SUSE-SU-2012:1168-1: moderate: Security update for wireshark

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Sep 13 19:08:28 MDT 2012


   SUSE Security Update: Security update for wireshark
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:1168-1
Rating:             moderate
References:         #772738 #776083 
Cross-References:   CVE-2012-4048 CVE-2012-4049 CVE-2012-4285
                    CVE-2012-4288 CVE-2012-4289 CVE-2012-4290
                    CVE-2012-4291 CVE-2012-4292 CVE-2012-4293
                    CVE-2012-4296
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 11 SP2
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that fixes 10 vulnerabilities is now available.
   It includes one version update.

Description:


   wireshark was updated to 1.4.15 to fix multiple security
   issues.

   Issues fixed:

   * fix bnc#776038(CVE-2012-4285, CVE-2012-4288,
   CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292,
   CVE-2012-4293, CVE-2012-4290), bnc#772738 (CVE-2012-4048,
   CVE-2012-4049)(fixed upstream)
   * Security fixes: o wnpa-sec-2012-13 The DCP ETSI
   dissector could trigger a zero division. Reported by
   Laurent Butti. (Bug 7566) o wnpa-sec-2012-15 The XTP
   dissector could go into an infinite loop. Reported by Ben
   Schmidt. (Bug 7571) o wnpa-sec-2012-17 The AFP dissector
   could go into a large loop. Reported by Stefan Cornelius.
   (Bug 7603) o wnpa-sec-2012-18 The RTPS2 dissector could
   overflow a buffer. Reported by Laurent Butti. (Bug 7568) o
   wnpa-sec-2012-20 The CIP dissector could exhaust system
   memory. Reported y Ben Schmidt. (Bug 7570) o
   wnpa-sec-2012-21 The STUN dissector could crash. Reported
   by Laurent Butti. (Bug 7569) o wnpa-sec-2012-22 The
   EtherCAT Mailbox dissector could abort. Reported by Laurent
   Butti. (Bug 7562) o wnpa-sec-2012-23 The CTDB dissector
   could go into a large loop. Reported by Ben Schmidt. (Bug
   7573)
   * Bug fixes: o Wireshark crashes on opening very short
   NFS pcap file. (Bug 7498)
   * Updated Protocol Support o AFP, Bluetooth L2CAP, CIP,
   CTDB, DCP ETSI, EtherCAT Mailbox, FC Link Control LISP,
   NFS, RTPS2, SCTP, STUN, XTP

   Security Issue references:

   * CVE-2012-4048
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048
   >
   * CVE-2012-4049
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049
   >
   * CVE-2012-4285
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285
   >
   * CVE-2012-4288
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288
   >
   * CVE-2012-4289
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289
   >
   * CVE-2012-4296
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296
   >
   * CVE-2012-4291
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291
   >
   * CVE-2012-4292
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292
   >
   * CVE-2012-4293
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293
   >
   * CVE-2012-4290CVE-2012-4048
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290
   CVE-2012-4048>
   * CVE-2012-4049
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-wireshark-6760

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-wireshark-6760

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-wireshark-6760

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-wireshark-6760

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.15]:

      wireshark-devel-1.4.15-0.2.1

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 1.4.15]:

      wireshark-1.4.15-0.2.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 1.4.15]:

      wireshark-1.4.15-0.2.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.15]:

      wireshark-1.4.15-0.2.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      wireshark-1.4.15-0.5.1
      wireshark-devel-1.4.15-0.5.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.4.15]:

      wireshark-1.4.15-0.2.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      wireshark-1.4.15-0.5.1

   - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

      wireshark-devel-1.4.15-0.5.1


References:

   http://support.novell.com/security/cve/CVE-2012-4048.html
   http://support.novell.com/security/cve/CVE-2012-4049.html
   http://support.novell.com/security/cve/CVE-2012-4285.html
   http://support.novell.com/security/cve/CVE-2012-4288.html
   http://support.novell.com/security/cve/CVE-2012-4289.html
   http://support.novell.com/security/cve/CVE-2012-4290.html
   http://support.novell.com/security/cve/CVE-2012-4291.html
   http://support.novell.com/security/cve/CVE-2012-4292.html
   http://support.novell.com/security/cve/CVE-2012-4293.html
   http://support.novell.com/security/cve/CVE-2012-4296.html
   https://bugzilla.novell.com/772738
   https://bugzilla.novell.com/776083
   http://download.novell.com/patch/finder/?keywords=75d97363523ecd7bd6791dfb7f73ba84
   http://download.novell.com/patch/finder/?keywords=8c97d5c98c64afe228e7a248367ecd19



More information about the sle-security-updates mailing list