Updated tcpdump packages are available for Mandriva Linux
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: tcpdump
Advisory ID: MDKSA-2005:101
Date: June 15th, 2005
Affected versions: 10.1, 10.2
______________________________________________________________________
Problem Description:
A Denial of Service vulnerability was found in tcpdump during the processing of certain network packages. Because of this flaw, it was possible for an attacker to inject a carefully crafted packet onto the network which would crash a running tcpdump session.
The updated packages have been patched to correct this problem. This problem does not affect at least tcpdump 3.8.1 and earlier.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1267
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
19f997352f3fef16e9809c33a9fd9e6f 10.1/RPMS/tcpdump-3.8.3-2.2.101mdk.i586.rpm
91566ff6914608573f685a750a23e4a2 10.1/SRPMS/tcpdump-3.8.3-2.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
23da8b573535902af955c3bc52b8da45 x86_64/10.1/RPMS/tcpdump-3.8.3-2.2.101mdk.x86_64.rpm
91566ff6914608573f685a750a23e4a2 x86_64/10.1/SRPMS/tcpdump-3.8.3-2.2.101mdk.src.rpm
Mandrakelinux 10.2:
317345c2da874d9c8b1333fcf7b0f81a 10.2/RPMS/tcpdump-3.8.3-2.2.102mdk.i586.rpm
c7e1bb066e89aaa17188a9548262aee3 10.2/SRPMS/tcpdump-3.8.3-2.2.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
49053eec4a4b00732cef1da5405a2ea5 x86_64/10.2/RPMS/tcpdump-3.8.3-2.2.102mdk.x86_64.rpm
c7e1bb066e89aaa17188a9548262aee3 x86_64/10.2/SRPMS/tcpdump-3.8.3-2.2.102mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: tcpdump
Advisory ID: MDKSA-2005:101
Date: June 15th, 2005
Affected versions: 10.1, 10.2
______________________________________________________________________
Problem Description:
A Denial of Service vulnerability was found in tcpdump during the processing of certain network packages. Because of this flaw, it was possible for an attacker to inject a carefully crafted packet onto the network which would crash a running tcpdump session.
The updated packages have been patched to correct this problem. This problem does not affect at least tcpdump 3.8.1 and earlier.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1267
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
19f997352f3fef16e9809c33a9fd9e6f 10.1/RPMS/tcpdump-3.8.3-2.2.101mdk.i586.rpm
91566ff6914608573f685a750a23e4a2 10.1/SRPMS/tcpdump-3.8.3-2.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
23da8b573535902af955c3bc52b8da45 x86_64/10.1/RPMS/tcpdump-3.8.3-2.2.101mdk.x86_64.rpm
91566ff6914608573f685a750a23e4a2 x86_64/10.1/SRPMS/tcpdump-3.8.3-2.2.101mdk.src.rpm
Mandrakelinux 10.2:
317345c2da874d9c8b1333fcf7b0f81a 10.2/RPMS/tcpdump-3.8.3-2.2.102mdk.i586.rpm
c7e1bb066e89aaa17188a9548262aee3 10.2/SRPMS/tcpdump-3.8.3-2.2.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
49053eec4a4b00732cef1da5405a2ea5 x86_64/10.2/RPMS/tcpdump-3.8.3-2.2.102mdk.x86_64.rpm
c7e1bb066e89aaa17188a9548262aee3 x86_64/10.2/SRPMS/tcpdump-3.8.3-2.2.102mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
