Synopsis: Moderate: wireshark security update Issue date: 2011-01-10 CVE Names: CVE-2010-4538 An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-4538) All running instances of Wireshark must be restarted for the update to take effect. SL 4.x SRPMS: wireshark-1.0.15-1.el4_8.3.src.rpm i386: wireshark-1.0.15-1.el4_8.3.i386.rpm wireshark-gnome-1.0.15-1.el4_8.3.i386.rpm x86_64: wireshark-1.0.15-1.el4_8.3.x86_64.rpm wireshark-gnome-1.0.15-1.el4_8.3.x86_64.rpm SL 5.x SRPMS: wireshark-1.0.15-1.el5_5.3.src.rpm i386: wireshark-1.0.15-1.el5_5.3.i386.rpm wireshark-gnome-1.0.15-1.el5_5.3.i386.rpm x86_64: wireshark-1.0.15-1.el5_5.3.x86_64.rpm wireshark-gnome-1.0.15-1.el5_5.3.x86_64.rpm -Connie Sieh -Troy Dawson