Debian Bug report logs -
#469488
wireshark: CVE-2008-107[0-2] multiple ways to crash wireshark via crafted packets
Reported by: Nico Golde <nion@debian.org>
Date: Wed, 5 Mar 2008 14:21:05 UTC
Severity: important
Tags: security
Found in version wireshark/0.99.7-1
Fixed in version wireshark/0.99.8-1
Done: Joost Yervante Damad <andete@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Frederic Peters <fpeters@debian.org>
:
Bug#469488
; Package wireshark
.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>
:
New Bug report received and forwarded. Copy sent to Frederic Peters <fpeters@debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: wireshark
Version: 0.99.7-1
Severity: important
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for wireshark.
CVE-2008-1072[0]:
| The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through
| 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause
| a denial of service (crash or memory consumption) via a malformed
| packet, possibly related to a Cairo library bug.
CVE-2008-1071[1]:
| The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through
| 0.99.7 allows remote attackers to cause a denial of service (crash)
| via a malformed packet.
CVE-2008-1070[2]:
| The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through
| 0.99.7 allows remote attackers to cause a denial of service (crash)
| via a malformed packet.
If you fix these vulnerabilities please also include the CVE ids
in your changelog entry.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1072
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1071
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1070
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org
:
Bug#469488
; Package wireshark
.
(full text, mbox, link).
Acknowledgement sent to Frederic Peters <fpeters@debian.org>
:
Extra info received and forwarded to list.
(full text, mbox, link).
Message #10 received at 469488@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hello all,
I was away then I got back and got buried by work and misc real life
things, and Debian release critical bugs :(
I have been on the http://wiki.debian.org/LowThresholdNmu list for a
long time and I want to encourage you all to consider this and step
for NMU, or team-maintenance (especially for wireshark and libgphoto2,
I should have done this earlier). I am all for alioth but no news yet
about my request for a pkg-wireshark project.
Here ends my request for help, thanks,
Frederic
[signature.asc (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, Frederic Peters <fpeters@debian.org>
:
Bug#469488
; Package wireshark
.
(full text, mbox, link).
Acknowledgement sent to Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>
:
Extra info received and forwarded to list. Copy sent to Frederic Peters <fpeters@debian.org>
.
(full text, mbox, link).
Message #15 received at 469488@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Forwarding my answer so that people know libgphoto2 and exif will be
taken care of through pkg-phototools.
Cheers,
--
Cyril Brulebois
[Message part 2 (message/rfc822, inline)]
[Message part 3 (text/plain, inline)]
On 07/03/2008, Frederic Peters wrote:
> Hello all,
Hi Frederic,
> I have been on the http://wiki.debian.org/LowThresholdNmu list for a
> long time and I want to encourage you all to consider this and step
> for NMU, or team-maintenance (especially for wireshark and libgphoto2,
> I should have done this earlier). I am all for alioth but no news yet
> about my request for a pkg-wireshark project.
I'd be pleased to welcome your photo-related packages (libgphoto, exif,
etc.) into the pkg-phototools group. I'm currently lacking time a bit,
but I should be able to step in during the next week.
Cheers,
--
Cyril Brulebois
[Message part 4 (application/pgp-signature, inline)]
[Message part 5 (application/pgp-signature, inline)]
Tags added: pending
Request was from Joost Yervante Damad <andete@debian.org>
to control@bugs.debian.org
.
(Thu, 13 Mar 2008 19:48:06 GMT) (full text, mbox, link).
Reply sent to Joost Yervante Damad <andete@debian.org>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Nico Golde <nion@debian.org>
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #22 received at 469488-close@bugs.debian.org (full text, mbox, reply):
Source: wireshark
Source-Version: 0.99.8-1
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:
ethereal-common_0.99.8-1_i386.deb
to pool/main/w/wireshark/ethereal-common_0.99.8-1_i386.deb
ethereal-dev_0.99.8-1_i386.deb
to pool/main/w/wireshark/ethereal-dev_0.99.8-1_i386.deb
ethereal_0.99.8-1_i386.deb
to pool/main/w/wireshark/ethereal_0.99.8-1_i386.deb
tethereal_0.99.8-1_i386.deb
to pool/main/w/wireshark/tethereal_0.99.8-1_i386.deb
tshark_0.99.8-1_i386.deb
to pool/main/w/wireshark/tshark_0.99.8-1_i386.deb
wireshark-common_0.99.8-1_i386.deb
to pool/main/w/wireshark/wireshark-common_0.99.8-1_i386.deb
wireshark-dev_0.99.8-1_i386.deb
to pool/main/w/wireshark/wireshark-dev_0.99.8-1_i386.deb
wireshark_0.99.8-1.diff.gz
to pool/main/w/wireshark/wireshark_0.99.8-1.diff.gz
wireshark_0.99.8-1.dsc
to pool/main/w/wireshark/wireshark_0.99.8-1.dsc
wireshark_0.99.8-1_i386.deb
to pool/main/w/wireshark/wireshark_0.99.8-1_i386.deb
wireshark_0.99.8.orig.tar.gz
to pool/main/w/wireshark/wireshark_0.99.8.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 469488@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joost Yervante Damad <andete@debian.org> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 12 Mar 2008 20:47:56 +0100
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev ethereal-common ethereal-dev ethereal tethereal
Architecture: source i386
Version: 0.99.8-1
Distribution: unstable
Urgency: medium
Maintainer: Frederic Peters <fpeters@debian.org>
Changed-By: Joost Yervante Damad <andete@debian.org>
Description:
ethereal - dummy upgrade package for ethereal -> wireshark
ethereal-common - dummy upgrade package for ethereal -> wireshark
ethereal-dev - dummy upgrade package for ethereal -> wireshark
tethereal - dummy upgrade package for ethereal -> wireshark
tshark - network traffic analyzer (console)
wireshark - network traffic analyzer
wireshark-common - network traffic analyser (common files)
wireshark-dev - network traffic analyser (development tools)
Closes: 452772 454051 458689 469488
Changes:
wireshark (0.99.8-1) unstable; urgency=medium
.
* New upstream release.
* release notes:
http://www.wireshark.org/docs/relnotes/wireshark-0.99.8.html
* Fixes strptime() problem; debian/patches/18_strptime_proto.dpatch
no longer needed; (closes: #452772)
* Fixed security issues:
* The SCTP dissector could crash. (CVE-2008-1070)
* The SNMP dissector could crash. (CVE-2008-1071)
* (closes: #469488)
* updated debian/patches/05_plugin-libdir.dpatch, as upstream
incorporated part of the patch
* updated debian/patches/08_wireshark-desktop-menu.dpatch
* updated debian/patches/14_disable-cmip.dpatch
* use su-to-root isof gksu (closes: #454051)
* make init.lua a conffile (closes: #458689)
* use $(CURDIR) isof `pwd` in debian/rules
* lintian fixes:
* I: wireshark binary: desktop-entry-contains-encoding-key
/usr/share/applications/wireshark-root.desktop
* W: wireshark binary: su-wrapper-not-su-to-root
/usr/share/applications/wireshark-root.desktop gksu
* bump standards version to 3.7.2.2 (3.7.3.0 still needs more checking)
* update debhelper compat to 5
* bump standards version to 3.7.3.0
* update debhelper compat to 6
* remove debian/ dir from upstream tar file
Files:
9b10ffefe7cb4a2920e146cc1ec83282 1126 net optional wireshark_0.99.8-1.dsc
5ca5a4832c8b38297e512d388b385efc 16981917 net optional wireshark_0.99.8.orig.tar.gz
2077969da815b3beea4dcce2540c19ab 47022 net optional wireshark_0.99.8-1.diff.gz
da0ce7f28477db961c0c0fba9488eec9 9830330 net optional wireshark-common_0.99.8-1_i386.deb
bd508754d66354e75f90266d290d0575 605332 net optional wireshark_0.99.8-1_i386.deb
dea24fa335faf208c44923e638a09dde 109446 net optional tshark_0.99.8-1_i386.deb
7159e4c2f7fd379bf523162efe37b24c 565646 devel optional wireshark-dev_0.99.8-1_i386.deb
2de01ca776934f2e9cc1a5e556963382 23638 net optional ethereal-common_0.99.8-1_i386.deb
8418423480aef2c75f9f15fa36a4ea11 23256 devel optional ethereal-dev_0.99.8-1_i386.deb
b4f06cc023e4b969adce9c3baffc207b 23240 net optional ethereal_0.99.8-1_i386.deb
551041d151796fb2d2702c4a166d9125 23248 net optional tethereal_0.99.8-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH2u9U0/r2+3z8lN0RAliXAKC+9Wn7o3hV1HA89bqNOe7vgBXOBQCfW6Or
5E3lBZx2UDXB+iMBvpvykNk=
=Rq1v
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Tue, 29 Apr 2008 07:41:52 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:00:30 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.