Hello community,
here is the log from the commit of package patchinfo.3600 for
openSUSE:13.1:Update checked in at 2015-03-13 09:33:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3600 (Old)
and /work/SRC/openSUSE:13.1:Update/.patchinfo.3600.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.3600"
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="3600">
<issue id="920700" tracker="bnc">VUL-1: CVE-2015-2192: wireshark: The SCSI
OSD dissector could go into an infinite loop</issue>
<issue id="920696" tracker="bnc">VUL-1: CVE-2015-2188: wireshark: The WCP
dissector could crash while decompressing data</issue>
<issue id="920697" tracker="bnc">VUL-1: CVE-2015-2189: wireshark: The pcapng
file parser could crash</issue>
<issue id="920695" tracker="bnc">VUL-1: CVE-2015-2187: wireshark: The
ATN-CPDLC dissector could crash</issue>
<issue id="920698" tracker="bnc">VUL-1: CVE-2015-2190: wireshark: The LLDP
dissector could crash</issue>
<issue id="920699" tracker="bnc">VUL-1: CVE-2015-2191: wireshark: The TNEF
dissector could go into an infinite loop</issue>
<issue id="CVE-2015-2192" tracker="cve" />
<issue id="CVE-2015-2191" tracker="cve" />
<issue id="CVE-2015-2190" tracker="cve" />
<issue id="CVE-2015-2188" tracker="cve" />
<issue id="CVE-2015-2189" tracker="cve" />
<issue id="CVE-2015-2187" tracker="cve" />
<category>security</category>
<rating>moderate</rating>
<packager>AndreasStieger</packager>
<description>
Wireshark was updated to 1.10.13 on openSUSE 13.1 to fix bugs and security
issues.
Wireshark was updated to 1.12.4 on openSUSE 13.2 to fix bugs and security
issues.
The following security issues were fixed in 1.10.13:
* The WCP dissector could crash.
wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696]
* The pcapng file parser could crash.
wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697]
* The TNEF dissector could go into an infinite loop.
wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699]
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html
The following security issues were fixed in 1.12.4:
- The following security issues were fixed:
* The ATN-CPDLC dissector could crash.
wnpa-sec-2015-06 CVE-2015-2187 [bnc#920695]
* The WCP dissector could crash.
wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696]
* The pcapng file parser could crash.
wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697]
* The LLDP dissector could crash.
wnpa-sec-2015-09 CVE-2015-2190 [bnc#920698]
* The TNEF dissector could go into an infinite loop.
wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699]
* The SCSI OSD dissector could go into an infinite loop.
wnpa-sec-2015-11 CVE-2015-2192 [bnc#920700]
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
</description>
<summary>Security update for wireshark</summary>
</patchinfo>
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
