Your message dated Thu, 27 Jul 2006 05:19:56 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#378745: fixed in wireshark 0.99.2-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: ethereal
Version: 0.10.10-2sarge4
Severity: critical
Tags: security
Justification: privilige elevation via execution of arbitary code from remote
hosts
>From <http://www.wireshark.org/security/wnpa-sec-2006-01.html>:
Wireshark 0.99.2 fixes the following vulnerabilities:
* The GSM BSSMAP dissector could crash. Versions affected: 0.10.11. CVE:
CVE-2006-3627
Ilja van Sprundel discovered the following vulnerabilities:
* The ANSI MAP dissector was vulnerable to a format string overflow.
Versions affected: 0.10.0. CVE: CVE-2006-3628
* The Checkpoint FW-1 dissector was vulnerable to a format string overflow.
Versions affected: 0.10.10. CVE: CVE-2006-3628
* The MQ dissector was vulnerable to a format string overflow. Versions
affected: 0.10.4. CVE: CVE-2006-3628
* The XML dissector was vulnerable to a format string overflow. Versions
affected: 0.10.13. CVE: CVE-2006-3628
* The MOUNT dissector could attempt to allocate large amounts of memory.
Versions affected: 0.9.4. CVE: CVE-2006-3629
* The NCP NMAS and NDPS dissectors were susceptible to off-by-one errors.
Versions affected: 0.9.7. CVE: CVE-2006-3630
* The NTP dissector was vulnerable to a format string overflow. Versions
affected: 0.10.13. CVE: CVE-2006-3628
* The SSH dissector was vulnerable to an infinite loop. Versions affected:
0.9.10. CVE: CVE-2006-3631
* The NFS dissector may have been susceptible to a buffer overflow.
Versions affected: 0.8.16. CVE: CVE-2006-3632
Impact
It may be possible to make Ethereal crash, use up available memory, or run
arbitrary code by
injecting a purposefully malformed packet onto the wire or by convincing
someone to read a
malformed packet trace file.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-1-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages ethereal depends on:
ii ethereal-common 0.99.0-1 network traffic analyser (common f
ii libadns1 1.1-4 Asynchronous-capable DNS client li
ii libatk1.0-0 1.11.4-2 The ATK accessibility toolkit
ii libc6 2.3.6-15 GNU C Library: Shared libraries
ii libcairo2 1.2.0-3 The Cairo 2D vector graphics libra
ii libcap1 1:1.10-14 support for getting/setting POSIX.
ii libcomerr2 1.39-1 common error description library
ii libfontconfig1 2.3.2-7 generic font configuration library
ii libglib2.0-0 2.10.2-1 The GLib library of C routines
ii libgnutls13 1.4.0-3 the GNU TLS library - runtime libr
ii libgtk2.0-0 2.8.18-1 The GTK+ graphical user interface
ii libkrb53 1.4.3-7 MIT Kerberos runtime libraries
ii libpango1.0-0 1.12.3-1 Layout and rendering of internatio
ii libpcap0.8 0.9.4-2 System interface for user-level pa
ii libpcre3 6.4-2 Perl 5 Compatible Regular Expressi
ii libx11-6 2:1.0.0-7 X11 client-side library
ii libxcursor1 1.1.5.2-5 X cursor management library
ii libxext6 1:1.0.0-4 X11 miscellaneous extension librar
ii libxfixes3 1:3.0.1.2-4 X11 miscellaneous 'fixes' extensio
ii libxi6 1:1.0.0-5 X11 Input extension library
ii libxinerama1 1:1.0.1-4 X11 Xinerama extension library
ii libxrandr2 2:1.1.0.2-4 X11 RandR extension library
ii libxrender1 1:0.9.0.2-4 X Rendering Extension client libra
ii zlib1g 1:1.2.3-11 compression library - runtime
Versions of packages ethereal recommends:
