Your message dated Tue, 09 Oct 2012 13:48:27 +0000 with message-id <e1tlaad-0006ya...@franck.debian.org> and subject line Bug#689972: fixed in wireshark 1.8.2-2 has caused the Debian Bug report #689972, regarding wireshark: CVE-2012-5237 CVE-2012-5238 CVE-2012-5240 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689972: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689972 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: wireshark Severity: grave Tags: security Justification: user security hole Please see http://www.wireshark.org/security/wnpa-sec-2012-26.html http://www.wireshark.org/security/wnpa-sec-2012-27.html http://www.wireshark.org/security/wnpa-sec-2012-29.html Stable should not be affected, but please double-check. Since 1.8.3 changes more than just the security fixes, please cherrypick only the security-related fixes into an upload targeted at unstable and ask for an unblock. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: wireshark Source-Version: 1.8.2-2 We believe that the bug you reported is fixed in the latest version of wireshark, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 689...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Balint Reczey <bal...@balintreczey.hu> (supplier of updated wireshark package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 09 Oct 2012 11:39:42 +0200 Source: wireshark Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg wireshark-doc libwireshark2 libwsutil2 libwsutil-dev libwireshark-data libwireshark-dev libwiretap2 libwiretap-dev Architecture: source all amd64 Version: 1.8.2-2 Distribution: unstable Urgency: high Maintainer: Balint Reczey <bal...@balintreczey.hu> Changed-By: Balint Reczey <bal...@balintreczey.hu> Description: libwireshark-data - network packet dissection library -- data files libwireshark-dev - network packet dissection library -- development files libwireshark2 - network packet dissection library -- shared library libwiretap-dev - network packet capture library -- development files libwiretap2 - network packet capture library -- shared library libwsutil-dev - network packet dissection utilities library -- shared library libwsutil2 - network packet dissection utilities library -- shared library tshark - network traffic analyzer - console version wireshark - network traffic analyzer - GTK+ version wireshark-common - network traffic analyzer - common files wireshark-dbg - network traffic analyzer - debug symbols wireshark-dev - network traffic analyzer - development tools wireshark-doc - network traffic analyzer - documentation Closes: 689972 Changes: wireshark (1.8.2-2) unstable; urgency=high . * security fixes from Wireshark 1.8.3 (Closes: #689972): - The HSRP dissector could go into an infinite loop (CVE-2012-5237) - The PPP dissector could abort (CVE-2012-5238) - Martin Wilck discovered an infinite loop in the DRDA dissector (CVE-2012-5239) - Laurent Butti discovered a buffer overflow in the LDP dissector (CVE-2012-5240) Checksums-Sha1: 595ca2ed775c652c34858cf8a80ec1d33f5c41cd 2296 wireshark_1.8.2-2.dsc 792b08e4419612440d4c3e799514de070f1f04be 65631 wireshark_1.8.2-2.debian.tar.gz 6e7438b00b6be24447f8588e762140ce4f520ff6 3849182 wireshark-doc_1.8.2-2_all.deb dea452d48f3cbf90d5689b2a3206bc6e2ff6ec78 1222422 libwireshark-data_1.8.2-2_all.deb c760a332f69b763ca2be7cb8e11208460a6ecefa 227222 wireshark-common_1.8.2-2_amd64.deb 9f36fcd56ce3b24c786866e26d705b7080ea9c12 980324 wireshark_1.8.2-2_amd64.deb 029ff2a0197addb7df7e04b0291e04cabc52b3e6 177034 tshark_1.8.2-2_amd64.deb 524f2b65ffd6eebcf2112e13bfaf355130202ccc 175670 wireshark-dev_1.8.2-2_amd64.deb 0095e13770a62183ad3384d19e6435acf1ffdfa1 28285618 wireshark-dbg_1.8.2-2_amd64.deb 0a836ee0662bd3993878b7e9772a64869fba6683 13439880 libwireshark2_1.8.2-2_amd64.deb 43748896f74b95a368fa2a48c61a0badeebdd5c8 49578 libwsutil2_1.8.2-2_amd64.deb 54ffc89e517252d1b36317f8778406455a6b760f 48770 libwsutil-dev_1.8.2-2_amd64.deb 417fa85fbb768414137b8b2087485b5b53155296 884722 libwireshark-dev_1.8.2-2_amd64.deb 0f9625e971d6595955d2dcb91759b868e6ea682d 189842 libwiretap2_1.8.2-2_amd64.deb 99a69d7e6345f3e4d45f885ec10f15e2997d3602 69360 libwiretap-dev_1.8.2-2_amd64.deb Checksums-Sha256: b56bb0a70f24a97094f3590be60092b91db389df4eaff6cab607a377649cd86e 2296 wireshark_1.8.2-2.dsc a6fb6ddb2cd805c344cafa3134133d9e92afce6558786c83adef4f3e5a3c8bb3 65631 wireshark_1.8.2-2.debian.tar.gz f99d2bac0f4a11018ae515e29c6ce768b7ef8f973a9002f596b397a152225997 3849182 wireshark-doc_1.8.2-2_all.deb 9a368d088b42cbe6984179902ad528bc89ee55ca2ed3ea217128086382747636 1222422 libwireshark-data_1.8.2-2_all.deb b7024914054dddf54890f7505ec5aa4b13d029a431b003f9a531ef933aa1c570 227222 wireshark-common_1.8.2-2_amd64.deb f79131cca541c7ef0215c5668b8fe817bbc44de150eb582db4eacc8fbab43466 980324 wireshark_1.8.2-2_amd64.deb 845e447b02d610c1d53d4e2443c958c66a8ec0d4f746d5ad1c204f7953ab6c41 177034 tshark_1.8.2-2_amd64.deb 15acbeb6f406070c162b0fee85c28aadcec72940d58e4390a2ddef2d8c3d72fd 175670 wireshark-dev_1.8.2-2_amd64.deb 77ea50bc27d502c49bf5b9dcebe86ebf3bac47a7e8656999af34f71a64bafdd6 28285618 wireshark-dbg_1.8.2-2_amd64.deb 04286964900a2855cbc8e1abb3d25da4db24bc0b561bce681874b2810ab991f4 13439880 libwireshark2_1.8.2-2_amd64.deb 80981d833fe5ab3737361c5c5ebfaaf81f8b2239dfcd8c9c00332ce747d4e8da 49578 libwsutil2_1.8.2-2_amd64.deb 28ae37f9b2ca1df41cbf75c9a6d6f9ff908796126559d517a366117d7912eec0 48770 libwsutil-dev_1.8.2-2_amd64.deb b460761f1b5b7faa9e4a6ba18b3a8ad450ab9358d5532b71d5132eb9c814498f 884722 libwireshark-dev_1.8.2-2_amd64.deb 5b064d1576a8bab0d4a2a3d4e0e9b209620187666bed21a88b03d36425aba334 189842 libwiretap2_1.8.2-2_amd64.deb 49364288bf946be51ebe944cef178fe9c4370bd1da11c7deea0821fb0d126033 69360 libwiretap-dev_1.8.2-2_amd64.deb Files: 4d736126f269102b3fec4f1bc90addf0 2296 net optional wireshark_1.8.2-2.dsc df58b567270c0ddfd558b7af1ad6e412 65631 net optional wireshark_1.8.2-2.debian.tar.gz 053ee7157a02a5dca6b43c48b8c34073 3849182 doc extra wireshark-doc_1.8.2-2_all.deb 9c57d9b70642974861a49c50cae4177a 1222422 libs optional libwireshark-data_1.8.2-2_all.deb 9d38f65b7fd87d667e92c6a97be0ec08 227222 net optional wireshark-common_1.8.2-2_amd64.deb 2a9ed35972f5386ad4e9033bf0b532c0 980324 net optional wireshark_1.8.2-2_amd64.deb 1705a5340da467f1b97bc889620478b0 177034 net optional tshark_1.8.2-2_amd64.deb 722cdf72b00bffeb7bb8d8b9602654e4 175670 devel optional wireshark-dev_1.8.2-2_amd64.deb 5bc2f42c563fa6fd3a7e5aff6a066140 28285618 debug extra wireshark-dbg_1.8.2-2_amd64.deb 1835a2413f3f5db96614c9a7a9274cc0 13439880 libs optional libwireshark2_1.8.2-2_amd64.deb eb56cfdb53e90e65afa278f34dda18f5 49578 libs optional libwsutil2_1.8.2-2_amd64.deb aa7dc50983c8879e3bc1412f029ddc47 48770 libdevel optional libwsutil-dev_1.8.2-2_amd64.deb 27628f9c99ebe64b21b51caeb421d154 884722 libdevel optional libwireshark-dev_1.8.2-2_amd64.deb 900c82a2e0789d243b878d344cccd066 189842 libs optional libwiretap2_1.8.2-2_amd64.deb 06306c5eb62f10698e23e6c677d0f217 69360 libdevel optional libwiretap-dev_1.8.2-2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlB0JlwACgkQmSuMdaVnTsHVRwCfVxuGx6hhrQFEf4jFX5KsujGi xKwAnR0MBvPH5puQv4mqDCJnSsev+I/z =R+XV -----END PGP SIGNATURE-----
--- End Message ---
