Synopsis:	Moderate: wireshark security update
Issue date:	2008-10-01
CVE Names:	CVE-2008-1070 CVE-2008-1071 CVE-2008-1072
                   CVE-2008-1561 CVE-2008-1562 CVE-2008-1563
                   CVE-2008-3137 CVE-2008-3138 CVE-2008-3141
                   CVE-2008-3145 CVE-2008-3146 CVE-2008-3932
                   CVE-2008-3933 CVE-2008-3934

Multiple buffer overflow flaws were found in Wireshark. If Wireshark read
a malformed packet off a network, it could crash or, possibly, execute
arbitrary code as the user running Wireshark. (CVE-2008-3146)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,
CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,
CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)

Additionally, this update changes the default Pluggable Authentication
Modules (PAM) configuration to always prompt for the root password before
each start of Wireshark. This avoids unintentionally running Wireshark with
root privileges.

SL 3.0.x

      SRPMS:
wireshark-1.0.3-EL3.3.src.rpm
      i386:
wireshark-1.0.3-EL3.3.i386.rpm
wireshark-gnome-1.0.3-EL3.3.i386.rpm
      x86_64:
wireshark-1.0.3-EL3.3.x86_64.rpm
wireshark-gnome-1.0.3-EL3.3.x86_64.rpm

SL 4.x

      SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
      i386:
wireshark-1.0.3-3.el4_7.i386.rpm
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
      x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm

SL 5.x

      SRPMS:
wireshark-1.0.3-4.el5_2.src.rpm
      i386:
wireshark-1.0.3-4.el5_2.i386.rpm
wireshark-gnome-1.0.3-4.el5_2.i386.rpm
      x86_64:
wireshark-1.0.3-4.el5_2.x86_64.rpm
wireshark-gnome-1.0.3-4.el5_2.x86_64.rpm

-Connie Sieh
-Troy Dawson