-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:031 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wireshark Date : February 2, 2010 Affected: 2008.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: This advisory updates Wireshark to the version 1.0.11, which fixes the following vulnerabilities: The SMB and SMB2 dissectors could crash (CVE-2009-4377). The Infiniband dissector could crash on some platforms (CVE-2009-2563). Several buffer overflows were discovered and fixed in the LWRES dissector. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2563 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 19efa81835c23a398b2838a12c402cfc 2008.0/i586/dumpcap-1.0.11-0.1mdv2008.0.i586.rpm e2ebbdf9c799d040c484c766f7f77ce1 2008.0/i586/libwireshark0-1.0.11-0.1mdv2008.0.i586.rpm bbdc06654f2ca5508368a09197f68453 2008.0/i586/libwireshark-devel-1.0.11-0.1mdv2008.0.i586.rpm 8c8f6155e041a6ba7eb0151df71c7c1a 2008.0/i586/rawshark-1.0.11-0.1mdv2008.0.i586.rpm 416d3ee9cc690e671f5e3160189048f1 2008.0/i586/tshark-1.0.11-0.1mdv2008.0.i586.rpm 3da636be3451aa0a2033ef0f69e7f7ed 2008.0/i586/wireshark-1.0.11-0.1mdv2008.0.i586.rpm 2f9091cc63e15865664fd600bf8fb04d 2008.0/i586/wireshark-tools-1.0.11-0.1mdv2008.0.i586.rpm b633d55d86c0bd099978f3f120d4a098 2008.0/SRPMS/wireshark-1.0.11-0.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 082c3a795622b56182e15e709c9a73b0 2008.0/x86_64/dumpcap-1.0.11-0.1mdv2008.0.x86_64.rpm 22d769b9f4f84f50f135274c8549d8fd 2008.0/x86_64/lib64wireshark0-1.0.11-0.1mdv2008.0.x86_64.rpm a7d0323a5f9e6cc3e635e9b1d2a0b3bd 2008.0/x86_64/lib64wireshark-devel-1.0.11-0.1mdv2008.0.x86_64.rpm 08fbf188d625df8afde20da0c4588709 2008.0/x86_64/rawshark-1.0.11-0.1mdv2008.0.x86_64.rpm e7487a6b26627d08f99919a931ad8d15 2008.0/x86_64/tshark-1.0.11-0.1mdv2008.0.x86_64.rpm 3a2cb7625e868de9fc3b8055d8ef1de2 2008.0/x86_64/wireshark-1.0.11-0.1mdv2008.0.x86_64.rpm b497e520ff1893129bd5fa90d4e1cfeb 2008.0/x86_64/wireshark-tools-1.0.11-0.1mdv2008.0.x86_64.rpm b633d55d86c0bd099978f3f120d4a098 2008.0/SRPMS/wireshark-1.0.11-0.1mdv2008.0.src.rpm Mandriva Linux 2009.1: c0ab12b26e58e08c3c945c081bb1ff32 2009.1/i586/dumpcap-1.0.11-0.1mdv2009.1.i586.rpm b9c922ad22775a300623901f4823466c 2009.1/i586/libwireshark0-1.0.11-0.1mdv2009.1.i586.rpm 7f87ebcbf3399007994e48ecacea40e0 2009.1/i586/libwireshark-devel-1.0.11-0.1mdv2009.1.i586.rpm 15a63f395346dfae46dc28fec4b860fc 2009.1/i586/rawshark-1.0.11-0.1mdv2009.1.i586.rpm 939f2a2b5825a4e6090503d35210f439 2009.1/i586/tshark-1.0.11-0.1mdv2009.1.i586.rpm f131365d83d612034736acb8a48331f2 2009.1/i586/wireshark-1.0.11-0.1mdv2009.1.i586.rpm 9fbafa94a8d4a4b128014e2a03d5bf5a 2009.1/i586/wireshark-tools-1.0.11-0.1mdv2009.1.i586.rpm 13c333434f8155ae16934f4030b0d8da 2009.1/SRPMS/wireshark-1.0.11-0.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: a174d15549b6ab6eca1702be93da98f7 2009.1/x86_64/dumpcap-1.0.11-0.1mdv2009.1.x86_64.rpm 54d83f1b9725bc9db4237a7e9ffbda23 2009.1/x86_64/lib64wireshark0-1.0.11-0.1mdv2009.1.x86_64.rpm 45c14304b4a90b7f635d1577d6d0cbf1 2009.1/x86_64/lib64wireshark-devel-1.0.11-0.1mdv2009.1.x86_64.rpm 701a608316a51fc749e755c209ff954b 2009.1/x86_64/rawshark-1.0.11-0.1mdv2009.1.x86_64.rpm 93841b7abedb7a104d02a1b1cc303c27 2009.1/x86_64/tshark-1.0.11-0.1mdv2009.1.x86_64.rpm bed0e094baee8d6ad80f51b5298e1513 2009.1/x86_64/wireshark-1.0.11-0.1mdv2009.1.x86_64.rpm 