Fedora: Etherial buffer overflow vulnerability
Posted by LinuxSecurity.com Team   
Fedora These updated ethereal packages fix a security problem found in versions prior to 0.9.16. It also fixes several other minor bugs and problems.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2003-022
2003-11-25
---------------------------------------------------------------------

Name        : ethereal
Version     : 0.9.16
Release     : 2.FC1.1
Summary     : Network traffic analyzer
Description :
Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.

---------------------------------------------------------------------
Update Information:

These updated ethereal packages fix a security problem found in versions prior to 0.9.16. It also fixes several other minor bugs and problems.

All users of ethereal are recommended to update to these newest packages.
---------------------------------------------------------------------
* Tue Nov 25 2003 Phil Knirsch <pknirsch@Red Hat.com> 0.9.16-2.FC1.1

- Added BuildRequires for elfutils-devel (#89466).
- Fixed buggy desktop entry (#105704).
- Fixed out of bound array access (#110749).
- Build Fedora core 1 errata for ethereal.

* Fri Nov 07 2003 Phil Knirsch <pknirsch@Red Hat.com> 0.9.16-2

- rebuilt

* Wed Nov 05 2003 Phil Knirsch <pknirsch@Red Hat.com> 0.9.16-1

- Updated to latest upstream version 0.9.16

---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.Red Hat.com/pub/fedora/linux/core/updates/1/

SRPMS/ethereal-0.9.16-2.FC1.1.src.rpm
 md5 sum: 4fea34a2e0e7e6c48dde6b2c08de549d
i386/ethereal-0.9.16-2.FC1.1.i386.rpm
 md5 sum: 7e2d061e1e1c08fa6da4ab292647d6b4
i386/ethereal-gnome-0.9.16-2.FC1.1.i386.rpm
 md5 sum: 0695ec2615b93668fecf2c750770815e
i386/debug/ethereal-debuginfo-0.9.16-2.FC1.1.i386.rpm
 md5 sum: 670e64737be107e8c3e0c138de4c714a

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------