Update for ImageMagick, ImageMagick.256, Mozilla... security moderate

update for wireshark

Changes in wireshark:
- update to 1.4.12
- fix bnc#754474, bnc#754476, bnc#754477(fixed upstream)
- Security fixes:
- wnpa-sec-2012-04 The ANSI A dissector could dereference a NULL pointer
and crash. (Bug 6823)
- wnpa-sec-2012-06 The pcap and pcap-ng file parsers could crash trying to
read ERF data. (Bug 6804)
- wnpa-sec-2012-07 The MP2T dissector could try to allocate too much memory
and crash. (Bug 6804)
- The Windows installers now include GnuTLS 1.12.18, which fixes
several vulnerabilities.
- Bug fixes:
- Some PGM options are not parsed correctly. (Bug 5687)
- dumpcap crashes when capturing from pipe to a pcap-ng file
(e.g., when passing data from CACE Pilot to Wireshark). (Bug
5939)
- No error for UDP/IPv6 packet with zero checksum. (Bug 6232)
- packetBB dissector bug: More than 1000000 items in the tree --
possible infinite loop. (Bug 6687)
- Ethernet traces in K12 text format sometimes give bogus
"malformed frame" errors and other problems. (Bug 6735)
- non-IPP packets to or from port 631 are dissected as IPP. (Bug
6765)
- IAX2 dissector reads past end of packet for unknown IEs. (Bug
6815)
- Pcap-NG files with SHB options longer than 100 bytes aren't
recognized as pcap-NG files, and options longer than 100 bytes
in other blocks aren't handled either. (Bug 6846)
- Patch to fix DTLS decryption. (Bug 6847)
- Expression... dialog is crash. (Bug 6891)
- ISAKMP : VendorID CheckPoint : Malformed Packet. (Bug 6972)
- Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
(Bug 7000)
- MySQL dissector assertion. (Ask 8649)
Updated Protocol Support
HTTP, ISAKMP, MySQL, PacketBB, PGM, TCP, UDP
New and Updated Capture File Support
Endace ERF, Pcap-NG.

Fixed bugs
bnc#754477
wireshark: Null pointer dereference in ANSI A dissector
bnc#754476
wireshark: Memory corruption when processing pcap/pcap-ng file formats
bnc#754474
wireshark: MP2T memory allocation flaw
CVE-CVE-2012-1593
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
CVE-CVE-2012-1596
The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an
CVE-CVE-2012-1595
The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Ch
Selected Binaries