-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:125 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wireshark Date : May 31, 2009 Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0 _______________________________________________________________________ Problem Description: A vulnerability has been identified and corrected in wireshark: o Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets (CVE-2009-1829). This update provides Wireshark 1.0.8, which is not vulnerable to this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1829 http://www.wireshark.org/security/wnpa-sec-2009-03.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: a0d083f369bffd3dfa46aa1df793ced1 2008.1/i586/dumpcap-1.0.8-3.1mdv2008.1.i586.rpm 556318aacdfd7d48ad44a7191092acd6 2008.1/i586/libwireshark0-1.0.8-3.1mdv2008.1.i586.rpm 861b059fa767f485833ad7192ac5ca2c 2008.1/i586/libwireshark-devel-1.0.8-3.1mdv2008.1.i586.rpm 8c2b35c5dfd76a22eb346e42bbb34155 2008.1/i586/rawshark-1.0.8-3.1mdv2008.1.i586.rpm 348c0c15f2e855b4c7a0348d34ea09fe 2008.1/i586/tshark-1.0.8-3.1mdv2008.1.i586.rpm 6cdb4bcd35b66c7e7a22015335dd292f 2008.1/i586/wireshark-1.0.8-3.1mdv2008.1.i586.rpm 13b1982a9621bdc39d4d97afc45b8cd5 2008.1/i586/wireshark-tools-1.0.8-3.1mdv2008.1.i586.rpm 764d085469658662ac2911fa64ff3ddd 2008.1/SRPMS/wireshark-1.0.8-3.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: f81a7484841903392600faaf424c9b0f 2008.1/x86_64/dumpcap-1.0.8-3.1mdv2008.1.x86_64.rpm 4f702d98ddc5c0c856737c3c8218120a 2008.1/x86_64/lib64wireshark0-1.0.8-3.1mdv2008.1.x86_64.rpm ba6fb67f3106d9e11d28c29c925bb79a 2008.1/x86_64/lib64wireshark-devel-1.0.8-3.1mdv2008.1.x86_64.rpm b5017da51fd24e944f30753ff799a7dd 2008.1/x86_64/rawshark-1.0.8-3.1mdv2008.1.x86_64.rpm 5ea24ffef5972d5080cb986d0b7f8aa7 2008.1/x86_64/tshark-1.0.8-3.1mdv2008.1.x86_64.rpm 83d8494632a64f4184cad21f0ff2070a 2008.1/x86_64/wireshark-1.0.8-3.1mdv2008.1.x86_64.rpm e446d9a365b467d17b829f156f88bcad 2008.1/x86_64/wireshark-tools-1.0.8-3.1mdv2008.1.x86_64.rpm 764d085469658662ac2911fa64ff3ddd 2008.1/SRPMS/wireshark-1.0.8-3.1mdv2008.1.src.rpm Mandriva Linux 2009.0: c601d5a72e97b879878a3d94d6b07682 2009.0/i586/dumpcap-1.0.8-3.1mdv2009.0.i586.rpm cbc6e9bfe4055a4e3a486ad7d9d5d1d6 2009.0/i586/libwireshark0-1.0.8-3.1mdv2009.0.i586.rpm 7e15d3c389aec169bba4cbc3ca3e743e 2009.0/i586/libwireshark-devel-1.0.8-3.1mdv2009.0.i586.rpm 8b54b7755dc4c23d5c5aabce2cc8c93b 2009.0/i586/rawshark-1.0.8-3.1mdv2009.0.i586.rpm 4747a553908057b86c042759f78976ea 2009.0/i586/tshark-1.0.8-3.1mdv2009.0.i586.rpm 736173032c8f0dc38f358196f092429b 2009.0/i586/wireshark-1.0.8-3.1mdv2009.0.i586.rpm e8aa27a3ca2cf82599fc4c84044ff5ba 2009.0/i586/wireshark-tools-1.0.8-3.1mdv2009.0.i586.rpm 2bae0ecb6b260cfe69f81afbcfe7ecb3 2009.0/SRPMS/wireshark-1.0.8-3.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 7878ec348dd2a4543d6704acf6847bf1 2009.0/x86_64/dumpcap-1.0.8-3.1mdv2009.0.x86_64.rpm 5bf724ce33c315dda9d419132cb5c3f7 2009.0/x86_64/lib64wireshark0-1.0.8-3.1mdv2009.0.x86_64.rpm 003c4fc644bbd55a5387a5840f071c2d 2009.0/x86_64/lib64wireshark-devel-1.0.8-3.1mdv2009.0.x86_64.rpm bfe8072577a4ec90e189bdcf9c595347 2009.0/x86_64/rawshark-1.0.8-3.1mdv2009.0.x86_64.rpm bdc71f63874e7d26bb38d2c0bb9e3704 2009.0/x86_64/tshark-1.0.8-3.1mdv2009.0.x86_64.rpm ebeff9070be842e8f76d197fcd9ab63d 2009.0/x86_64/wireshark-1.0.8-3.1mdv2009.0.x86_64.rpm 87471e79b554ed396eafc35e38018cfe 2009.0/x86_64/wireshark-tools-1.0.8-3.1mdv2009.0.x86_64.rpm 2bae0ecb6b260cfe69f81afbcfe7ecb3 2009.0/SRPMS/wireshark-1.0.8-3.1mdv2009.0.src.rpm Mandriva Linux 2009.1: e78195d23cfe382e968c7d2c06640c0d 2009.1/i586/dumpcap-1.0.8-3mdv2009.1.i586.rpm 28f331ffb584965eaf6007c5e7cf1256 2009.1/i586/libwireshark0-1.0.8-3mdv2009.1.i586.rpm d274ad81b779b568d29935701123c5fd 2009.1/i586/libwireshark-devel-1.0.8-3mdv2009.1.i586.rpm dab42aa9f71d2f6f0027cd535a88212b 2009.1/i586/rawshark-1.0.8-3mdv2009.1.i586.rpm 7ed28537628436176c78efb085e83629 2009.1/i586/tshark-1.0.8-3mdv2009.1.i586.rpm b493d446f0167ccd9c1aed81f64b14c7 2009.1/i586/wireshark-1.0.8-3mdv2009.1.i586.rpm 9edec3502b5a361ecbcdd03000d14689 2009.1/i586/wireshark-tools-1.0.8-3mdv2009.1.i586.rpm 461b4a5ca1fd68d46e6d9456284c39e7 2009.1/SRPMS/wireshark-1.0.8-3mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 02025763727e6c694ea55db8c3fd754d 2009.1/x86_64/dumpcap-1.0.8-3mdv2009.1.x86_64.rpm b33f175e526d24e581cbeffc1ece9371 2009.1/x86_64/lib64wireshark0-1.0.8-3mdv2009.1.x86_64.rpm 2fb1389b07e21d055527ee684bc263fe 2009.1/x86_64/lib64wireshark-devel-1.0.8-3mdv2009.1.x86_64.rpm 85b34b626b4c5a0be8a6c944965ac3e0 2009.1/x86_64/rawshark-1.0.8-3mdv2009.1.x86_64.rpm ffe117f860faead25ad347ed5d336b98 2009.1/x86_64/tshark-1.0.8-3mdv2009.1.x86_64.rpm e67dbdf2748bbfc4b0dbe91d3b8bbff1 2009.1/x86_64/wireshark-1.0.8-3mdv2009.1.x86_64.rpm 7c2f637c8a273e753c272f25ef440148 2009.1/x86_64/wireshark-tools-1.0.8-3mdv2009.1.x86_64.rpm 461b4a5ca1fd68d46e6d9456284c39e7 2009.1/SRPMS/wireshark-1.0.8-3mdv2009.1.src.rpm Corporate 4.0: 46c96026ad73300946f6d7c256160191 corporate/4.0/i586/dumpcap-1.0.8-0.1.20060mlcs4.i586.rpm 8095cd428e357efe67e9aecf5eff3bb5 corporate/4.0/i586/libwireshark0-1.0.8-0.1.20060mlcs4.i586.rpm 851e5e1c57105d43cd5f2e7659cce886 corporate/4.0/i586/libwireshark-devel-1.0.8-0.1.20060mlcs4.i586.rpm c39421d007b4a397cb5c04626fccef8a corporate/4.0/i586/rawshark-1.0.8-0.1.20060mlcs4.i586.rpm 21572778f06be23fbd859d7e752a450d corporate/4.0/i586/tshark-1.0.8-0.1.20060mlcs4.i586.rpm 7d6afaf2dcbdec6a0c749238cadd422b corporate/4.0/i586/wireshark-1.0.8-0.1.20060mlcs4.i586.rpm fd6e04679d2563ae518e559349748ea9 corporate/4.0/i586/wireshark-tools-1.0.8-0.1.20060mlcs4.i586.rpm b5caa7e71a222b9d003bd66101ff5d32 corporate/4.0/SRPMS/wireshark-1.0.8-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 357cb4dd412b86749cb1105703259065 corporate/4.0/x86_64/dumpcap-1.0.8-0.1.20060mlcs4.x86_64.rpm 93360b7b8ad11aa244088f794d0b17a0 corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.1.20060mlcs4.x86_64.rpm 14dab007969de8318bc27ded09571863 corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.1.20060mlcs4.x86_64.rpm 64fb873b96d4e67282783eecf010d3c9 corporate/4.0/x86_64/rawshark-1.0.8-0.1.20060mlcs4.x86_64.rpm 288acb4e17fb0796cc138399b6df73cf corporate/4.0/x86_64/tshark-1.0.8-0.1.20060mlcs4.x86_64.rpm f6d2f4a3c693f6e2ff028eea0a3a452d corporate/4.0/x86_64/wireshark-1.0.8-0.1.20060mlcs4.x86_64.rpm 1387dcf8f2a7529f65fa1aeea949267f corporate/4.0/x86_64/wireshark-tools-1.0.8-0.1.20060mlcs4.x86_64.rpm b5caa7e71a222b9d003bd66101ff5d32 corporate/4.0/SRPMS/wireshark-1.0.8-0.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKIrTYmqjQ0CJFipgRAnzUAJ0aht7CM5phMz5Wun/sCLNOgVmTTACbBLiG WSNu7y/3y/2EjyBTWm5bTK0= =lOfV -----END PGP SIGNATURE-----