54c833bb1d0e2308feccceb50a483b14 2009.1/x86_64/wireshark-tools-1.0.11-0.1mdv2009.1.x86_64.rpm 13c333434f8155ae16934f4030b0d8da 2009.1/SRPMS/wireshark-1.0.11-0.1mdv2009.1.src.rpm Corporate 4.0: d1eb7ec4cf71cc97aa61d904a80b5e3e corporate/4.0/i586/dumpcap-1.0.11-0.1.20060mlcs4.i586.rpm a1efc9ed4560444167e1bc579e852cc6 corporate/4.0/i586/libwireshark0-1.0.11-0.1.20060mlcs4.i586.rpm 0948fc7945d83459474fc564981011a6 corporate/4.0/i586/libwireshark-devel-1.0.11-0.1.20060mlcs4.i586.rpm 2ad4fd1474fea1cd3a6d317d17d5ff71 corporate/4.0/i586/rawshark-1.0.11-0.1.20060mlcs4.i586.rpm c45d1716fde523430c0993035f762120 corporate/4.0/i586/tshark-1.0.11-0.1.20060mlcs4.i586.rpm d19e47fb78fd39d67cdabdffc2a85068 corporate/4.0/i586/wireshark-1.0.11-0.1.20060mlcs4.i586.rpm 760989e2d7e418b66355bc63b3d358fa corporate/4.0/i586/wireshark-tools-1.0.11-0.1.20060mlcs4.i586.rpm 9fa54f95ba1ac6139a265bbfc8d127b1 corporate/4.0/SRPMS/wireshark-1.0.11-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: c43b4f5e17905bf3e92420b572537a78 corporate/4.0/x86_64/dumpcap-1.0.11-0.1.20060mlcs4.x86_64.rpm 90afae49acdbb872d0e2068eac663c72 corporate/4.0/x86_64/lib64wireshark0-1.0.11-0.1.20060mlcs4.x86_64.rpm 58745ea4d1f3b484678f34c0f42ea7ec corporate/4.0/x86_64/lib64wireshark-devel-1.0.11-0.1.20060mlcs4.x86_64.rpm b604127daebc516779b1709d51a6bdb5 corporate/4.0/x86_64/rawshark-1.0.11-0.1.20060mlcs4.x86_64.rpm 06cf97ba0b2fd291fa4fff0a5e467e37 corporate/4.0/x86_64/tshark-1.0.11-0.1.20060mlcs4.x86_64.rpm d2903cbeedfe11f49fad3e3627550d78 corporate/4.0/x86_64/wireshark-1.0.11-0.1.20060mlcs4.x86_64.rpm 1ca2c1af36c8ff26e15ec0cc71274a05 corporate/4.0/x86_64/wireshark-tools-1.0.11-0.1.20060mlcs4.x86_64.rpm 9fa54f95ba1ac6139a265bbfc8d127b1 corporate/4.0/SRPMS/wireshark-1.0.11-0.1.20060mlcs4.src.rpm Mandriva Enterprise Server 5: d121a5b1d6854048326174d9e6bcedd7 mes5/i586/dumpcap-1.0.11-0.1mdvmes5.i586.rpm b7f17c2f23b86a56505f19229d3127a4 mes5/i586/libwireshark0-1.0.11-0.1mdvmes5.i586.rpm 347b5faa357359bc766874668baa7433 mes5/i586/libwireshark-devel-1.0.11-0.1mdvmes5.i586.rpm e0312c09a741831f029a87ec7b111a16 mes5/i586/rawshark-1.0.11-0.1mdvmes5.i586.rpm 704670f3d68a4ef18998325927c675d7 mes5/i586/tshark-1.0.11-0.1mdvmes5.i586.rpm 5c9aa7ace2318bd60b2c9b1be03de4a3 mes5/i586/wireshark-1.0.11-0.1mdvmes5.i586.rpm 3414f1f520fa7129bca53639339d4427 mes5/i586/wireshark-tools-1.0.11-0.1mdvmes5.i586.rpm 33e3b36192051dcff6c1069bc415f34a mes5/SRPMS/wireshark-1.0.11-0.1mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 32b01554823524580d7527e64b6ec1b2 mes5/x86_64/dumpcap-1.0.11-0.1mdvmes5.x86_64.rpm 01f27d99f023bbd83ab110bd12300a9e mes5/x86_64/lib64wireshark0-1.0.11-0.1mdvmes5.x86_64.rpm 3f70c94125aa2297690b936936b32493 mes5/x86_64/lib64wireshark-devel-1.0.11-0.1mdvmes5.x86_64.rpm 08624b3f91f6a8442abc802ec0f24c74 mes5/x86_64/rawshark-1.0.11-0.1mdvmes5.x86_64.rpm 563cd28702d1572e17c6f99fc23178dd mes5/x86_64/tshark-1.0.11-0.1mdvmes5.x86_64.rpm 8af1a674c107ff546a8f28158ef15a9d mes5/x86_64/wireshark-1.0.11-0.1mdvmes5.x86_64.rpm 71f149cc307ee3b026867c2c282216f4 mes5/x86_64/wireshark-tools-1.0.11-0.1mdvmes5.x86_64.rpm 33e3b36192051dcff6c1069bc415f34a mes5/SRPMS/wireshark-1.0.11-0.1mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLaLrMmqjQ0CJFipgRAsIIAKDaKxrjGJURNYZqhbab5Ci9ShD8YwCgigF/ EsdbEOhtMEyVHxbpJc883Co= =kgK8 -----END PGP SIGNATURE-----
