Synopsis: Moderate: wireshark security update Issue date: 2010-08-11 CVE Names: CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287 CVE-2010-2995 Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286) NOTE: This errata updates Wireshark to version 1.0.15 to resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. SL 3.0.x SRPMS: wireshark-1.0.15-EL3.1.src.rpm i386: wireshark-1.0.15-EL3.1.i386.rpm wireshark-gnome-1.0.15-EL3.1.i386.rpm x86_64: wireshark-1.0.15-EL3.1.x86_64.rpm wireshark-gnome-1.0.15-EL3.1.x86_64.rpm SL 4.x SRPMS: wireshark-1.0.15-1.el4_8.1.src.rpm i386: wireshark-1.0.15-1.el4_8.1.i386.rpm wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm x86_64: wireshark-1.0.15-1.el4_8.1.x86_64.rpm wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm SL 5.x SRPMS: wireshark-1.0.15-1.el5_5.1.src.rpm i386: wireshark-1.0.15-1.el5_5.1.i386.rpm wireshark-gnome-1.0.15-1.el5_5.1.i386.rpm x86_64: wireshark-1.0.15-1.el5_5.1.x86_64.rpm wireshark-gnome-1.0.15-1.el5_5.1.x86_64.rpm -Connie Sieh -Troy Dawson