Debian GNU/Linux

lp:debian/squeeze/wireshark

Created by James Westby on 2009-07-26 and last modified on 2013-02-14
Get this branch:
bzr branch lp:debian/squeeze/wireshark
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

54. By Balint Reczey on 2013-02-14

* security fixes from Wireshark 1.8.5:
  - The CLNP dissector could crash. Discovered independently by
    Laurent Butti and the Wireshark development team (CVE-2013-1582)
  - The DTLS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-1586)
  - The DCP-ETSI dissector could corrupt memory. Discovered by Laurent Butti.
    (CVE-2013-1588)
  - The Wireshark dissection engine could crash. Discovered by Laurent Butti.
  - The NTLMSSP dissector could overflow a buffer. Discovered by
    Ulf Härnhammar. (CVE-2013-1590)

53. By Balint Reczey on 2012-05-04

* security fixes from Wireshark 1.4.12:
  - The ANSI A dissector could dereference a NULL pointer and crash
    (CVE-2012-1593)
  - The pcap and pcap-ng file parsers could crash trying to read ERF data
    (CVE-2012-1595)

52. By Moritz Muehlenhoff <email address hidden> on 2012-01-25

Fix CVE-2011-3483, CVE-2011-0042, CVE-2012-0068, CVE-2012-0067,
CVE-2012-0066, CVE-2011-0041 (Patches provided by Balint)

51. By Balint Reczey on 2011-11-03

* security fixes from Wireshark 1.4.10:
  - Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
    buffer overflow in the ERF file reader. (CVE-2011-4102)

50. By Balint Reczey on 2011-06-12

* security fixes from Wireshark 1.2.16:
  - The X.509if dissector could crash. (CVE-2011-1590)

* security fixes from Wireshark 1.2.17 (Closes: #630159):
  - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
    that a corrupted Visual Networks file could crash Wireshark.
    (CVE-2011-2175)
  - David Maciejak of Fortinet's FortiGuard Labs discovered that
    malformed compressed capture data could crash Wireshark.
    (CVE-2011-2174)
  - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
    that a corrupted snoop file could crash Wireshark.
    (CVE-2011-1959)
  - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
    that a corrupted Diameter dictionary file could crash Wireshark.
    (CVE-2011-1958)
  - Large/infinite loop in the DICOM dissector.
    (CVE-2011-1957)

49. By Balint Reczey on 2011-03-01

* security fixes from Wireshark 1.2.15:
  - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
    that Wireshark could free an uninitialized pointer while reading a
    malformed pcap-ng file. (CVE-2011-0538) (Closes: #613202)
  - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
    that a large packet length in a pcap-ng file could crash Wireshark
  - Wireshark could overflow a buffer while reading a Nokia DCT3 trace file.
    (CVE-2011-0713)
  - joernchen of Phenoelit discovered that the LDAP and SMB dissectors
    could overflow the stack.
  - Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP
    Filter strings can consume excessive amounts of memory.

48. By Balint Reczey on 2011-01-13

* security fixes from Wireshark 1.2.14:
  - FRAsse discovered that the MAC-LTE dissector could overflow a buffer.
    (No assigned CVE number.)
  - FRAsse discovered that the ENTTEC dissector could overflow a buffer.
    (CVE-2010-4538) (Closes: #608990)

47. By Balint Reczey on 2010-12-24

raise Python 2.6 compatible exceptions (Closes: #585370)

46. By Balint Reczey on 2010-11-21

* security fixes from Wireshark 1.2.13:
  - Nephi Johnson of BreakingPoint discovered that the LDSS dissector
    could overflow a buffer. (No assigned CVE number.)
* stability fix from Wireshark 1.2.13:
  - fix crash when running tshark -x without -V (Closes: #600314)

45. By Balint Reczey on 2010-10-15

* security fixes from Wireshark 1.2.12:
  - The Penetration Test Team of NCNIPC (China) discovered that the
    ASN.1 BER dissector was susceptible to a stack overflow
    (CVE-2010-3445)
  - fix crash in RPC dissector

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers