From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1983-1
[email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 30, 2010
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-4337 CVE-2010-0304
Several remote vulnerabilities have been discovered in the Wireshark
network traffic analyzer, which may lead to the execution of arbitrary
code or denial of service. The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2009-4337
A NULL pointer dereference was found in the SMB/SMB2 dissectors.
CVE-2010-0304
Several buffer overflows were found in the LWRES dissector.
For the stable distribution (lenny), this problem has been fixed in
version 1.0.2-3+lenny8.
For the unstable distribution (sid) these problems have been fixed in
version 1.2.6-1.
We recommend that you upgrade your Wireshark packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8.dsc
Size/MD5 checksum: 1502 fdea428453f7a02c0bbac530ad464d20
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2.orig.tar.gz
Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8.diff.gz
Size/MD5 checksum: 113938 c4b445b78e497e030976e82cafd8c42d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny8_alpha.deb
Size/MD5 checksum: 583714 668ac773a7ee3e1f55cf19a50633e204
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny8_alpha.deb
Size/MD5 checksum: 12095504 96324d6c5e22c927211e26d807525402
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8_alpha.deb
Size/MD5 checksum: 731390 ab4c693296a8238efdaf03502e71cf8d
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny8_alpha.deb
Size/MD5 checksum: 126232 eff006c86f3cc66294d70013d7ceb66b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8_amd64.deb
Size/MD5 checksum: 659468 e5f67af41661dc409e5b52f37c6e3692
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny8_amd64.deb
Size/MD5 checksum: 568622 8740a23b5dd403fb9454eda39cd0a8a3
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny8_amd64.deb
Size/MD5 checksum: 11867392 f18229e426b81770a941a598e0ccca11
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny8_amd64.deb
Size/MD5 checksum: 119064 aeea3094ec89c51dede1d33b2d4ccd68
arm architecture (ARM)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8_arm.deb
Size/MD5 checksum: 614174 1576c67c9ad3a82195918e81a6f4087d
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny8_arm.deb
Size/MD5 checksum: 584402 7de0a936b738a89ac0ac575bfecccc89
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny8_arm.deb
Size/MD5 checksum: 10214352 c06eea281c937286360517c7f7509009
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny8_arm.deb
Size/MD5 checksum: 111076 1b5a43f81289533f541e5cc847667fed
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8_armel.deb
Size/MD5 checksum: 620254 64b1f4ed8d2eb9f0d241615b70e46f0f
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny8_armel.deb
Size/MD5 checksum: 583668 43394e55529540e4bc0d37981960211f
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny8_armel.deb
Size/MD5 checksum: 10218668 7f23f088bae091152e61bf141bfbcb0a
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny8_armel.deb
Size/MD5 checksum: 112870 1e1aa32700aae99fbec2d3c155ee864a
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny8_i386.deb
Size/MD5 checksum: 619466 c1a679a7e1d335e1e9feddf79836ed5c
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny8_i386.deb
Size/MD5 checksum: 111494 b2750543efb8f395b3dc521b88cc918a
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny8_i386.deb
Size/MD5 checksum: 10109718 29a40cbac678b483b9a4a66b9403ab88
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny8_i386.deb
Size/MD5 checksum: 583250 59d912e3eaf394133ac6e9998601669a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny8_ia64.deb
Size/MD5 checksum: 153916 4fc862b2d124cc2dc2f0a66e9a3e93ad
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny8_ia64.deb
Size/MD5 checksum: 569752 4710ceb0c9d81385cb49436dadeae671
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny8_ia64.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)