lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1MYtTQ-00084Y-KV@titan.mandriva.com>
Date: Thu, 06 Aug 2009 05:17:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:194 ] wireshark


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:194
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : August 5, 2009
 Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Vulnerabilities have been discovered in wireshark package, which could
 lead to application crash via radius, infiniband and afs dissectors
 (CVE-2009-2560, CVE-2009-2562, CVE-2009-2563).
 
 This update provides a fix for those vulnerabilities.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2560
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2562
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2563
 http://www.wireshark.org/security/wnpa-sec-2009-04.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 35c44b3dda2222f03f0229dffe083690  2009.0/i586/dumpcap-1.0.8-3.2mdv2009.0.i586.rpm
 32a5a19dbd7d927f04462644fda1a918  2009.0/i586/libwireshark0-1.0.8-3.2mdv2009.0.i586.rpm
 679abf03eebc9c9790497845a49b92b5  2009.0/i586/libwireshark-devel-1.0.8-3.2mdv2009.0.i586.rpm
 7fc204402d3ca6c0b89b5aefc58ac243  2009.0/i586/rawshark-1.0.8-3.2mdv2009.0.i586.rpm
 fc2ceb7dcbd8edaac22fac8ef8020688  2009.0/i586/tshark-1.0.8-3.2mdv2009.0.i586.rpm
 5e42c96a3f433b845059cc4616b3f1bf  2009.0/i586/wireshark-1.0.8-3.2mdv2009.0.i586.rpm
 3c70080e2d6962af6cf0c7d48fec8a89  2009.0/i586/wireshark-tools-1.0.8-3.2mdv2009.0.i586.rpm 
 10dc6eb791beb4db15d7dd9acd20a3b5  2009.0/SRPMS/wireshark-1.0.8-3.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 0b42122bf6b1a5c3e65b673b19da382e  2009.0/x86_64/dumpcap-1.0.8-3.2mdv2009.0.x86_64.rpm
 f560c78cf476d2c4bc4758330a933fff  2009.0/x86_64/lib64wireshark0-1.0.8-3.2mdv2009.0.x86_64.rpm
 3a9a289b9e01b4ce1d89b970b3577a56  2009.0/x86_64/lib64wireshark-devel-1.0.8-3.2mdv2009.0.x86_64.rpm
 759831cb22ec8a5d5028015a35931087  2009.0/x86_64/rawshark-1.0.8-3.2mdv2009.0.x86_64.rpm
 e12270bc4129f1c62a6fccba67e80fe0  2009.0/x86_64/tshark-1.0.8-3.2mdv2009.0.x86_64.rpm
 de928a404ae250eabb93ea05c5e022d4  2009.0/x86_64/wireshark-1.0.8-3.2mdv2009.0.x86_64.rpm
 05b5ac1f460a049efc36b57785c9d166  2009.0/x86_64/wireshark-tools-1.0.8-3.2mdv2009.0.x86_64.rpm 
 10dc6eb791beb4db15d7dd9acd20a3b5  2009.0/SRPMS/wireshark-1.0.8-3.2mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 5f084d3f4d56462afdeb056d2c63e0b0  2009.1/i586/dumpcap-1.0.8-3.2mdv2009.1.i586.rpm
 e9137ca3ecf24656a06ae4dd0870137d  2009.1/i586/libwireshark0-1.0.8-3.2mdv2009.1.i586.rpm
 31e8564ff9ad9a1a4085a23df535a9b7  2009.1/i586/libwireshark-devel-1.0.8-3.2mdv2009.1.i586.rpm
 d125bcd35a05532acd2bce81bb477278  2009.1/i586/rawshark-1.0.8-3.2mdv2009.1.i586.rpm
 cd24c453d85fa38cdb95f798af11ada1  2009.1/i586/tshark-1.0.8-3.2mdv2009.1.i586.rpm
 3853e1197a5f1189ccecace02c664cd9  2009.1/i586/wireshark-1.0.8-3.2mdv2009.1.i586.rpm
 cd28e512238504a40183ac9053f7ded7  2009.1/i586/wireshark-tools-1.0.8-3.2mdv2009.1.i586.rpm 
 7772b718900f37402f2205df81027eaf  2009.1/SRPMS/wireshark-1.0.8-3.2mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 33fb00d1fe8705f96b68a557df9dc82c  2009.1/x86_64/dumpcap-1.0.8-3.2mdv2009.1.x86_64.rpm
 fecf1fea37ba80db55b081dada88d92e  2009.1/x86_64/lib64wireshark0-1.0.8-3.2mdv2009.1.x86_64.rpm
 997814600900d1897d36ec703931107f  2009.1/x86_64/lib64wireshark-devel-1.0.8-3.2mdv2009.1.x86_64.rpm
 bb03b7ab486159ff2185f28298817ec3  2009.1/x86_64/rawshark-1.0.8-3.2mdv2009.1.x86_64.rpm
 ddd6af566dd048d7660e6c51407951f5  2009.1/x86_64/tshark-1.0.8-3.2mdv2009.1.x86_64.rpm
 e380009d79ccf87bcd6dc614af0fcf3a  2009.1/x86_64/wireshark-1.0.8-3.2mdv2009.1.x86_64.rpm
 416b62662ecb8f00c9b38b67c8bffe68  2009.1/x86_64/wireshark-tools-1.0.8-3.2mdv2009.1.x86_64.rpm 
 7772b718900f37402f2205df81027eaf  2009.1/SRPMS/wireshark-1.0.8-3.2mdv2009.1.src.rpm

