Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
MDKSA-2005:013 - Updated ethereal packages
Posted by Philipp Esselbach on: 01/25/2005 03:14 AM [ Print | 0 comment(s) ]
Updated ethereal packages are available for Mandrakelinux 10.0 and 10.1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: ethereal
Advisory ID: MDKSA-2005:013
Date: January 24th, 2005
Affected versions: 10.0, 10.1
______________________________________________________________________
Problem Description:
A number of vulnerabilities were found in Ethereal, all of which are fixed in version 0.10.9: The COPS dissector could go into an infinite loop (CAN-2005-0006); the DLSw dissector could cause an assertion, making Ethereal exit prematurely (CAN-2005-0007); the DNP dissector could cause memory corruption (CAN-2005-0008); the Gnutella dissector could cause an assertion, making Ethereal exit prematurely (CAN-2005-0009); the MMSE dissector could free static memory (CAN-2005-0010); and the X11 protocol dissector is vulnerable to a string buffer overflow (CAN-2005-0084).
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: ethereal
Advisory ID: MDKSA-2005:013
Date: January 24th, 2005
Affected versions: 10.0, 10.1
______________________________________________________________________
Problem Description:
A number of vulnerabilities were found in Ethereal, all of which are fixed in version 0.10.9: The COPS dissector could go into an infinite loop (CAN-2005-0006); the DLSw dissector could cause an assertion, making Ethereal exit prematurely (CAN-2005-0007); the DNP dissector could cause memory corruption (CAN-2005-0008); the Gnutella dissector could cause an assertion, making Ethereal exit prematurely (CAN-2005-0009); the MMSE dissector could free static memory (CAN-2005-0010); and the X11 protocol dissector is vulnerable to a string buffer overflow (CAN-2005-0084).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0084
http://www.ethereal.com/appnotes/enpa-sa-00017.html
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
c74b93a5f05c68eb7845c6d3a05d7ab5 10.0/RPMS/ethereal-0.10.9-0.1.100mdk.i586.rpm
bbdcd41fe80851a0248c8606f0f0ddba 10.0/SRPMS/ethereal-0.10.9-0.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
3ab0b6691827a4d228b2696efda24de1 amd64/10.0/RPMS/ethereal-0.10.9-0.1.100mdk.amd64.rpm
bbdcd41fe80851a0248c8606f0f0ddba amd64/10.0/SRPMS/ethereal-0.10.9-0.1.100mdk.src.rpm
Mandrakelinux 10.1:
72d299832f7340c675f9cf89aaad555f 10.1/RPMS/ethereal-0.10.9-0.1.101mdk.i586.rpm
646de9ee68b10dba30c6f7f0b9989f7d 10.1/RPMS/ethereal-tools-0.10.9-0.1.101mdk.i586.rpm
48cb5ca4befde405416a9aa7c19b5556 10.1/RPMS/libethereal0-0.10.9-0.1.101mdk.i586.rpm
c3d5c5d06f7afd1e23f06f682188c03e 10.1/RPMS/tethereal-0.10.9-0.1.101mdk.i586.rpm
87e639367056153d74db172ebb8ca897 10.1/SRPMS/ethereal-0.10.9-0.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
f8852108acdeb991a2a2c06e225863d9 x86_64/10.1/RPMS/ethereal-0.10.9-0.1.101mdk.x86_64.rpm
3ee69f3876a7741ddeb8a79ac2229fb7 x86_64/10.1/RPMS/ethereal-tools-0.10.9-0.1.101mdk.x86_64.rpm
edb8a0f7523320df5f30db3e872ef139 x86_64/10.1/RPMS/lib64ethereal0-0.10.9-0.1.101mdk.x86_64.rpm
6cf8367b84d5508cdaaa96e59f973ce8 x86_64/10.1/RPMS/tethereal-0.10.9-0.1.101mdk.x86_64.rpm
87e639367056153d74db172ebb8ca897 x86_64/10.1/SRPMS/ethereal-0.10.9-0.1.101mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0084
http://www.ethereal.com/appnotes/enpa-sa-00017.html
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
c74b93a5f05c68eb7845c6d3a05d7ab5 10.0/RPMS/ethereal-0.10.9-0.1.100mdk.i586.rpm
bbdcd41fe80851a0248c8606f0f0ddba 10.0/SRPMS/ethereal-0.10.9-0.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
3ab0b6691827a4d228b2696efda24de1 amd64/10.0/RPMS/ethereal-0.10.9-0.1.100mdk.amd64.rpm
bbdcd41fe80851a0248c8606f0f0ddba amd64/10.0/SRPMS/ethereal-0.10.9-0.1.100mdk.src.rpm
Mandrakelinux 10.1:
72d299832f7340c675f9cf89aaad555f 10.1/RPMS/ethereal-0.10.9-0.1.101mdk.i586.rpm
646de9ee68b10dba30c6f7f0b9989f7d 10.1/RPMS/ethereal-tools-0.10.9-0.1.101mdk.i586.rpm
48cb5ca4befde405416a9aa7c19b5556 10.1/RPMS/libethereal0-0.10.9-0.1.101mdk.i586.rpm
c3d5c5d06f7afd1e23f06f682188c03e 10.1/RPMS/tethereal-0.10.9-0.1.101mdk.i586.rpm
87e639367056153d74db172ebb8ca897 10.1/SRPMS/ethereal-0.10.9-0.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
f8852108acdeb991a2a2c06e225863d9 x86_64/10.1/RPMS/ethereal-0.10.9-0.1.101mdk.x86_64.rpm
3ee69f3876a7741ddeb8a79ac2229fb7 x86_64/10.1/RPMS/ethereal-tools-0.10.9-0.1.101mdk.x86_64.rpm
edb8a0f7523320df5f30db3e872ef139 x86_64/10.1/RPMS/lib64ethereal0-0.10.9-0.1.101mdk.x86_64.rpm
6cf8367b84d5508cdaaa96e59f973ce8 x86_64/10.1/RPMS/tethereal-0.10.9-0.1.101mdk.x86_64.rpm
87e639367056153d74db172ebb8ca897 x86_64/10.1/SRPMS/ethereal-0.10.9-0.1.101mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
