Wireshark has been updated to 1.12.7. (FATE#319388)
The following vulnerabilities have been fixed: * Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241 * Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242 * Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243 * The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244 * The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245 * The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246 * The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247 * Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248 * The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249 * Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
Also a fix from 1.12.6 in GSM DTAP was backported. (bnc#935158 CVE-2015-4652)