Bug#553583: marked as done (CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-2009-3549)

[Debian Bug Tracking System]

Your message dated Sun, 01 Nov 2009 19:14:54 +0000
with message-id <e1n4ft8-0003x9...@ries.debian.org>
and subject line Bug#553583: fixed in wireshark 1.2.3-1
has caused the Debian Bug report #553583,
regarding CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-2009-3549
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
553583: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553583
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: wireshark
Severity: grave
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for wireshark.

CVE-2009-3829[0]:
| Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows
| remote attackers to execute arbitrary code or cause a denial of
| service (application crash) via a crafted erf file, related to an
| "unsigned integer wrap vulnerability."

CVE-2009-3551[1]:
| Off-by-one error in the dissect_negprot_response function in
| packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2
| allows remote attackers to cause a denial of service (application
| crash) via a file that records a malformed packet trace.  NOTE: some of
| these details are obtained from third party information.

CVE-2009-3550[2]:
| The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0
| through 1.2.2 allows remote attackers to cause a denial of service
| (NULL pointer dereference and application crash) via a file that
| records a malformed packet trace.  NOTE: some of these details are
| obtained from third party information.

CVE-2009-3549[3]:
| packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through
| 1.2.2, on SPARC and certain other platforms, allows remote attackers
| to cause a denial of service (application crash) via a file that
| records a malformed packet trace.

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
    http://security-tracker.debian.org/tracker/CVE-2009-3829
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3551
    http://security-tracker.debian.org/tracker/CVE-2009-3551
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
    http://security-tracker.debian.org/tracker/CVE-2009-3550
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3549
    http://security-tracker.debian.org/tracker/CVE-2009-3549


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrtVvEACgkQNxpp46476aoiqwCdGWJG9CgxX9BIUSznE/lrJrnV
4vgAnjnZneMmcrMm15whTlW4aeHfaU8S
=eSSm
-----END PGP SIGNATURE-----

--- End Message ---

--- Begin Message ---

Source: wireshark
Source-Version: 1.2.3-1

We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:

tshark_1.2.3-1_amd64.deb
  to main/w/wireshark/tshark_1.2.3-1_amd64.deb
wireshark-common_1.2.3-1_amd64.deb
  to main/w/wireshark/wireshark-common_1.2.3-1_amd64.deb
wireshark-dev_1.2.3-1_amd64.deb
  to main/w/wireshark/wireshark-dev_1.2.3-1_amd64.deb
wireshark_1.2.3-1.diff.gz
  to main/w/wireshark/wireshark_1.2.3-1.diff.gz
wireshark_1.2.3-1.dsc
  to main/w/wireshark/wireshark_1.2.3-1.dsc
wireshark_1.2.3-1_amd64.deb
  to main/w/wireshark/wireshark_1.2.3-1_amd64.deb
wireshark_1.2.3.orig.tar.gz
  to main/w/wireshark/wireshark_1.2.3.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 553...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Balint Reczey <bal...@balintreczey.hu> (supplier of updated wireshark package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 28 Oct 2009 14:35:20 +0100
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev
Architecture: source amd64
Version: 1.2.3-1
Distribution: unstable
Urgency: high
Maintainer: Frederic Peters <fpet...@debian.org>
Changed-By: Balint Reczey <bal...@balintreczey.hu>
Description: 
 tshark     - network traffic analyzer - console version
 wireshark  - network traffic analyzer - GTK+ version
 wireshark-common - network traffic analyzer - common files
 wireshark-dev - network traffic analyzer - development tools
Closes: 552025 553583
Changes: 
 wireshark (1.2.3-1) unstable; urgency=high
 .
   * New upstream release 1.2.3
     - release notes:
       http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html
     - security fixes
        - The Paltalk dissector could crash on alignment-sensitive processors.
          (CVE-2009-3549)
        - The DCERPC/NT dissector could crash. (CVE-2009-3550)
        - The SMB dissector could crash. (CVE-2009-3551)
     (Closes: #553583)
   [ Eloy Paris ]
   * added missing libraries and header files to wireshark-dev (Closes: #552025)
Checksums-Sha1: 
 11c7041875d3ca57c17ac88d5a565ee81f9da4ac 1564 wireshark_1.2.3-1.dsc
 32a8a326524ecd5759dac65f94105f2ec8b5a8cb 19576271 wireshark_1.2.3.orig.tar.gz
 d2265581b965b25aa5eb91de04d02e0c2f29bc15 43469 wireshark_1.2.3-1.diff.gz
 2506eabad8bec8ca0578eca0304f8179fe5424d4 13679868 
wireshark-common_1.2.3-1_amd64.deb
 8763f9d7c467d326da0b4ca2b72faf891f7bba51 790772 wireshark_1.2.3-1_amd64.deb
 8bb21f812205d91d037a945a1ff9a3408d0e06f7 128924 tshark_1.2.3-1_amd64.deb
 9da150d5e500f8b59170a186fe88ddbc6b72e40a 789258 wireshark-dev_1.2.3-1_amd64.deb
Checksums-Sha256: 
 39123867b8a7e4ba4dd7fcf8a55b12505f94036e9dc9e81e8cdf8fb321062345 1564 
wireshark_1.2.3-1.dsc
 ce607f893dd93c155909e0b4d4438e55ef4655c6ca24611d887d8e58ed3d08dd 19576271 
wireshark_1.2.3.orig.tar.gz
 ac0c4243a6fc2f6fad3e04a11eb92694ab3ffd10a9fddb1f43f0d8c89a42bea5 43469 
wireshark_1.2.3-1.diff.gz
 9c653669cbc8024b158900efa854648c5f6eba79c5c5d66c081dbc7bc9fb87fb 13679868 
wireshark-common_1.2.3-1_amd64.deb
 942c8c21a9da70aaf994801ca1b96d0559e242bc1e321da4f300c72739a5fbeb 790772 
wireshark_1.2.3-1_amd64.deb
 b283764aae77a09458f4296d854bd1842236da1c9cb811ecb719224c226b1b34 128924 
tshark_1.2.3-1_amd64.deb
 d100e3da81bce09f76346de675c4a26e20cc3f64203857c48405246fb2e32403 789258 
wireshark-dev_1.2.3-1_amd64.deb
Files: 
 684b447d1b63458dd7697f5691bc3c8c 1564 net optional wireshark_1.2.3-1.dsc
 24b75982b65d2b7487e980584b085866 19576271 net optional 
wireshark_1.2.3.orig.tar.gz
 d62a896c5a920b07841b3151ebc8685f 43469 net optional wireshark_1.2.3-1.diff.gz
 cdd2129f29ef6abd559db5d49cfab936 13679868 net optional 
wireshark-common_1.2.3-1_amd64.deb
 77a58bc09f669598bfaec218679b3801 790772 net optional 
wireshark_1.2.3-1_amd64.deb
 0fa4d9a403d832d6f508ef6c21f86342 128924 net optional tshark_1.2.3-1_amd64.deb
 bcc7f9ef35e6a999eb60b39a282756e5 789258 devel optional 
wireshark-dev_1.2.3-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrtztoACgkQ0/r2+3z8lN3o0wCeMmIVqn7WbIsWRDEv2YpXH7fX
WhQAoLZxz6hLxPV4PbH+6lmFmfIJzW6j
=blYN
-----END PGP SIGNATURE-----

--- End Message ---