Fedora Core 2: FEDORA-2005-069 Critical Ethereal Memory Issues

Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for ethereal. A graphical user interface is packaged

separately to GTK+ package.

- release fixes the following security-related issues:

- The COPS dissector could go into an infinite loop. (CAN-2005-0006)

- The DLSw dissector could cause an assertion, making Ethereal exit

prematurely. (CAN-2005-0007)

- The DNP dissector could cause memory corruption. (CAN-2005-0008)

- The Gnutella dissector could cause an assertion, making Ethereal

exit prematurely. (CAN-2005-0009)

- The MMSE dissector could free static memory. (CAN-2005-0010)

- The X11 protocol dissector is vulnerable to a string buffer

overflow. (CAN-2005-0084)

- (#145482)

* Wed Dec 15 2004 Radek Vokal 0.10.8-1.FC2.1

- update to 0.10.8 due to security issues (#142952)

- changed mozilla default browser to htmlview (#142107)

21ec0937e6aa00be871655b0d1a76182 SRPMS/ethereal-0.10.9-1.FC2.1.src.rpm

f6bf25713c959512cfe409562b3c7b72 x86_64/ethereal-0.10.9-1.FC2.1.x86_64.rpm

662540cfdad2f1acb9972effdc82012a x86_64/ethereal-gnome-0.10.9-1.FC2.1.x86_64.rpm

6d6b5cfd1519db6e3eef1bed3f4c56f4 x86_64/debug/ethereal-debuginfo-0.10.9-1.FC2.1.x86_64.rpm

1f862f359223b79feb04674ef2a7f7e4 i386/ethereal-0.10.9-1.FC2.1.i386.rpm

db7ec74ae2ebe39b67cf46e79973d808 i386/ethereal-gnome-0.10.9-1.FC2.1.i386.rpm

7ba27538a2faa9c673c8f0787f1f378d i386/debug/ethereal-debuginfo-0.10.9-1.FC2.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com