Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="wireshark">
  <packager>lijews</packager>
  <issue tracker="bnc" id="823932">wireshark: security updates to 1.8.8</issue>
  <issue tracker="cve" id="CVE-2013-3562"></issue>
  <issue tracker="cve" id="CVE-2013-3560"></issue>
  <issue tracker="cve" id="CVE-2013-3561"></issue>
  <issue tracker="cve" id="CVE-2013-3557"></issue>
  <issue tracker="cve" id="CVE-2013-3556"></issue>
  <issue tracker="cve" id="CVE-2013-3559"></issue>
  <issue tracker="cve" id="CVE-2013-3558"></issue>
  <issue tracker="cve" id="CVE-2013-3555"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>security update for wireshark</summary>
  <description>This update of wireshark includes several security and bug fixes.
- update to 1.8.8 [bnc#823932]
  + vulnerabilities fixed:
    * The CAPWAP dissector could crash.
      wnpa-sec-2013-32
    * The GMR-1 BCCH dissector could crash.
      wnpa-sec-2013-33
    * The PPP dissector could crash.
      wnpa-sec-2013-34
    * The NBAP dissector could crash.
      wnpa-sec-2013-35
    * The RDP dissector could crash.
      wnpa-sec-2013-36
    * The GSM CBCH dissector could crash.
      wnpa-sec-2013-37
    * The Assa Abloy R3 dissector could consume excessive memory and CPU.
      wnpa-sec-2013-38
    * The HTTP dissector could overrun the stack.
      wnpa-sec-2013-39
    * The Ixia IxVeriWave file parser could  overflow the heap.
      wnpa-sec-2013-40
    * The DCP ETSI dissector could crash.
      wnpa-sec-2013-41
  + Further bug fixes and updated protocol support as listed in:
    https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places