-
wireshark (1.0.2-3+lenny16) oldstable-security; urgency=high
* security fixes from Wireshark 1.4.10:
- Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
buffer overflow in the ERF file reader. (CVE-2011-4102)
-- Balint Reczey <email address hidden> Sat, 19 Nov 2011 01:17:15 +0100
-
wireshark (1.0.2-3+lenny14) oldstable-security; urgency=high
* security fixes from Wireshark 1.2.16:
- The X.509if dissector could crash. (CVE-2011-1590)
* security fixes from Wireshark 1.2.17:
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark.
(CVE-2011-2175)
- David Maciejak of Fortinet's FortiGuard Labs discovered that
malformed compressed capture data could crash Wireshark.
(CVE-2011-2174)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark.
(CVE-2011-1959)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Diameter dictionary file could crash Wireshark.
(CVE-2011-1958)
-- Balint Reczey <email address hidden> Wed, 22 Jun 2011 17:32:44 +0200
-
wireshark (1.0.2-3+lenny12) stable-security; urgency=high
* Fix an overflow in the ENTTEC dissector (CVE-2010-4538) (Closes: #608990) -- Balint Reczey <email address hidden> Wed, 05 Jan 2011 23:35:38 +0100
-
wireshark (1.0.2-3+lenny10) stable-security; urgency=high
* security fixes from Wireshark 1.0.15:
- The SigComp Universal Decompressor Virtual Machine could overrun
a buffer. (CVE-2010-2995)
- Due to a regression the ASN.1 BER dissector could overrun the stack.
(CVE-2010-2994)
-- Balint Reczey <email address hidden> Tue, 17 Aug 2010 14:41:51 +0200
-
wireshark (1.0.2-3+lenny8) stable-security; urgency=high
* security fixes from Wireshark 1.0.11:
- The SMB and SMB2 dissector could crash. (CVE-2009-4377)
- Babi discovered several buffer overflows in the LWRES dissector.
-- Balint Reczey <email address hidden> Sun, 20 Dec 2009 23:06:16 +0100
-
wireshark (1.0.2-3+lenny7) stable-security; urgency=high
* security fixes from Wireshark 1.0.10:
- The RADIUS dissector could crash. (CVE-CVE-2009-2560)
- The DCERPC/NT dissector could crash. (CVE-2009-3550)
* security fixes from Wireshark 1.2.2:
- Integer overflow in wiretap/erf.c. (CVE-2009-3829)
-- Balint Reczey <email address hidden> Sat, 31 Oct 2009 00:20:13 +0100
-
wireshark (1.0.2-3+lenny5) stable-security; urgency=high
* Security fixes from Wireshark 1.0.7
-- Moritz Mühlenhoff <email address hidden> Sun, 26 Apr 2009 19:58:12 +0200
-
wireshark (1.0.2-3+lenny4) testing-proposed-updates; urgency=high
* Security fixes from Wireshark 1.0.6
-- Moritz Mühlenhoff <email address hidden> Sun, 08 Feb 2009 22:56:41 +0100
-
wireshark (1.0.2-3+lenny3) testing-proposed-updates; urgency=high
* CVE-2008-5285 and another security issue from 1.0.5 (WLCCP)
-- Moritz Muehlenhoff <email address hidden> Sat, 20 Dec 2008 18:11:36 +0100
-
wireshark (1.0.2-3+lenny2) testing-proposed-updates; urgency=high
* Fix CVE-2008-4680 to CVE-2008-4685 (Closes: #503589)
-- Moritz Muehlenhoff <email address hidden> Thu, 13 Nov 2008 23:13:27 +0100
-
wireshark (1.0.2-3+lenny1) testing-security; urgency=low
* security fixes:
- Wireshark could crash while uncompressing zlib-compressed
packet data (CVE-2008-3933)
- The NCP dissector was susceptible to a number of problems,
including buffer overflows and an infinite loop
(CVE-2008-3146, CVE-2008-3932)
- Wireshark could crash while reading a Tektronix .rf5 file
(CVE-2008-3934)
-- Joost Yervante Damad <email address hidden> Mon, 15 Sep 2008 20:12:46 +0200