SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ethereal-0.10.7-1.i586.rpm :
Thu Oct 21 14:00:00 2004 PLD Team
All persons listed below can be reached at AATTpld.org.pl

$Log: ethereal.spec,v $
Revision 1.99 2004/10/21 19:26:37 kloczek
- capinfos added to tools subpackage.

Revision 1.98 2004/10/21 19:25:06 kloczek
- updated to 0.10.7.

Revision 1.97 2004/08/20 20:53:21 kloczek
- updated to 0.10.6.

Revision 1.96 2004/07/08 20:42:57 kloczek
- updated to 0.10.5,
- SECURITY FIXES:
CAN-2004-0633:
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote
attackers to cause a denial of service (process abort) via an integer
overflow.
CAN-2004-0634:
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows
remote attackers to cause a denial of service (process crash) via a handle
without a policy name, which causes a null dereference.
CAN-2004-0635:
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote
attackers to cause a denial of service (process crash) via a (1) malformed
or (2) missing community string, which causes an out-of-bounds read.

Revision 1.95 2004/05/14 15:56:42 kloczek
- reverte last commit (commited on incorrect branch).

Revision 1.94 2004/05/14 15:48:59 kloczek
- backporting fixes.

Revision 1.93 2004/05/14 15:43:37 kloczek
- updated to 0.10.4,
- SECURITY FIXES: http://www.ethereal.com/appnotes/enpa-sa-00014.html
Issues have been discovered in the following protocol dissectors:

* A SIP packet could make Ethereal crash under specific conditions, as
described in the following message:
http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html
(0.10.3).

* The AIM dissector could throw an assertion, causing Ethereal to
terminate abnormally (0.10.3).

* It was possible for the SPNEGO dissector to dereference a null
pointer, causing a crash (0.9.8 to 0.10.3).

* The MMSE dissector was susceptible to a buffer overflow. (0.10.1 to
0.10.3).
Impact:
It may be possible to make Ethereal crash or run arbitrary code by
injecting a purposefully malformed packet onto the wire, by convincing
someone to read a malformed packet trace file, or by creating a
malformed color filter file.

Revision 1.92 2004/03/26 19:50:03 kloczek
- updated to 0.10.3,
- SECURITY FIXES:
- CAN-2004-0176: buffer overflows in the following protocol dissectors:
NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP.
- CAN-2004-0367: a zero-length Presentation protocol selector could make
Ethereal crash,
- CAN-2004-0365: a carefully-crafted RADIUS packet could cause a crash,
- a corrupt color filter file could cause a segmentation fault.
- added libs subpackage (common is now obsoleted).

Revision 1.91 2004/03/17 00:07:45 kloczek
- unroll %{_pixmapsdir} macro and use directly %{_datadir}/pixmaps

Revision 1.90 2004/03/15 06:28:56 kloczek
- use %{_datadir}/applications for store desktop files.

Revision 1.89 2004/02/24 17:50:44 kloczek
- updated to 0.10.2,
- enable SNMP and ipv6 support.


  
ICM