Security update for wireshark
Announcement ID: | SUSE-SU-2015:1046-1 |
Rating: | moderate |
References: | #930689 #930691 |
Affected Products: |
An update that fixes four vulnerabilities is now available.
Description:
Wireshark was updated to 1.10.14 to fix four security issues.
The following vulnerabilities have been fixed:
* CVE-2015-3811: The WCP dissector could crash while decompressing data.
(wnpa-sec-2015-14)
* CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15)
* CVE-2015-3813: The packet reassembly code could leak memory.
(wnpa-sec-2015-16)
* CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop.
(wnpa-sec-2015-17)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-266=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-266=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-266=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
- wireshark-debuginfo-1.10.14-12.1
- wireshark-debugsource-1.10.14-12.1
- wireshark-devel-1.10.14-12.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
- wireshark-1.10.14-12.1
- wireshark-debuginfo-1.10.14-12.1
- wireshark-debugsource-1.10.14-12.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
- wireshark-1.10.14-12.1
- wireshark-debuginfo-1.10.14-12.1
- wireshark-debugsource-1.10.14-12.1