Hello community, here is the log from the commit of package patchinfo.4605 for openSUSE:13.1:Update checked in at 2016-03-06 00:51:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.4605 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.4605.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.4605" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo> <issue id="968565" tracker="bnc">VUL-0: wireshark: multiple vulnerabilities fixes in 1.12.10, 2.0.2</issue> <issue id="961170" tracker="bnc">Package wireshark should not depend on wireshark-ui</issue> <issue id="CVE-2016-2530" tracker="cve" /> <issue id="CVE-2016-2531" tracker="cve" /> <issue id="CVE-2016-2532" tracker="cve" /> <issue id="CVE-2016-2523" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>AndreasStieger</packager> <description>Wireshark was updated to 1.12.10, fixing a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file, specifically: - CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03) - CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10) - CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10) - CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11) - GSM A-bis OML dissector crash (wnpa-sec-2016-14) - ASN.1 BER dissector crash (wnpa-sec-2016-15) - ASN.1 BER dissector crash (wnpa-sec-2016-18) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.10.html The following non-security bugs were fixed: - boo#961170: Recommend wireshark-ui instead of requiring it to support text-only used </description> <summary>Security update for wireshark</summary> </patchinfo>
