-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:099 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wireshark Date : May 18, 2010 Affected: 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: This advisory updates wireshark to the latest version(s), fixing several bugs and one security issue: The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file (CVE-2010-1455). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455 http://www.wireshark.org/security/wnpa-sec-2010-03.html http://www.wireshark.org/security/wnpa-sec-2010-04.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.1: 3427658b5fa7df10dfa9171fce88f274 2009.1/i586/dumpcap-1.0.13-0.1mdv2009.1.i586.rpm 95eaa9c7c7ac154903915192da011c30 2009.1/i586/libwireshark0-1.0.13-0.1mdv2009.1.i586.rpm 8ff6136b164403ef8723c79ba1c4fe9c 2009.1/i586/libwireshark-devel-1.0.13-0.1mdv2009.1.i586.rpm a941891c51278956c8b09542fe38b316 2009.1/i586/rawshark-1.0.13-0.1mdv2009.1.i586.rpm e7f5402a8b5ea82a517331662d052258 2009.1/i586/tshark-1.0.13-0.1mdv2009.1.i586.rpm 0766111a0a9343548634dabaa1d45532 2009.1/i586/wireshark-1.0.13-0.1mdv2009.1.i586.rpm 19a17a62a92d2c5b5333fd50b084b6af 2009.1/i586/wireshark-tools-1.0.13-0.1mdv2009.1.i586.rpm 8ab9c2e193eac4ae22d7d511a4090781 2009.1/SRPMS/wireshark-1.0.13-0.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 8f7794755f7c0eedc2b28e8418856360 2009.1/x86_64/dumpcap-1.0.13-0.1mdv2009.1.x86_64.rpm e97ce630c1d3574081498ceb43a212b0 2009.1/x86_64/lib64wireshark0-1.0.13-0.1mdv2009.1.x86_64.rpm 35cc38b16123a19a98a2861b6e6bae54 2009.1/x86_64/lib64wireshark-devel-1.0.13-0.1mdv2009.1.x86_64.rpm fa900f436680fcab9743efb8f0d22f51 2009.1/x86_64/rawshark-1.0.13-0.1mdv2009.1.x86_64.rpm 47a14ff044d80421e45dedb1b7efd8fd 2009.1/x86_64/tshark-1.0.13-0.1mdv2009.1.x86_64.rpm a1876af79319c30d2b8566c5952588eb 2009.1/x86_64/wireshark-1.0.13-0.1mdv2009.1.x86_64.rpm c4f1f8b8379ce70809273245444e0274 2009.1/x86_64/wireshark-tools-1.0.13-0.1mdv2009.1.x86_64.rpm 8ab9c2e193eac4ae22d7d511a4090781 2009.1/SRPMS/wireshark-1.0.13-0.1mdv2009.1.src.rpm Mandriva Linux 2010.0: 2c5b85c0cb3e8221d600ea1c940d64c4 2010.0/i586/dumpcap-1.2.8-0.1mdv2010.0.i586.rpm a85db0c4912c68d69a6e413a6746f3f2 2010.0/i586/libwireshark0-1.2.8-0.1mdv2010.0.i586.rpm 0e9fbb983c87fad49130ae895d967f18 2010.0/i586/libwireshark-devel-1.2.8-0.1mdv2010.0.i586.rpm 8145924953fb4978e6aac7f7a3350ad4 2010.0/i586/rawshark-1.2.8-0.1mdv2010.0.i586.rpm 91b4fe8fbd482e9c23c20cb94419b095 2010.0/i586/tshark-1.2.8-0.1mdv2010.0.i586.rpm e2d9d1a05bb335b46c30436cc96c451b 2010.0/i586/wireshark-1.2.8-0.1mdv2010.0.i586.rpm 76267d68aef9aaa1eb0980313caf870e 2010.0/i586/wireshark-tools-1.2.8-0.1mdv2010.0.i586.rpm 06020dae672ccfa508fb2178ebebc40d 2010.0/SRPMS/wireshark-1.2.8-0.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 2586bb1431247188f3baa0defefaa56b 2010.0/x86_64/dumpcap-1.2.8-0.1mdv2010.0.x86_64.rpm e90b861b4536d972a0aecd8872332ed6 2010.0/x86_64/lib64wireshark0-1.2.8-0.1mdv2010.0.x86_64.rpm 6659765951116ebf828767453770c894 2010.0/x86_64/lib64wireshark-devel-1.2.8-0.1mdv2010.0.x86_64.rpm d4df009441f8298a31166051b856bbb6 2010.0/x86_64/rawshark-1.2.8-0.1mdv2010.0.x86_64.rpm f6ca978a30455563574c7692c5761645 2010.0/x86_64/tshark-1.2.8-0.1mdv2010.0.x86_64.rpm 3f14e37aeba9563c97565450e3cff0c4 2010.0/x86_64/wireshark-1.2.8-0.1mdv2010.0.x86_64.rpm ceb5d1d67c811a789f689b6c52c6b138 