2009/4/14 Launchpad Bug Tracker <360...@bugs.launchpad.net> > *** This bug is a security vulnerability *** > > You have been subscribed to a public security bug by Hew McLachlan (hew): > > Binary package hint: wireshark > > this version fixes a few security issues, including an arbitrary code > execution and denial of service vulnerabilities. please upgrade. > changelog: http://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html. > > wireshark (1.0.7-1) unstable; urgency=low > > * New upstream release 1.0.7 > - release notes: > http://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html > - security fixes: > - The PROFINET dissector was vulnerable to a format string > overflow. (CVE-2009-1210) > - The LDAP dissector could crash on Windows. (CVE-2009-1267) > - The Check Point High-Availability Protocol (CPHAP) dissector > could crash. (CVE-2009-1268) > - Wireshark could crash while loading a Tektronix .rf5 file > (CVE-2009-1269) > * update standards-version to 3.8.1 > * add 21_dumpcap.dpatch with patch from Rob Leslie <r...@mars.org> > that should avoid dumpcap seeing stop on CTRL-C as an error > (Closes: #518435) > > -- Joost Yervante Damad <and...@debian.org> Sat, 11 Apr 2009 10:06:45 > +0200 > > Ubuntu changes to be merged: > - replace gksu with menu in Recommends > - Add debian/README.source. > > ** Affects: wireshark (Ubuntu) > Importance: Undecided > Status: New > > > ** Tags: upgrade > -- > Please merge wireshark 1.0.7-1 (universe) from Debian unstable (main) > https://bugs.edge.launchpad.net/bugs/360661 > You received this bug notification because you are a member of MOTU Release > Team, which is a direct subscriber. >
1516.18 <iulian> Hew: It looks like there are no new features, so it's a bug fix release with a lot of security fixes. I'll acknowledge it. Would you like to take care of the merge? If yes, I will sponsor it. -- Iulian Udrea iul...@ubuntu.com ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1267 -- Please merge wireshark 1.0.7-1 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/360661 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
