[ MDVSA-2008:057 ] - Updated wireshark packages fix denial of service vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:057
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : March 3, 2008
Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
A few vulnerabilities were found in Wireshark, that could cause it
to crash or consume excessive memory under certain conditions.
This update rovides Wireshark 0.99.8 which is not vulnerable to
the issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1072
http://www.wireshark.org/security/wnpa-sec-2008-01.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
267c56b10fb4a47dc6c6bc5be7560dae
2007.0/i586/libwireshark0-0.99.8-0.1mdv2007.0.i586.rpm
bb9e087841735100bd1b7e781406f2a9
2007.0/i586/tshark-0.99.8-0.1mdv2007.0.i586.rpm
accb363010f2fe2968fb2ffef055baa1
2007.0/i586/wireshark-0.99.8-0.1mdv2007.0.i586.rpm
a7b6f91a9503d386719fada340aa9609
2007.0/i586/wireshark-tools-0.99.8-0.1mdv2007.0.i586.rpm
db4d926599022fb1bda29f01361741b7
2007.0/SRPMS/wireshark-0.99.8-0.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
554b16372d0b6efa6e58540b242eb161
2007.0/x86_64/lib64wireshark0-0.99.8-0.1mdv2007.0.x86_64.rpm
5e806e0df70813e1e0d01890f6730941
2007.0/x86_64/tshark-0.99.8-0.1mdv2007.0.x86_64.rpm
6b510b94cb16328f3057ff3496eed119
2007.0/x86_64/wireshark-0.99.8-0.1mdv2007.0.x86_64.rpm
6669f32ee39af1372421580577548792
2007.0/x86_64/wireshark-tools-0.99.8-0.1mdv2007.0.x86_64.rpm
db4d926599022fb1bda29f01361741b7
2007.0/SRPMS/wireshark-0.99.8-0.1mdv2007.0.src.rpm
Mandriva Linux 2007.1:
ba21439b01df6e246eedc8cce6a5bfab
2007.1/i586/libwireshark0-0.99.8-0.1mdv2007.1.i586.rpm
2bfa375e12face3cf9bae7cfd6254eb7
2007.1/i586/tshark-0.99.8-0.1mdv2007.1.i586.rpm
1799a7f54cdb16c7083d893b96ea4f07
2007.1/i586/wireshark-0.99.8-0.1mdv2007.1.i586.rpm
7cf16c987c99870be72752daa98cd3fd
2007.1/i586/wireshark-tools-0.99.8-0.1mdv2007.1.i586.rpm
7daa2b09a504c7246bf3e9bcaebc6354
2007.1/SRPMS/wireshark-0.99.8-0.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
8f67f28d3973c7be6255ef0ac542701e
2007.1/x86_64/lib64wireshark0-0.99.8-0.1mdv2007.1.x86_64.rpm
34246a2870ef18ed40599a498ab3ab4c
2007.1/x86_64/tshark-0.99.8-0.1mdv2007.1.x86_64.rpm
aeb22fb0fb1fd2224e88e432c450a497
2007.1/x86_64/wireshark-0.99.8-0.1mdv2007.1.x86_64.rpm
9c3f863f13de7c7836d2a9e32bf2b99b
2007.1/x86_64/wireshark-tools-0.99.8-0.1mdv2007.1.x86_64.rpm
7daa2b09a504c7246bf3e9bcaebc6354
2007.1/SRPMS/wireshark-0.99.8-0.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
071c56558b673bb348842bbd1f15b70d
2008.0/i586/libwireshark-devel-0.99.8-0.1mdv2008.0.i586.rpm
f62eb9005ca79b7d359a1d638f071e48
2008.0/i586/libwireshark0-0.99.8-0.1mdv2008.0.i586.rpm
2163377dcd39c6d78aba1afa0f19f6eb
2008.0/i586/tshark-0.99.8-0.1mdv2008.0.i586.rpm
d2ccb07c5aa016b497a1305514749b6a
2008.0/i586/wireshark-0.99.8-0.1mdv2008.0.i586.rpm
ad50c14fcf45996717240f2867a7dc35
2008.0/i586/wireshark-tools-0.99.8-0.1mdv2008.0.i586.rpm
10d849d01ef57ff886fc851007f6e0d1
2008.0/SRPMS/wireshark-0.99.8-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
31360d9b2ff81d63eb0009a65d5313d7
2008.0/x86_64/lib64wireshark-devel-0.99.8-0.1mdv2008.0.x86_64.rpm
93a40a47cfc3f1a8cb6d584a8c189ac7
2008.0/x86_64/lib64wireshark0-0.99.8-0.1mdv2008.0.x86_64.rpm
9975a6a15d32ea7424cf46769186e65c
2008.0/x86_64/tshark-0.99.8-0.1mdv2008.0.x86_64.rpm
01b0691e1a80a3df48da2b982de0a814
2008.0/x86_64/wireshark-0.99.8-0.1mdv2008.0.x86_64.rpm
d046aafde7235aaeaca359fe3efcead5
2008.0/x86_64/wireshark-tools-0.99.8-0.1mdv2008.0.x86_64.rpm
10d849d01ef57ff886fc851007f6e0d1
2008.0/SRPMS/wireshark-0.99.8-0.1mdv2008.0.src.rpm
Corporate 4.0:
c25ee38aeaf063b1819226153a619468
corporate/4.0/i586/libwireshark0-0.99.8-0.1.20060mlcs4.i586.rpm
34e49cd2419c98ed08160ea20e0d747e
corporate/4.0/i586/tshark-0.99.8-0.1.20060mlcs4.i586.rpm
e05ea8642e89a82b93d9f187cf2dea39
corporate/4.0/i586/wireshark-0.99.8-0.1.20060mlcs4.i586.rpm
07828feed3b1e0aafdfff6f47d05136e
corporate/4.0/i586/wireshark-tools-0.99.8-0.1.20060mlcs4.i586.rpm
1db4637ddab6b4787607a9168a24d825
corporate/4.0/SRPMS/wireshark-0.99.8-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
226ccff30ff4753c59dd657a18250ad4
corporate/4.0/x86_64/lib64wireshark0-0.99.8-0.1.20060mlcs4.x86_64.rpm
1b75137b7fd262a7502323d9ec5f7130
corporate/4.0/x86_64/tshark-0.99.8-0.1.20060mlcs4.x86_64.rpm
d7b77256eb8567ce37fb0021ae61a264
corporate/4.0/x86_64/wireshark-0.99.8-0.1.20060mlcs4.x86_64.rpm
c20e4c81db130d2025a1f3903ec8ac47
corporate/4.0/x86_64/wireshark-tools-0.99.8-0.1.20060mlcs4.x86_64.rpm
1db4637ddab6b4787607a9168a24d825
corporate/4.0/SRPMS/wireshark-0.99.8-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFHzEjrmqjQ0CJFipgRAvKzAKDq0ngyIBmNw/N9CMWTErMPKHkZHgCgrxf8
2qQSOFnaqHWoU3xidm0MKcE=
=+zG8
-----END PGP SIGNATURE-----