[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1SXCwq-00046P-CW@titan.mandriva.com>
Date: Wed, 23 May 2012 16:54:00 +0200
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2012:080 ] wireshark
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:080
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : May 23, 2012
Affected: 2011.
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities was found and corrected in Wireshark:
It may be possible to make Wireshark hang for long or indefinite
periods by injecting a malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file.
This advisory provides the latest version of Wireshark (1.6.8) which
is not vulnerable to these issues.
_______________________________________________________________________
References:
http://www.wireshark.org/security/wnpa-sec-2012-08.html
http://www.wireshark.org/security/wnpa-sec-2012-09.html
http://www.wireshark.org/security/wnpa-sec-2012-10.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
16a577c0711df7fc568696402109d6b4 2011/i586/dumpcap-1.6.8-0.1-mdv2011.0.i586.rpm
eada57c1d6f02e7ebf14fbb3789c5bbe 2011/i586/libwireshark1-1.6.8-0.1-mdv2011.0.i586.rpm
e9e98acba88c6ee3ab1d2e51536463aa 2011/i586/libwireshark-devel-1.6.8-0.1-mdv2011.0.i586.rpm
8017f3883e54db24eeee1e0f7b3c820f 2011/i586/rawshark-1.6.8-0.1-mdv2011.0.i586.rpm
bc33e60ea854669c81652090880c430b 2011/i586/tshark-1.6.8-0.1-mdv2011.0.i586.rpm
52cc8b37b569f8bc31800eacf347a7bd 2011/i586/wireshark-1.6.8-0.1-mdv2011.0.i586.rpm
b8cd1dca05b43e22accf8cd4a1517946 2011/i586/wireshark-tools-1.6.8-0.1-mdv2011.0.i586.rpm
c7678d090d491738155aa4bb6ae2b09d 2011/SRPMS/wireshark-1.6.8-0.1.src.rpm
Mandriva Linux 2011/X86_64:
25b79e5781f78e7c7a0f239406ad3a5a 2011/x86_64/dumpcap-1.6.8-0.1-mdv2011.0.x86_64.rpm
851832cf2439b688a491620ec43318ce 2011/x86_64/lib64wireshark1-1.6.8-0.1-mdv2011.0.x86_64.rpm
6c659fbff4840bc333d90e4d72a656eb 2011/x86_64/lib64wireshark-devel-1.6.8-0.1-mdv2011.0.x86_64.rpm
9b37711290f16de47b594397de980256 2011/x86_64/rawshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
2aa4ab2ba5d5b4f914b91b7d0e608c15 2011/x86_64/tshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
86cdbf15b98aaacb3d42bb43dfdf2c8f 2011/x86_64/wireshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
d72665f272867ca3d4af106c1a751f91 2011/x86_64/wireshark-tools-1.6.8-0.1-mdv2011.0.x86_64.rpm
c7678d090d491738155aa4bb6ae2b09d 2011/SRPMS/wireshark-1.6.8-0.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFPvM7pmqjQ0CJFipgRAgddAJ9vTgXP+6YXzxHaP3OflVdGXI5O6ACeKc+9
Q9lNj2Y7agvEy1+p9wOy+Nw=
=BGJY
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists