Your message dated Tue, 01 Apr 2008 21:18:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#452381: fixed in wireshark 1.0.0-1
has caused the Debian Bug report #452381,
regarding wireshark: multiple security issues CVE-2007-6111 - CVE-2007-6121
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
452381: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452381
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: wireshark
Severity: grave
Tags: security
Hi,
from: http://www.wireshark.org/security/wnpa-sec-2007-03.html
Wireshark 0.99.7 fixes the following vulnerabilities:
Wireshark could crash when reading an MP3 file.
Versions affected: 0.99.6
Beyond Security discovered that Wireshark could loop excessively while reading
a malformed DNP packet.
Versions affected: 0.10.12 to 0.99.6
Stefan Esser discovered a buffer overflow in the SSL dissector.
Versions affected: 0.99.0 to 0.99.6
The ANSI MAP dissector could be susceptible to a buffer overflow on some
platforms. (Bug 1844)
Versions affected: 0.99.5 to 0.99.6
The Firebird/Interbase dissector could go into an infinite loop or crash. (Bugs
1931 and 1932)
Versions affected: 0.99.6
The NCP dissector could cause a crash.
Versions affected: 0.99.6
The HTTP dissector could crash on some systems while decoding chunked messages.
Versions affected: 0.10.14 to 0.99.6
The MEGACO dissector could enter a large loop and consume system resources.
Versions affected: 0.9.14 to 0.99.6
The DCP ETSI dissector could enter a large loop and consume system resources.
Versions affected: 0.99.6
Fabiodds discovered a buffer overflow in the iSeries (OS/400) Communication
trace file parser. (Bug 1926)
Versions affected: 0.99.0 to 0.99.6
The PPP dissector could overflow a buffer.
Versions affected: 0.99.6
The Bluetooth SDP dissector could go into an infinite loop.
Versions affected: 0.99.2 to 0.99.6
A malformed RPC Portmap packet could cause a crash. (Bug 1998)
Versions affected: 0.8.16 to 0.99.6
CVE ids for this are pending, I will add them to this bug report if
I got them.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgprlpaIkQi03.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: wireshark
Source-Version: 1.0.0-1
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:
ethereal-common_1.0.0-1_i386.deb
to pool/main/w/wireshark/ethereal-common_1.0.0-1_i386.deb
ethereal-dev_1.0.0-1_i386.deb
to pool/main/w/wireshark/ethereal-dev_1.0.0-1_i386.deb
ethereal_1.0.0-1_i386.deb
to pool/main/w/wireshark/ethereal_1.0.0-1_i386.deb
tethereal_1.0.0-1_i386.deb
to pool/main/w/wireshark/tethereal_1.0.0-1_i386.deb
tshark_1.0.0-1_i386.deb
to pool/main/w/wireshark/tshark_1.0.0-1_i386.deb
wireshark-common_1.0.0-1_i386.deb
to pool/main/w/wireshark/wireshark-common_1.0.0-1_i386.deb
wireshark-dev_1.0.0-1_i386.deb
to pool/main/w/wireshark/wireshark-dev_1.0.0-1_i386.deb
wireshark_1.0.0-1.diff.gz
to pool/main/w/wireshark/wireshark_1.0.0-1.diff.gz
wireshark_1.0.0-1.dsc
to pool/main/w/wireshark/wireshark_1.0.0-1.dsc
wireshark_1.0.0-1_i386.deb
to pool/main/w/wireshark/wireshark_1.0.0-1_i386.deb
wireshark_1.0.0.orig.tar.gz
to pool/main/w/wireshark/wireshark_1.0.0.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joost Yervante Damad <[EMAIL PROTECTED]> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 01 Apr 2008 19:48:19 +0200
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev ethereal-common
ethereal-dev ethereal tethereal
Architecture: source i386
Version: 1.0.0-1
Distribution: unstable
Urgency: low
Maintainer: Frederic Peters <[EMAIL PROTECTED]>
Changed-By: Joost Yervante Damad <[EMAIL PROTECTED]>
Description:
ethereal - dummy upgrade package for ethereal -> wireshark
ethereal-common - dummy upgrade package for ethereal -> wireshark
ethereal-dev - dummy upgrade package for ethereal -> wireshark
tethereal - dummy upgrade package for ethereal -> wireshark
tshark - network traffic analyzer (console)
wireshark - network traffic analyzer
wireshark-common - network traffic analyser (common files)
wireshark-dev - network traffic analyser (development tools)
Closes: 117201 172939 369044 452381 468400 472478
Changes:
wireshark (1.0.0-1) unstable; urgency=low
.
