[Security Announce] [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability

[news 28]

This is a multi-part message in MIME format...

 

------------=_1216768240-11275-7536

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2008:152

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : wireshark

Date : July 22, 2008

Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0

_______________________________________________________________________

 

Problem Description:

 

A vulnerability was found in Wireshark, that could cause it to crash

while processing malicious packets.

 

This update provides Wireshark 1.0.2, which is not vulnerable to that.

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3145

http://www.wireshark.org/security/wnpa-sec-2008-04.html

_______________________________________________________________________

 

Updated Packages:

 

Mandriva Linux 2007.1:

dd208d3bd415b566884410e3efb5a748 2007.1/i586/libwireshark0-1.0.2-0.1mdv2007.1.i586.rpm

8ac38caee13fca07ff4cf7119491256c 2007.1/i586/tshark-1.0.2-0.1mdv2007.1.i586.rpm

31815a8faec571b90c786112651853bf 2007.1/i586/wireshark-1.0.2-0.1mdv2007.1.i586.rpm

6c61296c26edd8e8d62e30c7af36ba02 2007.1/i586/wireshark-tools-1.0.2-0.1mdv2007.1.i586.rpm

00dca267b96e50a75e7c4b7952ca1e61 2007.1/SRPMS/wireshark-1.0.2-0.1mdv2007.1.src.rpm

 

Mandriva Linux 2007.1/X86_64:

0fa4bbaf37ea0bbec825a292f6ba1f08 2007.1/x86_64/lib64wireshark0-1.0.2-0.1mdv2007.1.x86_64.rpm

ec00436f7fa7246808ff9294d3d30106 2007.1/x86_64/tshark-1.0.2-0.1mdv2007.1.x86_64.rpm

c0f6b3ce6506a9027d713a89fb411aac 2007.1/x86_64/wireshark-1.0.2-0.1mdv2007.1.x86_64.rpm

83cde7ccbdc2455adb91f5f8449866f6 2007.1/x86_64/wireshark-tools-1.0.2-0.1mdv2007.1.x86_64.rpm

00dca267b96e50a75e7c4b7952ca1e61 2007.1/SRPMS/wireshark-1.0.2-0.1mdv2007.1.src.rpm

 

Mandriva Linux 2008.0:

7f8c3c3536693c76c35a2433217672f1 2008.0/i586/dumpcap-1.0.2-0.1mdv2008.0.i586.rpm

d786b113715eebfed26d744f234926f9 2008.0/i586/libwireshark0-1.0.2-0.1mdv2008.0.i586.rpm

20e723680556b90b32753a22debcc8fd 2008.0/i586/libwireshark-devel-1.0.2-0.1mdv2008.0.i586.rpm

55324e20c3793fefa4fc31466a230859 2008.0/i586/rawshark-1.0.2-0.1mdv2008.0.i586.rpm

36c42e5a2a8ca9133ef8b23781c2a908 2008.0/i586/tshark-1.0.2-0.1mdv2008.0.i586.rpm

cdc0c62d7936e449564c32fe6a829394 2008.0/i586/wireshark-1.0.2-0.1mdv2008.0.i586.rpm

856e94f29f01a71cffc9d1fc05cfcabc 2008.0/i586/wireshark-tools-1.0.2-0.1mdv2008.0.i586.rpm

802f0a708e0dd820b242b9682ef5f482 2008.0/SRPMS/wireshark-1.0.2-0.1mdv2008.0.src.rpm

 

Mandriva Linux 2008.0/X86_64:

a473c5eab195923066ba820207cd4dd0 2008.0/x86_64/dumpcap-1.0.2-0.1mdv2008.0.x86_64.rpm

2345349e97af7c3b07c9effba42e9a5b 2008.0/x86_64/lib64wireshark0-1.0.2-0.1mdv2008.0.x86_64.rpm

ded19cb2dc2e3a435c83ad6010dd1ab6 2008.0/x86_64/lib64wireshark-devel-1.0.2-0.1mdv2008.0.x86_64.rpm

6ae396fcdc52b87f7c4d359ae596e861 2008.0/x86_64/rawshark-1.0.2-0.1mdv2008.0.x86_64.rpm

b28e8bcf8801836a8d1c35f53e566fc6 2008.0/x86_64/tshark-1.0.2-0.1mdv2008.0.x86_64.rpm

bd219f2c009719d100f5411fd2e1472f 2008.0/x86_64/wireshark-1.0.2-0.1mdv2008.0.x86_64.rpm

3f552df165c98123991e8aca8290944b 2008.0/x86_64/wireshark-tools-1.0.2-0.1mdv2008.0.x86_64.rpm

802f0a708e0dd820b242b9682ef5f482 2008.0/SRPMS/wireshark-1.0.2-0.1mdv2008.0.src.rpm

 

Mandriva Linux 2008.1:

b4cd63431babb044b459f41edd4df7a9 2008.1/i586/dumpcap-1.0.2-0.1mdv2008.1.i586.rpm

aecdbf2396bd03ff4035ce3d0361c8e0 2008.1/i586/libwireshark0-1.0.2-0.1mdv2008.1.i586.rpm

21947f15d454e06e183282e943590fc5 2008.1/i586/libwireshark-devel-1.0.2-0.1mdv2008.1.i586.rpm

04e5404a727ec4ca9bbb15ee577b2a3e 2008.1/i586/rawshark-1.0.2-0.1mdv2008.1.i586.rpm

c4779d4d2118c82a01c0427fcc63edaf 2008.1/i586/tshark-1.0.2-0.1mdv2008.1.i586.rpm

4cea15f71bb937e02babe751db0bf14e 2008.1/i586/wireshark-1.0.2-0.1mdv2008.1.i586.rpm

dfbb6ffde7247a632f668f505e238b93 2008.1/i586/wireshark-tools-1.0.2-0.1mdv2008.1.i586.rpm

2053cca12220e79bb9b3c44d05cdc025 2008.1/SRPMS/wireshark-1.0.2-0.1mdv2008.1.src.rpm

 

Mandriva Linux 2008.1/X86_64:

01304dde4b0d58f4b25cf189cd26e6e4 2008.1/x86_64/dumpcap-1.0.2-0.1mdv2008.1.x86_64.rpm

a1ca40167925697676bb747bb073cbe3 2008.1/x86_64/lib64wireshark0-1.0.2-0.1mdv2008.1.x86_64.rpm

325f5a4bfcbc85e1eb0a2d73f7643b0c 2008.1/x86_64/lib64wireshark-devel-1.0.2-0.1mdv2008.1.x86_64.rpm

974780f892d6c73b3071708cc8e43f7a 2008.1/x86_64/rawshark-1.0.2-0.1mdv2008.1.x86_64.rpm

65e8b1137469b6f2c57c6c67c71c3f34 2008.1/x86_64/tshark-1.0.2-0.1mdv2008.1.x86_64.rpm

9c006ce97cc27a379ad7103fae91d276 2008.1/x86_64/wireshark-1.0.2-0.1mdv2008.1.x86_64.rpm

5b58551478a166e16a1eefe6b7bf8734 2008.1/x86_64/wireshark-tools-1.0.2-0.1mdv2008.1.x86_64.rpm

2053cca12220e79bb9b3c44d05cdc025 2008.1/SRPMS/wireshark-1.0.2-0.1mdv2008.1.src.rpm

 

Corporate 4.0:

b7c9b207a1f6671c389de029acad1c69 corporate/4.0/i586/dumpcap-1.0.2-0.1.20060mlcs4.i586.rpm

11a820b27705d4860f809894fb86d085 corporate/4.0/i586/libwireshark0-1.0.2-0.1.20060mlcs4.i586.rpm

1de9bd371f233413b1bd0c120d43e1c5 corporate/4.0/i586/libwireshark-devel-1.0.2-0.1.20060mlcs4.i586.rpm

3b1335973cc247f69a944850d8cbc125 corporate/4.0/i586/rawshark-1.0.2-0.1.20060mlcs4.i586.rpm

563078c222926843c031f130d3d99c2c corporate/4.0/i586/tshark-1.0.2-0.1.20060mlcs4.i586.rpm

cfcbbd5c3e911ac5987364f74ae4f588 corporate/4.0/i586/wireshark-1.0.2-0.1.20060mlcs4.i586.rpm

c139f48f790fd228abd6bb36e5a64208 corporate/4.0/i586/wireshark-tools-1.0.2-0.1.20060mlcs4.i586.rpm

1be97ba104894a51125ab692206d8611 corporate/4.0/SRPMS/wireshark-1.0.2-0.1.20060mlcs4.src.rpm

 

Corporate 4.0/X86_64:

d75d7a3ee8af84b96a84ffcd52dc89b8 corporate/4.0/x86_64/dumpcap-1.0.2-0.1.20060mlcs4.x86_64.rpm

0bfb4e76da0b755e27eea200d86a14d2 corporate/4.0/x86_64/lib64wireshark0-1.0.2-0.1.20060mlcs4.x86_64.rpm

807c5bab351e4bbf760cabc1ac4e731d corporate/4.0/x86_64/lib64wireshark-devel-1.0.2-0.1.20060mlcs4.x86_64.rpm

01dd72f008237d1a466970b2393a58d6 corporate/4.0/x86_64/rawshark-1.0.2-0.1.20060mlcs4.x86_64.rpm

03fc5d527317d3bf56d837ac3519c92e corporate/4.0/x86_64/tshark-1.0.2-0.1.20060mlcs4.x86_64.rpm

85a416415f1e2bb89a9e772de95999ef corporate/4.0/x86_64/wireshark-1.0.2-0.1.20060mlcs4.x86_64.rpm

05a1763fc92c61ca4e717cafbdd78f39 corporate/4.0/x86_64/wireshark-tools-1.0.2-0.1.20060mlcs4.x86_64.rpm

1be97ba104894a51125ab692206d8611 corporate/4.0/SRPMS/wireshark-1.0.2-0.1.20060mlcs4.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFIhjoamqjQ0CJFipgRAhogAKCPcm4mIZm8MEZEyLJI0hflilgeowCeIHby

lsRqFcGoIZ/xLVh10fNTX2U=

=AYQ7

-----END PGP SIGNATURE-----

 

 

------------=_1216768240-11275-7536

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1216768240-11275-7536--