Ubuntu
wireshark package

lp:ubuntu/feisty-security/wireshark

  1. Feisty (7.04)
  2. feisty-security
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/feisty-security/wireshark
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

14. By Stephan Rügamer

* SECURITY UPDATE:
  + CVE-2007-6121: Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows
    remote attackers to cause a denial of service (crash) via a malformed RPC
    Portmap packet.
  + CVE-2007-6120: The Bluetooth SDP dissector Wireshark (formerly Ethereal)
    0.99.2 to 0.99.6 allows remote attackers to cause a denial of service
    (infinite loop) via unknown vectors.
  + CVE-2007-6117: Unspecified vulnerability in the HTTP dissector for
    Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
    attack vectors related to chunked messages.
  + CVE-2007-6114: Multiple buffer overflows in Wireshark (formerly
    Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of
    service (crash) and possibly execute arbitrary code via (1) the SSL dissector
    or (2) the iSeries (OS/400) Communication trace file parser.
  + CVE-2007-6113: Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows
    remote attackers to cause a denial of service (long loop) via a malformed DNP
    packet.
* debian/patches/13_CVE-2007-6121.dpatch:
  - Applied patch by upstream
  - Link: http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1132
* debian/patches/13_CVE-2007-6120.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-btsdp.c?r1=21431&r2=23496&view=patch
* debian/patches/13_CVE-2007-6117.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-http.c?r1=22515&r2=23415&view=patch
* debian/patches/13_CVE-2007-6114.dpatch:
  - Applied patch by upstream
  - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl-utils.h?r1=21445&r2=22883&view=patch
  - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl.c?r1=22625&r2=22883&view=patch
  - Link 3: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/iseries.c?r1=23000&r2=23232&view=patch
* debian/patches/13_CVE-2007-6113.dpatch:
  - Applied patch by upstream
  - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dnp.c?r1=22764&r2=22811&view=patch
* References:
  CVE-2007-6121
  CVE-2007-6120
  CVE-2007-6117
  CVE-2007-6114
  CVE-2007-6113
  http://www.wireshark.org/security/wnpa-sec-2007-03.html

13. By Stephan Rügamer

* SECURITY UPDATE: wireshark has several vulnerabilities:
  (LP: #132915)
  + CVE-2007-3389: Wireshark before 0.99.6 allows remote attackers to cause
    a denial of service (crash) via a crafted chunked encoding in an HTTP
    response, possibly related to a zero-length payload.
  + CVE-2007-3390: Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running
    on certain systems, allows remote attackers to cause a denial of service
    (crash) via crafted iSeries capture files that trigger a SIGTRAP.
  + CVE-2007-3392: Wireshark before 0.99.6 allows remote attackers to cause
    a denial of service via malformed (1) SSL or (2) MMS packets that trigger an
    infinite loop.
  + CVE-2007-3393: Off-by-one error in the DHCP/BOOTP dissector in Wireshark
    before 0.99.6 allows remote attackers to cause a denial of service (crash) via
    crafted DHCP-over-DOCSIS packets.
  + CVE-2007-4721: Integer signedness error in the DNP3 dissector in
    Wireshark 0.99.5 and earlier allows remote attackers to cause a denial of
    service (infinite loop) via a certain DNP3 packet.
* debian/patches/12_secu_0.99.6_r21034.dpatch:
  - applied patch from upstream
    (Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-http.c?view=log&pathrev=21034)
* debian/patches/12_secu_0.99.6_r20990.dpatch:
  - applied patch from upstream
    (Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/wiretap/iseries.c?r1=19814&r2=20990&pathrev=20990)
* debian/patches/12_secu_0.99.6_r21392.dpatch ,
  12_secu_0.99.6_r21665.dpatch:
  - applied patches from upstream
    (Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-ssl.c?r1=21650&r2=21665&pathrev=21665&view=patch)
    (Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-mms.c?r1=21088&r2=21392&pathrev=21392&view=patch)
* debian/patches/12_secu_0.99.6_r21947.dpatch:
  - applied patch from upstream
    (Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-bootp.c?r1=21924&r2=21947&pathrev=21947&view=patch)
* debian/patches/13_CVE-2007-4721.dpatch:
  - Applied patch according to the explanation on bugtraq.
    (Link: http://archives.neohapsis.com/archives/bugtraq/2007-09/0030.html)
* References:
  CVE-2007-3389
  http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1394
  CVE-2007-3390
  http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1415
  CVE-2007-3392
  http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1342
  http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1582
  CVE-2007-3393
  http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1416
  CVE-2007-4721
  http://archives.neohapsis.com/archives/bugtraq/2007-09/0030.html

12. By Frederic Peters <email address hidden>

debian/patches/10_wireshark_gen.dpatch: removed as it is no longer
necessary. (closes: #412963)

11. By Frederic Peters <email address hidden>

debian/patches/00list: really include backported security fixes, stupid me.

10. By Frederic Peters <email address hidden>

* Backported security fixes from 0.99.5pre1
  * The TCP dissector could hang or crash while reassembling HTTP packets.
  * The HTTP dissector could crash.
  * On some systems, the IEEE 802.11 dissector could crash.
  * On some systems, the LLT dissector could crash.

9. By Michael Bienia

* Merge from Debian unstable. Remaining changes:
  - Python 2.4 transition.

8. By Matthias Klose

Rebuild for ldbl128 change on powerpc and sparc.

7. By William Alexander Grant <email address hidden>

* Merge from Debian unstable. Remaining changes:
  - Python 2.4 transition.

6. By Sebastian Dröge

* debian/wireshark-dev.postinst:
  + Remove conflict markers and merge with Debian.

5. By Sarah Kowalik

* Merge from debian unstable.
* Keep ubuntu changes

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/karmic/wireshark
This branch contains Public information 
Everyone can see this information.

Subscribers