From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1785-1
[email protected] http://www.debian.org/security/ Moritz Muehlenhoff
May 01, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2009-1210 CVE-2009-1268 CVE-2009-1269
Several remote vulnerabilities have been discovered in the Wireshark
network traffic analyzer, which may lead to denial of service or the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2009-1210
A format string vulnerability was discovered in the PROFINET
dissector.
CVE-2009-1268
The dissector for the Check Point High-Availability Protocol
could be forced to crash.
CVE-2009-1269
Malformed Tektronix files could lead to a crash.
The old stable distribution (etch), is only affected by the
CPHAP crash, which doesn't warrant an update on its own. The fix
will be queued up for an upcoming security update or a point release.
For the stable distribution (lenny), these problems have been fixed in
version 1.0.2-3+lenny5.
For the unstable distribution (sid), these problems have been fixed in
version 1.0.7-1.
We recommend that you upgrade your wireshark packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5.dsc
Size/MD5 checksum: 1501 b3a17f219c87c961b35ecd42649f3162
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5.diff.gz
Size/MD5 checksum: 101699 5f1e2ad455d391b99f1b0e10fdb01606
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2.orig.tar.gz
Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5_alpha.deb
Size/MD5 checksum: 730878 815eea657d82ccaa5b63eaf6c3c7f381
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny5_alpha.deb
Size/MD5 checksum: 12100214 905b9c09b3fbc882febb0af6b4cef5f6
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny5_alpha.deb
Size/MD5 checksum: 126580 03d8a47ed6c6d1ab7fccdc22efa667cd
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny5_alpha.deb
Size/MD5 checksum: 569476 b0c251c829c5fcb415e833c9c334cd35
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny5_amd64.deb
Size/MD5 checksum: 11872180 92384dd416ac63a999d10a3c697691c9
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny5_amd64.deb
Size/MD5 checksum: 118488 45dc2934cf797bdc24044a2e2f9be9a4
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5_amd64.deb
Size/MD5 checksum: 659500 965baca8e755bcb11f130009ef9bc12b
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny5_amd64.deb
Size/MD5 checksum: 583274 da0fbbd79779d6ae19e51fc546c9bfb7
arm architecture (ARM)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5_arm.deb
Size/MD5 checksum: 613798 e87592377139dcd68a5b3fac67e6bb16
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny5_arm.deb
Size/MD5 checksum: 584000 6c67088dacf4720a066c6db5ebc93337
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny5_arm.deb
Size/MD5 checksum: 10216512 f21e8b719dfc980eb7ae7034039c432a
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny5_arm.deb
Size/MD5 checksum: 110818 b681333b90dcbbd680dab5052671e337
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny5_armel.deb
Size/MD5 checksum: 10216300 91560627d9f15c59ade557986abd3519
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny5_armel.deb
Size/MD5 checksum: 113278 0b36066d921e43404a4c85d7cc2493c1
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5_armel.deb
Size/MD5 checksum: 619654 8f9955bdf98a19e9b54b4ad819cd74fb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny5_armel.deb
Size/MD5 checksum: 584548 b9808f1e00c34bb49aea790b48061fa0
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5_hppa.deb
Size/MD5 checksum: 695086 f36bf0d98055841819b9b3839a0a8189
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny5_hppa.deb
Size/MD5 checksum: 120288 da6829be3a76a54851795cf49f58d473
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny5_hppa.deb
Size/MD5 checksum: 13276580 64a7a853d096e0fc99db298fbe98f460
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny5_hppa.deb
Size/MD5 checksum: 582556 93d52e72ab8733c53c28c1e66cab8a73
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)