Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="3600">
  <issue id="920700" tracker="bnc">VUL-1: CVE-2015-2192: wireshark: The SCSI OSD dissector could go into an infinite loop</issue>
  <issue id="920696" tracker="bnc">VUL-1: CVE-2015-2188: wireshark: The WCP dissector could crash while decompressing data</issue>
  <issue id="920697" tracker="bnc">VUL-1: CVE-2015-2189: wireshark: The pcapng file parser could crash</issue>
  <issue id="920695" tracker="bnc">VUL-1: CVE-2015-2187: wireshark: The ATN-CPDLC dissector could crash</issue>
  <issue id="920698" tracker="bnc">VUL-1: CVE-2015-2190: wireshark: The LLDP dissector could crash</issue>
  <issue id="920699" tracker="bnc">VUL-1: CVE-2015-2191: wireshark: The TNEF dissector could go into an infinite loop</issue>
  <issue id="CVE-2015-2192" tracker="cve" />
  <issue id="CVE-2015-2191" tracker="cve" />
  <issue id="CVE-2015-2190" tracker="cve" />
  <issue id="CVE-2015-2188" tracker="cve" />
  <issue id="CVE-2015-2189" tracker="cve" />
  <issue id="CVE-2015-2187" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>
Wireshark was updated to 1.10.13 on openSUSE 13.1 to fix bugs and security issues.
Wireshark was updated to 1.12.4 on openSUSE 13.2 to fix bugs and security issues.

The following security issues were fixed in 1.10.13:
  * The WCP dissector could crash.
    wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696]
  * The pcapng file parser could crash.
    wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697]
  * The TNEF dissector could go into an infinite loop.
    wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699]
- Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html

The following security issues were fixed in 1.12.4:
- The following security issues were fixed:
  * The ATN-CPDLC dissector could crash.
    wnpa-sec-2015-06 CVE-2015-2187 [bnc#920695]
  * The WCP dissector could crash.
    wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696]
  * The pcapng file parser could crash.
    wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697]
  * The LLDP dissector could crash.
    wnpa-sec-2015-09 CVE-2015-2190 [bnc#920698]
  * The TNEF dissector could go into an infinite loop.
    wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699]
  * The SCSI OSD dissector could go into an infinite loop. 
    wnpa-sec-2015-11 CVE-2015-2192 [bnc#920700]
- Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
</description>
  <summary>Security update for wireshark</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places