SUSE-SU-2012:0574-1: moderate: Security update for wireshark
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Apr 30 16:08:27 MDT 2012
SUSE Security Update: Security update for wireshark
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0574-1
Rating: moderate
References: #754474 #754475 #754476 #754477
Cross-References: CVE-2012-1593 CVE-2012-1594 CVE-2012-1595
CVE-2012-1596
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This version upgrade of wireshark fixes the following
security vulnerabilities:
* The ANSI A dissector could dereference a NULL pointer
and crash. ( CVE-2012-1593
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1593
> )
* The pcap and pcap-ng file parsers could crash trying
to read ERF data. (CVE-2012-1595
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1595
> )
* The MP2T dissector could try to allocate too much
memory and crash. ( CVE-2012-1596
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1596
> )
Additionally, various other non-security bugs have been
fixed.
Indications:
Everyone using wireshark should update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
wireshark-1.4.12-0.5.6
wireshark-devel-1.4.12-0.5.6
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
wireshark-1.4.12-0.5.6
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
wireshark-devel-1.4.12-0.5.6
References:
http://support.novell.com/security/cve/CVE-2012-1593.html
http://support.novell.com/security/cve/CVE-2012-1594.html
http://support.novell.com/security/cve/CVE-2012-1595.html
http://support.novell.com/security/cve/CVE-2012-1596.html
https://bugzilla.novell.com/754474
https://bugzilla.novell.com/754475
https://bugzilla.novell.com/754476
https://bugzilla.novell.com/754477
http://download.novell.com/patch/finder/?keywords=23c9fd0f27644efe93d209c35cd2f52b
More information about the sle-security-updates
mailing list