Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Wireshark
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Wireshark
ID: MDVSA-2011:164
Distribution: Mandriva
Plattformen: Keine Angabe
Datum: Mi, 2. November 2011, 20:34
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4102
http://www.wireshark.org/security/wnpa-sec-2011-17.html
http://www.wireshark.org/security/wnpa-sec-2011-18.html
http://www.wireshark.org/security/wnpa-sec-2011-19.html
Applikationen: Wireshark

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1320244389-2333-79

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:164
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : November 2, 2011
 Affected: 2011.
 _______________________________________________________________________

 Problem Description:

 This advisory updates wireshark to the latest version (1.6.3), fixing
 several security issues:
 
 An uninitialized variable in the CSN.1 dissector could cause a crash
 (CVE-2011-4100).
 
 Huzaifa Sidhpurwala of Red Hat Security Response Team discovered
 that the Infiniband dissector could dereference a NULL pointer
 (CVE-2011-4101).
 
 Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
 buffer overflow in the ERF file reader (CVE-2011-4102).
 
 The updated packages have been upgraded to the latest 1.6.x version
 (1.6.3) which is not vulnerable to these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4100
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4101
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4102
 http://www.wireshark.org/security/wnpa-sec-2011-17.html
 http://www.wireshark.org/security/wnpa-sec-2011-18.html
 http://www.wireshark.org/security/wnpa-sec-2011-19.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2011:
 0b5ac9722ad8eab01e3806d308c3e5be 
 2011/i586/dumpcap-1.6.3-0.1-mdv2011.0.i586.rpm
 6e19c82aa19d8f3538454e791efda914 
 2011/i586/libwireshark1-1.6.3-0.1-mdv2011.0.i586.rpm
 a65286ff617109423a548d3af675ce25 
 2011/i586/libwireshark-devel-1.6.3-0.1-mdv2011.0.i586.rpm
 a1a8effdebd29e525f4069e22d689599 
 2011/i586/rawshark-1.6.3-0.1-mdv2011.0.i586.rpm
 1eae86f6dc50df492f9da0098eb889ae 
 2011/i586/tshark-1.6.3-0.1-mdv2011.0.i586.rpm
 a3a78552342edfb562c9019dbf223cca 
 2011/i586/wireshark-1.6.3-0.1-mdv2011.0.i586.rpm
 77e7f551ef26d0bc667118091c77059e 
 2011/i586/wireshark-tools-1.6.3-0.1-mdv2011.0.i586.rpm 
 62f46aea01740a89b0cd31baf9ac82a1  2011/SRPMS/wireshark-1.6.3-0.1.src.rpm

 Mandriva Linux 2011/X86_64:
 200c7fce5888bbd88badb78a757692df 
 2011/x86_64/dumpcap-1.6.3-0.1-mdv2011.0.x86_64.rpm
 2bbb9dd050ee7c7abf4022d67d886d41 
 2011/x86_64/lib64wireshark1-1.6.3-0.1-mdv2011.0.x86_64.rpm
 0fb9974d9a755593f5ec8977c22f25ac 
 2011/x86_64/lib64wireshark-devel-1.6.3-0.1-mdv2011.0.x86_64.rpm
 a16851c1d3f6444c6c8a2b0c56ad5570 
 2011/x86_64/rawshark-1.6.3-0.1-mdv2011.0.x86_64.rpm
 14565aa0dbc8261a969b983f0a93aea3 
 2011/x86_64/tshark-1.6.3-0.1-mdv2011.0.x86_64.rpm
 7257cfd3572e2fef8ee166abd3e7471f 
 2011/x86_64/wireshark-1.6.3-0.1-mdv2011.0.x86_64.rpm
 b06e4710c4d0e21bcd367a67cc7f1fb4 
 2011/x86_64/wireshark-tools-1.6.3-0.1-mdv2011.0.x86_64.rpm 
 62f46aea01740a89b0cd31baf9ac82a1  2011/SRPMS/wireshark-1.6.3-0.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOsSnpmqjQ0CJFipgRAu0vAKDZN4pCvOqGm0kL1yqDacJXeUgbhQCfWBNx
FLThhT8zQa9eZYug6gzxREo=
=KSPx
-----END PGP SIGNATURE-----


------------=_1320244389-2333-79
Content-Type: text/plain; charset="UTF-8";
 name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1320244389-2333-79--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung