wireshark 1.0.0-1 source package in Ubuntu
Changelog
wireshark (1.0.0-1) unstable; urgency=low * Several security issues were solved in 0.99.7 already: (closes: #452381) * allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector (CVE-2007-6111) * Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. (CVE-2007-6112) * Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP packet (CVE-2007-6113) * Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser (CVE-2007-6114) * Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. (CVE-2007-6115) * The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. (CVE-2007-6116) * Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote attack vectors related to chunked messages. (CVE-2007-6117) * The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. (CVE-2007-6118) * The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. (CVE-2007-6119) * The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. (CVE-2007-6120) * