Debian Bug report logs -
#864058
New wireshark issues
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Sat, 3 Jun 2017 18:39:01 UTC
Severity: important
Tags: security, upstream
Found in version wireshark/2.2.6+g32dac6a-2
Fixed in version wireshark/2.2.7-1
Done: Balint Reczey <rbalint@ubuntu.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Balint Reczey <balint@balintreczey.hu>:
Bug#864058; Package src:wireshark.
(Sat, 03 Jun 2017 18:39:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Balint Reczey <balint@balintreczey.hu>.
(Sat, 03 Jun 2017 18:39:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: wireshark
Severity: important
Tags: security
Please see
https://www.wireshark.org/security/wnpa-sec-2017-22.html
https://www.wireshark.org/security/wnpa-sec-2017-23.html
https://www.wireshark.org/security/wnpa-sec-2017-24.html
https://www.wireshark.org/security/wnpa-sec-2017-25.html
https://www.wireshark.org/security/wnpa-sec-2017-26.html
https://www.wireshark.org/security/wnpa-sec-2017-27.html
https://www.wireshark.org/security/wnpa-sec-2017-28.html
https://www.wireshark.org/security/wnpa-sec-2017-29.html
https://www.wireshark.org/security/wnpa-sec-2017-30.html
https://www.wireshark.org/security/wnpa-sec-2017-31.html
https://www.wireshark.org/security/wnpa-sec-2017-32.html
https://www.wireshark.org/security/wnpa-sec-2017-33.html
Cheers,
Moritz
Marked as found in versions wireshark/2.2.6+g32dac6a-2.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 04 Jun 2017 03:33:05 GMT) (full text, mbox, link).
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 04 Jun 2017 03:33:07 GMT) (full text, mbox, link).
Reply sent
to Balint Reczey <rbalint@ubuntu.com>:
You have taken responsibility.
(Mon, 26 Jun 2017 23:42:07 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Mon, 26 Jun 2017 23:42:07 GMT) (full text, mbox, link).
Message #14 received at 864058-close@bugs.debian.org (full text, mbox, reply):
Source: wireshark
Source-Version: 2.2.7-1
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 864058@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <rbalint@ubuntu.com> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 27 Jun 2017 00:48:15 +0200
Source: wireshark
Binary: wireshark-common wireshark wireshark-qt wireshark-gtk tshark wireshark-dev wireshark-doc libwireshark8 libwsutil7 libwsutil-dev libwscodecs1 libwireshark-data libwireshark-dev libwiretap6 libwiretap-dev
Architecture: source
Version: 2.2.7-1
Distribution: unstable
Urgency: medium
Maintainer: Balint Reczey <rbalint@ubuntu.com>
Changed-By: Balint Reczey <rbalint@ubuntu.com>
Description:
libwireshark-data - network packet dissection library -- data files
libwireshark-dev - network packet dissection library -- development files
libwireshark8 - network packet dissection library -- shared library
libwiretap-dev - network packet capture library -- development files
libwiretap6 - network packet capture library -- shared library
libwscodecs1 - network packet dissection codecs library -- shared library
libwsutil-dev - network packet dissection utilities library -- development files
libwsutil7 - network packet dissection utilities library -- shared library
tshark - network traffic analyzer - console version
wireshark - network traffic analyzer - meta-package
wireshark-common - network traffic analyzer - common files
wireshark-dev - network traffic analyzer - development tools
wireshark-doc - network traffic analyzer - documentation
wireshark-gtk - network traffic analyzer - GTK+ version
wireshark-qt - network traffic analyzer - Qt version
Closes: 857729 864058
Changes:
wireshark (2.2.7-1) unstable; urgency=medium
.
