To: [email protected]Subject: [ MDVSA-2008:199 ] wireshark
Date: Fri, 19 Sep 2008 14:34:01 -0600
From: [email protected]
Reply-To: <xsecurity@mandriva.com.>
Message-Id: <E1Kgmfx-0002hL-Dk@titan.mandriva.com.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:199
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : September 19, 2008
Affected: 2008.0, 2008.1, Corporate 4.0
_______________________________________________________________________
Problem Description:
A number of vulnerabilities were discovered in Wireshark that could
cause it to crash while processing malicious packets (CVE-2008-3146,
CVE-2008-3932, CVE-2008-3933, CVE-2008-3934).
This update provides Wireshark 1.0.3, which is not vulnerable to
these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3146http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3932http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3933http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3934http://www.wireshark.org/security/wnpa-sec-2008-05.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
052d8ebe59721965be4e1abc3d26aa4f 2008.0/i586/dumpcap-1.0.3-0.1mdv2008.0.i586.rpm
6e1ff488246d3e61dd86adf22db10157 2008.0/i586/libwireshark0-1.0.3-0.1mdv2008.0.i586.rpm
4a3380a50b95b4b47280d31051f03733 2008.0/i586/libwireshark-devel-1.0.3-0.1mdv2008.0.i586.rpm
47e77c47f5433386e134590e902d97fa 2008.0/i586/rawshark-1.0.3-0.1mdv2008.0.i586.rpm
f19bb7a5f07b2e14d13bbb80a063e9c2 2008.0/i586/tshark-1.0.3-0.1mdv2008.0.i586.rpm
59bd1fe60ddc1aef03c43f1e244d310f 2008.0/i586/wireshark-1.0.3-0.1mdv2008.0.i586.rpm
7537a0e613adbd9a33f8506eff4b79dc 2008.0/i586/wireshark-tools-1.0.3-0.1mdv2008.0.i586.rpm
695458967bc7120dc18c0e021c21ef98 2008.0/SRPMS/wireshark-1.0.3-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
4579cf82a33b706a8332fb9da25bb714 2008.0/x86_64/dumpcap-1.0.3-0.1mdv2008.0.x86_64.rpm
e2dc5b80e269394968a732d340584c50 2008.0/x86_64/lib64wireshark0-1.0.3-0.1mdv2008.0.x86_64.rpm
179c3d0406afacadeae37dabeb950ca9 2008.0/x86_64/lib64wireshark-devel-1.0.3-0.1mdv2008.0.x86_64.rpm
c6460878e3237026fb2dcc31314a2e86 2008.0/x86_64/rawshark-1.0.3-0.1mdv2008.0.x86_64.rpm
61060d1d41bee4101c58780ea9acbde3 2008.0/x86_64/tshark-1.0.3-0.1mdv2008.0.x86_64.rpm
afcda73f3b39721f2f9131d83b51518e 2008.0/x86_64/wireshark-1.0.3-0.1mdv2008.0.x86_64.rpm
593a07cded73079f4c744f4f774ea0da 2008.0/x86_64/wireshark-tools-1.0.3-0.1mdv2008.0.x86_64.rpm
695458967bc7120dc18c0e021c21ef98 2008.0/SRPMS/wireshark-1.0.3-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.1:
325f81f7981ec1b0bb7af6ef00ea77b3 2008.1/i586/dumpcap-1.0.3-0.1mdv2008.1.i586.rpm
b1374e0f57b9ddc67d138489a61514eb 2008.1/i586/libwireshark0-1.0.3-0.1mdv2008.1.i586.rpm
b56d0679bc1889ce274d0331f809b4a4 2008.1/i586/libwireshark-devel-1.0.3-0.1mdv2008.1.i586.rpm
7cab501287ca8cb9b9e6c4c19c08e890 2008.1/i586/rawshark-1.0.3-0.1mdv2008.1.i586.rpm
