-
wireshark (1.8.2-5wheezy18) wheezy-security; urgency=medium
* security fixes from Wireshark 1.12.10:
- DNP dissector infinite loop (CVE-2016-2523)
- RSL dissector crash (CVE-2016-2530 CVE-2016-2531)
- GSM A-bis OML dissector crash
- ASN.1 BER dissector crashes
* security fixes from Wireshark 1.12.9:
- RSL dissector crash (CVE-2015-8731)
- 802.11 decryption crash (CVE-2015-8723, CVE-2015-8724)
- ANSI A & GSM A dissector crashes (CVE-2015-8728)
- DIAMETER dissector crash (CVE-2015-8725)
-- Balint Reczey <email address hidden> Thu, 10 Mar 2016 19:25:58 +0100
-
wireshark (1.8.2-5wheezy16) wheezy-security; urgency=high
* security fixes from Wireshark 1.10.14:
- The WCP dissector could crash while decompressing data (CVE-2015-3811)
-- Balint Reczey <email address hidden> Sat, 23 May 2015 19:29:24 +0200
-
wireshark (1.8.2-5wheezy12) wheezy-security; urgency=high
* security fixes from Wireshark 1.10.9:
- RTP dissector crash (CVE-2014-6422)
- MEGACO dissector infinite loop (CVE-2014-6423)
- Netflow dissector crash (CVE-2014-6424)
- RTSP dissector crash (CVE-2014-6427)
- SES dissector crash (CVE-2014-6428)
- Sniffer file parser crash.
(CVE-2014-6429, CVE-2014-6430, CVE-2014-6431, CVE-2014-6432)
-- Balint Reczey <email address hidden> Sun, 12 Oct 2014 21:51:38 +0200
-
wireshark (1.8.2-5wheezy11) wheezy-security; urgency=high
* security fixes from Wireshark 1.10.9:
- The Catapult DCT2000 and IrDA dissectors could underrun a buffer
(CVE-2014-5161, CVE-2014-5162)
- The GSM Management dissector could crash (CVE-2014-5163)
- The RLC dissector could crash (CVE-2014-5164)
- The ASN.1 BER dissector could crash (CVE-2014-5165)
-- Balint Reczey <email address hidden> Tue, 05 Aug 2014 10:07:10 +0200
-
wireshark (1.8.2-5wheezy10) wheezy-security; urgency=low
* security fixes from Wireshark 1.8.13:
- The NFS dissector could crash. Discovered by Moshe Kaplan
(CVE-2014-2281)
- The RLC dissector could crash. (CVE-2014-2283)
- The MPEG file parser could overflow a buffer.
Discovered by Wesley Neelen. (CVE-2014-2299)
-- Balint Reczey <email address hidden> Sun, 09 Mar 2014 12:48:21 +0100
-
wireshark (1.8.2-5wheezy9) wheezy-security; urgency=high
* security fixes from (not yet released) Wireshark 1.8.13:
- The BSSGP dissector could crash. Discovered by Laurent Butti.
(CVE-2013-7113)
The exploit provided for CVE-2013-7113 does not crash 1.8.2-5wheezy8
and earlier versions, but a modified exploit could. The fix is
back-ported from Wireshark's 1.8.x branch.
-- Balint Reczey <email address hidden> Thu, 19 Dec 2013 19:25:08 +0100
-
wireshark (1.8.2-5wheezy7) wheezy-security; urgency=high
* security fixes from Wireshark 1.8.11:
- The IEEE 802.15.4 dissector could crash. (CVE-2013-6336)
- The NBAP dissector could crash. Discovered by Laurent Butti.
(CVE-2013-6337)
- The SIP dissector could crash.
(CVE-2013-6338)
- The TCP dissector could crash. (CVE-2013-6340)
-- Balint Reczey <email address hidden> Sat, 02 Nov 2013 16:20:36 +0100
-
wireshark (1.8.2-5wheezy6) wheezy-security; urgency=high
* security fixes from Wireshark 1.8.10:
- NBAP dissector could crash. Discovered by Laurent Butti.
