Ubuntu
wireshark package

lp:ubuntu/raring-security/wireshark

  1. Raring (13.04)
  2. raring-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/raring-security/wireshark
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

73. By Marc Deslauriers

fake sync from Debian

72. By Balint Reczey

* security fixes from Wireshark 1.8.6:
  - The TCP dissector could crash (CVE-2013-2475)
  - The CSN.1 dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2477)
  - MMS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2478)
  - The RTPS and RTPS2 dissectors could crash. Discovered by Alyssa Milburn.
    (CVE-2013-2480)
  - The Mount dissector could crash. Discovered by Alyssa Milburn.
    (CVE-2013-2481)
  - The ACN dissector could attempt to divide by zero.
    Discovered by Alyssa Milburn. (CVE-2013-2483)
  - The CIMD dissector could crash. Discovered by Moshe Kaplan.
    (CVE-2013-2484)
  - The DTLS dissector could crash. Discovered by Laurent Butti.
    (CVE-2013-2488)

71. By Balint Reczey

* security fixes from Wireshark 1.8.3 (Closes: #689972):
  - The HSRP dissector could go into an infinite loop (CVE-2012-5237)
  - The PPP dissector could abort (CVE-2012-5238)
  - Martin Wilck discovered an infinite loop in the DRDA dissector
    (CVE-2012-5239)
  - Laurent Butti discovered a buffer overflow in the LDP dissector
    (CVE-2012-5240)

70. By Balint Reczey

* New upstream release 1.8.2 (skipping 1.8.1 in Debian)
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html
  - security fixes:
    - The PPP dissector could crash (Closes: #680056)(CVE-2012-4048)
    - The NFS dissector could use excessive amounts of CPU (CVE-2012-4049)
    - The DCP ETSI dissector could trigger a zero division. Reported by
       Laurent Butti. (CVE-2012-4285)
    - The MongoDB dissector could go into a large loop. Reported by
 Ben Schmidt. (CVE-2012-4287)
    - The XTP dissector could go into an infinite loop. Reported by
 Ben Schmidt. (CVE-2012-4288)
    - The ERF dissector could overflow a buffer. Reported by
 Laurent Butti. (CVE-2012-4294 CVE-2012-4295)
    - The AFP dissector could go into a large loop. Reported by
 Stefan Cornelius. (CVE-2012-4289)
    - The RTPS2 dissector could overflow a buffer. Reported by
 Laurent Butti. (CVE-2012-4296)
    - The GSM RLC MAC dissector could overflow a buffer. Reported by
 Laurent Butti. (CVE-2012-4297)
    - The CIP dissector could exhaust system memory. Reported by
 Ben Schmidt. (CVE-2012-4291)
    - The STUN dissector could crash. Reported by Laurent Butti.
 (CVE-2012-4292)
    - The EtherCAT Mailbox dissector could abort. Reported by
 Laurent Butti. (CVE-2012-4293)
    - The CTDB dissector could go into a large loop. Reported by
 Ben Schmidt. (CVE-2012-4290)
    - The pcap-ng file parser could trigger a zero division (CVE-2012-4286)
    - The Ixia IxVeriWave file parser could overflow a buffer
 (CVE-2012-4298)

69. By Balint Reczey

* New upstream release 1.8.0 (Closes: #678585)
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.8.0.html
* fix lintian pedantic mode warnings
  - use set -e in maintainer scripts
  - refer to GPLv2 via symlink
  - fix spacing in debian/control
  - depend on debhelper (>= 9)

68. By Vibhav Pant

* debian/patches/add-bzr-smart-server-protocol-dissector-support.patch
  - Adds dissector for the bzr smart server protocol (LP: #907033)
    Patch can be dropped once 1.8.0 lands in Debian:
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678585

67. By Balint Reczey

* New upstream release 1.6.8
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.6.8.html
  - security fixes:
    - Infinite and large loops in the ANSI MAP, ASF, BACapp, Bluetooth
      HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors have been
      fixed (No assigned CVE number)
    - The DIAMETER dissector could try to allocate memory improperly
      and crash (No assigned CVE number)
    - Wireshark could crash on SPARC processors due to misaligned
      memory. Discovered by Klaus Heckelmann (No assigned CVE number)
  - NEWS file is empty, stop shipping it in Debian package
* update standards-version to 3.9.3
* use dpkg-buildflags for hardening
* depend on dpkg-dev (>= 1.16.1~) for dpkg-buildflags
* bump debhelper compatibility level to v9

66. By Balint Reczey

* New upstream release 1.6.7
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.6.7.html

65. By Balint Reczey

* New upstream release 1.6.6
  - release notes:
    http://www.wireshark.org/docs/relnotes/wireshark-1.6.6.html
  - security fixes (Closes: #666058):
    - The ANSI A dissector could dereference a NULL pointer and crash
    - The IEEE 802.11 dissector could go into an infinite loop
    - The pcap and pcap-ng file parsers could crash trying to read ERF data
    - The MP2T dissector could try to allocate too much memory and crash
* depend on automake instead of automake1.9
* update watch file to watch bzip2 compressed archives

64. By Balint Reczey

* clarify when set-user-id bit is set for dumpcap in README.Debian
  (Closes: #649350)
* add notes about capturing USB frames to README.Debian
* package and use SVG icon for Wireshark (Closes: #661759)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/saucy/wireshark
This branch contains Public information 
Everyone can see this information.

Subscribers