Fedora Core 2: 2005-213 Critical: Ethereal Memory Overflow Vulnerabilities

Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for ethereal. A graphical user interface is packaged

separately to GTK+ package.

- new release, fixes three security and stability-related issues (#150706)

- a buffer overflow in the Etheric dissector. (CAN-2005-0704)

- the GPRS-LLC dissector could crash if the "ignore cipher bit" option was enabled. (CAN-2005-0705)

- a buffer overflow in the 3GPP2 A11 dissector (CAN-2005-0699)

- a buffer overflow in the IAPP dissector.

- a bug in the JXTA dissector could make Ethereal crash.

- a bug in the sFlow dissector could make Ethereal crash.

0336d92c41ebbbaac648794e6b83820e SRPMS/ethereal-0.10.10-1.FC2.1.src.rpm

969599a21da89ec9935ba00c623a430f x86_64/ethereal-0.10.10-1.FC2.1.x86_64.rpm

587b7afcc47f0f6a024174c71f713245 x86_64/ethereal-gnome-0.10.10-1.FC2.1.x86_64.rpm

d396f9d8738e026b69347ffda79e6ced x86_64/debug/ethereal-debuginfo-0.10.10-1.FC2.1.x86_64.rpm

43546658df1a4fe2938bdffec22dbb7a i386/ethereal-0.10.10-1.FC2.1.i386.rpm

f33ef0aeba1176044999fc19dbe47bef i386/ethereal-gnome-0.10.10-1.FC2.1.i386.rpm

bb94f6811def74a32934c97bf73e5ac7 i386/debug/ethereal-debuginfo-0.10.10-1.FC2.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com