(No assigned CVE number)
- The RTPS dissector could overflow a buffer. Discovered by
Ben Schmidt. (No assigned CVE number)
- The LDAP dissector could crash. (No assigned CVE number)
- The Netmon file parser could crash. Discovered by G. Geshev.
-- Balint Reczey <email address hidden> Tue, 10 Sep 2013 20:48:24 +0200
-
wireshark (1.8.2-5wheezy2) wheezy-proposed-updates; urgency=low
* make libwsutil-dev confict with and replace wireshark-dev (<< 1.4.0~rc2-1)
(Closes: #704561)
-- Balint Reczey <email address hidden> Wed, 03 Apr 2013 03:22:46 +0200
-
wireshark (1.8.2-5wheezy1) wheezy-security; urgency=high
* re-upload to Wheezy security without changes in the content
-- Balint Reczey <email address hidden> Sat, 16 Mar 2013 12:02:44 +0100
-
wireshark (1.8.2-2) unstable; urgency=high
* security fixes from Wireshark 1.8.3 (Closes: #689972):
- The HSRP dissector could go into an infinite loop (CVE-2012-5237)
- The PPP dissector could abort (CVE-2012-5238)
- Martin Wilck discovered an infinite loop in the DRDA dissector
(CVE-2012-5239)
- Laurent Butti discovered a buffer overflow in the LDP dissector
(CVE-2012-5240)
-- Balint Reczey <email address hidden> Tue, 09 Oct 2012 11:39:42 +0200
-
wireshark (1.8.2-1) unstable; urgency=high
* New upstream release 1.8.2 (skipping 1.8.1 in Debian)
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html
- security fixes:
- The PPP dissector could crash (Closes: #680056)(CVE-2012-4048)
- The NFS dissector could use excessive amounts of CPU (CVE-2012-4049)
- The DCP ETSI dissector could trigger a zero division. Reported by
Laurent Butti. (CVE-2012-4285)
- The MongoDB dissector could go into a large loop. Reported by
Ben Schmidt. (CVE-2012-4287)
- The XTP dissector could go into an infinite loop. Reported by
Ben Schmidt. (CVE-2012-4288)
- The ERF dissector could overflow a buffer. Reported by
Laurent Butti. (CVE-2012-4294 CVE-2012-4295)
- The AFP dissector could go into a large loop. Reported by
Stefan Cornelius. (CVE-2012-4289)
- The RTPS2 dissector could overflow a buffer. Reported by
Laurent Butti. (CVE-2012-4296)
- The GSM RLC MAC dissector could overflow a buffer. Reported by
Laurent Butti. (CVE-2012-4297)
- The CIP dissector could exhaust system memory. Reported by
Ben Schmidt. (CVE-2012-4291)
- The STUN dissector could crash. Reported by Laurent Butti.
