-
wireshark (1.10.2-1) unstable; urgency=high
* New upstream release 1.10.2
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.10.2.html
- security fixes:
- The Bluetooth HCI ACL dissector could crash. Discovered by
Laurent Butti. (No assigned CVE number)
- The NBAP dissector could crash. Discovered by Laurent Butti.
(No assigned CVE number)
- The ASSA R3 dissector could go into an infinite loop.
Discovered by Ben Schmidt. (No assigned CVE number)
- The RTPS dissector could overflow a buffer. Discovered by
Ben Schmidt. (No assigned CVE number)
- The MQ dissector could crash. (No assigned CVE number)
- The LDAP dissector could crash. (No assigned CVE number)
- The Netmon file parser could crash. Discovered by G. Geshev.
(No assigned CVE number)
-- Balint Reczey <email address hidden> Tue, 10 Sep 2013 18:25:15 +0200
-
wireshark (1.10.1-1) unstable; urgency=high
* New upstream release 1.10.1
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.10.1.html
- security fixes:
- The DCP ETSI dissector could crash (CVE-2013-4083)
- The P1 dissector could crash. Discovered by Laurent Butti.
(CVE-2013-4920)
- The Radiotap dissector could crash. Discovered by Laurent Butti.
(CVE-2013-4921)
- The DCOM ISystemActivator dissector could crash.
Discovered by Laurent Butti. (CVE-2013-4922, CVE-2013-4923,
CVE-2013-4924, CVE-2013-4925 and CVE-2013-4926)
- The Bluetooth SDP dissector could go into a large loop.
Discovered by Laurent Butti. (CVE-2013-4927)
- The Bluetooth OBEX dissector could go into an infinite loop.
(CVE-2013-4928)
- The DIS dissector could go into a large loop.
(CVE-2013-4929)
- The DVB-CI dissector could crash. Discovered by Laurent Butti.
(CVE-2013-4930)
- The GSM RR dissector (and possibly others) could go into a large loop.
(CVE-2013-4931)
- The GSM A Common dissector could crash.
(CVE-2013-4932)
- The Netmon file parser could crash. Discovered by G. Geshev.
(CVE-2013-4933 and CVE-2013-4934)
- The ASN.1 PER dissector could crash.
Discovered by Oliver-Tobias Ripka. (CVE-2013-4935)
- The PROFINET Real-Time dissector could crash.
(CVE-2013-4936)
* fix upstream's libwireshark library's version number
* warn administrator during configuring dumpcap to allow non-root users
to capture packets if creating the wireshark system group fails
* refer to libwireshark3 in libwsutil-dev's description
* use xdg-open instead of sensible-browser
-- Balint Reczey <email address hidden> Sat, 27 Jul 2013 00:20:12 +0200
-
wireshark (1.10.0-2) unstable; urgency=high
* re-upload to unstable without changes
-- Balint Reczey <email address hidden> Sun, 23 Jun 2013 23:43:35 +0100
-
wireshark (1.8.7-1) unstable; urgency=high
* New upstream release 1.8.7:
- release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
- security fixes (Closes: #709167):
- The RELOAD dissector could go into an infinite loop.
Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
- The GTPv2 dissector could crash (CVE-2013-3555)
- The ASN.1 BER dissector could crash (CVE-2013-3556)
- The PPP CCP dissector could crash (CVE-2013-3558)
- The DCP ETSI dissector could crash. Discovered by Evan Jensen.
(CVE-2013-3559)
- The MPEG DSM-CC dissector could crash (CVE-2013-3560)
- The Websocket dissector could crash. Discovered by Moshe Kaplan.
(CVE-2013-3561 CVE-2013-3562)
- The MySQL dissector could go into an infinite loop.
Discovered by Moshe Kaplan.
- The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.
-- Balint Reczey <email address hidden> Wed, 22 May 2013 19:31:12 -0500
-
wireshark (1.8.6-3) unstable; urgency=low
* make libwsutil-dev confict with and replace wireshark-dev (<< 1.4.0~rc2-1)
(Closes: #704561)
-- Balint Reczey <email address hidden> Wed, 03 Apr 2013 01:50:49 +0200
-
wireshark (1.8.2-5) unstable; urgency=high
* security fixes from Wireshark 1.8.6:
- The TCP dissector could crash (CVE-2013-2475)
- The CSN.1 dissector could crash. Discovered by Laurent Butti.
(CVE-2013-2477)
- MMS dissector could crash. Discovered by Laurent Butti.
(CVE-2013-2478)
- The RTPS and RTPS2 dissectors could crash. Discovered by Alyssa Milburn.
(CVE-2013-2480)
- The Mount dissector could crash. Discovered by Alyssa Milburn.
(CVE-2013-2481)
- The ACN dissector could attempt to divide by zero.
Discovered by Alyssa Milburn. (CVE-2013-2483)
- The CIMD dissector could crash. Discovered by Moshe Kaplan.
(CVE-2013-2484)
- The DTLS dissector could crash. Discovered by Laurent Butti.
(CVE-2013-2488)
wireshark (1.8.2-4) unstable; urgency=high
* security fixes from Wireshark 1.8.5:
- The CLNP dissector could crash. Discovered independently by
Laurent Butti and the Wireshark development team (CVE-2013-1582)
- The DTN dissector could crash (CVE-2013-1583, CVE-2013-1584)
- The MS-MMC dissector (and possibly others) could crash (CVE-2013-1585)
- The DTLS dissector could crash. Discovered by Laurent Butti.
(CVE-2013-1586)
- The ROHC dissector could crash (CVE-2013-1587)
- The DCP-ETSI dissector could corrupt memory. Discovered by Laurent Butti.
(CVE-2013-1588)
- The Wireshark dissection engine could crash. Discovered by Laurent Butti.
- The NTLMSSP dissector could overflow a buffer. Discovered by
Ulf Härnhammar. (CVE-2013-1590)
-- Scott Kitterman <email address hidden> Sat, 09 Mar 2013 12:59:06 +0100