openSUSE alert openSUSE-SU-2011:0599-1 (wireshark) [LWN.net]


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-updates@opensuse.org 
Subject:
    	       openSUSE-SU-2011:0599-1: moderate: News fix some issues. 
Date:
    	       Tue,  7 Jun 2011 19:08:12 +0200 (CEST)
Message-ID:
    	       <20110607170812.88B0132299@maintenance.suse.de>
Archive-link:
    	       Article, Thread
              
   openSUSE Security Update: News fix some issues.
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2011:0599-1
Rating:             moderate
References:         #685023 #688109 
Cross-References:   CVE-2011-1590 CVE-2011-1591 CVE-2011-1592
                   
Affected Products:
                    openSUSE 11.4
______________________________________________________________________________

   An update that fixes three vulnerabilities is now
   available. It includes one version update.

Description:

   This wireshark update fixes:
   - Use of un-initialized variables (CVE-2011-1590)
   - Buffer overflow in DECT dissector (CVE-2011-1591)
   - Crash in NFS dissector on Windows (CVE-2011-1592)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.4:

      zypper in -t patch wireshark-4539

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.4 (i586 x86_64) [New Version: 1.4.4]:

      wireshark-1.4.4-0.5.1
      wireshark-devel-1.4.4-0.5.1


References:

   http://support.novell.com/security/cve/CVE-2011-1590.html
   http://support.novell.com/security/cve/CVE-2011-1591.html
   http://support.novell.com/security/cve/CVE-2011-1592.html
   https://bugzilla.novell.com/685023
   https://bugzilla.novell.com/688109
(Log in to post comments)