[SECURITY] Fedora 12 Update: wireshark-1.2.10-1.fc12

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 2 20:47:13 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-13427
2010-08-24 20:36:51
--------------------------------------------------------------------------------

Name        : wireshark
Product     : Fedora 12
Version     : 1.2.10
Release     : 1.fc12
URL         : http://www.wireshark.org/
Summary     : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.

--------------------------------------------------------------------------------
Update Information:

Update to upstream version 1.2.10:    *
http://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html  *
http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html  *
http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html  *
http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html    fixing multiple
security issues:    * http://www.wireshark.org/security/wnpa-sec-2010-04.html  *
http://www.wireshark.org/security/wnpa-sec-2010-06.html  *
http://www.wireshark.org/security/wnpa-sec-2010-08.html
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com> - 1.2.10-1
- upgrade to 1.2.10
- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html
- Resolves: #625940 CVE-2010-2287 CVE-2010-2286 CVE-2010-2284 CVE-2010-2283
* Tue Mar 16 2010 Jeff Layton <jlayton at redhat.com> - 1.2.6-2
- add patch to allow decode of NFSv4.0 callback channel
- add patch to allow decode of more SMB FIND_FILE infolevels
* Tue Mar  2 2010 Radek Vokal <rvokal at redhat.com> - 1.2.6-1
- upgrade to 1.2.6
- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.6.html 
- minor spec file tweaks for better svn checkout support (#553500)
- fix file list, init.lua is only in -devel subpackage (#552406)
* Fri Dec 18 2009 Patrick Monnerat <pm at datasphere.ch> 1.2.5-3
- Autoconf macro for plugin development.
* Fri Dec 18 2009 Radek Vokal <rvokal at redhat.com> - 1.2.5-2
- upgrade to 1.2.5
- fixes security vulnaribilities, see http://www.wireshark.org/security/wnpa-sec-2009-09.html 
- split -devel package (#547899, #203642, #218451)
- removing root warning dialog (#543709)
- enable lua support - http://wiki.wireshark.org/Lua
- attempt to fix filter crash on 64bits
* Wed Nov 18 2009 Radek Vokal <rvokal at redhat.com> - 1.2.4-1
- upgrade to 1.2.4
- http://www.wireshark.org/docs/relnotes/wireshark-1.2.4.html
* Fri Oct 30 2009 Radek Vokal <rvokal at redhat.com> - 1.2.3-1
- upgrade to 1.2.3
- http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #604308 - CVE-2010-2287 CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns
        https://bugzilla.redhat.com/show_bug.cgi?id=604308
  [ 2 ] Bug #604302 - CVE-2010-2286 wireshark: SigComp UDVM dissector infinite loop
        https://bugzilla.redhat.com/show_bug.cgi?id=604302
  [ 3 ] Bug #604292 - CVE-2010-2284 wireshark: ASN.1 BER dissector stack overrun
        https://bugzilla.redhat.com/show_bug.cgi?id=604292
  [ 4 ] Bug #604290 - CVE-2010-2283 wireshark: SMB dissector NULL pointer dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=604290
  [ 5 ] Bug #590613 - CVE-2010-1455 wireshark: DOCSIS dissector crash
        https://bugzilla.redhat.com/show_bug.cgi?id=590613
  [ 6 ] Bug #623843 - CVE-2010-2992 CVE-2010-2993 wireshark: 1.2.10 corrects multiple vulnerabilities
        https://bugzilla.redhat.com/show_bug.cgi?id=623843
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update wireshark' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list