--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2005-152922 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152922 2005-12-06 --------------------------------------------------------------------- Name : ethereal Versions : rh7.3: ethereal-0.10.13-0.73.1.legacy Versions : rh9: ethereal-0.10.13-0.90.1.legacy Versions : fc1: ethereal-0.10.13-1.FC1.3.legacy Versions : fc2: ethereal-0.10.13-1.FC2.2.legacy Summary : Network traffic analyzer. Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. --------------------------------------------------------------------- Update Information: Updated Ethereal packages that fix various security vulnerabilities are now available. Ethereal is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the following names to these issues: CAN-2004-1139, CAN-2004-1140, CVE-2004-1141, CVE-2004-1142, CVE-2005-0006, CVE-2005-0007, CVE-2005-0008, CVE-2005-0009, CVE-2005-0010, CVE-2005-0084, CVE-2005-0699, CVE-2005-0704, CVE-2005-0705, CVE-2005-0739, CVE-2005-1456, CVE-2005-1457, CVE-2005-1458, CVE-2005-1459, CVE-2005-1460, CVE-2005-1461, CVE-2005-1462, CVE-2005-1463, CVE-2005-1464, CVE-2005-1465, CVE-2005-1466, CVE-2005-1467, CVE-2005-1468, CVE-2005-1469, CVE-2005-1470, CVE-2005-2360, CVE-2005-2361, CVE-2005-2362, CVE-2005-2363, CVE-2005-2364, CVE-2005-2365, CVE-2005-2366, CVE-2005-2367, CVE-2005-3241, CVE-2005-3242, CVE-2005-3243, CVE-2005-3244, CVE-2005-3245, CVE-2005-3246, CVE-2005-3247, CVE-2005-3248, CVE-2005-3249, and CVE-2005-3184. Users of Ethereal should upgrade to these updated packages which contain version 0.10.13 and are not vulnerable to these issues. --------------------------------------------------------------------- Changelogs rh73: * Tue Nov 22 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-0.73.1.legacy - Updated to 0.10.13 to fix multiple security issues (Bug #152922) - Add lines to specfile to package /usr/sbin/{randpkt,capinfos} and {_mandir}/man1/capinfos.* * Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.10-0.73.1.legacy - Updated to 0.10.10 to fix multiple security issues (FL#2453) * Wed Feb 23 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.9-0.73.2.legacy - Added the evil plugins hack to get plugins built * Mon Feb 07 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.9-0.73.1.legacy - Updated to 0.10.9 to fix multiple security issues (FL#2407) - Modified configure parameters - Added gcc patch rh9: * Mon Nov 28 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-0.90.1.legacy - Updated to 0.10.13 to fix multiple security issues (Bug #152922) - Added ethereal-0.10.6-old.patch from RHEL3 0.10.13 .src.rpm. - Package /usr/sbin/randpkt - Add ldconfig commands to post-install and post-uninstall, like RHEL3. * Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.10-0.90.1.legacy - Updated to 0.10.10 to fix multiple security issues (FL#2453) * Wed Feb 23 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.9-0.90.2.legacy - Added the evil plugins hack to get plugins built * Tue Feb 08 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.9-0.90.1.legacy - Updated to 0.10.9 to fix multiple security issues (FL#2407) - Modified configure parameters fc1: * Sun Nov 27 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-1.FC1.3.legacy - Oops. The hunk I removed from the ethereal-0.10.6-old.patch had *NOT* been applied upstream. Reinstate it. Sorry 'bout that. * Tue Nov 08 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-1.FC1.2.legacy - Add missing /usr/sbin/randpkt to files section so it will build. * Mon Nov 07 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-1.FC1.1.legacy - Updated to 0.10.13 to fix multiple security issues (Bug #152922) - Removed the no-longer-needed ethereal-0.10.8-htmlview.patch - Added ethereal-0.10.6-old.patch from RHEL3 0.10.13 .src.rpm after remov- ing a hunk from it that already had been applied upstream to packet-smb.c * Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.10-1.FC1.1.legacy - Updated to 0.10.10 to fix multiple security issues (FL#2453) * Wed Feb 23 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.9-1.FC1.2.legacy - Added the evil plugins hack to get plugins built * Tue Feb 08 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 0.10.9-1.FC1.1.legacy - Updated to 0.10.9 to fix multiple security issues (FL#2407) - Added htmlview patch - Changed BuildRequires to gtk2 fc2: * Mon Nov 28 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-1.FC2.2.legacy - Add autoconf, automake16, libtool BuildRequires. * Mon Nov 28 2005 David Eisenstein <deisenst@xxxxxxx> 0.10.13-1.FC2.1.legacy - Updated to 0.10.13 to fix multiple security issues (Bug #152922) - Removed the no-longer-needed ethereal-0.10.8-htmlview.patch - Package /usr/sbin/randpkt --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: b6ec3227ce109dee158226168c100e726bfc20e3 redhat/7.3/updates-testing/i386/ethereal-0.10.13-0.73.1.legacy.i386.rpm 76bf3ca139e814ced155cab659e2845713baeee8 redhat/7.3/updates-testing/i386/ethereal-gnome-0.10.13-0.73.1.legacy.i386.rpm 27d46417d6c70d7696ce51bb0eda1eca4c09306c redhat/7.3/updates-testing/SRPMS/ethereal-0.10.13-0.73.1.legacy.src.rpm rh9: f40d4d125f74b5b2320b5f9c07a4dfe3a38b6070 redhat/9/updates-testing/i386/ethereal-0.10.13-0.90.1.legacy.i386.rpm d2a08d88c8c22d375f36ebcaf480b580244e7b8f redhat/9/updates-testing/i386/ethereal-gnome-0.10.13-0.90.1.legacy.i386.rpm 51e96ba6f6d6448370fd1d7e88bce2be2561f5b8 redhat/9/updates-testing/SRPMS/ethereal-0.10.13-0.90.1.legacy.src.rpm fc1: 1f7a8447e658a08866f8050458c130793684ea72 fedora/1/updates-testing/i386/ethereal-0.10.13-1.FC1.3.legacy.i386.rpm 15198b45cdf68437b14cf37476b4eacb93313547 fedora/1/updates-testing/i386/ethereal-gnome-0.10.13-1.FC1.3.legacy.i386.rpm 7df377ffb3f5267fc65e11adb54882d92135b405 fedora/1/updates-testing/SRPMS/ethereal-0.10.13-1.FC1.3.legacy.src.rpm fc2: f50e59779e38adf3de331c9f1b71f49ddb5dec11 fedora/2/updates-testing/i386/ethereal-0.10.13-1.FC2.2.legacy.i386.rpm 92c6b494330da5f7c6757bec6004d9110786c914 fedora/2/updates-testing/i386/ethereal-gnome-0.10.13-1.FC2.2.legacy.i386.rpm aa43704fe2deb8aa46b3e61e3884470d9911e1fa fedora/2/updates-testing/SRPMS/ethereal-0.10.13-1.FC2.2.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