2010.0/x86_64/wireshark-tools-1.2.8-0.1mdv2010.0.x86_64.rpm 06020dae672ccfa508fb2178ebebc40d 2010.0/SRPMS/wireshark-1.2.8-0.1mdv2010.0.src.rpm Corporate 4.0: c4b2c595380a9ffecf99a9d5327d718d corporate/4.0/i586/dumpcap-1.0.13-0.1.20060mlcs4.i586.rpm 684237a417550abfb5cd737e4251209a corporate/4.0/i586/libwireshark0-1.0.13-0.1.20060mlcs4.i586.rpm 3bd58a1b9287347d442337893918134e corporate/4.0/i586/libwireshark-devel-1.0.13-0.1.20060mlcs4.i586.rpm 3b74b6610f9f4cbfdde3a91ecb1ad968 corporate/4.0/i586/rawshark-1.0.13-0.1.20060mlcs4.i586.rpm 5d51ba1b7f02a343c75a12832ca35ad8 corporate/4.0/i586/tshark-1.0.13-0.1.20060mlcs4.i586.rpm 82526ef77e651cf0b7c02a81c7a700c0 corporate/4.0/i586/wireshark-1.0.13-0.1.20060mlcs4.i586.rpm dc716e950488d94feed96787f67be9c9 corporate/4.0/i586/wireshark-tools-1.0.13-0.1.20060mlcs4.i586.rpm b97b0f6aa0d8c5642ac07436141c855d corporate/4.0/SRPMS/wireshark-1.0.13-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2ec3496f75013772d6e9bdea6828c16f corporate/4.0/x86_64/dumpcap-1.0.13-0.1.20060mlcs4.x86_64.rpm c0865dc441a4ec7c400ac058412cb032 corporate/4.0/x86_64/lib64wireshark0-1.0.13-0.1.20060mlcs4.x86_64.rpm ec3f166d445b74f6e46e0c4bac4e6c62 corporate/4.0/x86_64/lib64wireshark-devel-1.0.13-0.1.20060mlcs4.x86_64.rpm 9d7cf63bbdd653cae0c798c208add461 corporate/4.0/x86_64/rawshark-1.0.13-0.1.20060mlcs4.x86_64.rpm 8df217351b953556dbfee0ea8b5ddf50 corporate/4.0/x86_64/tshark-1.0.13-0.1.20060mlcs4.x86_64.rpm d53580174b0a15136052fd5669791667 corporate/4.0/x86_64/wireshark-1.0.13-0.1.20060mlcs4.x86_64.rpm 24ab0d2d38836f963606cfd8f7aa6232 corporate/4.0/x86_64/wireshark-tools-1.0.13-0.1.20060mlcs4.x86_64.rpm b97b0f6aa0d8c5642ac07436141c855d corporate/4.0/SRPMS/wireshark-1.0.13-0.1.20060mlcs4.src.rpm Mandriva Enterprise Server 5: f865f10f62d8e5527f1f8524b9891c5e mes5/i586/dumpcap-1.0.13-0.1mdvmes5.1.i586.rpm 7bde53dbbc605a62b83e48e5a0bbde53 mes5/i586/libwireshark0-1.0.13-0.1mdvmes5.1.i586.rpm 7ecca1bf236e03022150f93092dd3ef7 mes5/i586/libwireshark-devel-1.0.13-0.1mdvmes5.1.i586.rpm 32bbd3675662dea150f915e1ee77ae17 mes5/i586/rawshark-1.0.13-0.1mdvmes5.1.i586.rpm c072835fc21b9b36a5eb7d0761d288c7 mes5/i586/tshark-1.0.13-0.1mdvmes5.1.i586.rpm b5fca6f651f1b81f0df15b5c71d9cdfb mes5/i586/wireshark-1.0.13-0.1mdvmes5.1.i586.rpm d711e784319692510c6691594936d57e mes5/i586/wireshark-tools-1.0.13-0.1mdvmes5.1.i586.rpm 355ce77e75e6cf4f2f86e0824aeb81a2 mes5/SRPMS/wireshark-1.0.13-0.1mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: f997085cdfb83ec7b21a5096b3f7f655 mes5/x86_64/dumpcap-1.0.13-0.1mdvmes5.1.x86_64.rpm 586e93233e0596f188f3cf3400540db3 mes5/x86_64/lib64wireshark0-1.0.13-0.1mdvmes5.1.x86_64.rpm 101ac339faa3cb81e855eff790fc57b2 mes5/x86_64/lib64wireshark-devel-1.0.13-0.1mdvmes5.1.x86_64.rpm a5bdef0bb8c7a95abc2a397acedf4c6b mes5/x86_64/rawshark-1.0.13-0.1mdvmes5.1.x86_64.rpm 20e38292613f404a59e1d0c7a459a7dc mes5/x86_64/tshark-1.0.13-0.1mdvmes5.1.x86_64.rpm f60e210371f306a9d65032d0a9eebc74 mes5/x86_64/wireshark-1.0.13-0.1mdvmes5.1.x86_64.rpm 45a0c1e7597283105216f4a722d32854 mes5/x86_64/wireshark-tools-1.0.13-0.1mdvmes5.1.x86_64.rpm 355ce77e75e6cf4f2f86e0824aeb81a2 mes5/SRPMS/wireshark-1.0.13-0.1mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL8ratmqjQ0CJFipgRAh+GAJ9c5ildsVIRLxoBRyVh+7LWOc73VwCfZNL8 +N6HtVQiR7ONcm65k5tvU84= =y6OA -----END PGP SIGNATURE-----