Hello community, here is the log from the commit of package patchinfo.3600 for openSUSE:13.1:Update checked in at 2015-03-13 09:33:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3600 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.3600.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.3600" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3600"> <issue id="920700" tracker="bnc">VUL-1: CVE-2015-2192: wireshark: The SCSI OSD dissector could go into an infinite loop</issue> <issue id="920696" tracker="bnc">VUL-1: CVE-2015-2188: wireshark: The WCP dissector could crash while decompressing data</issue> <issue id="920697" tracker="bnc">VUL-1: CVE-2015-2189: wireshark: The pcapng file parser could crash</issue> <issue id="920695" tracker="bnc">VUL-1: CVE-2015-2187: wireshark: The ATN-CPDLC dissector could crash</issue> <issue id="920698" tracker="bnc">VUL-1: CVE-2015-2190: wireshark: The LLDP dissector could crash</issue> <issue id="920699" tracker="bnc">VUL-1: CVE-2015-2191: wireshark: The TNEF dissector could go into an infinite loop</issue> <issue id="CVE-2015-2192" tracker="cve" /> <issue id="CVE-2015-2191" tracker="cve" /> <issue id="CVE-2015-2190" tracker="cve" /> <issue id="CVE-2015-2188" tracker="cve" /> <issue id="CVE-2015-2189" tracker="cve" /> <issue id="CVE-2015-2187" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>AndreasStieger</packager> <description> Wireshark was updated to 1.10.13 on openSUSE 13.1 to fix bugs and security issues. Wireshark was updated to 1.12.4 on openSUSE 13.2 to fix bugs and security issues. The following security issues were fixed in 1.10.13: * The WCP dissector could crash. wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696] * The pcapng file parser could crash. wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697] * The TNEF dissector could go into an infinite loop. wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699] - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html The following security issues were fixed in 1.12.4: - The following security issues were fixed: * The ATN-CPDLC dissector could crash. wnpa-sec-2015-06 CVE-2015-2187 [bnc#920695] * The WCP dissector could crash. wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696] * The pcapng file parser could crash. wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697] * The LLDP dissector could crash. wnpa-sec-2015-09 CVE-2015-2190 [bnc#920698] * The TNEF dissector could go into an infinite loop. wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699] * The SCSI OSD dissector could go into an infinite loop. wnpa-sec-2015-11 CVE-2015-2192 [bnc#920700] - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html </description> <summary>Security update for wireshark</summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org