[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:48952] [Translate] [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service

From: Seiji Kaneko <skaneko@xxxxxxxxxxxx>
Subject: [debian-users:48952] [Translate] [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service
Date: Thu, 28 Jun 2007 21:52:27 +0900
List-help: <mailto:debian-users-ctl@debian.or.jp?body=help>
List-id: debian-users.debian.or.jp
List-owner: <mailto:debian-users-admin@debian.or.jp>
List-post: <mailto:debian-users@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-users-ctl@debian.or.jp?body=unsubscribe>
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-users-ctl@debian.or.jp; help=<mailto:debian-users-ctl@debian.or.jp?body=help>
X-ml-name: debian-users
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-original-to: debian-users@debian.or.jp
Message-id: <4683AEE8.1060403@xxxxxxxxxxxx>
X-mail-count: 48952
User-agent: Thunderbird 2.0.0.4 (Macintosh/20070604)
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。

------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1322-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
June 27th, 2007                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : wireshark
Vulnerability  : 複数
Problem-Type   : リモート
Debian-specific: いいえ
CVE ID         : CVE-2007-3390 CVE-2007-3392 CVE-2007-3393

ネットワークトラフィックアナライザ Wireshark に、リモートから攻撃可能な複
数の問題が発見されました。これらの欠陥が攻撃された場合、サービス拒否攻撃の
可能性があります。The Common Vulnerabilities and Exposures project は以下
の問題を認識しています。

CVE-2007-3390

    iSeries ディスセクタに境界を 1 誤ることによるオーバフローが発見されま
    した。

CVE-2007-3392

    MMS および SSL ディスセクタを無限ループに落とすことが可能です。

CVE-2007-3393

    DHCP/BOOTP ディスセクタに境界を 1 誤ることによるオーバフローが発見さ
    れました。

旧安定版 (sarge) にはこれらの問題の影響はありません。また、Sarge ではこの
パッケージは Ethereal という名称でした。

安定版 (stable) ディストリビューション (etch) では、これらの問題はバージ
ョン 0.99.4-5.etch.0 で修正されています。big endian MIPS アーキテクチャ向
けのパッケージはまだ提供されていません。これについては後日提供予定です。

不安定版 (unstable) ディストリビューション (sid) では、これらの問題はバー
ジョン 0.99.6pre1-1 で修正されています。

直ぐに Wireshark パッケージをアップグレードすることを勧めます。


アップグレード手順
------------------

wget url
        	でファイルを取得できます。
dpkg -i file.deb
                で参照されたファイルをインストールできます。

apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、

apt-get update
        を実行して内部データベースを更新し、
apt-get upgrade
        によって修正されたパッケージをインストールしてください。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。



Debian GNU/Linux 4.0 alias etch
- -------------------------------

  ソースアーカイブ:


http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0.dsc
      Size/MD5 checksum:     1066 18ea1bc407fe203089596126d9429c64

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0.diff.gz
      Size/MD5 checksum:    40945 82b8a22a1cc100e5649f278cabbcce4f
    http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz
      Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b

  Alpha architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:    21714 5515a1d74b23c4ed53dafe1b15709263

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:    21998 5d86aaf5e6ee3c8988ebaa9d07a2b05c

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:    21728 b58962a1f2f4797df61c9b465cb3e35c

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:    21722 5b4ee85d1b6f0b14f46604449af500dc

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:   117204 48df4ca3664055b38c4bfa5c8196dc5a

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:   674230 0ca5f13b6e7180c0b399a1ca1a3f9a7a

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:  9319268 fcf022b011151abcf1d7665c7b9a98a4

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_alpha.deb
      Size/MD5 checksum:   181530 d4a0de99d59ecd1a3e818416d31a2d32

  AMD64 architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:    22304 0cb411bd110cb7be99f0b426e52b68da

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:    22658 f8f1820a2ef75ad8d693be9a235a16bf

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:    22320 f59c3f8f5fd407e89852b9fca9c46796

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:    22316 bb9fc8d3d87f2806cefb9b80e4586c1c

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:   111908 df3804d4217ae00add067fc51945c364

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:   618876 de929e23361608de180194014ba3dfb3

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:  9119392 d1b55c76cf166fdf7eb4879f86c44172

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_amd64.deb
      Size/MD5 checksum:   182432 1de618e6d9329d8dccdcffeb05fe53f3

  ARM architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:    22316 0e5352966a09a5fa041022147f2a9b53

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:    22668 613c622873d343159cc9c0984aa325f3

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:    22332 9b73d9aaeaeb891ce7d659740c6ae9d7

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:    22320 c637dd98c27c170e187ef87ecb6dc7c5

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:   107000 e69e002af997a089144715e0e501f33a

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:   599904 5e8585ed879881538e4ea44f578ea9c6

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:  7736294 5f11a040dc06078a0843b78aa993580e

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_arm.deb
      Size/MD5 checksum:   182500 242a2963cc896d774292242258c18786

  HP Precision architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:    22316 4f295cee393b825ae73a60eb694da772

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:    22672 0d397721bcf28c7268e2d4736473e490

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:    22330 ee837e7dccc49230e2db2dfc1fa09d97

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:    22328 b274f47d80d637a96c3892939423ced7

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:   109664 1e8ffc76ca080b304b94c597e7ea7bed

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:   634466 f03c0ab3d06e70169200462a058f9bc4

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:  9855478 a381ffdb98d20bbfc4bdde48023ee99b

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_hppa.deb
      Size/MD5 checksum:   182472 fcd914e3796cfedc18200b0cc889fd31

  Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:    22314 99055a9aaf39d425e31ccd68804dae8e

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:    22682 5979a9752e877a8755867454757c1fcd

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:    22330 9f49b78cf81fa447e8b9beff925beb51

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:    22324 204947893bde8c2b5a79855c29a622bb

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:   102014 73e0509bd61b62f01d3552f36c1f34f4

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:   564422 7294e7aa0e1b8fa193c94b6e79d3bd97

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:  7498442 72ccda66968a36b061102ce51b3de138

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_i386.deb
      Size/MD5 checksum:   182474 0d334a446ed7fb818efa775d26ea7b39

  Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:    22314 c6a94673d1a9fdb2058f2daabb6ef74b

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:    22662 bd42d329fd534a90aa54ee7f69327646

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:    22326 44b05e0ceabca57fe28e86b7692d24d6

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:    22318 3499e35ee07bf4812200749f500c403c

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:   145566 3bd2be31de663e9b009c5fa456844f94

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:   827382 c03f38661ebe484c62e9c2c2be73b910

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum: 10650962 f7f0419f04679af064f4499e004526ea

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_ia64.deb
      Size/MD5 checksum:   182436 c2d9705c6fb693a54b87ece73bedb730

  Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:    22312 2408dcdd9fbb4247321471500eca117c

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:    22668 da5af60038f53276c1a1db16361cdd90

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:    22328 7f0133c635a0b1f9f27cd38f53886445

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:    22320 f8d9469841c5fe001d26d01b94166dd9

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:   104368 b4866ccb13e11b65af2f795a05b69a94

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:   575806 74371e429bb4e941c3117c11d2da3447

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:  7405410 07748417c1a71e18fd4f416bd7c59949

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_mipsel.deb
      Size/MD5 checksum:   182460 468cd9061f8415eb77ac8947e9a11ca2

  PowerPC architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:    22314 2045188f907677de2fcf14ae2688435d

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:    22662 cf6f844071ad33de443fc6365fe1232c

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:    22330 f39cfe62377ca76a88e87a69553abc55

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:    22326 a37b3dd57eb2e9e74eb61c6a144b6e5a

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:   104076 a9a6c65321f5740f63760317e7dadb4b

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:   583414 49a94fd6d485a61c58b6be46fe613c33

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:  8605194 8d297916d238772c0b79ce7ff0c1e38c

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_powerpc.deb
      Size/MD5 checksum:   182450 a20f14c6bb227540f1828fd02f827340

  IBM S/390 architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:    22312 d4d41828d56d2a6563ed17e896ca09ca

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:    22660 0fe8af1049b85b980b2436bed0530b00

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:    22324 ff3f6acde579e5b41e30bdb0285b5d7f

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:    22318 b750e5398b7195c1936e04790afb233e

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:   115442 f77851ff30c8ee15ac0711642715a70e

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:   640876 1a61a997e7338c473ed24248d64596e9

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:  9756014 524ed85c3e592bb96b890e04a7ae4b63

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_s390.deb
      Size/MD5 checksum:   182438 e94c63acdd50a519300aa0b35de1f481

  Sun Sparc architecture:


http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:    22316 6e87e6e8e1afd25d8ed63480e3033bde

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:    22664 67f359dea9e6c98a4f9bb7be82292874

http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:    22328 d1221db97ad15efb41ff45bf1541da62

http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:    22322 8be8a6b89da015be0c5983d885573a71

http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:   103428 35e0fb499721e38b521db591e46a251d

http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:   586294 212e525a5cef93f8e9fb02fb1992910f

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:  8686272 217f299ef88a1c4dbc27634f571cf032

http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.0_sparc.deb
      Size/MD5 checksum:   182458 ffe8b09adaa92725920e1ff544a40010


  これらのファイルは次の版の安定版リリース時そちらに移されます。


- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
-- 
Seiji Kaneko                         skaneko@xxxxxxxxxxxx
---------------------------------------------------------
Prev by Date: [debian-users:48951] Re: Sargeをインストールするには？
Next by Date: [debian-users:48953] 日本語フォント
Previous by thread: [debian-users:48951] Re: Sargeをインストールするには？
Next by thread: [debian-users:48954] Etchでｌｐｒによる印刷がうまくいきません
Index(es):
- Date
- Thread