[SECURITY] Fedora Core 5 Update: wireshark-0.99.5-1.fc5

Radek Vokal rvokal at redhat.com
Tue Feb 6 17:14:14 UTC 2007


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-207
2007-02-06
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : wireshark
Version     : 0.99.5
Release     : 1.fc5
Summary     : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.

---------------------------------------------------------------------
Update Information:

- multiple security issues fixed (#227140)
- CVE-2007-0459 - The TCP dissector could hang or crash
while reassembling HTTP packets
- CVE-2007-0459 - The HTTP dissector could crash.
- CVE-2007-0457 - On some systems, the IEEE 802.11 dissector
could crash.
- CVE-2007-0456 - On some systems, the LLT dissector could
crash.
---------------------------------------------------------------------
* Mon Feb  5 2007 Radek Vokál <rvokal at redhat.com> 0.99.5-1
- multiple security issues fixed (#227140)
- CVE-2007-0459 - The TCP dissector could hang or crash while reassembling HTTP packets
- CVE-2007-0459 - The HTTP dissector could crash.
- CVE-2007-0457 - On some systems, the IEEE 802.11 dissector could crash.
- CVE-2007-0456 - On some systems, the LLT dissector could crash.
* Wed Nov  1 2006 Radek Vokál <rvokal at redhat.com> 0.99.4-1.fc5
- upgrade to 0.99.4, fixes multiple security issues
- use dist tag
- CVE-2006-5468 - The HTTP dissector could dereference a null pointer.
- CVE-2006-5469 - The WBXML dissector could crash.
- CVE-2006-5470 - The LDAP dissector (and possibly others) could crash.
- CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a large amount of memory and crash.
- CVE-2006-4574 - Single byte \0 overflow written onto the heap
* Fri Aug 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.3-fc5.1
- upgrade to 0.99.3-1
- CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331)
* Wed Jul 26 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.2
- fix BuildRequires
* Tue Jul 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.1
- build for FC5
* Tue Jul 18 2006 Radek Vokál <rvokal at redhat.com> 0.99.2-1
- upgrade to 0.99.2
* Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 0.99.2-0.pre1.1
- rebuild
* Tue Jul 11 2006 Radek Vokál <rvokal at redhat.com> 0.99.2-0.pre1
- upgrade to 0.99.2pre1, fixes (#198242)
* Tue Jun 13 2006 Radek Vokal <rvokal at redhat.com> 0.99.1-0.pre1
- spec file changes
* Fri Jun  9 2006 Radek Vokal <rvokal at redhat.com> 0.99.1pre1-1
- initial build for Fedora Core

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

d47c9073007904d43c852880b68050a90cdbee29  SRPMS/wireshark-0.99.5-1.fc5.src.rpm
d47c9073007904d43c852880b68050a90cdbee29  noarch/wireshark-0.99.5-1.fc5.src.rpm
e0106642b608752314e390fd63f694206a7d40ca  ppc/debug/wireshark-debuginfo-0.99.5-1.fc5.ppc.rpm
e598f274c7291478ac9d2e1db16c402dfe0192d0  ppc/wireshark-0.99.5-1.fc5.ppc.rpm
afdb854f38f4629cd346c5e44582b1abd8cc6999  ppc/wireshark-gnome-0.99.5-1.fc5.ppc.rpm
f9db362d081a40c08fe089c6f09c588ba3911f7f  x86_64/wireshark-0.99.5-1.fc5.x86_64.rpm
b2426e3ababe0bd30f8dcf8bd931a99920c528ee  x86_64/wireshark-gnome-0.99.5-1.fc5.x86_64.rpm
44a9179cbbd6efe531a6e9fb643354ca10fc69e2  x86_64/debug/wireshark-debuginfo-0.99.5-1.fc5.x86_64.rpm
24e9c722719305b4b4a1c55bc75b617a0691665a  i386/debug/wireshark-debuginfo-0.99.5-1.fc5.i386.rpm
c2ae37004d933a1d4cf9ae2ce0fc0e5a71ae7e2c  i386/wireshark-gnome-0.99.5-1.fc5.i386.rpm
4fa778c631268a2c21017279a24979c5b795c46a  i386/wireshark-0.99.5-1.fc5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the package-announce mailing list