 Corporate 4.0:
 0edce2e85d953b8ad86d663054e8d556  corporate/4.0/i586/dumpcap-1.0.8-0.2.20060mlcs4.i586.rpm
 b3b5ff7686d44df6d741213ca4ef5a3f  corporate/4.0/i586/libwireshark0-1.0.8-0.2.20060mlcs4.i586.rpm
 15af42501657bf3b632faf78ac64b676  corporate/4.0/i586/libwireshark-devel-1.0.8-0.2.20060mlcs4.i586.rpm
 df9b9c9d6844d09407255585e95363eb  corporate/4.0/i586/rawshark-1.0.8-0.2.20060mlcs4.i586.rpm
 1e0524ed826663d6c123a25a810229c4  corporate/4.0/i586/tshark-1.0.8-0.2.20060mlcs4.i586.rpm
 70284837b799f074252a92e36003fa7b  corporate/4.0/i586/wireshark-1.0.8-0.2.20060mlcs4.i586.rpm
 7770f8370818ed3051849804c5c7832b  corporate/4.0/i586/wireshark-tools-1.0.8-0.2.20060mlcs4.i586.rpm 
 58357c66e0af1174591ddede8552e9ed  corporate/4.0/SRPMS/wireshark-1.0.8-0.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 9e324be1a76546158eef6d1afec6b477  corporate/4.0/x86_64/dumpcap-1.0.8-0.2.20060mlcs4.x86_64.rpm
 cd0b9333f156d892f7783a6c94ba03e2  corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.2.20060mlcs4.x86_64.rpm
 c0619181ce70e9f9c4e684fa3c949a2b  corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.2.20060mlcs4.x86_64.rpm
 5711b26fec21ca6e9198778e5dcf3beb  corporate/4.0/x86_64/rawshark-1.0.8-0.2.20060mlcs4.x86_64.rpm
 36c9aee8682d690f83712f12504185c7  corporate/4.0/x86_64/tshark-1.0.8-0.2.20060mlcs4.x86_64.rpm
 eb7bd5e8bcc27a6840f055612073d39a  corporate/4.0/x86_64/wireshark-1.0.8-0.2.20060mlcs4.x86_64.rpm
 b2a448f16e99cf72889bd1179cd91a67  corporate/4.0/x86_64/wireshark-tools-1.0.8-0.2.20060mlcs4.x86_64.rpm 
 58357c66e0af1174591ddede8552e9ed  corporate/4.0/SRPMS/wireshark-1.0.8-0.2.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 46b3b6e24434f0219bcbd710ce979563  mes5/i586/dumpcap-1.0.8-3.2mdvmes5.i586.rpm
 f6c0d02d8d2369f54adb817f81d248ba  mes5/i586/libwireshark0-1.0.8-3.2mdvmes5.i586.rpm
 300514c2f3909498b5ef551f4df390c0  mes5/i586/libwireshark-devel-1.0.8-3.2mdvmes5.i586.rpm
 2570e35d68c35e716b837ad5cca06cda  mes5/i586/rawshark-1.0.8-3.2mdvmes5.i586.rpm
 6921ab12a7d1181937acc6dfbd58d8bb  mes5/i586/tshark-1.0.8-3.2mdvmes5.i586.rpm
 445d9741305071b62274166e1499979e  mes5/i586/wireshark-1.0.8-3.2mdvmes5.i586.rpm
 fcc036a683833e62c01a03c8f7719e99  mes5/i586/wireshark-tools-1.0.8-3.2mdvmes5.i586.rpm 
 9764beb45431d60f5f42cd1dd75e0552  mes5/SRPMS/wireshark-1.0.8-3.2mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 17665ab83f9cb30c85ed773c45641028  mes5/x86_64/dumpcap-1.0.8-3.2mdvmes5.x86_64.rpm
 02c24673bfe6734d2c24f8212d902065  mes5/x86_64/lib64wireshark0-1.0.8-3.2mdvmes5.x86_64.rpm
 8c15123fc16dd8adce1fb0cd91003363  mes5/x86_64/lib64wireshark-devel-1.0.8-3.2mdvmes5.x86_64.rpm
 22d064d32c5896e077e2134add0cac5d  mes5/x86_64/rawshark-1.0.8-3.2mdvmes5.x86_64.rpm
 218afbc803e79a6e21b456a8b9f6600e  mes5/x86_64/tshark-1.0.8-3.2mdvmes5.x86_64.rpm
 905aa32b8e1f3cd7322c0bc4f5c104e1  mes5/x86_64/wireshark-1.0.8-3.2mdvmes5.x86_64.rpm
 6a0a6053cc654a3342cf564486b31d46  mes5/x86_64/wireshark-tools-1.0.8-3.2mdvmes5.x86_64.rpm 
 9764beb45431d60f5f42cd1dd75e0552  mes5/SRPMS/wireshark-1.0.8-3.2mdvmes5.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKeh6wmqjQ0CJFipgRAsn1AJ9913NYSPZhCVnYbSk4sMH+hyuoqgCfanCl
pnfGj9IIxOR7U5+b1pp5z18=
=fgJz
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