[ Balint Reczey ]
* Convert d/copyright to machine readable format
* Download releases from GitHub excluding upstream's debian/ dir
* Use my @ubuntu.com email address in Maintainer field
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.7.html
- security fixes (Closes: #864058):
- Bazaar dissector infinite loop (CVE-2017-9352)
- DOF dissector read overflow (CVE-2017-9348)
- DHCP dissector read overflow (CVE-2017-9351)
- SoulSeek dissector infinite loop (CVE-2017-9346)
- DNS dissector infinite loop (CVE-2017-9345)
- DICOM dissector infinite loop (CVE-2017-9349)
- openSAFETY dissector memory exhaustion (CVE-2017-9350)
- BT L2CAP dissector divide by zero (CVE-2017-9344)
- MSNIP dissector crash (CVE-2017-9343)
- ROS dissector crash (CVE-2017-9347)
- RGMP dissector crash (CVE-2017-9354)
- IPv6 dissector crash (CVE-2017-9353)
.
[ Alexander Gerasiov ]
* Fix pkg-config libdir (Closes: #857729)
Checksums-Sha1:
4c4602d1e867b456fc495ac18e7c3777ac125a7d 3435 wireshark_2.2.7-1.dsc
a7f438d0f8cd52db7d90c392ae004a1d58f5a91c 27204844 wireshark_2.2.7.orig.tar.xz
0c4c1ef95117f5737caa177100c6159684b1b9a7 64552 wireshark_2.2.7-1.debian.tar.xz
Checksums-Sha256:
c9313fc7af1bdeb600f9450d4c296d83de4aad18124aff4c033ee6eff2814ef1 3435 wireshark_2.2.7-1.dsc
9f53129a60e2710cb9050fd56a2b63afd643adc326a5af2772b617eda00b6a6d 27204844 wireshark_2.2.7.orig.tar.xz
ffeadfeb19c2bae24206cc421e026faba28315f60cc668fd8fcb7a9fc202646b 64552 wireshark_2.2.7-1.debian.tar.xz
Files:
c89c0898d9bf58b9fe4646102e151b73 3435 net optional wireshark_2.2.7-1.dsc
d54b6c11a4f89cffc81f9b2a847e5ce8 27204844 net optional wireshark_2.2.7.orig.tar.xz
8483730e73658441d316ff7e23155022 64552 net optional wireshark_2.2.7-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIwBAEBCAAaBQJZUZDNExxyYmFsaW50QHVidW50dS5jb20ACgkQ9mTSVrRpGn12
lg//eybg2WCiPRNxzkdHJrgFU5SoP71zFLD8oeyQlZmo9NQFQxZuJo8aCrgrdIhr
ByW5Rj/OlOpO+bkOoE7bvY1n2awIm5iu56bwrW6ScJzuBuaVHT7UKlX91GrVM5I5
p695v7dIW7dTTstxihg5MwlhIPdRK9PZzigBEXcZDqe+ptREs62U3coZrst8nknw
o42pqIpPVHeMVM7ejN4Kd/0be1Q1Kw370cd3njWQqmDCbqAc5bJPYcKWKhPXtMMB
aZpajhD65QUMvNJoUg4eNs1sHrgrK9JvwfsAHrETOJT2xAVxS3uJTBGS/XT3bMYH
RfCP5VqSw6dxyqxPZNqlwZrXTaE1as2aWvxFHYrSi4+RMQCyO3LuHXZqM0t8kPSB
p1FsrAyVJ43vy9JS76VkizTe+yd0r0ZPbjX7R8qiosOQjIbKxWZOfz54+k6+iHJE
+olQcfmsDKf1buCn3KV2wm/Hbr5d9g5Io4jPLgUBf9WJFw20RV+DmpRWBAB37ZY5
ZiNgCDtdAKykwdllyWX9H+axXY5mdbDEPXEOO+g3M6MwX53VfqyFfF7TQ2zv3YwN
ivCoJYXTE8Y2apefdpPsoMobWyBKFcSnAk/uvLalnzSSIKtE1Ip06LPBJDrhstib
nCXAIyB67VgZmZ4Pbm93o3iIYP6q85Nlsz0bRMFEq1wfGSQ=
=kc4C
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 25 Jul 2017 07:28:32 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:17:08 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon