Fedora: 2009-1898 Moderate: Wireshark Denial Of Service Issues Resolved

Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for wireshark. A graphical user interface is packaged

separately to GTK+ package.

Minor security issues are fixed in new version of wireshark. Security-related

bugs in the Tektronix K12 and NetScreen file formats have been fixed.

https://www.wireshark.org/security/wnpa-sec-2009-01.html

* Tue Feb 17 2009 Radek Vokal 1.0.6-1

- upgrade to 1.0.6

* Mon Dec 15 2008 Radek Vokal 1.0.5-1

- upgrade to 1.0.5

* Wed Sep 10 2008 Radek Vokál 1.0.3-1

- upgrade to 1.0.3

- Security-related bugs in the NCP dissector, zlib compression code, and Tektronix .rf5 file parser have been fixed.

- WPA group key decryption is now supported.

- A bug that could cause packets to be wrongly dissected as "Redback Lawful Intercept" has been fixed.

* Fri Jul 11 2008 Radek Vokál 1.0.2-1

- upgrade to 1.0.2, several security vulnarabilities fixed

* Sun Jun 29 2008 Dennis Gilmore 1.0.0-3

- add sparc arches to -fPIE

[ 1 ] Bug #485888 - CVE-2009-0599 wireshark: denial of service (application crash) via a malformed NetScreen snoop file.

https://bugzilla.redhat.com/show_bug.cgi?id=485888

[ 2 ] Bug #485889 - CVE-2009-0600 wireshark: denial of service (application crash) via a crafted Tektronix K12 text capture file

https://bugzilla.redhat.com/show_bug.cgi?id=485889

su -c 'yum update wireshark' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/