SUSE-SU-2012:0574-1: moderate: Security update for wireshark

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Apr 30 16:08:27 MDT 2012


   SUSE Security Update: Security update for wireshark
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0574-1
Rating:             moderate
References:         #754474 #754475 #754476 #754477 
Cross-References:   CVE-2012-1593 CVE-2012-1594 CVE-2012-1595
                    CVE-2012-1596
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that fixes four vulnerabilities is now available.

Description:


   This version upgrade of wireshark fixes the following
   security  vulnerabilities:

   * The ANSI A dissector could dereference a NULL pointer
   and crash. ( CVE-2012-1593
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1593
   > )
   * The pcap and pcap-ng file parsers could crash trying
   to read ERF data. (CVE-2012-1595
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1595
   > )
   * The MP2T dissector could try to allocate too much
   memory and crash. ( CVE-2012-1596
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1596
   > )

   Additionally, various other non-security bugs have been
   fixed.

Indications:

   Everyone using wireshark should update.


Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      wireshark-1.4.12-0.5.6
      wireshark-devel-1.4.12-0.5.6

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      wireshark-1.4.12-0.5.6

   - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

      wireshark-devel-1.4.12-0.5.6


References:

   http://support.novell.com/security/cve/CVE-2012-1593.html
   http://support.novell.com/security/cve/CVE-2012-1594.html
   http://support.novell.com/security/cve/CVE-2012-1595.html
   http://support.novell.com/security/cve/CVE-2012-1596.html
   https://bugzilla.novell.com/754474
   https://bugzilla.novell.com/754475
   https://bugzilla.novell.com/754476
   https://bugzilla.novell.com/754477
   http://download.novell.com/patch/finder/?keywords=23c9fd0f27644efe93d209c35cd2f52b



More information about the sle-security-updates mailing list