LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

December 2015

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA December 2015

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: wireshark on SL7.x x86_64
From:	Pat Riehecky <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Mon, 21 Dec 2015 23:11:19 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (68 lines)

Synopsis:          Moderate: wireshark security, bug fix, and enhancement update
Advisory ID:       SLSA-2015:2393-1
Issue Date:        2015-11-19
CVE Numbers:       CVE-2014-8714
                   CVE-2014-8712
                   CVE-2014-8713
                   CVE-2014-8711
                   CVE-2014-8710
                   CVE-2015-0562
                   CVE-2015-0564
                   CVE-2015-2189
                   CVE-2015-2191
                   CVE-2015-0563
                   CVE-2015-2188
                   CVE-2015-3182
                   CVE-2015-3810
                   CVE-2015-3811
                   CVE-2015-3812
                   CVE-2015-3813
                   CVE-2015-6243
                   CVE-2015-6244
                   CVE-2015-6245
                   CVE-2015-6246
                   CVE-2015-6248
--

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189,
CVE-2015-2191, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813,
CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714,
CVE-2015-0562, CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243,
CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6248)

The wireshark packages have been upgraded to upstream version 1.10.14,
which provides a number of bug fixes and enhancements over the previous
version.

This update also fixes the following bug:

* Prior to this update, when using the tshark utility to capture packets
over the interface, tshark failed to create output files in the .pcap
format even if it was specified using the "-F" option. This bug has been
fixed, the "-F" option is now honored, and the result saved in the .pcap
format as expected.

In addition, this update adds the following enhancement:

* Previously, wireshark included only microseconds in the .pcapng format.
With this update, wireshark supports nanosecond time stamp precision to
allow for more accurate time stamps.

All running instances of Wireshark must be restarted for the update to
take effect.
--

SL7
  x86_64
    wireshark-1.10.14-7.el7.i686.rpm
    wireshark-1.10.14-7.el7.x86_64.rpm
    wireshark-debuginfo-1.10.14-7.el7.i686.rpm
    wireshark-debuginfo-1.10.14-7.el7.x86_64.rpm
    wireshark-gnome-1.10.14-7.el7.x86_64.rpm
    wireshark-devel-1.10.14-7.el7.i686.rpm
    wireshark-devel-1.10.14-7.el7.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV