Security update for wireshark
SUSE Security Update: Security update for wireshark
wireshark was updated to security update version 1.8.12,
fixing bugs and security issues.
* The SIP dissector could go into an infinite loop.
wnpa-sec-2013-66 CVE-2013-7112
* The NTLMSSP v2 dissector could crash. Discovered by
Garming Sam. wnpa-sec-2013-68 CVE-2013-7114
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.htm
l
Security Issue references:
* CVE-2013-7112
>
* CVE-2013-7113
>
* CVE-2013-7114
>
| Announcement ID: | SUSE-SU-2014:0115-1 |
| Rating: | moderate |
| References: | #855980 #856496 #856498 |
| Affected Products: |
An update that fixes three vulnerabilities is now available. It includes one version update.
Description:
wireshark was updated to security update version 1.8.12,
fixing bugs and security issues.
* The SIP dissector could go into an infinite loop.
wnpa-sec-2013-66 CVE-2013-7112
* The NTLMSSP v2 dissector could crash. Discovered by
Garming Sam. wnpa-sec-2013-68 CVE-2013-7114
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.htm
l
Security Issue references:
* CVE-2013-7112
* CVE-2013-7113
* CVE-2013-7114
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP3:
zypper in -t patch sdksp3-wireshark-8709 - SUSE Linux Enterprise Software Development Kit 11 SP2:
zypper in -t patch sdksp2-wireshark-8708 - SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-wireshark-8709 - SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-wireshark-8709 - SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-wireshark-8708 - SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-wireshark-8708 - SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-wireshark-8709 - SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp2-wireshark-8708
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.12]:
- wireshark-devel-1.8.12-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.12]:
- wireshark-devel-1.8.12-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.8.12]:
- wireshark-1.8.12-0.2.1
References:
- http://support.novell.com/security/cve/CVE-2013-7112.html
- http://support.novell.com/security/cve/CVE-2013-7113.html
- http://support.novell.com/security/cve/CVE-2013-7114.html
- https://bugzilla.novell.com/855980
- https://bugzilla.novell.com/856496
- https://bugzilla.novell.com/856498
- http://download.suse.com/patch/finder/?keywords=b94c1e7c0199732af659caafafef6d7c
- http://download.suse.com/patch/finder/?keywords=f0d10203582ba7a6abdae8ec0de87eb2