lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1KLQwf-0004OM-E7@titan.mandriva.com>
Date: Tue, 22 Jul 2008 17:07:01 -0600
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:152
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : wireshark
 Date    : July 22, 2008
 Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was found in Wireshark, that could cause it to crash
 while processing malicious packets.
 
 This update provides Wireshark 1.0.2, which is not vulnerable to that.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3145
 http://www.wireshark.org/security/wnpa-sec-2008-04.html
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.1:
 dd208d3bd415b566884410e3efb5a748  2007.1/i586/libwireshark0-1.0.2-0.1mdv2007.1.i586.rpm
 8ac38caee13fca07ff4cf7119491256c  2007.1/i586/tshark-1.0.2-0.1mdv2007.1.i586.rpm
 31815a8faec571b90c786112651853bf  2007.1/i586/wireshark-1.0.2-0.1mdv2007.1.i586.rpm
 6c61296c26edd8e8d62e30c7af36ba02  2007.1/i586/wireshark-tools-1.0.2-0.1mdv2007.1.i586.rpm 
 00dca267b96e50a75e7c4b7952ca1e61  2007.1/SRPMS/wireshark-1.0.2-0.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 0fa4bbaf37ea0bbec825a292f6ba1f08  2007.1/x86_64/lib64wireshark0-1.0.2-0.1mdv2007.1.x86_64.rpm
 ec00436f7fa7246808ff9294d3d30106  2007.1/x86_64/tshark-1.0.2-0.1mdv2007.1.x86_64.rpm
 c0f6b3ce6506a9027d713a89fb411aac  2007.1/x86_64/wireshark-1.0.2-0.1mdv2007.1.x86_64.rpm
 83cde7ccbdc2455adb91f5f8449866f6  2007.1/x86_64/wireshark-tools-1.0.2-0.1mdv2007.1.x86_64.rpm 
 00dca267b96e50a75e7c4b7952ca1e61  2007.1/SRPMS/wireshark-1.0.2-0.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 7f8c3c3536693c76c35a2433217672f1  2008.0/i586/dumpcap-1.0.2-0.1mdv2008.0.i586.rpm
 d786b113715eebfed26d744f234926f9  2008.0/i586/libwireshark0-1.0.2-0.1mdv2008.0.i586.rpm
 20e723680556b90b32753a22debcc8fd  2008.0/i586/libwireshark-devel-1.0.2-0.1mdv2008.0.i586.rpm
 55324e20c3793fefa4fc31466a230859  2008.0/i586/rawshark-1.0.2-0.1mdv2008.0.i586.rpm
 36c42e5a2a8ca9133ef8b23781c2a908  2008.0/i586/tshark-1.0.2-0.1mdv2008.0.i586.rpm
 cdc0c62d7936e449564c32fe6a829394  2008.0/i586/wireshark-1.0.2-0.1mdv2008.0.i586.rpm
 856e94f29f01a71cffc9d1fc05cfcabc  2008.0/i586/wireshark-tools-1.0.2-0.1mdv2008.0.i586.rpm 
 802f0a708e0dd820b242b9682ef5f482  2008.0/SRPMS/wireshark-1.0.2-0.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 a473c5eab195923066ba820207cd4dd0  2008.0/x86_64/dumpcap-1.0.2-0.1mdv2008.0.x86_64.rpm
 2345349e97af7c3b07c9effba42e9a5b  2008.0/x86_64/lib64wireshark0-1.0.2-0.1mdv2008.0.x86_64.rpm
 ded19cb2dc2e3a435c83ad6010dd1ab6  2008.0/x86_64/lib64wireshark-devel-1.0.2-0.1mdv2008.0.x86_64.rpm
 6ae396fcdc52b87f7c4d359ae596e861  2008.0/x86_64/rawshark-1.0.2-0.1mdv2008.0.x86_64.rpm
 b28e8bcf8801836a8d1c35f53e566fc6  2008.0/x86_64/tshark-1.0.2-0.1mdv2008.0.x86_64.rpm
 bd219f2c009719d100f5411fd2e1472f  2008.0/x86_64/wireshark-1.0.2-0.1mdv2008.0.x86_64.rpm
 3f552df165c98123991e8aca8290944b  2008.0/x86_64/wireshark-tools-1.0.2-0.1mdv2008.0.x86_64.rpm 
 802f0a708e0dd820b242b9682ef5f482  2008.0/SRPMS/wireshark-1.0.2-0.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 b4cd63431babb044b459f41edd4df7a9  2008.1/i586/dumpcap-1.0.2-0.1mdv2008.1.i586.rpm
