Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in wireshark
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in wireshark
ID: MDVSA-2008:001-1
Distribution: Mandriva
Plattformen: Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1, Mandriva 2008.0
Datum: Di, 8. Januar 2008, 07:07
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451
http://qa.mandriva.com/show_bug.cgi?id=36470
http://www.wireshark.org/security/wnpa-sec-2007-03.html
Applikationen: Wireshark

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1199772322-4794-8018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                       MDVSA-2008:001-1
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : wireshark
 Date    : January 8, 2008
 Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities in the Wireshark program were found that
 could cause crashes, excessive looping, or arbitrary code execution.
 
 This update provides Wireshark 0.99.7 which is not vulnerable to
 these issues.
 
 An updated version of libsmi is also being provided, not because
 of security issues, but because this version of wireshark uses it
 instead of net-snmp for SNMP support.

 Update:

 This update is being reissued without libcap (kernel capabilities)
 support, as that is not required by the original released packages,
 and thus gave trouble for a number of users.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451
 http://www.wireshark.org/security/wnpa-sec-2007-03.html
 http://qa.mandriva.com/show_bug.cgi?id=36470
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 5c91bd119cfc3b1c1ee55b6bc2011e4a 
 2007.0/i586/libwireshark0-0.99.7-0.2mdv2007.0.i586.rpm
 78c42809009ff071c1df6b755303f15b 
 2007.0/i586/tshark-0.99.7-0.2mdv2007.0.i586.rpm
 49b10ec48fd94f2f25e017454a72bf19 
 2007.0/i586/wireshark-0.99.7-0.2mdv2007.0.i586.rpm
 c5c8c034009e625164944bed14446404 
 2007.0/i586/wireshark-tools-0.99.7-0.2mdv2007.0.i586.rpm 
 77848da4b077e273c2b6d63cd7b7e9eb 
 2007.0/SRPMS/wireshark-0.99.7-0.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 bd4b1becee027d7670316fc861420a4f 
 2007.0/x86_64/lib64wireshark0-0.99.7-0.2mdv2007.0.x86_64.rpm
 3843ed5c6de451e48288cebee268a13c 
 2007.0/x86_64/tshark-0.99.7-0.2mdv2007.0.x86_64.rpm
 2be07bfb8592520cb656e9fdbfb98022 
 2007.0/x86_64/wireshark-0.99.7-0.2mdv2007.0.x86_64.rpm
 90e146c1da8a29a5a076cc6c9caed066 
 2007.0/x86_64/wireshark-tools-0.99.7-0.2mdv2007.0.x86_64.rpm 
 77848da4b077e273c2b6d63cd7b7e9eb 
 2007.0/SRPMS/wireshark-0.99.7-0.2mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 ade45a75aea57acf6530f4f41f825cc9 
 2007.1/i586/libwireshark0-0.99.7-0.2mdv2007.1.i586.rpm
 b5c8c986615e448c7dacee90c7e29fa2 
 2007.1/i586/tshark-0.99.7-0.2mdv2007.1.i586.rpm
 abe2a75fdf8e04e4a92a50ce1aa9a1d7 
 2007.1/i586/wireshark-0.99.7-0.2mdv2007.1.i586.rpm
 a1fb6cf26e8e3925759cd53607b7d171 
 2007.1/i586/wireshark-tools-0.99.7-0.2mdv2007.1.i586.rpm 
 cabd10166ca29f2f4685b52dfd77b5fe 
 2007.1/SRPMS/wireshark-0.99.7-0.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 963168de12981d25e5c843682f8e2341 
 2007.1/x86_64/lib64wireshark0-0.99.7-0.2mdv2007.1.x86_64.rpm
 c979dda5e0306456a1870cab22f7dbd3 
 2007.1/x86_64/tshark-0.99.7-0.2mdv2007.1.x86_64.rpm
 3b5228291fc25c3e2413ff50b5ae0c35 
 2007.1/x86_64/wireshark-0.99.7-0.2mdv2007.1.x86_64.rpm
 4457e9620dd65ff45a61b822e8bd6fca 
 2007.1/x86_64/wireshark-tools-0.99.7-0.2mdv2007.1.x86_64.rpm 
 cabd10166ca29f2f4685b52dfd77b5fe 
 2007.1/SRPMS/wireshark-0.99.7-0.2mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 30c75799076e9f6cb5b1e52edf3db14a 
 2008.0/i586/libwireshark-devel-0.99.7-0.2mdv2008.0.i586.rpm
 8f81b43b1023d159c8914e67fefa1002 
 2008.0/i586/libwireshark0-0.99.7-0.2mdv2008.0.i586.rpm
 adbaf318e0bc5cb332e70a3fd5f04474 
 2008.0/i586/tshark-0.99.7-0.2mdv2008.0.i586.rpm
 858cabe43af0af8a5677e011afd218c9 
 2008.0/i586/wireshark-0.99.7-0.2mdv2008.0.i586.rpm
 c62187def12e0ead20310a7efe9505b3 
 2008.0/i586/wireshark-tools-0.99.7-0.2mdv2008.0.i586.rpm 
 3d06a9a2c6e9785d6fc2238d661a8404 
 2008.0/SRPMS/wireshark-0.99.7-0.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 ed92644ee0e457b2a3ecee1d2bf4fa60 
 2008.0/x86_64/lib64wireshark-devel-0.99.7-0.2mdv2008.0.x86_64.rpm
 9635394abf21052f7bcab4897528be76 
 2008.0/x86_64/lib64wireshark0-0.99.7-0.2mdv2008.0.x86_64.rpm
 d121a1c7a3ef3176a64d1849670e6dee 
 2008.0/x86_64/tshark-0.99.7-0.2mdv2008.0.x86_64.rpm
 80d1eef6d6d2cedb1afe7f0aeb5adff9 
 2008.0/x86_64/wireshark-0.99.7-0.2mdv2008.0.x86_64.rpm
 c95a8c9b83616e90eb8a172f1d1f31f6 
 2008.0/x86_64/wireshark-tools-0.99.7-0.2mdv2008.0.x86_64.rpm 
 3d06a9a2c6e9785d6fc2238d661a8404 
 2008.0/SRPMS/wireshark-0.99.7-0.2mdv2008.0.src.rpm

 Corporate 4.0:
 f23d3320bf2e426f48dc4c4243c315b6 
 corporate/4.0/i586/libwireshark0-0.99.7-0.2.20060mlcs4.i586.rpm
 51587e5f3bf827a97b8655b3d7633774 
 corporate/4.0/i586/tshark-0.99.7-0.2.20060mlcs4.i586.rpm
 a5ad1f60eb99f7f57b9241adb7f6b537 
 corporate/4.0/i586/wireshark-0.99.7-0.2.20060mlcs4.i586.rpm
 72af45f42b528185526016f498fa5908 
 corporate/4.0/i586/wireshark-tools-0.99.7-0.2.20060mlcs4.i586.rpm 
 0ebc19bec6bc7e76f644f122e956c416 
 corporate/4.0/SRPMS/wireshark-0.99.7-0.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 3bd532fbfacf8e910efaf47aae679200 
 corporate/4.0/x86_64/lib64wireshark0-0.99.7-0.2.20060mlcs4.x86_64.rpm
 7e25238cbc07b651e37e65b826d87dac 
 corporate/4.0/x86_64/tshark-0.99.7-0.2.20060mlcs4.x86_64.rpm
 b14aaefe6cedbf388fe202722a6e6596 
 corporate/4.0/x86_64/wireshark-0.99.7-0.2.20060mlcs4.x86_64.rpm
 4959cbe32a8854f858409e2e98144375 
 corporate/4.0/x86_64/wireshark-tools-0.99.7-0.2.20060mlcs4.x86_64.rpm 
 0ebc19bec6bc7e76f644f122e956c416 
 corporate/4.0/SRPMS/wireshark-0.99.7-0.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iEYEARECAAYFAkeC5lEACgkQmqjQ0CJFipi91gCg20Lkyor7rIrCWeomiBGtEoru
KR4AoIK8urUWsFw/HGCkbe7UBML2QCWG
=hTXh
-----END PGP SIGNATURE-----


------------=_1199772322-4794-8018
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1199772322-4794-8018--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung