Mailinglist Archive: opensuse-updates (44 mails)

< Previous Next >
openSUSE-SU-2012:0657-1: moderate: update for wireshark
openSUSE Security Update: update for wireshark
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0657-1
Rating: moderate
References: #763634
Cross-References: CVE-2012-2392 CVE-2012-2393 CVE-2012-2394

Affected Products:
openSUSE 12.1
openSUSE 11.4
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

This update is a maintenance release of Wireshark. It fixes
some vulererabilities when dissecting certain protocols. As
packages for these protocols may be received over the
network, an attacker may trigger infinite or large loops or
crashes of the dissector. Wireshark release notes and
advisories:
-
http://www.wireshark.org/docs/relnotes/wireshark-1.4.13.html

- http://www.wireshark.org/security/wnpa-sec-2012-08.html
* CVE-2012-2392
- http://www.wireshark.org/security/wnpa-sec-2012-09.html
* CVE-2012-2393
- http://www.wireshark.org/security/wnpa-sec-2012-10.html
* CVE-2012-2394


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-297

- openSUSE 11.4:

zypper in -t patch openSUSE-2012-297

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.1 (i586 x86_64):

wireshark-1.4.13-3.12.1
wireshark-debuginfo-1.4.13-3.12.1
wireshark-debugsource-1.4.13-3.12.1
wireshark-devel-1.4.13-3.12.1

- openSUSE 11.4 (i586 x86_64):

wireshark-1.4.13-0.14.1
wireshark-debuginfo-1.4.13-0.14.1
wireshark-debugsource-1.4.13-0.14.1
wireshark-devel-1.4.13-0.14.1


References:

http://support.novell.com/security/cve/CVE-2012-2392.html
http://support.novell.com/security/cve/CVE-2012-2393.html
http://support.novell.com/security/cve/CVE-2012-2394.html
https://bugzilla.novell.com/763634


< Previous Next >
This Thread
  • No further messages