Debian Bug report logs -
#745595
wireshark: CVE-2014-2907: RTP dissector crash
Reported by: Henri Salo <henri@nerv.fi>
Date: Wed, 23 Apr 2014 07:12:02 UTC
Severity: important
Tags: fixed-upstream, security
Found in version wireshark/1.10.6-1
Fixed in version wireshark/1.10.7-1
Done: Balint Reczey <balint@balintreczey.hu>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Balint Reczey <balint@balintreczey.hu>:
Bug#745595; Package wireshark.
(Wed, 23 Apr 2014 07:12:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Henri Salo <henri@nerv.fi>:
New Bug report received and forwarded. Copy sent to Balint Reczey <balint@balintreczey.hu>.
(Wed, 23 Apr 2014 07:12:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: wireshark
Version: 1.10.6-1
Severity: important
Tags: security, fixed-upstream
http://www.wireshark.org/security/wnpa-sec-2014-06.html
[signature.asc (application/pgp-signature, inline)]
Reply sent
to Balint Reczey <balint@balintreczey.hu>:
You have taken responsibility.
(Tue, 29 Apr 2014 22:39:05 GMT) (full text, mbox, link).
Notification sent
to Henri Salo <henri@nerv.fi>:
Bug acknowledged by developer.
(Tue, 29 Apr 2014 22:39:05 GMT) (full text, mbox, link).
Message #10 received at 745595-close@bugs.debian.org (full text, mbox, reply):
Source: wireshark
Source-Version: 1.10.7-1
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 745595@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <balint@balintreczey.hu> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 29 Apr 2014 16:21:35 +0200
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg wireshark-doc libwireshark3 libwsutil3 libwsutil-dev libwireshark-data libwireshark-dev libwiretap3 libwiretap-dev
Architecture: source amd64 all
Version: 1.10.7-1
Distribution: unstable
Urgency: high
Maintainer: Balint Reczey <balint@balintreczey.hu>
Changed-By: Balint Reczey <balint@balintreczey.hu>
Description:
libwireshark-data - network packet dissection library -- data files
libwireshark-dev - network packet dissection library -- development files
libwireshark3 - network packet dissection library -- shared library
libwiretap-dev - network packet capture library -- development files
libwiretap3 - network packet capture library -- shared library
libwsutil-dev - network packet dissection utilities library -- shared library
libwsutil3 - network packet dissection utilities library -- shared library
tshark - network traffic analyzer - console version
wireshark - network traffic analyzer - GTK+ version
wireshark-common - network traffic analyzer - common files
wireshark-dbg - network traffic analyzer - debug symbols
wireshark-dev - network traffic analyzer - development tools
wireshark-doc - network traffic analyzer - documentation
Closes: 745595
Changes:
wireshark (1.10.7-1) unstable; urgency=high
.
