Author: Balint Reczey
Revision Date: 2013-05-22 19:31:12 UTC

* New upstream release 1.8.7:
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
  - security fixes (Closes: #709167):
    - The RELOAD dissector could go into an infinite loop.
      Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
    - The GTPv2 dissector could crash (CVE-2013-3555)
    - The ASN.1 BER dissector could crash (CVE-2013-3556)
    - The PPP CCP dissector could crash (CVE-2013-3558)
    - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
      (CVE-2013-3559)
    - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
    - The Websocket dissector could crash. Discovered by Moshe Kaplan.
      (CVE-2013-3561 CVE-2013-3562)
    - The MySQL dissector could go into an infinite loop.
      Discovered by Moshe Kaplan.
    - The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.

Author: Balint Reczey
Revision Date: 2013-05-22 19:31:12 UTC

* New upstream release 1.8.7:
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
  - security fixes (Closes: #709167):
    - The RELOAD dissector could go into an infinite loop.
      Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
    - The GTPv2 dissector could crash (CVE-2013-3555)
    - The ASN.1 BER dissector could crash (CVE-2013-3556)
    - The PPP CCP dissector could crash (CVE-2013-3558)
    - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
      (CVE-2013-3559)
    - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
    - The Websocket dissector could crash. Discovered by Moshe Kaplan.
      (CVE-2013-3561 CVE-2013-3562)
    - The MySQL dissector could go into an infinite loop.
      Discovered by Moshe Kaplan.
    - The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.

Author: Balint Reczey
Revision Date: 2013-05-22 19:31:12 UTC

* New upstream release 1.8.7:
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
  - security fixes (Closes: #709167):
    - The RELOAD dissector could go into an infinite loop.
      Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
    - The GTPv2 dissector could crash (CVE-2013-3555)
    - The ASN.1 BER dissector could crash (CVE-2013-3556)
    - The PPP CCP dissector could crash (CVE-2013-3558)
    - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
      (CVE-2013-3559)
    - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
    - The Websocket dissector could crash. Discovered by Moshe Kaplan.
      (CVE-2013-3561 CVE-2013-3562)
    - The MySQL dissector could go into an infinite loop.
      Discovered by Moshe Kaplan.
    - The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.

Author: Balint Reczey
Revision Date: 2013-05-22 19:31:12 UTC

* New upstream release 1.8.7:
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
  - security fixes (Closes: #709167):
    - The RELOAD dissector could go into an infinite loop.
      Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
    - The GTPv2 dissector could crash (CVE-2013-3555)
    - The ASN.1 BER dissector could crash (CVE-2013-3556)
    - The PPP CCP dissector could crash (CVE-2013-3558)
    - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
      (CVE-2013-3559)
    - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
    - The Websocket dissector could crash. Discovered by Moshe Kaplan.
      (CVE-2013-3561 CVE-2013-3562)
    - The MySQL dissector could go into an infinite loop.
      Discovered by Moshe Kaplan.
    - The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.

Author: Marc Deslauriers
Revision Date: 2013-06-05 09:53:32 UTC

fake sync from Debian

Author: Marc Deslauriers
Revision Date: 2013-06-05 09:53:32 UTC

fake sync from Debian

Author: Balint Reczey
Revision Date: 2013-05-22 19:31:12 UTC

* New upstream release 1.8.7:
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
  - security fixes (Closes: #709167):
    - The RELOAD dissector could go into an infinite loop.
      Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
    - The GTPv2 dissector could crash (CVE-2013-3555)
    - The ASN.1 BER dissector could crash (CVE-2013-3556)
    - The PPP CCP dissector could crash (CVE-2013-3558)
    - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
      (CVE-2013-3559)
    - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
    - The Websocket dissector could crash. Discovered by Moshe Kaplan.
      (CVE-2013-3561 CVE-2013-3562)
    - The MySQL dissector could go into an infinite loop.
      Discovered by Moshe Kaplan.
    - The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.

Author: Balint Reczey
Revision Date: 2013-05-22 19:31:12 UTC

* New upstream release 1.8.7:
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
  - security fixes (Closes: #709167):
    - The RELOAD dissector could go into an infinite loop.
      Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
    - The GTPv2 dissector could crash (CVE-2013-3555)
    - The ASN.1 BER dissector could crash (CVE-2013-3556)
    - The PPP CCP dissector could crash (CVE-2013-3558)
    - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
      (CVE-2013-3559)
    - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
    - The Websocket dissector could crash. Discovered by Moshe Kaplan.
      (CVE-2013-3561 CVE-2013-3562)
    - The MySQL dissector could go into an infinite loop.
      Discovered by Moshe Kaplan.
    - The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan.

Author: Balint Reczey
Revision Date: 2013-03-09 12:59:06 UTC

* security fixes from Wireshark 1.8.6:
  - The TCP dissector could crash (CVE-2013-2475)
  - The CSN.1 dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2477)
  - MMS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2478)
  - The RTPS and RTPS2 dissectors could crash. Discovered by Alyssa Milburn.
    (CVE-2013-2480)
  - The Mount dissector could crash. Discovered by Alyssa Milburn.
    (CVE-2013-2481)
  - The ACN dissector could attempt to divide by zero.
    Discovered by Alyssa Milburn. (CVE-2013-2483)
  - The CIMD dissector could crash. Discovered by Moshe Kaplan.
    (CVE-2013-2484)
  - The DTLS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2488)

Author: Balint Reczey
Revision Date: 2013-03-09 12:59:06 UTC

* security fixes from Wireshark 1.8.6:
  - The TCP dissector could crash (CVE-2013-2475)
  - The CSN.1 dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2477)
  - MMS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2478)
  - The RTPS and RTPS2 dissectors could crash. Discovered by Alyssa Milburn.
    (CVE-2013-2480)
  - The Mount dissector could crash. Discovered by Alyssa Milburn.
    (CVE-2013-2481)
  - The ACN dissector could attempt to divide by zero.
    Discovered by Alyssa Milburn. (CVE-2013-2483)
  - The CIMD dissector could crash. Discovered by Moshe Kaplan.
    (CVE-2013-2484)
  - The DTLS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2488)

Author: Balint Reczey
Revision Date: 2012-10-09 11:39:42 UTC

* security fixes from Wireshark 1.8.3 (Closes: #689972):
  - The HSRP dissector could go into an infinite loop (CVE-2012-5237)
  - The PPP dissector could abort (CVE-2012-5238)
  - Martin Wilck discovered an infinite loop in the DRDA dissector
    (CVE-2012-5239)
  - Laurent Butti discovered a buffer overflow in the LDP dissector
    (CVE-2012-5240)

Author: Balint Reczey
Revision Date: 2012-04-11 15:41:17 UTC

* New upstream release 1.6.7
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.6.7.html

Author: Steve Beattie
Revision Date: 2012-01-27 15:51:55 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2012-01-27 15:51:55 UTC

fake sync from Debian

Author: Balint Reczey
Revision Date: 2011-09-18 04:10:15 UTC

* New upstream release 1.6.2
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.6.2.html
  - security fixes
    - A large loop in the OpenSafety dissector could cause a crash.
      (CVE-2011-3484)
    - A malformed IKE packet could consume excessive resources.
      (CVE-2011-3266)
    - A malformed capture file could result in an invalid root tvbuff and
      cause a crash. (CVE-2011-3483 )
    - Wireshark could run arbitrary Lua scripts. (CVE-2011-3360)
    - The CSN.1 dissector could crash. (CVE-2011-3482)
  - don't show subversion revision in window title (Closes: #635116)

Author: Balint Reczey
Revision Date: 2011-04-19 09:55:10 UTC

* New upstream release 1.4.6
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html
  - contains one fix only compared to 1.4.5:
    - Wireshark and TShark can crash while analyzing TCP packets.
* depend on omniidl instead of omniidl4 transitional package

Author: Balint Reczey
Revision Date: 2010-09-30 15:24:29 UTC

* 25_fix-libsmi-workaround.patch:
  Fix the libsmi workaround by adding missing brackets.
* backport fix for IP header checksum calculation regression introduced
  in 1.2.10
* [Debconf translation updates]
  - Vietnamese (Clytie Siddall). (Closes: #598498)

