On Thu, Apr 01, 2004 at 11:56:53AM -0500, John Dalbec wrote: > Red Hat fixed the security issues in Red Hat Linux 9 by upgrading to 0.10.3. I looked at this a bit closer. From advisories it follows that version of ethereal used on "legacy" systems are indeed affected by the issue. Also problems were indeed fixed by bumping up a version and not by patching what was used so likely we should do the same. I attach a spec file and two patches which are "carry-overs" from the previous version (i.e. parts which make sense). Other sources listed there come from either ethereal-0.9.16-0.73.2.legacy.src.rpm _or_ from ethereal-0.10.3-0.90.1.src.rpm. There is more protocols supported and even if some "leftover" files from libtool were dropped the whole thing is quite a bit bigger. It installs and works for me just fine. It was only a light testing but it captures, saves to a file, loads from a file, filters. I did that on RH7.3 installation. Most likely this fits 7.2 as well. How this should be done for RH8 I have no idea. Probably something similar. Go for it! > and RPM reports missing files. Some new files are needed. 'ethereal-gnome' content looks the same but 'ethereal' ends up with 102 entries on a list. Michal
Attachment:
ethereal.add.tar.gz
Description: GNU Zip compressed data
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
