2011-04-11 10:29:54.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package wireshark (Version 1.4.2) +# spec file for package wireshark # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,8 +20,8 @@ %define use_caps 0 Name: wireshark -Version: 1.4.2 -Release: 1.<RELEASE1> +Version: 1.4.4 +Release: 0.<RELEASE2> License: GPLv2+ Summary: A Network Traffic Analyser Url: http://www.wireshark.org/ ++++++ wireshark-1.4.2.tar.bz2 -> wireshark-1.4.4.tar.bz2 ++++++ old-versions/11.3/UPDATES/all/wireshark/wireshark-1.4.2.tar.bz2 11.3/wireshark/wireshark-1.4.4.tar.bz2 differ: char 11, line 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org