Mailinglist Archive: opensuse-updates (50 mails)

< Previous Next >
openSUSE-SU-2015:0936-1: moderate: Security update for Wireshark
openSUSE Security Update: Security update for Wireshark
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:0936-1
Rating: moderate
References: #930689
Cross-References: CVE-2015-3808 CVE-2015-3809 CVE-2015-3810
CVE-2015-3811 CVE-2015-3812 CVE-2015-3813
CVE-2015-3814 CVE-2015-3815
Affected Products:
openSUSE 13.2
______________________________________________________________________________

An update that fixes 8 vulnerabilities is now available.

Description:

Wireshark was updated to 1.12.5 to fix security issues and bugs.

The following vulnerabilities have been fixed:

* CVE-2015-3808, CVE-2015-3809: The LBMR dissector could go into an
infinite loop. (wnpa-sec-2015-12)
* CVE-2015-3810: The WebSocket dissector could recurse excessively.
(wnpa-sec-2015-13)
* CVE-2015-3811: The WCP dissector could crash while decompressing data.
(wnpa-sec-2015-14)
* CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15)
* CVE-2015-3813: The packet reassembly code could leak memory.
(wnpa-sec-2015-16)
* CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop.
(wnpa-sec-2015-17)
* CVE-2015-3815: The Android Logcat file parser could crash.
(wnpa-sec-2015-18)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-379=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.2 (i586 x86_64):

wireshark-1.12.5-15.1
wireshark-debuginfo-1.12.5-15.1
wireshark-debugsource-1.12.5-15.1
wireshark-devel-1.12.5-15.1
wireshark-ui-gtk-1.12.5-15.1
wireshark-ui-gtk-debuginfo-1.12.5-15.1
wireshark-ui-qt-1.12.5-15.1
wireshark-ui-qt-debuginfo-1.12.5-15.1


References:

https://www.suse.com/security/cve/CVE-2015-3808.html
https://www.suse.com/security/cve/CVE-2015-3809.html
https://www.suse.com/security/cve/CVE-2015-3810.html
https://www.suse.com/security/cve/CVE-2015-3811.html
https://www.suse.com/security/cve/CVE-2015-3812.html
https://www.suse.com/security/cve/CVE-2015-3813.html
https://www.suse.com/security/cve/CVE-2015-3814.html
https://www.suse.com/security/cve/CVE-2015-3815.html
https://bugzilla.suse.com/930689


< Previous Next >
This Thread
  • No further messages