openSUSE Security Update : wireshark (openSUSE-2016-301)
High Nessus Plugin ID 89715
SynopsisThe remote openSUSE host is missing a security update.
DescriptionWireshark was updated to 1.12.10, fixing a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file, specifically :
- CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03)
- CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
- GSM A-bis OML dissector crash (wnpa-sec-2016-14)
- ASN.1 BER dissector crash (wnpa-sec-2016-15)
- ASN.1 BER dissector crash (wnpa-sec-2016-18)
Further bug fixes and updated protocol support as listed in:
The following non-security bugs were fixed :
- boo#961170: Recommend wireshark-ui instead of requiring it to support text-only used
SolutionUpdate the affected wireshark packages.