Synopsis:	Moderate: wireshark security update
Issue date:	2011-03-21
CVE Names:	CVE-2010-3445 CVE-2011-0024 CVE-2011-0538
                   CVE-2011-1139 CVE-2011-1140 CVE-2011-1141
                   CVE-2011-1143

A heap-based buffer overflow flaw was found in Wireshark. If Wireshark
opened a specially-crafted capture file, it could crash or, possibly,
execute arbitrary code as the user running Wireshark. (CVE-2011-0024)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, 
CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)

All running instances of Wireshark must be restarted for the update to 
take effect.

SL 4.x

      SRPMS:
wireshark-1.0.15-2.el4.src.rpm
      i386:
wireshark-1.0.15-2.el4.i386.rpm
wireshark-gnome-1.0.15-2.el4.i386.rpm
      x86_64:
wireshark-1.0.15-2.el4.x86_64.rpm
wireshark-gnome-1.0.15-2.el4.x86_64.rpm

SL 5.x

      SRPMS:
wireshark-1.0.15-1.el5_6.4.src.rpm
      i386:
wireshark-1.0.15-1.el5_6.4.i386.rpm
wireshark-gnome-1.0.15-1.el5_6.4.i386.rpm
      x86_64:
wireshark-1.0.15-1.el5_6.4.x86_64.rpm
wireshark-gnome-1.0.15-1.el5_6.4.x86_64.rpm

-Connie Sieh
-Troy Dawson