Fedora 11 Update: wireshark-1.2.2-1.fc11
Summary
Wireshark is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.
Update Information:
Update to Wireshark 1.2.2 fixing multiple security issues: https://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html https://www.wireshark.org/security/wnpa-sec-2009-06.html * The OpcUa dissector could use excessive CPU and memory. (Bug 3986) Versions affected: 0.99.6 to 1.0.8, 1.2.0 to 1.2.1 * The GSM A RR dissector could crash. (Bug 3893) Versions affected: 1.2.0 to 1.2.1 * The TLS dissector could crash on some platforms. (Bug 4008) Versions affected: 1.2.0 to 1.2.1 https://www.wireshark.org/docs/relnotes/wireshark-1.2.1.html https://www.wireshark.org/security/wnpa-sec-2009-04.html * The AFS dissector could crash. (Bug 3564) Versions affected: 0.9.2 to 1.2.0 * The Infiniband dissector could crash on some platforms. Versions affected: 1.0.6 to 1.2.0 * The IPMI dissector could overrun a buffer. (Bug 3559) Versions affected: 1.2.0 * The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions affected: 1.2.0 * The RADIUS dissector could crash. (Bug 3578) Versions affected: 1.2.0 * The MIOP dissector could crash. (Bug 3652) Versions affected: 1.2.0 * The sFlow dissector could use excessive CPU and memory. (Bug 3570) Versions affected: 1.2.0 (Issues from wnpa-sec-2009-04 does not affect usersof Wireshark 1.2.1 packages from updates-testing.)
Change Log
* Tue Sep 22 2009 Radek Vokal
References
[ 1 ] Bug #512953 - CVE-2009-2559 Wireshark-1.2.0: DoS (crash) due array index error in IPMI dissector https://bugzilla.redhat.com/show_bug.cgi?id=512953 [ 2 ] Bug #513008 - CVE-2009-2560 Wireshark: Null-ptr dereference in the RADIUS dissector https://bugzilla.redhat.com/show_bug.cgi?id=513008 [ 3 ] Bug #513033 - CVE-2009-2561 Wireshark: Dos (excessive CPU and memory use) via large amount of tree items in the sFlow dissector https://bugzilla.redhat.com/show_bug.cgi?id=513033 [ 4 ] Bug #512987 - CVE-2009-2562 Wireshark: Integer overflow in the AFS dissector https://bugzilla.redhat.com/show_bug.cgi?id=512987 [ 5 ] Bug #512992 - CVE-2009-2563 Wireshark: Null-ptr dereference in the InfiniBand dissector https://bugzilla.redhat.com/show_bug.cgi?id=512992 [ 6 ] Bug #523987 - CVE-2009-3241 Wireshark: DoS (excessive CPU use) in OPCUA dissector https://bugzilla.redhat.com/show_bug.cgi?id=523987 [ 7 ] Bug #524001 - CVE-2009-3242 Wireshark: DoS (crash) in GSM A RR dissector https://bugzilla.redhat.com/show_bug.cgi?id=524001
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update wireshark' at the command line. For more information, refer to "Managing Software with yum", available at .