-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:033 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wireshark Date : February 2, 2007 Affected: 2007.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Vulnerabilities in the LLT, IEEE 802.11, HTTP, and TCP dissectors were discovered in versions of wireshark less than 0.99.5, as well as various other bugs. This updated provides wireshark 0.99.5 which is not vulnerable to these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459 http://www.wireshark.org/security/wnpa-sec-2007-01.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: 740873204531526e4cc6878444af8362 2007.0/i586/libwireshark0-0.99.5-0.1mdv2007.0.i586.rpm add82ec56d6f77ee7368cd080a82a465 2007.0/i586/tshark-0.99.5-0.1mdv2007.0.i586.rpm d193c2b44c08aac1b67d64613532ef80 2007.0/i586/wireshark-0.99.5-0.1mdv2007.0.i586.rpm 858bbb85edc9783b155ef0a0ac6c3b90 2007.0/i586/wireshark-tools-0.99.5-0.1mdv2007.0.i586.rpm 1df4c1838fe6b746a782e133de279827 2007.0/SRPMS/wireshark-0.99.5-0.1mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 8ef87dcfc0cc5ac18a31945959e7aa7c 2007.0/x86_64/lib64wireshark0-0.99.5-0.1mdv2007.0.x86_64.rpm a3f7656a6b2c90d23bac921d472bffaf 2007.0/x86_64/tshark-0.99.5-0.1mdv2007.0.x86_64.rpm 81050abf3144fd206f8a2f0a7e910836 2007.0/x86_64/wireshark-0.99.5-0.1mdv2007.0.x86_64.rpm b2f12630475a24dec626092e231cc24a 2007.0/x86_64/wireshark-tools-0.99.5-0.1mdv2007.0.x86_64.rpm 1df4c1838fe6b746a782e133de279827 2007.0/SRPMS/wireshark-0.99.5-0.1mdv2007.0.src.rpm Corporate 4.0: 26813537c4e24420d2cb1bbcbaad3185 corporate/4.0/i586/libwireshark0-0.99.5-0.1.20060mlcs4.i586.rpm 55d76fd9bc65b2cd4eb602a8e8b034d1 corporate/4.0/i586/tshark-0.99.5-0.1.20060mlcs4.i586.rpm 8aaf460bab2133abe4c7d5973f190d8c corporate/4.0/i586/wireshark-0.99.5-0.1.20060mlcs4.i586.rpm 4b12b3ad9f259bb9099208cb530bc42d corporate/4.0/i586/wireshark-tools-0.99.5-0.1.20060mlcs4.i586.rpm 5937c2654ada4050818cc4d2f88d13ce corporate/4.0/SRPMS/wireshark-0.99.5-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: b6da34d5d4f983d981f298b20f26222c corporate/4.0/x86_64/lib64wireshark0-0.99.5-0.1.20060mlcs4.x86_64.rpm 1a7b1c1d3c142f7e735f0b4e94b6fee8 corporate/4.0/x86_64/tshark-0.99.5-0.1.20060mlcs4.x86_64.rpm 103ef9c506489cf585aa01bf71c8e24a corporate/4.0/x86_64/wireshark-0.99.5-0.1.20060mlcs4.x86_64.rpm b9b872ed0afc643f40fc35983d0a7302 corporate/4.0/x86_64/wireshark-tools-0.99.5-0.1.20060mlcs4.x86_64.rpm 5937c2654ada4050818cc4d2f88d13ce corporate/4.0/SRPMS/wireshark-0.99.5-0.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFw9EcmqjQ0CJFipgRAnDtAKCjD5xWhqIieHZJ1sXG6QHpMu5M0QCfesmh Gbkbxd4FLH/gNMJxW9I0X2c= =sFUw -----END PGP SIGNATURE-----
