LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for July 17, 2008

Handling kernel security problems

What Red Hat and Firestar agreed to

LWN.net Weekly Edition for July 10, 2008

The current development kernel is...linux-next?

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2008-2941 (wireshark)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 7 Update: wireshark-1.0.0-1.fc7


Date:
    	      Wed, 09 Apr 2008 05:17:36 +0000


Message-ID:
    	      <200804090526.m395PnxO032608@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2941
2008-04-08 23:42:00
--------------------------------------------------------------------------------

Name        : wireshark
Product     : Fedora 7
Version     : 1.0.0
Release     : 1.fc7
URL         : http://www.wireshark.org/
Summary     : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.

--------------------------------------------------------------------------------
Update Information:

Upgrade to 1.0.0 fixes several security flaws (wireshark crashes, see BZ
references).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #435483 - CVE-2008-1072 wireshark: TFTP dissector crash
        https://bugzilla.redhat.com/show_bug.cgi?id=435483
  [ 2 ] Bug #439943 - CVE-2008-1563 wireshark crash in SCCP dissector
        https://bugzilla.redhat.com/show_bug.cgi?id=439943
  [ 3 ] Bug #435481 - CVE-2008-1070 wireshark: SCTP dissector crash
        https://bugzilla.redhat.com/show_bug.cgi?id=435481
  [ 4 ] Bug #440014 - CVE-2008-1561 wireshark: crash in X.509sat and Roofnet dissectors
        https://bugzilla.redhat.com/show_bug.cgi?id=440014
  [ 5 ] Bug #440015 - CVE-2008-1562 wireshark: crash in LDAP dissector
        https://bugzilla.redhat.com/show_bug.cgi?id=440015
  [ 6 ] Bug #435482 - CVE-2008-1071 wireshark: SNMP dissector crash
        https://bugzilla.redhat.com/show_bug.cgi?id=435482
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update wireshark' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.