7e40fab1043159337cc1108f7be86f4b 2008.1/i586/tshark-1.0.3-0.1mdv2008.1.i586.rpm
b47879b7e4ed639ec7a2c0b721225b01 2008.1/i586/wireshark-1.0.3-0.1mdv2008.1.i586.rpm
871afd4c2295bf2f7b743e0adac825fa 2008.1/i586/wireshark-tools-1.0.3-0.1mdv2008.1.i586.rpm
4959379f906f32983e1d95c38dc01f3c 2008.1/SRPMS/wireshark-1.0.3-0.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
a903d45a26f4e4c324dbdecb51729f6f 2008.1/x86_64/dumpcap-1.0.3-0.1mdv2008.1.x86_64.rpm
a85194ad83eb2833191cf8924fd68468 2008.1/x86_64/lib64wireshark0-1.0.3-0.1mdv2008.1.x86_64.rpm
966f0182801ae6e1d84c6736a796afca 2008.1/x86_64/lib64wireshark-devel-1.0.3-0.1mdv2008.1.x86_64.rpm
2e5035d90d7549a0c11b25be8050081c 2008.1/x86_64/rawshark-1.0.3-0.1mdv2008.1.x86_64.rpm
1d5e478b7149920d684a4c4e9f7e4b9f 2008.1/x86_64/tshark-1.0.3-0.1mdv2008.1.x86_64.rpm
0b8adf3d5c2412c282da2c5273a1d502 2008.1/x86_64/wireshark-1.0.3-0.1mdv2008.1.x86_64.rpm
ebd622e02eb614171990b9cd5194ddbb 2008.1/x86_64/wireshark-tools-1.0.3-0.1mdv2008.1.x86_64.rpm
4959379f906f32983e1d95c38dc01f3c 2008.1/SRPMS/wireshark-1.0.3-0.1mdv2008.1.src.rpm
Corporate 4.0:
9aec40405f83f4102135e4af7234dc45 corporate/4.0/i586/dumpcap-1.0.3-0.1.20060mlcs4.i586.rpm
5846034eaf54cac8aaa5001cd05c8a23 corporate/4.0/i586/libwireshark0-1.0.3-0.1.20060mlcs4.i586.rpm
61c8775b586e3c3ff0ef26c5453a40de corporate/4.0/i586/libwireshark-devel-1.0.3-0.1.20060mlcs4.i586.rpm
fb5a51694ac720ebb02fdc2006e827cc corporate/4.0/i586/rawshark-1.0.3-0.1.20060mlcs4.i586.rpm
04d4bcd97fc137d904bade0ff71d6d8a corporate/4.0/i586/tshark-1.0.3-0.1.20060mlcs4.i586.rpm
a817d8255ab4224cbe8b29fb5d9f7d6e corporate/4.0/i586/wireshark-1.0.3-0.1.20060mlcs4.i586.rpm
74d39fc12f1d82d6b5b944001a99c6e0 corporate/4.0/i586/wireshark-tools-1.0.3-0.1.20060mlcs4.i586.rpm
6a321e896cb17afea59981b2c20c6f9d corporate/4.0/SRPMS/wireshark-1.0.3-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
327f1445af63d045abd689286a13cfb7 corporate/4.0/x86_64/dumpcap-1.0.3-0.1.20060mlcs4.x86_64.rpm
5e57899fa206ba15425a643b0f5395ab corporate/4.0/x86_64/lib64wireshark0-1.0.3-0.1.20060mlcs4.x86_64.rpm
ecae0b5846ff684524d0b6fd6f082fca corporate/4.0/x86_64/lib64wireshark-devel-1.0.3-0.1.20060mlcs4.x86_64.rpm
f649de4fd1cb4663d51d1befd688000a corporate/4.0/x86_64/rawshark-1.0.3-0.1.20060mlcs4.x86_64.rpm
b41496a881a1644c6a376c89fd25aa32 corporate/4.0/x86_64/tshark-1.0.3-0.1.20060mlcs4.x86_64.rpm
219e77ae2a975e781c45344c62e2f4b8 corporate/4.0/x86_64/wireshark-1.0.3-0.1.20060mlcs4.x86_64.rpm
bc7397b7fce20c989668b71afbfa3ad4 corporate/4.0/x86_64/wireshark-tools-1.0.3-0.1.20060mlcs4.x86_64.rpm
6a321e896cb17afea59981b2c20c6f9d corporate/4.0/SRPMS/wireshark-1.0.3-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFI09/QmqjQ0CJFipgRAozLAKDaaK7z4VDoXNJ345Loi4s8bkSPVQCgnm97
wN51WJRipenpVo9BIHwvAaM=
=2zXb
-----END PGP SIGNATURE-----