To: [email protected]Subject: [ MDKSA-2007:033 ] - Updated wireshark packages fix multiple vulnerabilities
Date: Fri, 02 Feb 2007 20:04:27 -0700
From: [email protected]
Reply-To: <xsecurity@mandriva.com.>
Message-Id: <E1HDBCV-0006QV-80@artemis.annvix.ca.>
Sender: QA Team <qateam@artemis.annvix.ca.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:033
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : February 2, 2007
Affected: 2007.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Vulnerabilities in the LLT, IEEE 802.11, HTTP, and TCP dissectors were
discovered in versions of wireshark less than 0.99.5, as well as
various other bugs.
This updated provides wireshark 0.99.5 which is not vulnerable to these
issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459http://www.wireshark.org/security/wnpa-sec-2007-01.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
740873204531526e4cc6878444af8362 2007.0/i586/libwireshark0-0.99.5-0.1mdv2007.0.i586.rpm
add82ec56d6f77ee7368cd080a82a465 2007.0/i586/tshark-0.99.5-0.1mdv2007.0.i586.rpm
d193c2b44c08aac1b67d64613532ef80 2007.0/i586/wireshark-0.99.5-0.1mdv2007.0.i586.rpm
858bbb85edc9783b155ef0a0ac6c3b90 2007.0/i586/wireshark-tools-0.99.5-0.1mdv2007.0.i586.rpm
1df4c1838fe6b746a782e133de279827 2007.0/SRPMS/wireshark-0.99.5-0.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
8ef87dcfc0cc5ac18a31945959e7aa7c 2007.0/x86_64/lib64wireshark0-0.99.5-0.1mdv2007.0.x86_64.rpm
a3f7656a6b2c90d23bac921d472bffaf 2007.0/x86_64/tshark-0.99.5-0.1mdv2007.0.x86_64.rpm
81050abf3144fd206f8a2f0a7e910836 2007.0/x86_64/wireshark-0.99.5-0.1mdv2007.0.x86_64.rpm
b2f12630475a24dec626092e231cc24a 2007.0/x86_64/wireshark-tools-0.99.5-0.1mdv2007.0.x86_64.rpm
1df4c1838fe6b746a782e133de279827 2007.0/SRPMS/wireshark-0.99.5-0.1mdv2007.0.src.rpm
Corporate 4.0:
26813537c4e24420d2cb1bbcbaad3185 corporate/4.0/i586/libwireshark0-0.99.5-0.1.20060mlcs4.i586.rpm
55d76fd9bc65b2cd4eb602a8e8b034d1 corporate/4.0/i586/tshark-0.99.5-0.1.20060mlcs4.i586.rpm
8aaf460bab2133abe4c7d5973f190d8c corporate/4.0/i586/wireshark-0.99.5-0.1.20060mlcs4.i586.rpm
4b12b3ad9f259bb9099208cb530bc42d corporate/4.0/i586/wireshark-tools-0.99.5-0.1.20060mlcs4.i586.rpm
5937c2654ada4050818cc4d2f88d13ce corporate/4.0/SRPMS/wireshark-0.99.5-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
b6da34d5d4f983d981f298b20f26222c corporate/4.0/x86_64/lib64wireshark0-0.99.5-0.1.20060mlcs4.x86_64.rpm
1a7b1c1d3c142f7e735f0b4e94b6fee8 corporate/4.0/x86_64/tshark-0.99.5-0.1.20060mlcs4.x86_64.rpm
103ef9c506489cf585aa01bf71c8e24a corporate/4.0/x86_64/wireshark-0.99.5-0.1.20060mlcs4.x86_64.rpm
b9b872ed0afc643f40fc35983d0a7302 corporate/4.0/x86_64/wireshark-tools-0.99.5-0.1.20060mlcs4.x86_64.rpm
5937c2654ada4050818cc4d2f88d13ce corporate/4.0/SRPMS/wireshark-0.99.5-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFw9EcmqjQ0CJFipgRAnDtAKCjD5xWhqIieHZJ1sXG6QHpMu5M0QCfesmh
Gbkbxd4FLH/gNMJxW9I0X2c=
=sFUw
-----END PGP SIGNATURE-----