Security update for wireshark

SUSE Security Update: Security update for wireshark
Announcement ID: SUSE-SU-2015:1046-1
Rating: moderate
References: #930689 #930691
Affected Products:
  • SUSE Linux Enterprise Software Development Kit 12
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Desktop 12

  • An update that fixes four vulnerabilities is now available.

    Description:

    Wireshark was updated to 1.10.14 to fix four security issues.

    The following vulnerabilities have been fixed:

    * CVE-2015-3811: The WCP dissector could crash while decompressing data.
    (wnpa-sec-2015-14)
    * CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15)
    * CVE-2015-3813: The packet reassembly code could leak memory.
    (wnpa-sec-2015-16)
    * CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop.
    (wnpa-sec-2015-17)

    Special Instructions and Notes:

    Please reboot the system after installing this update.

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Software Development Kit 12:
      zypper in -t patch SUSE-SLE-SDK-12-2015-266=1
    • SUSE Linux Enterprise Server 12:
      zypper in -t patch SUSE-SLE-SERVER-12-2015-266=1
    • SUSE Linux Enterprise Desktop 12:
      zypper in -t patch SUSE-SLE-DESKTOP-12-2015-266=1

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
      • wireshark-debuginfo-1.10.14-12.1
      • wireshark-debugsource-1.10.14-12.1
      • wireshark-devel-1.10.14-12.1
    • SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
      • wireshark-1.10.14-12.1
      • wireshark-debuginfo-1.10.14-12.1
      • wireshark-debugsource-1.10.14-12.1
    • SUSE Linux Enterprise Desktop 12 (x86_64):
      • wireshark-1.10.14-12.1
      • wireshark-debuginfo-1.10.14-12.1
      • wireshark-debugsource-1.10.14-12.1

    References: