Mandriva Linux Security Advisory 2009-194 - Vulnerabilities have been discovered in the wireshark package, which could lead to application crash via radius, infiniband and afs dissectors. This update provides a fix for those vulnerabilities.
f508f94bd641d0b3de7652903bfdc8a48f392f6428bfccf2a9a070b1d5bbba6e
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:194
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : August 5, 2009
Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Vulnerabilities have been discovered in wireshark package, which could
lead to application crash via radius, infiniband and afs dissectors
(CVE-2009-2560, CVE-2009-2562, CVE-2009-2563).
This update provides a fix for those vulnerabilities.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2563
http://www.wireshark.org/security/wnpa-sec-2009-04.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
35c44b3dda2222f03f0229dffe083690 2009.0/i586/dumpcap-1.0.8-3.2mdv2009.0.i586.rpm
32a5a19dbd7d927f04462644fda1a918 2009.0/i586/libwireshark0-1.0.8-3.2mdv2009.0.i586.rpm
679abf03eebc9c9790497845a49b92b5 2009.0/i586/libwireshark-devel-1.0.8-3.2mdv2009.0.i586.rpm
7fc204402d3ca6c0b89b5aefc58ac243 2009.0/i586/rawshark-1.0.8-3.2mdv2009.0.i586.rpm
fc2ceb7dcbd8edaac22fac8ef8020688 2009.0/i586/tshark-1.0.8-3.2mdv2009.0.i586.rpm
5e42c96a3f433b845059cc4616b3f1bf 2009.0/i586/wireshark-1.0.8-3.2mdv2009.0.i586.rpm
3c70080e2d6962af6cf0c7d48fec8a89 2009.0/i586/wireshark-tools-1.0.8-3.2mdv2009.0.i586.rpm
10dc6eb791beb4db15d7dd9acd20a3b5 2009.0/SRPMS/wireshark-1.0.8-3.2mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
0b42122bf6b1a5c3e65b673b19da382e 2009.0/x86_64/dumpcap-1.0.8-3.2mdv2009.0.x86_64.rpm
f560c78cf476d2c4bc4758330a933fff 2009.0/x86_64/lib64wireshark0-1.0.8-3.2mdv2009.0.x86_64.rpm
3a9a289b9e01b4ce1d89b970b3577a56 2009.0/x86_64/lib64wireshark-devel-1.0.8-3.2mdv2009.0.x86_64.rpm
759831cb22ec8a5d5028015a35931087 2009.0/x86_64/rawshark-1.0.8-3.2mdv2009.0.x86_64.rpm
e12270bc4129f1c62a6fccba67e80fe0 2009.0/x86_64/tshark-1.0.8-3.2mdv2009.0.x86_64.rpm
de928a404ae250eabb93ea05c5e022d4 2009.0/x86_64/wireshark-1.0.8-3.2mdv2009.0.x86_64.rpm
05b5ac1f460a049efc36b57785c9d166 2009.0/x86_64/wireshark-tools-1.0.8-3.2mdv2009.0.x86_64.rpm
10dc6eb791beb4db15d7dd9acd20a3b5 2009.0/SRPMS/wireshark-1.0.8-3.2mdv2009.0.src.rpm
Mandriva Linux 2009.1:
5f084d3f4d56462afdeb056d2c63e0b0 2009.1/i586/dumpcap-1.0.8-3.2mdv2009.1.i586.rpm
e9137ca3ecf24656a06ae4dd0870137d 2009.1/i586/libwireshark0-1.0.8-3.2mdv2009.1.i586.rpm
31e8564ff9ad9a1a4085a23df535a9b7 2009.1/i586/libwireshark-devel-1.0.8-3.2mdv2009.1.i586.rpm
d125bcd35a05532acd2bce81bb477278 2009.1/i586/rawshark-1.0.8-3.2mdv2009.1.i586.rpm
cd24c453d85fa38cdb95f798af11ada1 2009.1/i586/tshark-1.0.8-3.2mdv2009.1.i586.rpm
3853e1197a5f1189ccecace02c664cd9 2009.1/i586/wireshark-1.0.8-3.2mdv2009.1.i586.rpm
cd28e512238504a40183ac9053f7ded7 2009.1/i586/wireshark-tools-1.0.8-3.2mdv2009.1.i586.rpm
7772b718900f37402f2205df81027eaf 2009.1/SRPMS/wireshark-1.0.8-3.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
33fb00d1fe8705f96b68a557df9dc82c 2009.1/x86_64/dumpcap-1.0.8-3.2mdv2009.1.x86_64.rpm
fecf1fea37ba80db55b081dada88d92e 2009.1/x86_64/lib64wireshark0-1.0.8-3.2mdv2009.1.x86_64.rpm
997814600900d1897d36ec703931107f 2009.1/x86_64/lib64wireshark-devel-1.0.8-3.2mdv2009.1.x86_64.rpm
bb03b7ab486159ff2185f28298817ec3 2009.1/x86_64/rawshark-1.0.8-3.2mdv2009.1.x86_64.rpm
ddd6af566dd048d7660e6c51407951f5 2009.1/x86_64/tshark-1.0.8-3.2mdv2009.1.x86_64.rpm
e380009d79ccf87bcd6dc614af0fcf3a 2009.1/x86_64/wireshark-1.0.8-3.2mdv2009.1.x86_64.rpm
416b62662ecb8f00c9b38b67c8bffe68 2009.1/x86_64/wireshark-tools-1.0.8-3.2mdv2009.1.x86_64.rpm
7772b718900f37402f2205df81027eaf 2009.1/SRPMS/wireshark-1.0.8-3.2mdv2009.1.src.rpm
Corporate 4.0:
0edce2e85d953b8ad86d663054e8d556 corporate/4.0/i586/dumpcap-1.0.8-0.2.20060mlcs4.i586.rpm
b3b5ff7686d44df6d741213ca4ef5a3f corporate/4.0/i586/libwireshark0-1.0.8-0.2.20060mlcs4.i586.rpm
15af42501657bf3b632faf78ac64b676 corporate/4.0/i586/libwireshark-devel-1.0.8-0.2.20060mlcs4.i586.rpm
df9b9c9d6844d09407255585e95363eb corporate/4.0/i586/rawshark-1.0.8-0.2.20060mlcs4.i586.rpm
1e0524ed826663d6c123a25a810229c4 corporate/4.0/i586/tshark-1.0.8-0.2.20060mlcs4.i586.rpm
70284837b799f074252a92e36003fa7b corporate/4.0/i586/wireshark-1.0.8-0.2.20060mlcs4.i586.rpm
7770f8370818ed3051849804c5c7832b corporate/4.0/i586/wireshark-tools-1.0.8-0.2.20060mlcs4.i586.rpm
58357c66e0af1174591ddede8552e9ed corporate/4.0/SRPMS/wireshark-1.0.8-0.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
9e324be1a76546158eef6d1afec6b477 corporate/4.0/x86_64/dumpcap-1.0.8-0.2.20060mlcs4.x86_64.rpm
cd0b9333f156d892f7783a6c94ba03e2 corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.2.20060mlcs4.x86_64.rpm
c0619181ce70e9f9c4e684fa3c949a2b corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.2.20060mlcs4.x86_64.rpm
5711b26fec21ca6e9198778e5dcf3beb corporate/4.0/x86_64/rawshark-1.0.8-0.2.20060mlcs4.x86_64.rpm
36c9aee8682d690f83712f12504185c7 corporate/4.0/x86_64/tshark-1.0.8-0.2.20060mlcs4.x86_64.rpm
eb7bd5e8bcc27a6840f055612073d39a corporate/4.0/x86_64/wireshark-1.0.8-0.2.20060mlcs4.x86_64.rpm
b2a448f16e99cf72889bd1179cd91a67 corporate/4.0/x86_64/wireshark-tools-1.0.8-0.2.20060mlcs4.x86_64.rpm
58357c66e0af1174591ddede8552e9ed corporate/4.0/SRPMS/wireshark-1.0.8-0.2.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
46b3b6e24434f0219bcbd710ce979563 mes5/i586/dumpcap-1.0.8-3.2mdvmes5.i586.rpm
f6c0d02d8d2369f54adb817f81d248ba mes5/i586/libwireshark0-1.0.8-3.2mdvmes5.i586.rpm
300514c2f3909498b5ef551f4df390c0 mes5/i586/libwireshark-devel-1.0.8-3.2mdvmes5.i586.rpm
2570e35d68c35e716b837ad5cca06cda mes5/i586/rawshark-1.0.8-3.2mdvmes5.i586.rpm
6921ab12a7d1181937acc6dfbd58d8bb mes5/i586/tshark-1.0.8-3.2mdvmes5.i586.rpm
445d9741305071b62274166e1499979e mes5/i586/wireshark-1.0.8-3.2mdvmes5.i586.rpm
fcc036a683833e62c01a03c8f7719e99 mes5/i586/wireshark-tools-1.0.8-3.2mdvmes5.i586.rpm
9764beb45431d60f5f42cd1dd75e0552 mes5/SRPMS/wireshark-1.0.8-3.2mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64:
17665ab83f9cb30c85ed773c45641028 mes5/x86_64/dumpcap-1.0.8-3.2mdvmes5.x86_64.rpm
02c24673bfe6734d2c24f8212d902065 mes5/x86_64/lib64wireshark0-1.0.8-3.2mdvmes5.x86_64.rpm
8c15123fc16dd8adce1fb0cd91003363 mes5/x86_64/lib64wireshark-devel-1.0.8-3.2mdvmes5.x86_64.rpm
22d064d32c5896e077e2134add0cac5d mes5/x86_64/rawshark-1.0.8-3.2mdvmes5.x86_64.rpm
218afbc803e79a6e21b456a8b9f6600e mes5/x86_64/tshark-1.0.8-3.2mdvmes5.x86_64.rpm
905aa32b8e1f3cd7322c0bc4f5c104e1 mes5/x86_64/wireshark-1.0.8-3.2mdvmes5.x86_64.rpm
6a0a6053cc654a3342cf564486b31d46 mes5/x86_64/wireshark-tools-1.0.8-3.2mdvmes5.x86_64.rpm
9764beb45431d60f5f42cd1dd75e0552 mes5/SRPMS/wireshark-1.0.8-3.2mdvmes5.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKeh6wmqjQ0CJFipgRAsn1AJ9913NYSPZhCVnYbSk4sMH+hyuoqgCfanCl
pnfGj9IIxOR7U5+b1pp5z18=
=fgJz
-----END PGP SIGNATURE-----