-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-5339 2009-05-25 17:27:34 --------------------------------------------------------------------------------
Name : wireshark Product : Fedora 9 Version : 1.0.8 Release : 1.fc9 URL : http://www.wireshark.org/ Summary : Network traffic analyzer Description : Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. -------------------------------------------------------------------------------- Update Information: Upgrade to 1.0.8 fixes various security flaws. http://www.wireshark.org/security/wnpa-sec-2009-02.html http://www.wireshark.org/security/wnpa-sec-2009-03.html -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2009 Radek Vokal <[email protected]> 1.0.8-1 - upgrade to 1.0.8 - several security flaws fixed * Fri Apr 10 2009 Radek Vokal <[email protected]> 1.0.7-1 - upgrade to 1.0.7 - Several security vulnerabilities have been fixed (Profinet, CPHAP and LDAP dissectors could crash) * Tue Feb 17 2009 Radek Vokal <[email protected]> 1.0.6-1 - upgrade to 1.0.6 * Mon Dec 15 2008 Radek Vokal <[email protected]> 1.0.5-1 - upgrade to 1.0.5 * Wed Sep 10 2008 Radek Vokál <[email protected]> 1.0.3-1 - upgrade to 1.0.3 - Security-related bugs in the NCP dissector, zlib compression code, and Tektronix .rf5 file parser have been fixed. - WPA group key decryption is now supported. - A bug that could cause packets to be wrongly dissected as "Redback Lawful Intercept" has been fixed. * Fri Jul 11 2008 Radek Vokál <[email protected]> 1.0.2-1 - upgrade to 1.0.2, several security vulnarabilities fixed * Sun Jun 29 2008 Dennis Gilmore <[email protected]> 1.0.0-3 - add sparc arches to -fPIE -------------------------------------------------------------------------------- References: [ 1 ] Bug #493973 - CVE-2009-1210 wireshark: format string in PROFINET dissector https://bugzilla.redhat.com/show_bug.cgi?id=493973 [ 2 ] Bug #495119 - CVE-2009-1268 Wireshark CHAP dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=495119 [ 3 ] Bug #495121 - CVE-2009-1269 Wireshark Tektronix .rf5 file crash https://bugzilla.redhat.com/show_bug.cgi?id=495121 [ 4 ] Bug #501929 - Wireshark: PCNFSD dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=501929 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update wireshark' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list [email protected] http://www.redhat.com/mailman/listinfo/fedora-package-announce