* New upstream release 1.10.7
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.10.7.html
- security fixes:
- The RTP dissector could crash. (Closes: #745595)
* Fix package names in libwiretap and libwsutil symbols files
* Drop 01-Use-GitVersion-to-fix-guide-creation.patch since it has been
integrated upstream
Checksums-Sha1:
f808c9e0c6857605870bd0d367572a723d243bda 3058 wireshark_1.10.7-1.dsc
5e5ce4fdc9aa53e545fc0fbd22eea6adcf7dfc0b 26711577 wireshark_1.10.7.orig.tar.bz2
49381e13683dba460d50b33f1662f132d56b8a6c 55084 wireshark_1.10.7-1.debian.tar.xz
aece37138747da7c5d182f347686172f1f54c781 191580 wireshark-common_1.10.7-1_amd64.deb
1d39f43a712ca8dfee994319378d40fe5534869f 887038 wireshark_1.10.7-1_amd64.deb
3a08dae073a005629c4ae318d183e945daed5cc1 157438 tshark_1.10.7-1_amd64.deb
bb76e9583259c2f046c807243713763c21fc466a 169314 wireshark-dev_1.10.7-1_amd64.deb
f7c216974dfd39b5c9dd556c6c2878b6d1558004 27727814 wireshark-dbg_1.10.7-1_amd64.deb
0a3bff277ee985bd08a404e0ee1e880f4e826ece 3642946 wireshark-doc_1.10.7-1_all.deb
a6ee0e35c4c1775a36cd52cea1ff49e0a082f5c7 10197370 libwireshark3_1.10.7-1_amd64.deb
a690e5e76c4b56470bb352f180125a61e59db16c 52496 libwsutil3_1.10.7-1_amd64.deb
8221e5d9d803acd246b8d50b8e3567097d6c598b 52418 libwsutil-dev_1.10.7-1_amd64.deb
384ff3486cde2b6c3c68f74a8e33776fecf31117 814964 libwireshark-data_1.10.7-1_all.deb
5e85e5dff41d2a5433afcbd0566ddbe0a549ff4c 701348 libwireshark-dev_1.10.7-1_amd64.deb
5c5c43822ef704386a5ced0707822ae4ca84325a 168522 libwiretap3_1.10.7-1_amd64.deb
6f7d75a09d29b09ddbc2090b7dd5c684e2cbfabf 66076 libwiretap-dev_1.10.7-1_amd64.deb
Checksums-Sha256:
4c0493267cb09c67e702509b9d9e0b4326b18d95800991af17b4b7a12ef64f34 3058 wireshark_1.10.7-1.dsc
d98d263b31dd904a0337ba2db6d1a80bb495b4ac419a304f0f25c551d50cafc6 26711577 wireshark_1.10.7.orig.tar.bz2
c628c72a5cbc9ba54c6d806163a14181caca3dc484180ea2bc87b52cd37042f2 55084 wireshark_1.10.7-1.debian.tar.xz
6219332d1181bfa8612f807281888f6f08852b0a55044b698ca14300143227dc 191580 wireshark-common_1.10.7-1_amd64.deb
f6dedeffcd981023543da70078cfc2d7d79ae454af94a1bf621a22403d313ca6 887038 wireshark_1.10.7-1_amd64.deb
616cdcb21c70cbd7b936de059481d977853f423b212e19ae20d79e3c53a4e9dc 157438 tshark_1.10.7-1_amd64.deb
a9a3cd7f463c7bd5035617853515b761ca51b35d9391d37178f728a51560b272 169314 wireshark-dev_1.10.7-1_amd64.deb
bbf90dfe3dc5d048c7cfe856a01700681fc3f91fcdb9bfab78e33db6bcf6c559 27727814 wireshark-dbg_1.10.7-1_amd64.deb
a94a7746861001044d9353bf23970e4312237365c28672266d7eea141f720afb 3642946 wireshark-doc_1.10.7-1_all.deb
d99e279a6fdde7ec1412bfb0e7c7057a89095ab816ecbf83abae2a77b20242cf 10197370 libwireshark3_1.10.7-1_amd64.deb
24de8d4ef160efe5d3115cdf04fea9d888a382bdde73f4209f1788072d066dc1 52496 libwsutil3_1.10.7-1_amd64.deb
4cc3029af2803d600d63138e936f88e7ad78226399694af487a3bea798ad6dd4 52418 libwsutil-dev_1.10.7-1_amd64.deb
851dbbc847e9c01a23dad22c95c3cfda0e9578e9adc9b0685d843d6159bc9e49 814964 libwireshark-data_1.10.7-1_all.deb
772731e2f6910f3327d7e9391d4bc6366e2060afcc277552612e9ecae9f6ed4a 701348 libwireshark-dev_1.10.7-1_amd64.deb
141dd762b1ef58ab9d5c77d5719b88223924db6b8dad2c8b851fdacd927125d9 168522 libwiretap3_1.10.7-1_amd64.deb
8de05dc60c36ef82da9be28282ebe7a56f99b747c7bc59ffb59f65301d228293 66076 libwiretap-dev_1.10.7-1_amd64.deb
Files:
9888096d5c995e6c1cbad6ee05732486 191580 net optional wireshark-common_1.10.7-1_amd64.deb
ed7ca41d2b370b0f0020cf9f08836dfd 887038 net optional wireshark_1.10.7-1_amd64.deb
fa71bc8ea175caa01346814cf8f08946 157438 net optional tshark_1.10.7-1_amd64.deb
d2c7f3b2539fc9eb942a52d1e5dc0381 169314 devel optional wireshark-dev_1.10.7-1_amd64.deb
7a0e9fa13278e334440e79f49d56f3f5 27727814 debug extra wireshark-dbg_1.10.7-1_amd64.deb
b70b0c103aa220a3fb26bd5550991265 3642946 doc extra wireshark-doc_1.10.7-1_all.deb
a15793d5b5b7f553bde4bc45ab8d6e88 10197370 libs optional libwireshark3_1.10.7-1_amd64.deb
af2387da3efa5837bf69678d23f50c99 52496 libs optional libwsutil3_1.10.7-1_amd64.deb
f22b6a96ed5948c808f4cff39e3af899 52418 libdevel optional libwsutil-dev_1.10.7-1_amd64.deb
b427c4f001bb9a4c0c5894c56acc142b 814964 libs optional libwireshark-data_1.10.7-1_all.deb
24500a560109f8675ffaf9362f697293 701348 libdevel optional libwireshark-dev_1.10.7-1_amd64.deb
ffc383594e9e13b04a5750fc71419136 168522 libs optional libwiretap3_1.10.7-1_amd64.deb
1dcc7b18410223521b7d5bd3fbb55557 66076 libdevel optional libwiretap-dev_1.10.7-1_amd64.deb
552b17463c9ba45cd6ce28d8ec39a531 3058 net optional wireshark_1.10.7-1.dsc
0e8a111d24c11255eae139c8f27fd25b 26711577 net optional wireshark_1.10.7.orig.tar.bz2
15e250501d39ce77d9a05e27719dff5e 55084 net optional wireshark_1.10.7-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJTYCChAAoJEPZk0la0aRp9y9wP/RRQdxyPlvkfSfS78P2tprWZ
CsUqC+YIR2SP5gdZ6j37AEfTdpoma0Y+SiJo9WFdI6blL/ZIEscrri8LZmSbRkMT
h8DHjrL0xES8UGPKLFZXBo3YsC0w7wp2FSio8e/yXeL8PrY+sAWuRWQCzMTB/jXU
8EomsvYMJnxBApE3FzlQvccJoJRb7uchdK+E9Fu7wCIOvUNFNMgyiiq03lUJ0IVF
438jrv6CSxnMhb0rLuF/riC9JDyORh0Vf73b1R/HydMH9SxU55KpBEwM+zE92df1
9+IqqPX9ZGULd9SBV0ZIPYiVeMcyK7vhaGsAq1erT50FRJsT04y5N1l9A4OoF0K2
U5tnZHiC1Gf34bDBFMc95fznTr+83GJ6a/09u2OMvDgfZMN8WKsu8UCw5wO+HAGg
pY4mF+pdDiwNv9oBiSK6qx/xcuAdZfif80oireewyaik6lwVXK19qJlD7M1LZm2i
g1XFBYmrLGBWxeSiYlZJBIiM2ll62UatTti/xpVpcqVLpEaPV1aHPvvGHcg9VwJr
8tvrUmgjz1sD/FzyYoH+soOFoDyZPwI14BxhcwYwhK/qAXqV0EXbRrFZP/uW73bW
koh7xUEVctWLUAxJ7DFgieALH0piNQ5JHjLzDbHX5SiHjLe1hPbUZTCz9NuFUzPl
0UOm00lPodf9c1hRh7L8
=o5BN
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 04 Jun 2014 07:33:40 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:04:38 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon