rPSA-2008-0278-1 tshark wireshark

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2008-0278-1 tshark wireshark
From: rPath Update Announcements <announce-noreply@xxxxxxxxx>
Date: Wed, 17 Sep 2008 12:07:23 -0400
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2008-0278-1
Published: 2008-09-17
Products:
    rPath Linux 1

Rating: Minor
Exposure Level Classification:
    Indirect Deterministic Denial of Service
Updated Versions:
    tshark=conary.rpath.com@rpl:1/1.0.3-0.1-1
    wireshark=conary.rpath.com@rpl:1/1.0.3-0.1-1

rPath Issue Tracking System:
    https://issues.rpath.com/browse/RPL-2835

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3934
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3146
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3932
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3933

Description:
    Previous versions of the wireshark package are vulnerable to multiple
    Denial of Service attacks in which malformed packets may cause the
    application to hang or crash.  It has not been determined that these
    vulnerabilities can be exploited to execute malicious code.

http://wiki.rpath.com/Advisories:rPSA-2008-0278

Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html