[ Daniel T Chen ]
* 22_lp606063-fix-assertion-capture_start.patch:
  Handle event handler being invoked recursively. Fix backported from
  upstream SVN r33906. Thanks, Gregor Beck!
  https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5126
  (LP: #606063)

Author: Balint Reczey
Revision Date: 2010-04-01 11:11:37 UTC

* New upstream release 1.2.7
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html
* fix purging wireshark-common when removing wireshark system group fails
* fix crash when opening About box with disabled OID resolution
  (Closes: #574086)

Author: Balint Reczey
Revision Date: 2009-10-11 02:08:13 UTC

[ Christian Perrier ]
* Debconf templates and debian/control reviewed by the debian-l10n-
  english team as part of the Smith review project. Closes: #547130
* [Debconf translation updates]
  - German (Helge Kreutzmann). Closes: #547229
  - Basque (Piarres Beobide). Closes: #547268
  - Portuguese (Pedro Ribeiro). Closes: #547381
  - Swedish (Martin Ågren). Closes: #547383
  - Vietnamese (Clytie Siddall). Closes: #547800
  - French (Simon Paillard). Closes: #548340
  - Italian (Luca Monducci). Closes: #548605
  - Japanese (Hideki Yamane (Debian-JP)). Closes: #548655
  - Spanish (Francisco Javier Cuadrado). Closes: #548700
  - Czech (Martin Sin). Closes: #548728
  - Russian (Yuri Kozlov). Closes: #549086
  - Finnish (Esko Arajärvi). Closes: #549609

Author: Stefan Lesicnik
Revision Date: 2008-11-02 19:32:37 UTC

* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3
  through 1.0.3 allows remote attackers to cause a denial of service (application
  crash or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Included as was detected as vulnerable even although CVE says otherwise.
  - Revision: 26190
  - CVE-2008-4685

Author: Hew
Revision Date: 2009-04-16 22:22:22 UTC

* Merge from debian unstable, remaining changes (LP: 360661):
  - replace gksu with menu in Recommends
  - Add debian/README.source.

Author: Stefan Lesicnik
Revision Date: 2008-10-29 22:31:07 UTC

* SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
  through 1.0.3 allows remote attackers to cause a denial of service
  (application crash or abort) via a malformed USB Request Block (URB).
  (LP #290716)
  - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
    data structures in packet-usb.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4680
* SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
  dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
  to cause a denial of service (application crash or abort) via unknown
  packets. (LP #290716)
  - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
    data structures in btrfcomm.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4681
* SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
  attackers to cause a denial of service (application abort) via a
  malformed Tamos CommView capture file (aka .ncf file) with an
  "unknown/unexpected packet type" that triggers a failed assertion.
  (LP #290716)
  - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
    finds an unknown/unexpected packet type - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26327
  - CVE-2008-4682
* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
  1.0.3 allows remote attackers to cause a denial of service (application crash
  or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26190
  - CVE-2008-4685

Author: Stefan Lesicnik
Revision Date: 2008-10-29 22:31:07 UTC

* SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
  through 1.0.3 allows remote attackers to cause a denial of service
  (application crash or abort) via a malformed USB Request Block (URB).
  (LP #290716)
  - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
    data structures in packet-usb.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4680
* SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
  dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
  to cause a denial of service (application crash or abort) via unknown
  packets. (LP #290716)
  - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
    data structures in btrfcomm.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4681
* SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
  attackers to cause a denial of service (application abort) via a
  malformed Tamos CommView capture file (aka .ncf file) with an
  "unknown/unexpected packet type" that triggers a failed assertion.
  (LP #290716)
  - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
    finds an unknown/unexpected packet type - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26327
  - CVE-2008-4682
* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
  1.0.3 allows remote attackers to cause a denial of service (application crash
  or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26190
  - CVE-2008-4685

Author: Stefan Lesicnik
Revision Date: 2008-10-29 22:31:07 UTC

* SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
  through 1.0.3 allows remote attackers to cause a denial of service
  (application crash or abort) via a malformed USB Request Block (URB).
  (LP #290716)
  - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
    data structures in packet-usb.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4680
* SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
  dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
  to cause a denial of service (application crash or abort) via unknown
  packets. (LP #290716)
  - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
    data structures in btrfcomm.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4681
* SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
  attackers to cause a denial of service (application abort) via a
  malformed Tamos CommView capture file (aka .ncf file) with an
  "unknown/unexpected packet type" that triggers a failed assertion.
  (LP #290716)
  - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
    finds an unknown/unexpected packet type - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26327
  - CVE-2008-4682
* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
  1.0.3 allows remote attackers to cause a denial of service (application crash
  or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26190
  - CVE-2008-4685

Author: James Westby
Revision Date: 2008-10-09 16:15:28 UTC

Add debian/patches/20_sigpipe.dpatch, which restores the default sigpipe
action, meaning that the app won't hang under gksu. (LP: #198884)
Huge thanks to Sergio Barjola.

Author: Scott Kitterman
Revision Date: 2008-08-21 02:34:20 UTC

Automated backport upload; no source changes.

Author: Stephan Rügamer
Revision Date: 2007-11-29 13:52:52 UTC

* SECURITY UPDATE:
  + CVE-2007-6121: Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows
    remote attackers to cause a denial of service (crash) via a malformed RPC
    Portmap packet.
  + CVE-2007-6120: The Bluetooth SDP dissector Wireshark (formerly Ethereal)
    0.99.2 to 0.99.6 allows remote attackers to cause a denial of service
    (infinite loop) via unknown vectors.
  + CVE-2007-6117: Unspecified vulnerability in the HTTP dissector for
    Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
    attack vectors related to chunked messages.
  + CVE-2007-6114: Multiple buffer overflows in Wireshark (formerly
    Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of
    service (crash) and possibly execute arbitrary code via (1) the SSL dissector
    or (2) the iSeries (OS/400) Communication trace file parser.
  + CVE-2007-6113: Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows
    remote attackers to cause a denial of service (long loop) via a malformed DNP
    packet.
* debian/patches/13_CVE-2007-6121.dpatch:
  - Applied patch by upstream
  - Link: http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1132
* debian/patches/13_CVE-2007-6120.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-btsdp.c?r1=21431&r2=23496&view=patch
* debian/patches/13_CVE-2007-6117.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-http.c?r1=22515&r2=23415&view=patch
* debian/patches/13_CVE-2007-6114.dpatch:
  - Applied patch by upstream
  - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl-utils.h?r1=21445&r2=22883&view=patch
  - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl.c?r1=22625&r2=22883&view=patch
  - Link 3: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/iseries.c?r1=23000&r2=23232&view=patch
* debian/patches/13_CVE-2007-6113.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dnp.c?r1=22764&r2=22811&view=patch
* References:
  CVE-2007-6121
  CVE-2007-6120
  CVE-2007-6117
  CVE-2007-6114
  CVE-2007-6113
  http://www.wireshark.org/security/wnpa-sec-2007-03.html

Author: Stefan Lesicnik
Revision Date: 2008-10-30 13:17:54 UTC

 * SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
  through 1.0.3 allows remote attackers to cause a denial of service
  (application crash or abort) via a malformed USB Request Block (URB).
  (LP #290716)
  - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
    data structures in packet-usb.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4680
* SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
  dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
  to cause a denial of service (application crash or abort) via unknown
  packets. (LP #290716)
  - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
    data structures in btrfcomm.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4681
* SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
  attackers to cause a denial of service (application abort) via a
  malformed Tamos CommView capture file (aka .ncf file) with an
  "unknown/unexpected packet type" that triggers a failed assertion.
  (LP #290716)
  - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
    finds an unknown/unexpected packet type - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26327
  - CVE-2008-4682
* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
  1.0.3 allows remote attackers to cause a denial of service (application crash
  or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26190
  - CVE-2008-4685

Author: Stefan Lesicnik
Revision Date: 2008-10-30 13:17:54 UTC

 * SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
  through 1.0.3 allows remote attackers to cause a denial of service
  (application crash or abort) via a malformed USB Request Block (URB).
  (LP #290716)
  - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
    data structures in packet-usb.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4680
* SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
  dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
  to cause a denial of service (application crash or abort) via unknown
  packets. (LP #290716)
  - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
    data structures in btrfcomm.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4681
* SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
  attackers to cause a denial of service (application abort) via a
  malformed Tamos CommView capture file (aka .ncf file) with an
  "unknown/unexpected packet type" that triggers a failed assertion.
  (LP #290716)
  - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
    finds an unknown/unexpected packet type - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26327
  - CVE-2008-4682
* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
  1.0.3 allows remote attackers to cause a denial of service (application crash
  or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26190
  - CVE-2008-4685

Author: Stefan Lesicnik
Revision Date: 2008-10-30 13:17:54 UTC

 * SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
  through 1.0.3 allows remote attackers to cause a denial of service
  (application crash or abort) via a malformed USB Request Block (URB).
  (LP #290716)
  - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
    data structures in packet-usb.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4680
* SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
  dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
  to cause a denial of service (application crash or abort) via unknown
  packets. (LP #290716)
  - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
    data structures in btrfcomm.c - Gerald Combs.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26333
  - CVE-2008-4681
* SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
  attackers to cause a denial of service (application abort) via a
  malformed Tamos CommView capture file (aka .ncf file) with an
  "unknown/unexpected packet type" that triggers a failed assertion.
  (LP #290716)
  - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
    finds an unknown/unexpected packet type - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26327
  - CVE-2008-4682
* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
  1.0.3 allows remote attackers to cause a denial of service (application crash
  or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 26190
  - CVE-2008-4685

Author: Joost Yervante Damad
Revision Date: 2008-04-01 19:48:19 UTC

* Several security issues were solved in 0.99.7 already:
  (closes: #452381)
  * allow remote attackers to cause a denial of service (crash) via (1) a
    crafted MP3 file or (2) unspecified vectors to the NCP dissector
    (CVE-2007-6111)
  * Buffer overflow in the PPP dissector Wireshark (formerly Ethereal)
    0.99.6 allows remote attackers to cause a denial of service (crash)
    and possibly execute arbitrary code via unknown vectors.
    (CVE-2007-6112)
  * Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote
    attackers to cause a denial of service (long loop) via a malformed DNP
    packet (CVE-2007-6113)
  * Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0
    through 0.99.6 allow remote attackers to cause a denial of service
    (crash) and possibly execute arbitrary code via (1) the SSL dissector
    or (2) the iSeries (OS/400) Communication trace file parser
    (CVE-2007-6114)
  * Buffer overflow in the ANSI MAP dissector for Wireshark (formerly
    Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms,
    allows remote attackers to cause a denial of service and possibly
    execute arbitrary code via unknown vectors. (CVE-2007-6115)
  * The Firebird/Interbase dissector in Wireshark (formerly Ethereal)
    0.99.6 allows remote attackers to cause a denial of service (infinite
    loop or crash) via unknown vectors. (CVE-2007-6116)
  * Unspecified vulnerability in the HTTP dissector for Wireshark
    (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
    attack vectors related to chunked messages. (CVE-2007-6117)
  * The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6
    allows remote attackers to cause a denial of service (long loop and
    resource consumption) via unknown vectors. (CVE-2007-6118)
  * The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows
    remote attackers to cause a denial of service (long loop and resource
    consumption) via unknown vectors. (CVE-2007-6119)
  * The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to
    0.99.6 allows remote attackers to cause a denial of service (infinite
    loop) via unknown vectors. (CVE-2007-6120)
  * Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers
    to cause a denial of service (crash) via a malformed RPC Portmap
    packet. (CVE-2007-6121)
* current wireshark has SSL support (closes: #172939)
* and H323 support (closes: #117201)
* resizing columns bugfix was applied last year (closes: #369044)
* new upstream release 1.0.0
  http://www.wireshark.org/docs/relnotes/wireshark-1.0.0.html
* remove debian/ directory from upstream
* update 14_disable-cmip.dpatch.
* if wireshark has no priv, it now prints:
    dumpcap: There are no interfaces on which a capture can be done
    (closes: #468400)
* wireshark uses su-to-root now (closes: #472478)
* vulnerabilities fixed:
  * The X.509sat and other dissector could crash (CVE-2008-1561)
  * The LDAP dissector could crash on Windows and other platforms.
    (CVE-2008-1562)
  * The SCCP dissector could crash while using the "decode as"
    feature (CVE-2008-1563)

