Fedora: 1,2: ethereal Multiple vulnerabilies
Summary
Ethereal is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.
Ethereal is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.
Update Information:
Issues have been discovered in the following protocol dissectors:
* A SIP packet could make Ethereal crash under specific conditions, as described in the following message:
(0.10.3).
* The AIM dissector could throw an assertion, causing Ethereal to terminate abnormally (0.10.3).
* It was possible for the SPNEGO dissector to dereference a null pointer, causing a crash (0.9.8 to 0.10.3).
* The MMSE dissector was susceptible to a buffer overflow. (0.10.1 to 0.10.3).
All users of the Ethereal package are strongly encouraged to update to these
latest packages.
* Tue Jun 01 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.3-2.1
- Included backported security fixes from ethereal-0.10.4
This update can be downloaded from:
047f4b58fc2ce78dff5f7f27d588faa7 SRPMS/ethereal-0.10.3-2.1.src.rpm
c5954b26aa5e448eb7a1ad1d9ac08692 i386/ethereal-0.10.3-2.1.i386.rpm
052063b1167471b6fcedfa7222a2fc4c i386/ethereal-gnome-0.10.3-2.1.i386.rpm
625e6397e449a2025a4b87fa3724e9cc i386/debug/ethereal-debuginfo-0.10.3-2.1.i386.rpm
efdd124a1b6cdbd61d13ddadb1b0ec28 x86_64/ethereal-0.10.3-2.1.x86_64.rpm
b0b0bd164858519f316feddeaf3e2db7 x86_64/ethereal-gnome-0.10.3-2.1.x86_64.rpm
57537ac043966efcd69683c547639302 x86_64/debug/ethereal-debuginfo-0.10.3-2.1.x86_64.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CORE 1:
Fedora Update Notification
FEDORA-2004-152
2004-06-03
Product : Fedora Core 1
Name : ethereal
Version : 0.10.3
Release : 0.1.1
Summary : Network traffic analyzer
Description :
Ethereal is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.
Issues have been discovered in the following protocol dissectors:
* A SIP packet could make Ethereal crash under specific conditions, as described in the following message:
(0.10.3).
* The AIM dissector could throw an assertion, causing Ethereal to terminate abnormally (0.10.3).
* It was possible for the SPNEGO dissector to dereference a null pointer, causing a crash (0.9.8 to 0.10.3).
* The MMSE dissector was susceptible to a buffer overflow. (0.10.1 to 0.10.3).
All users of Ethereal are strongly encouraged to update to these latest packages.
* Fri May 28 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.3-0.1.1
- Updated to ethereal-0.10.3
- Included backported security fixes from ethereal-0.10.4
* Wed Mar 24 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.2.20040324-0.1
- Another updated to CVS version to fix more security problems.
* Mon Mar 15 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.2-0.1
- Update to latest upstream version 0.10.2.
- Make security errata.
This update can be downloaded from:
1025a0c7d6dbe9369a2353764ddbc7b9 SRPMS/ethereal-0.10.3-0.1.1.src.rpm
124a9a2914c592276bd0427009c7883c i386/ethereal-0.10.3-0.1.1.i386.rpm
3ec831cf4eaddee5184ddd18796aedc3 i386/ethereal-gnome-0.10.3-0.1.1.i386.rpm
3504ec2a5dfd51cde2b1262644e5ccf0 i386/debug/ethereal-debuginfo-0.10.3-0.1.1.i386.rpm
441e043616370ee4b13e81ca20094d61 x86_64/ethereal-0.10.3-0.1.1.x86_64.rpm
ad048fccfa453591c96f3dabc18c5f14 x86_64/ethereal-gnome-0.10.3-0.1.1.x86_64.rpm
f89c1bf94f358917813352a0cd82b561 x86_64/debug/ethereal-debuginfo-0.10.3-0.1.1.x86_64.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
Change Log
References
CORE 2: Fedora Update Notification FEDORA-2004-153 2004-06-03 Product : Fedora Core 2 Name : ethereal Version : 0.10.3 Release : 2.1 Summary : Network traffic analyzer Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for ethereal. A graphical user interface is packaged separately to GTK+ package.