 aecdbf2396bd03ff4035ce3d0361c8e0  2008.1/i586/libwireshark0-1.0.2-0.1mdv2008.1.i586.rpm
 21947f15d454e06e183282e943590fc5  2008.1/i586/libwireshark-devel-1.0.2-0.1mdv2008.1.i586.rpm
 04e5404a727ec4ca9bbb15ee577b2a3e  2008.1/i586/rawshark-1.0.2-0.1mdv2008.1.i586.rpm
 c4779d4d2118c82a01c0427fcc63edaf  2008.1/i586/tshark-1.0.2-0.1mdv2008.1.i586.rpm
 4cea15f71bb937e02babe751db0bf14e  2008.1/i586/wireshark-1.0.2-0.1mdv2008.1.i586.rpm
 dfbb6ffde7247a632f668f505e238b93  2008.1/i586/wireshark-tools-1.0.2-0.1mdv2008.1.i586.rpm 
 2053cca12220e79bb9b3c44d05cdc025  2008.1/SRPMS/wireshark-1.0.2-0.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 01304dde4b0d58f4b25cf189cd26e6e4  2008.1/x86_64/dumpcap-1.0.2-0.1mdv2008.1.x86_64.rpm
 a1ca40167925697676bb747bb073cbe3  2008.1/x86_64/lib64wireshark0-1.0.2-0.1mdv2008.1.x86_64.rpm
 325f5a4bfcbc85e1eb0a2d73f7643b0c  2008.1/x86_64/lib64wireshark-devel-1.0.2-0.1mdv2008.1.x86_64.rpm
 974780f892d6c73b3071708cc8e43f7a  2008.1/x86_64/rawshark-1.0.2-0.1mdv2008.1.x86_64.rpm
 65e8b1137469b6f2c57c6c67c71c3f34  2008.1/x86_64/tshark-1.0.2-0.1mdv2008.1.x86_64.rpm
 9c006ce97cc27a379ad7103fae91d276  2008.1/x86_64/wireshark-1.0.2-0.1mdv2008.1.x86_64.rpm
 5b58551478a166e16a1eefe6b7bf8734  2008.1/x86_64/wireshark-tools-1.0.2-0.1mdv2008.1.x86_64.rpm 
 2053cca12220e79bb9b3c44d05cdc025  2008.1/SRPMS/wireshark-1.0.2-0.1mdv2008.1.src.rpm

 Corporate 4.0:
 b7c9b207a1f6671c389de029acad1c69  corporate/4.0/i586/dumpcap-1.0.2-0.1.20060mlcs4.i586.rpm
 11a820b27705d4860f809894fb86d085  corporate/4.0/i586/libwireshark0-1.0.2-0.1.20060mlcs4.i586.rpm
 1de9bd371f233413b1bd0c120d43e1c5  corporate/4.0/i586/libwireshark-devel-1.0.2-0.1.20060mlcs4.i586.rpm
 3b1335973cc247f69a944850d8cbc125  corporate/4.0/i586/rawshark-1.0.2-0.1.20060mlcs4.i586.rpm
 563078c222926843c031f130d3d99c2c  corporate/4.0/i586/tshark-1.0.2-0.1.20060mlcs4.i586.rpm
 cfcbbd5c3e911ac5987364f74ae4f588  corporate/4.0/i586/wireshark-1.0.2-0.1.20060mlcs4.i586.rpm
 c139f48f790fd228abd6bb36e5a64208  corporate/4.0/i586/wireshark-tools-1.0.2-0.1.20060mlcs4.i586.rpm 
 1be97ba104894a51125ab692206d8611  corporate/4.0/SRPMS/wireshark-1.0.2-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 d75d7a3ee8af84b96a84ffcd52dc89b8  corporate/4.0/x86_64/dumpcap-1.0.2-0.1.20060mlcs4.x86_64.rpm
 0bfb4e76da0b755e27eea200d86a14d2  corporate/4.0/x86_64/lib64wireshark0-1.0.2-0.1.20060mlcs4.x86_64.rpm
 807c5bab351e4bbf760cabc1ac4e731d  corporate/4.0/x86_64/lib64wireshark-devel-1.0.2-0.1.20060mlcs4.x86_64.rpm
 01dd72f008237d1a466970b2393a58d6  corporate/4.0/x86_64/rawshark-1.0.2-0.1.20060mlcs4.x86_64.rpm
 03fc5d527317d3bf56d837ac3519c92e  corporate/4.0/x86_64/tshark-1.0.2-0.1.20060mlcs4.x86_64.rpm
 85a416415f1e2bb89a9e772de95999ef  corporate/4.0/x86_64/wireshark-1.0.2-0.1.20060mlcs4.x86_64.rpm
 05a1763fc92c61ca4e717cafbdd78f39  corporate/4.0/x86_64/wireshark-tools-1.0.2-0.1.20060mlcs4.x86_64.rpm 
 1be97ba104894a51125ab692206d8611  corporate/4.0/SRPMS/wireshark-1.0.2-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIhjoamqjQ0CJFipgRAhogAKCPcm4mIZm8MEZEyLJI0hflilgeowCeIHby
lsRqFcGoIZ/xLVh10fNTX2U=
=AYQ7
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