[Security Announce] [ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities
Posted on: 11/03/2006 08:10 AM

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:195
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : November 2, 2006
Affected: 2006.0, 2007.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart
dissectors were discovered in versions of wireshark less than 0.99.4,
as well as various other bugs.

This updated provides wireshark 0.99.4 which is not vulnerable to these
issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5740
http://www.wireshark.org/security/wnpa-sec-2006-03.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
6d9200ceb28c080700a14c5082d06144 2006.0/i586/libwireshark0-0.99.4-0.1.20060mdk.i586.rpm
846bf319dbf28977697f0360e6c9c3bf 2006.0/i586/tshark-0.99.4-0.1.20060mdk.i586.rpm
cf4c6ad8bcc4e8f1d0f30747e43629a0 2006.0/i586/wireshark-0.99.4-0.1.20060mdk.i586.rpm
7c298b8216d885c501698333a351a6df 2006.0/i586/wireshark-tools-0.99.4-0.1.20060mdk.i586.rpm
da584fd84e4eaa96134eae8bb6b2ccd9 2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
5cc25cf7a14362017b627804a23415ce 2006.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mdk.x86_64.rpm
a30498851a759f07b8cebcdebb0f906b 2006.0/x86_64/tshark-0.99.4-0.1.20060mdk.x86_64.rpm
cafef7ec7d7df699ca288ae03ed37c67 2006.0/x86_64/wireshark-0.99.4-0.1.20060mdk.x86_64.rpm
f84e2b12d83f53f0032992ead38cacff 2006.0/x86_64/wireshark-tools-0.99.4-0.1.20060mdk.x86_64.rpm
da584fd84e4eaa96134eae8bb6b2ccd9 2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

Mandriva Linux 2007.0:
3d1f3895ce1a440d94768fed10657cc6 2007.0/i586/libwireshark0-0.99.4-0.1mdv2007.0.i586.rpm
ef44905cba00cfb7ba5d72e4d45b4dee 2007.0/i586/tshark-0.99.4-0.1mdv2007.0.i586.rpm
21ef07d16228990f81952e6a9d0d4c02 2007.0/i586/wireshark-0.99.4-0.1mdv2007.0.i586.rpm
60cf791c1bdb8819e69da5a31381fbf7 2007.0/i586/wireshark-tools-0.99.4-0.1mdv2007.0.i586.rpm
7205c72932f614d8b4bcc7ac214a3cd5 2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
3c0c94604f22665270ecfd5ea4ef63b8 2007.0/x86_64/lib64wireshark0-0.99.4-0.1mdv2007.0.x86_64.rpm
2f50e6bdb122c99a8ccfe265bd5e9871 2007.0/x86_64/tshark-0.99.4-0.1mdv2007.0.x86_64.rpm
d6b35a2cc4871b09e65c97d438d8e5aa 2007.0/x86_64/wireshark-0.99.4-0.1mdv2007.0.x86_64.rpm
8dbd4f0e7cb7165e0877fead9b767aa8 2007.0/x86_64/wireshark-tools-0.99.4-0.1mdv2007.0.x86_64.rpm
7205c72932f614d8b4bcc7ac214a3cd5 2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

Corporate 4.0:
cf6d82d53a965a367b37ddce468eb5e1 corporate/4.0/i586/libwireshark0-0.99.4-0.1.20060mlcs4.i586.rpm
4fd35ab3805a08b8010832759b6520ca corporate/4.0/i586/tshark-0.99.4-0.1.20060mlcs4.i586.rpm
5ceb4d06dcec263ca472b1a0cebacb6e corporate/4.0/i586/wireshark-0.99.4-0.1.20060mlcs4.i586.rpm
254f405e87704d0a3bff60730af347cd corporate/4.0/i586/wireshark-tools-0.99.4-0.1.20060mlcs4.i586.rpm
063c6e14b5bbcc81f4a26fd183d9c53c corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
66a696916ebf9665d62d0fe7363ac742 corporate/4.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mlcs4.x86_64.rpm
1662228d5a03d68af75cd6a93654fb81 corporate/4.0/x86_64/tshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
e4be92066710fb02ad806ebb154006be corporate/4.0/x86_64/wireshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
2066c3a5738e8e3ade6fa4afab2adfed corporate/4.0/x86_64/wireshark-tools-0.99.4-0.1.20060mlcs4.x86_64.rpm
063c6e14b5bbcc81f4a26fd183d9c53c corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFSswpmqjQ0CJFipgRAmdWAKDd0iFIsCPrAvFXrex8QMgr0HUM+gCgmoeQ
qoPH91IikU+7ptsVeGXI4fc=
=TwK1
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_announce_mdksa_2006195__updated_wireshark_packages_fix_multiple_vulnerabilities.html)