* Several security issues were solved in 0.99.7 already:
(closes: #452381)
* allow remote attackers to cause a denial of service (crash) via (1) a
crafted MP3 file or (2) unspecified vectors to the NCP dissector
(CVE-2007-6111)
* Buffer overflow in the PPP dissector Wireshark (formerly Ethereal)
0.99.6 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via unknown vectors.
(CVE-2007-6112)
* Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote
attackers to cause a denial of service (long loop) via a malformed DNP
packet (CVE-2007-6113)
* Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0
through 0.99.6 allow remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via (1) the SSL dissector
or (2) the iSeries (OS/400) Communication trace file parser
(CVE-2007-6114)
* Buffer overflow in the ANSI MAP dissector for Wireshark (formerly
Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms,
allows remote attackers to cause a denial of service and possibly
execute arbitrary code via unknown vectors. (CVE-2007-6115)
* The Firebird/Interbase dissector in Wireshark (formerly Ethereal)
0.99.6 allows remote attackers to cause a denial of service (infinite
loop or crash) via unknown vectors. (CVE-2007-6116)
* Unspecified vulnerability in the HTTP dissector for Wireshark
(formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
attack vectors related to chunked messages. (CVE-2007-6117)
* The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6
allows remote attackers to cause a denial of service (long loop and
resource consumption) via unknown vectors. (CVE-2007-6118)
* The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows
remote attackers to cause a denial of service (long loop and resource
consumption) via unknown vectors. (CVE-2007-6119)
* The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to
0.99.6 allows remote attackers to cause a denial of service (infinite
loop) via unknown vectors. (CVE-2007-6120)
* Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers
to cause a denial of service (crash) via a malformed RPC Portmap
packet. (CVE-2007-6121)
* current wireshark has SSL support (closes: #172939)
* and H323 support (closes: #117201)
* resizing columns bugfix was applied last year (closes: #369044)
* new upstream release 1.0.0
http://www.wireshark.org/docs/relnotes/wireshark-1.0.0.html
* remove debian/ directory from upstream
* update 14_disable-cmip.dpatch.
* if wireshark has no priv, it now prints:
dumpcap: There are no interfaces on which a capture can be done
(closes: #468400)
* wireshark uses su-to-root now (closes: #472478)
* vulnerabilities fixed:
* The X.509sat and other dissector could crash (CVE-2008-1561)
* The LDAP dissector could crash on Windows and other platforms.
(CVE-2008-1562)
* The SCCP dissector could crash while using the "decode as"
feature (CVE-2008-1563)
Files:
16caefa076423ce9ac9f3a9d3ec5ef68 1123 net optional wireshark_1.0.0-1.dsc
f3f3d2211fe8b1f4358cd9250d99abe8 17031038 net optional
wireshark_1.0.0.orig.tar.gz
8541c018e28eedacb9789cd4381541bb 47800 net optional wireshark_1.0.0-1.diff.gz
b90e3a36e4460d8a7128f144ba9b9ae2 9972348 net optional
wireshark-common_1.0.0-1_i386.deb
de434d2b2a44400743561c141cc1fe63 614052 net optional wireshark_1.0.0-1_i386.deb
77d564ffad0515a12f92835af8388830 110394 net optional tshark_1.0.0-1_i386.deb
5751721c30d3fa09abf6e7b5fd236e28 569014 devel optional
wireshark-dev_1.0.0-1_i386.deb
c2573b5a6b395761a0cdb5af5080aa8b 24068 net optional
ethereal-common_1.0.0-1_i386.deb
6ad67a615453375565c4effa1a1858c2 23682 devel optional
ethereal-dev_1.0.0-1_i386.deb
6d7a3d0dde1c88645e660688a5fc89ff 23668 net optional ethereal_1.0.0-1_i386.deb
ea8a57cdb74cb573f60bea75cc6e3db0 23674 net optional tethereal_1.0.0-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH8pYL0/r2+3z8lN0RAsiaAJwP9fjQA6nBuYKpiqw8/S78n3c+GgCgtEB8
SaGV1uv74uBUuWtMftLXTkw=
=54vT
-----END PGP SIGNATURE-----
--- End Message ---
