--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-1008 2005-10-20 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ethereal Version : 0.10.13 Release : 1.FC3.1 Summary : Network traffic analyzer Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for ethereal. A graphical user interface is packaged separately to GTK+ package. --------------------------------------------------------------------- Update Information: Ethereal 0.10.13 is scheduled to be released, which fixes the following issues: The ISAKMP dissector could exhaust system memory. (CAN-2005-3241) Fixed in: r15163 Bug IDs: none Versions affected: 0.10.11 to 0.10.12. The FC-FCS dissector could exhaust system memory. (CAN-2005-3241) Fixed in: r15204 Bug IDs: 312 Versions affected: 0.9.0 to 0.10.12. The RSVP dissector could exhaust system memory. (CAN-2005-3241) Fixed in: r15206, r15600 Bug IDs: 311, 314, 382 Versions affected: 0.9.4 to 0.10.12. The ISIS LSP dissector could exhaust system memory. (CAN-2005-3241) Fixed in: r15245 Bug IDs: 320, 326 Versions affected: 0.8.18 to 0.10.12. The IrDA dissector could crash. (CAN-2005-3242) Fixed in: r15265, r15267 Bug IDs: 328, 329, 330, 334, 335, 336 Versions affected: 0.10.0 to 0.10.12. The SLIMP3 dissector could overflow a buffer. (CAN-2005-3243) Fixed in: r15279 Bug IDs: 327 Versions affected: 0.9.1 to 0.10.12. The BER dissector was susceptible to an infinite loop. (CAN-2005-3244) Fixed in: r15292 Bug IDs: none Versions affected: 0.10.3 to 0.10.12. The SCSI dissector could dereference a null pointer and crash. (CAN-2005-3246) Fixed in: r15289 Bug IDs: none Versions affected: 0.10.3 to 0.10.12. If the "Dissect unknown RPC program numbers" option was enabled, the ONC RPC dissector might be able to exhaust system memory. This option is disabled by default. (CAN-2005-3245) Fixed in: r15290 Bug IDs: none Versions affected: 0.7.7 to 0.10.12. The sFlow dissector could dereference a null pointer and crash (CAN-2005-3246) Fixed in: r15375 Bug IDs: 356 Versions affected: 0.9.14 to 0.10.12. The RTnet dissector could dereference a null pointer and crash (CAN-2005-3246) Fixed in: r15673 Bug IDs: none Versions affected: 0.10.8 to 0.10.12. The SigComp UDVM could go into an infinite loop or crash. (CAN-2005-3247) Fixed in: r15715, r15901, r15919 Bug IDs: none Versions affected: 0.10.12. If SMB transaction payload reassembly is enabled the SMB dissector could crash. This preference is disabled by default. (CAN-2005-3242) Fixed in: r15789 Bug IDs: 421 Versions affected: 0.9.7 to 0.10.12. The X11 dissector could attempt to divide by zero. (CAN-2005-3248) Fixed in: r15927 Bug IDs: none Versions affected: 0.10.1 to 0.10.12. The AgentX dissector could overflow a buffer. (CAN-2005-3243) Fixed in: r16003 Bug IDs: none Versions affected: 0.10.10 to 0.10.12. The WSP dissector could free an invalid pointer. (CAN-2005-3249) Fixed in: r16220 Bug IDs: none Versions affected: 0.10.1 to 0.10.12. iDEFENSE found a buffer overflow in the SRVLOC dissector. (CAN-2005-3184) Fixed in: r16206 Bug IDs: none Versions affected: 0.10.0 to 0.10.12. --------------------------------------------------------------------- * Thu Oct 20 2005 Radek Vokal <rvokal@xxxxxxxxxx> 0.10.13-1.FC3.1 - upgrade to 0.10.13 - CAN-2005-3241 Multiple ethereal issues fixed (#171063) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ a48b54c05b43bac981d78c992ea76641 SRPMS/ethereal-0.10.13-1.FC3.1.src.rpm a252cae35dcb8e250a4a8c7669ddc030 x86_64/ethereal-0.10.13-1.FC3.1.x86_64.rpm 385a3d9c59228e4f9bbe4a04f8204959 x86_64/ethereal-gnome-0.10.13-1.FC3.1.x86_64.rpm 7906202c0c483919a7f58097e0d173de x86_64/debug/ethereal-debuginfo-0.10.13-1.FC3.1.x86_64.rpm 2766dbd98a42cf92ec6e2aa0d7bc22ef i386/ethereal-0.10.13-1.FC3.1.i386.rpm 9dcca59c62f74348d72ffd6fa9239c1e i386/ethereal-gnome-0.10.13-1.FC3.1.i386.rpm 320f27a1a0c393d9e21b3c2a7ca65a1b i386/debug/ethereal-debuginfo-0.10.13-1.FC3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-announce-list
