Fedora: 2005-068 Moderate: Ethereal Memory Corruption Fix

Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for ethereal. A graphical user interface is packaged

separately to GTK+ package.

- release fixes the following security-related issues:

- The COPS dissector could go into an infinite loop. (CAN-2005-0006)

- The DLSw dissector could cause an assertion, making Ethereal exit

prematurely. (CAN-2005-0007)

- The DNP dissector could cause memory corruption. (CAN-2005-0008)

- The Gnutella dissector could cause an assertion, making Ethereal

exit prematurely. (CAN-2005-0009)

- The MMSE dissector could free static memory. (CAN-2005-0010)

- The X11 protocol dissector is vulnerable to a string buffer

overflow. (CAN-2005-0084)

- security bug (#145482)

* Wed Dec 15 2004 Radek Vokal 0.10.8-1.FC3.1

- update to 0.10.8 due to security issues (#142952)

- changed mozilla default browser to htmlview (#142107)

c25a9e7a659ce4d4cf77586137059a47 SRPMS/ethereal-0.10.9-1.FC3.1.src.rpm

9700e68fb0e636a886612144ed91d0e8 x86_64/ethereal-0.10.9-1.FC3.1.x86_64.rpm

6243a74cfb661e8d65dde381502160c1 x86_64/ethereal-gnome-0.10.9-1.FC3.1.x86_64.rpm

cd1b628e0b61ede8c7174bf90902c397 x86_64/debug/ethereal-debuginfo-0.10.9-1.FC3.1.x86_64.rpm

e1824f6a5348a29b085da88714a0c6e2 i386/ethereal-0.10.9-1.FC3.1.i386.rpm

afa608a8daca7d1913d03c31ea346c36 i386/ethereal-gnome-0.10.9-1.FC3.1.i386.rpm

a1bc6315fe3a48be408df32a0f3e840f i386/debug/ethereal-debuginfo-0.10.9-1.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com