Synopsis: Moderate: wireshark security, bug fix, and enhancement update Advisory ID: SLSA-2015:2393-1 Issue Date: 2015-11-19 CVE Numbers: CVE-2014-8714 CVE-2014-8712 CVE-2014-8713 CVE-2014-8711 CVE-2014-8710 CVE-2015-0562 CVE-2015-0564 CVE-2015-2189 CVE-2015-2191 CVE-2015-0563 CVE-2015-2188 CVE-2015-3182 CVE-2015-3810 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-6243 CVE-2015-6244 CVE-2015-6245 CVE-2015-6246 CVE-2015-6248 -- Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6248) The wireshark packages have been upgraded to upstream version 1.10.14, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bug: * Prior to this update, when using the tshark utility to capture packets over the interface, tshark failed to create output files in the .pcap format even if it was specified using the "-F" option. This bug has been fixed, the "-F" option is now honored, and the result saved in the .pcap format as expected. In addition, this update adds the following enhancement: * Previously, wireshark included only microseconds in the .pcapng format. With this update, wireshark supports nanosecond time stamp precision to allow for more accurate time stamps. All running instances of Wireshark must be restarted for the update to take effect. -- SL7 x86_64 wireshark-1.10.14-7.el7.i686.rpm wireshark-1.10.14-7.el7.x86_64.rpm wireshark-debuginfo-1.10.14-7.el7.i686.rpm wireshark-debuginfo-1.10.14-7.el7.x86_64.rpm wireshark-gnome-1.10.14-7.el7.x86_64.rpm wireshark-devel-1.10.14-7.el7.i686.rpm wireshark-devel-1.10.14-7.el7.x86_64.rpm - Scientific Linux Development Team