lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1GfsBn-0004Sj-B7@mercury.mandriva.com>
Date: Thu,  2 Nov 2006 23:06:03 -0700
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:195
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : wireshark
 Date    : November 2, 2006
 Affected: 2006.0, 2007.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart
 dissectors were discovered in versions of wireshark less than 0.99.4,
 as well as various other bugs.

 This updated provides wireshark 0.99.4 which is not vulnerable to these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4574
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4805
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5469
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5740
 http://www.wireshark.org/security/wnpa-sec-2006-03.html
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 6d9200ceb28c080700a14c5082d06144  2006.0/i586/libwireshark0-0.99.4-0.1.20060mdk.i586.rpm
 846bf319dbf28977697f0360e6c9c3bf  2006.0/i586/tshark-0.99.4-0.1.20060mdk.i586.rpm
 cf4c6ad8bcc4e8f1d0f30747e43629a0  2006.0/i586/wireshark-0.99.4-0.1.20060mdk.i586.rpm
 7c298b8216d885c501698333a351a6df  2006.0/i586/wireshark-tools-0.99.4-0.1.20060mdk.i586.rpm 
 da584fd84e4eaa96134eae8bb6b2ccd9  2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 5cc25cf7a14362017b627804a23415ce  2006.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mdk.x86_64.rpm
 a30498851a759f07b8cebcdebb0f906b  2006.0/x86_64/tshark-0.99.4-0.1.20060mdk.x86_64.rpm
 cafef7ec7d7df699ca288ae03ed37c67  2006.0/x86_64/wireshark-0.99.4-0.1.20060mdk.x86_64.rpm
 f84e2b12d83f53f0032992ead38cacff  2006.0/x86_64/wireshark-tools-0.99.4-0.1.20060mdk.x86_64.rpm 
 da584fd84e4eaa96134eae8bb6b2ccd9  2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 3d1f3895ce1a440d94768fed10657cc6  2007.0/i586/libwireshark0-0.99.4-0.1mdv2007.0.i586.rpm
 ef44905cba00cfb7ba5d72e4d45b4dee  2007.0/i586/tshark-0.99.4-0.1mdv2007.0.i586.rpm
 21ef07d16228990f81952e6a9d0d4c02  2007.0/i586/wireshark-0.99.4-0.1mdv2007.0.i586.rpm
 60cf791c1bdb8819e69da5a31381fbf7  2007.0/i586/wireshark-tools-0.99.4-0.1mdv2007.0.i586.rpm 
 7205c72932f614d8b4bcc7ac214a3cd5  2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 3c0c94604f22665270ecfd5ea4ef63b8  2007.0/x86_64/lib64wireshark0-0.99.4-0.1mdv2007.0.x86_64.rpm
 2f50e6bdb122c99a8ccfe265bd5e9871  2007.0/x86_64/tshark-0.99.4-0.1mdv2007.0.x86_64.rpm
 d6b35a2cc4871b09e65c97d438d8e5aa  2007.0/x86_64/wireshark-0.99.4-0.1mdv2007.0.x86_64.rpm
 8dbd4f0e7cb7165e0877fead9b767aa8  2007.0/x86_64/wireshark-tools-0.99.4-0.1mdv2007.0.x86_64.rpm 
 7205c72932f614d8b4bcc7ac214a3cd5  2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

 Corporate 4.0:
 cf6d82d53a965a367b37ddce468eb5e1  corporate/4.0/i586/libwireshark0-0.99.4-0.1.20060mlcs4.i586.rpm
 4fd35ab3805a08b8010832759b6520ca  corporate/4.0/i586/tshark-0.99.4-0.1.20060mlcs4.i586.rpm
 5ceb4d06dcec263ca472b1a0cebacb6e  corporate/4.0/i586/wireshark-0.99.4-0.1.20060mlcs4.i586.rpm
 254f405e87704d0a3bff60730af347cd  corporate/4.0/i586/wireshark-tools-0.99.4-0.1.20060mlcs4.i586.rpm 
 063c6e14b5bbcc81f4a26fd183d9c53c  corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 66a696916ebf9665d62d0fe7363ac742  corporate/4.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mlcs4.x86_64.rpm
 1662228d5a03d68af75cd6a93654fb81  corporate/4.0/x86_64/tshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
 e4be92066710fb02ad806ebb154006be  corporate/4.0/x86_64/wireshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
 2066c3a5738e8e3ade6fa4afab2adfed  corporate/4.0/x86_64/wireshark-tools-0.99.4-0.1.20060mlcs4.x86_64.rpm 
 063c6e14b5bbcc81f4a26fd183d9c53c  corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFSswpmqjQ0CJFipgRAmdWAKDd0iFIsCPrAvFXrex8QMgr0HUM+gCgmoeQ
qoPH91IikU+7ptsVeGXI4fc=
=TwK1
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