Security update for wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1220-1 Final 1 1 2016-05-04T10:57:28Z current 2016-05-04T10:57:28Z 2016-05-04T10:57:28Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update to wireshark 1.12.11 fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file. - The PKTC dissector could crash (wnpa-sec-2016-22) - The PKTC dissector could crash (wnpa-sec-2016-23) - The IAX2 dissector could go into an infinite loop (wnpa-sec-2016-24) - Wireshark and TShark could exhaust the stack (wnpa-sec-2016-25) - The GSM CBCH dissector could crash (wnpa-sec-2016-26) - The NCP dissector could crash (wnpa-sec-2016-28) - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.11.html The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-05/msg00020.html E-Mail link for openSUSE-SU-2016:1220-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 wireshark-1.12.11-20.1 wireshark-devel-1.12.11-20.1 wireshark-ui-gtk-1.12.11-20.1 wireshark-ui-qt-1.12.11-20.1 wireshark-1.12.11-20.1 as a component of openSUSE Leap 42.1 wireshark-devel-1.12.11-20.1 as a component of openSUSE Leap 42.1 wireshark-ui-gtk-1.12.11-20.1 as a component of openSUSE Leap 42.1 wireshark-ui-qt-1.12.11-20.1 as a component of openSUSE Leap 42.1