Security update for wireshark
SUSE Security Update: Security update for wireshark
This version upgrade of wireshark fixes the following
security vulnerabilities:
* The ANSI A dissector could dereference a NULL pointer
and crash. ( CVE-2012-1593
> )
* The pcap and pcap-ng file parsers could crash trying
to read ERF data. (CVE-2012-1595
> )
* The MP2T dissector could try to allocate too much
memory and crash. ( CVE-2012-1596
> )
Additionally, various other non-security bugs have been
fixed.
Announcement ID: | SUSE-SU-2012:0576-1 |
Rating: | moderate |
References: | #754474 #754476 #754477 |
Affected Products: |
An update that fixes three vulnerabilities is now available. It includes one version update.
Description:
This version upgrade of wireshark fixes the following
security vulnerabilities:
* The ANSI A dissector could dereference a NULL pointer
and crash. ( CVE-2012-1593
* The pcap and pcap-ng file parsers could crash trying
to read ERF data. (CVE-2012-1595
* The MP2T dissector could try to allocate too much
memory and crash. ( CVE-2012-1596
Additionally, various other non-security bugs have been
fixed.
Indications:
Everyone using wireshark should update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP2:
zypper in -t patch sdksp1-wireshark-6170
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-wireshark-6170
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp1-wireshark-6170
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-wireshark-6170
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-wireshark-6170
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp1-wireshark-6170
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-wireshark-6170
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.12]:
- wireshark-devel-1.4.12-0.3.2
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.12]:
- wireshark-devel-1.4.12-0.3.2
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.4.12]:
- wireshark-1.4.12-0.3.2
References:
- http://support.novell.com/security/cve/CVE-2012-1593.html
- http://support.novell.com/security/cve/CVE-2012-1595.html
- http://support.novell.com/security/cve/CVE-2012-1596.html
- https://bugzilla.novell.com/754474
- https://bugzilla.novell.com/754476
- https://bugzilla.novell.com/754477
- http://download.suse.com/patch/finder/?keywords=ed4618865c926eab6615eb507ae1ca53