wireshark security update

CentOS Errata and Security Advisory CESA-2007:0709

Wireshark is a program for monitoring network traffic.

Several denial of service bugs were found in Wireshark’s HTTP, iSeries, DCP
ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It was possible for
Wireshark to crash or stop responding if it read a malformed packet off the
network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,
CVE-2007-3393)

Wireshark would interpret certain completion codes incorrectly when
dissecting IPMI traffic. Additionally, IPMI 2.0 packets would be reported
as malformed IPMI traffic.

Users of Wireshark should upgrade to these updated packages containing
Wireshark version 0.99.6, which correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-November/076588.html
https://lists.centos.org/pipermail/centos-announce/2007-November/076617.html

Affected packages:
wireshark
wireshark-gnome

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0709