Author: Stefan Lesicnik
Revision Date: 2008-11-02 19:32:37 UTC

* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3
  through 1.0.3 allows remote attackers to cause a denial of service (application
  crash or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Included as was detected as vulnerable even although CVE says otherwise.
  - Revision: 26190
  - CVE-2008-4685

Author: Stefan Lesicnik
Revision Date: 2008-11-02 19:32:37 UTC

* SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
  Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
  attackers to cause a denial of service (application crash or abort) via
  a packet with an invalid length, related to an erroneous tvb_memcpy call.
  (LP #290716)
  - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
    overflow - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25195
  - Included patch not listed by CVE to prevent memory overflow in
    bluetooth dissector - Jeff Morris.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25196
  - CVE-2008-4683
* SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
  properly handle exceptions thrown by post dissectors, which allows
  remote attackers to cause a denial of service (application crash) via
  a certain series of packets, as demonstrated by enabling the (1) PRP
  or (2) MATE post dissector. (LP #290716)
  - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
    post dissectors - Jeff Morris, wmeier
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Revision: 25339, 25342, 25344
  - CVE-2008-4684
* SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
  function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3
  through 1.0.3 allows remote attackers to cause a denial of service (application
  crash or abort) via certain packets that trigger an exception. (LP #290716)
  - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
    which clears the have_valid_q931_pi semaphore - Jaap Keuter.
  - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
  - Included as was detected as vulnerable even although CVE says otherwise.
  - Revision: 26190
  - CVE-2008-4685

Author: Stephan Rügamer
Revision Date: 2007-11-29 11:33:47 UTC

* SECURITY UPDATE:
  + CVE-2007-6121: Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows
    remote attackers to cause a denial of service (crash) via a malformed RPC
    Portmap packet.
  + CVE-2007-6120: The Bluetooth SDP dissector Wireshark (formerly Ethereal)
    0.99.2 to 0.99.6 allows remote attackers to cause a denial of service
    (infinite loop) via unknown vectors.
  + CVE-2007-6117: Unspecified vulnerability in the HTTP dissector for
    Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
    attack vectors related to chunked messages.
  + CVE-2007-6114: Multiple buffer overflows in Wireshark (formerly
    Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of
    service (crash) and possibly execute arbitrary code via (1) the SSL dissector
    or (2) the iSeries (OS/400) Communication trace file parser.
  + CVE-2007-6113: Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows
    remote attackers to cause a denial of service (long loop) via a malformed DNP
    packet.
* debian/patches/13_CVE-2007-6121.dpatch:
  - Applied patch by upstream
  - Link: http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1132
* debian/patches/13_CVE-2007-6120.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-btsdp.c?r1=21431&r2=23496&view=patch
* debian/patches/13_CVE-2007-6117.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-http.c?r1=22515&r2=23415&view=patch
* debian/patches/13_CVE-2007-6114.dpatch:
  - Applied patch by upstream
  - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl-utils.h?r1=21445&r2=22883&view=patch
  - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl.c?r1=22625&r2=22883&view=patch
  - Link 3: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/iseries.c?r1=23000&r2=23232&view=patch
* debian/patches/13_CVE-2007-6113.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dnp.c?r1=22764&r2=22811&view=patch
* References:
  CVE-2007-6121
  CVE-2007-6120
  CVE-2007-6117
  CVE-2007-6114
  CVE-2007-6113
  http://www.wireshark.org/security/wnpa-sec-2007-03.html

Author: Frederic Peters
Revision Date: 2007-08-24 14:19:01 UTC

debian/rules: added check for wireshark-dev headers (closes: #436247 )