ii gksu 1.9.1-2 graphical frontend to su
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: wireshark
Source-Version: 0.99.2-1
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:
tshark_0.99.2-1_i386.deb
to pool/main/w/wireshark/tshark_0.99.2-1_i386.deb
wireshark-common_0.99.2-1_i386.deb
to pool/main/w/wireshark/wireshark-common_0.99.2-1_i386.deb
wireshark-dev_0.99.2-1_i386.deb
to pool/main/w/wireshark/wireshark-dev_0.99.2-1_i386.deb
wireshark_0.99.2-1.diff.gz
to pool/main/w/wireshark/wireshark_0.99.2-1.diff.gz
wireshark_0.99.2-1.dsc
to pool/main/w/wireshark/wireshark_0.99.2-1.dsc
wireshark_0.99.2-1_i386.deb
to pool/main/w/wireshark/wireshark_0.99.2-1_i386.deb
wireshark_0.99.2.orig.tar.gz
to pool/main/w/wireshark/wireshark_0.99.2.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Frederic Peters <[EMAIL PROTECTED]> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 24 Jul 2006 19:29:26 +0200
Source: wireshark
Binary: wireshark wireshark-dev wireshark-common tshark
Architecture: source i386
Version: 0.99.2-1
Distribution: unstable
Urgency: high
Maintainer: Frederic Peters <[EMAIL PROTECTED]>
Changed-By: Frederic Peters <[EMAIL PROTECTED]>
Description:
tshark - network traffic analyzer (console)
wireshark - network traffic analyzer
wireshark-common - network traffic analyser (common files)
wireshark-dev - network traffic analyser (development tools)
Closes: 351941 368860 376522 378745
Changes:
wireshark (0.99.2-1) unstable; urgency=high
.
* New upstream release. (closes: #378745)
* The project changed name, ethereal is now wireshark. (closes: #351941)
See http://www.wireshark.org/news/20060607.html
* tethereal has been renamed to tshark
* idl2eth has been renamed to idl2wrs
* Urgency high since it fixes security issues
* http://www.wireshark.org/security/wnpa-sec-2006-01.html has details
* crash in GSM BSSMAP dissector (CVE-2006-3627)
* format string overflow in ANSI MAP dissector (CVE-2006-3628)
* format string overflow in Checkpoint FW-1 dissector (CVE-2006-3628)
* format string overflow in MQ dissector (CVE-2006-3628)
* format string overflow in XML dissector (CVE-2006-3628)
* large memory allocation in MOUNT dissector (CVE-2006-3629)
* off-by-one errors in NCP NMAS and NDPS dissectors (CVE-2006-3630)
* format string overflow in NTP dissector (CVE-2006-3628)
* infinite loop in SSH dissector (CVE-2006-3631)
* buffer overflow in NFS dissector (CVE-2006-3632)
* debian/wireshark-dev.header-files: includes missing files
(closes: #376522, #368860)
* debian/copyright: list source files that are under a license different
than Wireshark.
Files:
e6a4025e254d1c55d1543ec0fb72b125 888 net optional wireshark_0.99.2-1.dsc
46d3b7c9766960fb34782c2078c50d13 12358081 net optional
wireshark_0.99.2.orig.tar.gz
82d1a7d6b16c34713ba28562d6f152ee 75010 net optional wireshark_0.99.2-1.diff.gz
918d02ca5bc4fa32280ea908c32a3bfc 6940972 net optional
wireshark-common_0.99.2-1_i386.deb
31db58fa0aa20a38e9afafc0cb29bb8b 538202 net optional
wireshark_0.99.2-1_i386.deb
b295b4cf0417f3c1d3911c210283a71d 98786 net optional tshark_0.99.2-1_i386.deb
7d10752e8e59e0ebd581315d52ba2f76 171036 devel optional
wireshark-dev_0.99.2-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFExRqNoR3LsWeD7V4RAkepAJ4kSrFHzmpJgZ33ZN0B/UdsCJZGzACfauKa
W1qkFuL9MeqoA1t498AwJUM=
=dVji
-----END PGP SIGNATURE-----
--- End Message ---