(CVE-2012-4292)
- The EtherCAT Mailbox dissector could abort. Reported by
Laurent Butti. (CVE-2012-4293)
- The CTDB dissector could go into a large loop. Reported by
Ben Schmidt. (CVE-2012-4290)
- The pcap-ng file parser could trigger a zero division (CVE-2012-4286)
- The Ixia IxVeriWave file parser could overflow a buffer
(CVE-2012-4298)
-- Balint Reczey <email address hidden> Sun, 19 Aug 2012 14:30:56 +0200
-
wireshark (1.8.0-1) unstable; urgency=low
* New upstream release 1.8.0 (Closes: #678585)
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.8.0.html
* fix lintian pedantic mode warnings
- use set -e in maintainer scripts
- refer to GPLv2 via symlink
- fix spacing in debian/control
- depend on debhelper (>= 9)
-- Balint Reczey <email address hidden> Fri, 22 Jun 2012 19:25:19 +0200
-
wireshark (1.6.8-1) unstable; urgency=medium
* New upstream release 1.6.8
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.8.html
- security fixes:
- Infinite and large loops in the ANSI MAP, ASF, BACapp, Bluetooth
HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors have been
fixed (No assigned CVE number)
- The DIAMETER dissector could try to allocate memory improperly
and crash (No assigned CVE number)
- Wireshark could crash on SPARC processors due to misaligned
memory. Discovered by Klaus Heckelmann (No assigned CVE number)
- NEWS file is empty, stop shipping it in Debian package
* update standards-version to 3.9.3
* use dpkg-buildflags for hardening
* depend on dpkg-dev (>= 1.16.1~) for dpkg-buildflags
* bump debhelper compatibility level to v9
-- Balint Reczey <email address hidden> Tue, 22 May 2012 23:50:21 +0200
-
wireshark (1.6.7-1) unstable; urgency=low
* New upstream release 1.6.7
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.7.html
-- Balint Reczey <email address hidden> Wed, 11 Apr 2012 15:41:17 +0200
-
wireshark (1.6.6-1) unstable; urgency=high
* New upstream release 1.6.6
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.6.html
- security fixes (Closes: #666058):
- The ANSI A dissector could dereference a NULL pointer and crash
- The IEEE 802.11 dissector could go into an infinite loop
- The pcap and pcap-ng file parsers could crash trying to read ERF data
- The MP2T dissector could try to allocate too much memory and crash
* depend on automake instead of automake1.9
* update watch file to watch bzip2 compressed archives
-- Balint Reczey <email address hidden> Wed, 28 Mar 2012 12:34:10 +0200
-
wireshark (1.6.5-2) unstable; urgency=low
* clarify when set-user-id bit is set for dumpcap in README.Debian
(Closes: #649350)
* add notes about capturing USB frames to README.Debian
* package and use SVG icon for Wireshark (Closes: #661759)
-- Balint Reczey <email address hidden> Sun, 15 Jan 2012 11:16:10 -0800
-
wireshark (1.6.5-1) unstable; urgency=high
* New upstream release 1.6.5
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.5.html
- security fixes:
- Laurent Butti discovered that Wireshark failed to properly check
record sizes for many packet capture file formats.
(No assigned CVE number.)
- Wireshark could dereference a NULL pointer and crash.
(No assigned CVE number.)
- The RLC dissector could overflow a buffer.
(No assigned CVE number.)
* build architecture dependent and independent packages separately
* [Debconf translation updates]
- Indonesian (Mahyuddin Susanto). (Closes: #653938)
-- Balint Reczey <email address hidden> Thu, 12 Jan 2012 12:53:09 +0100
-
wireshark (1.6.4-1) unstable; urgency=low
* New upstream release 1.6.4
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.4.html
* remove Joost Yervante Damad from uploaders as he has resigned
Thank you Joost for taking care of Wireshark packages for many years!
-- Balint Reczey <email address hidden> Sat, 19 Nov 2011 11:21:58 +0100
-
wireshark (1.6.3-1) unstable; urgency=high
* New upstream release 1.6.3
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.3.html
- security fixes:
- The CSN.1 dissector could crash
(No assigned CVE number.)
- Huzaifa Sidhpurwala of Red Hat Security Response Team discovered
that the Infiniband dissector could dereference a NULL pointer.
(No assigned CVE number.)
- Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
buffer overflow in the ERF file reader. (No assigned CVE number.)
- bump library versions
* add build-arch and build-indep targets to debian/rules
* [Debconf translation updates]
- Slovak (Slavko). (Closes: #647082)
-- Balint Reczey <email address hidden> Tue, 01 Nov 2011 21:04:31 +0100
-
wireshark (1.6.2-1) unstable; urgency=high
* New upstream release 1.6.2
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.2.html
- security fixes
- A large loop in the OpenSafety dissector could cause a crash.
(CVE-2011-3484)
- A malformed IKE packet could consume excessive resources.
(CVE-2011-3266)
- A malformed capture file could result in an invalid root tvbuff and
cause a crash. (CVE-2011-3483 )
- Wireshark could run arbitrary Lua scripts. (CVE-2011-3360)
- The CSN.1 dissector could crash. (CVE-2011-3482)
- don't show subversion revision in window title (Closes: #635116)
-- Balint Reczey <email address hidden> Sun, 18 Sep 2011 04:10:15 -1000
-
wireshark (1.6.1-1) unstable; urgency=high
* New upstream release 1.6.1 - release notes: http://www.wireshark.org/docs/relnotes/wireshark-1.6.1.html - security fixes - The Lucent/Ascend file parser was susceptible to an infinite loop (CVE-2011-2597) - The ANSI MAP dissector was susceptible to an infinite loop (No assigned CVE number.) * use linux-any wildcard for architecture-specific dependencies (Closes: #634671) -- Balint Reczey <email address hidden> Tue, 19 Jul 2011 14:52:12 +0200
-
wireshark (1.6.0-1) unstable; urgency=low
* New upstream release 1.6.0 - release notes: http://www.wireshark.org/docs/relnotes/wireshark-1.6.0.html - Decode protocols selectively using tshark -O (Closes: #179309) - Support opening files larger than 2GB on all platforms (Closes: #539287) - Bump library versions (Closes: #627146) * depend on omniidl instead of omniidl4 transitional package * [Debconf translation updates] - Dutch (Jeroen Schot). (Closes: #626145) - Hungarian (Balint Reczey). * start shipping libwireshark1, libwiretap1 and libwsutil1 instead of libwireshark0, libwiretap0 and libwsutil0, respectively * drop 05_bump_so_versions.patch as upstream started library versioning -- Balint Reczey <email address hidden> Tue, 07 Jun 2011 21:29:16 +0200
-
wireshark (1.4.6-1) unstable; urgency=low
* New upstream release 1.4.6 - release notes: http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html - contains one fix only compared to 1.4.5: - Wireshark and TShark can crash while analyzing TCP packets. * depend on omniidl instead of omniidl4 transitional package -- Balint Reczey <email address hidden> Tue, 19 Apr 2011 09:55:10 +0200
-
wireshark (1.4.4-1) unstable; urgency=high
* New upstream release 1.4.4 - release notes: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html - security fixes - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a large packet length in a pcap-ng file could crash Wireshark. (No assigned CVE number.) - Wireshark could overflow a buffer while reading a Nokia DCT3 trace file. (CVE-2011-0713) - Paul Makowski working for SEI/CERT discovered that Wireshark on 32 bit systems could crash while reading a malformed 6LoWPAN packet. (No assigned CVE number.) - joernchen of Phenoelit discovered that the LDAP and SMB dissectors could overflow the stack. (No assigned CVE number.) - Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP Filter strings can consume excessive amounts of memory. (No assigned CVE number.) * drop 06_fix_crash_on_pcapng_file_error.patch since it is included in the new release -- Balint Reczey <email address hidden> Wed, 02 Mar 2011 14:07:27 +0100
-
wireshark (1.4.3-3) unstable; urgency=high
* pick fix for crash triggered by opening a malformed pcap-ng file (CVE-2011-0538) (Closes: #613202) -- Balint Reczey <email address hidden> Fri, 18 Feb 2011 18:02:41 +0100
-
wireshark (1.4.3-2) unstable; urgency=low
* re-upload to unstable -- Balint Reczey <email address hidden> Mon, 07 Feb 2011 14:34:06 +0100
-
wireshark (1.2.11-6) unstable; urgency=high
* security fixes from Wireshark 1.2.14: - FRAsse discovered that the MAC-LTE dissector could overflow a buffer. (No assigned CVE number.) - FRAsse discovered that the ENTTEC dissector could overflow a buffer. (CVE-2010-4538) (Closes: #608990) -- Balint Reczey <email address hidden> Thu, 13 Jan 2011 01:58:46 +0100