Author: Stephan Rügamer
Revision Date: 2007-11-29 13:52:52 UTC

* SECURITY UPDATE:
  + CVE-2007-6121: Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows
    remote attackers to cause a denial of service (crash) via a malformed RPC
    Portmap packet.
  + CVE-2007-6120: The Bluetooth SDP dissector Wireshark (formerly Ethereal)
    0.99.2 to 0.99.6 allows remote attackers to cause a denial of service
    (infinite loop) via unknown vectors.
  + CVE-2007-6117: Unspecified vulnerability in the HTTP dissector for
    Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
    attack vectors related to chunked messages.
  + CVE-2007-6114: Multiple buffer overflows in Wireshark (formerly
    Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of
    service (crash) and possibly execute arbitrary code via (1) the SSL dissector
    or (2) the iSeries (OS/400) Communication trace file parser.
  + CVE-2007-6113: Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows
    remote attackers to cause a denial of service (long loop) via a malformed DNP
    packet.
* debian/patches/13_CVE-2007-6121.dpatch:
  - Applied patch by upstream
  - Link: http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1132
* debian/patches/13_CVE-2007-6120.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-btsdp.c?r1=21431&r2=23496&view=patch
* debian/patches/13_CVE-2007-6117.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-http.c?r1=22515&r2=23415&view=patch
* debian/patches/13_CVE-2007-6114.dpatch:
  - Applied patch by upstream
  - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl-utils.h?r1=21445&r2=22883&view=patch
  - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl.c?r1=22625&r2=22883&view=patch
  - Link 3: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/iseries.c?r1=23000&r2=23232&view=patch
* debian/patches/13_CVE-2007-6113.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dnp.c?r1=22764&r2=22811&view=patch
* References:
  CVE-2007-6121
  CVE-2007-6120
  CVE-2007-6117
  CVE-2007-6114
  CVE-2007-6113
  http://www.wireshark.org/security/wnpa-sec-2007-03.html

Author: Frederic Peters
Revision Date: 2007-03-01 10:25:29 UTC

debian/patches/10_wireshark_gen.dpatch: removed as it is no longer
necessary. (closes: #412963)

Author: John Dong
Revision Date: 2007-04-10 17:35:16 UTC

Automated backport upload; no source changes.

Author: Stephan Rügamer
Revision Date: 2007-11-29 11:33:47 UTC

* SECURITY UPDATE:
  + CVE-2007-6121: Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows
    remote attackers to cause a denial of service (crash) via a malformed RPC
    Portmap packet.
  + CVE-2007-6120: The Bluetooth SDP dissector Wireshark (formerly Ethereal)
    0.99.2 to 0.99.6 allows remote attackers to cause a denial of service
    (infinite loop) via unknown vectors.
  + CVE-2007-6117: Unspecified vulnerability in the HTTP dissector for
    Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
    attack vectors related to chunked messages.
  + CVE-2007-6114: Multiple buffer overflows in Wireshark (formerly
    Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of
    service (crash) and possibly execute arbitrary code via (1) the SSL dissector
    or (2) the iSeries (OS/400) Communication trace file parser.
  + CVE-2007-6113: Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows
    remote attackers to cause a denial of service (long loop) via a malformed DNP
    packet.
* debian/patches/13_CVE-2007-6121.dpatch:
  - Applied patch by upstream
  - Link: http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1132
* debian/patches/13_CVE-2007-6120.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-btsdp.c?r1=21431&r2=23496&view=patch
* debian/patches/13_CVE-2007-6117.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-http.c?r1=22515&r2=23415&view=patch
* debian/patches/13_CVE-2007-6114.dpatch:
  - Applied patch by upstream
  - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl-utils.h?r1=21445&r2=22883&view=patch
  - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl.c?r1=22625&r2=22883&view=patch
  - Link 3: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/iseries.c?r1=23000&r2=23232&view=patch
* debian/patches/13_CVE-2007-6113.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dnp.c?r1=22764&r2=22811&view=patch
* References:
  CVE-2007-6121
  CVE-2007-6120
  CVE-2007-6117
  CVE-2007-6114
  CVE-2007-6113
  http://www.wireshark.org/security/wnpa-sec-2007-03.html

Author: William Alexander Grant
Revision Date: 2006-09-23 12:28:57 UTC

* Merge from Debian unstable. Remaining changes:
  - Python 2.4 transition.