Security update for wireshark
Announcement ID: | SUSE-SU-2012:0574-1 |
Rating: | moderate |
References: | #754474 #754475 #754476 #754477 |
Affected Products: |
An update that fixes four vulnerabilities is now available.
Description:
This version upgrade of wireshark fixes the following
security vulnerabilities:
* The ANSI A dissector could dereference a NULL pointer
and crash. ( CVE-2012-1593
* The pcap and pcap-ng file parsers could crash trying
to read ERF data. (CVE-2012-1595
* The MP2T dissector could try to allocate too much
memory and crash. ( CVE-2012-1596
Additionally, various other non-security bugs have been
fixed.
Indications:
Everyone using wireshark should update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
- wireshark-1.4.12-0.5.6
- wireshark-devel-1.4.12-0.5.6
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
- wireshark-1.4.12-0.5.6
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
- wireshark-devel-1.4.12-0.5.6
References:
- http://support.novell.com/security/cve/CVE-2012-1593.html
- http://support.novell.com/security/cve/CVE-2012-1594.html
- http://support.novell.com/security/cve/CVE-2012-1595.html
- http://support.novell.com/security/cve/CVE-2012-1596.html
- https://bugzilla.novell.com/754474
- https://bugzilla.novell.com/754475
- https://bugzilla.novell.com/754476
- https://bugzilla.novell.com/754477
- http://download.suse.com/patch/finder/?keywords=23c9fd0f27644efe93d209c35cd2f52b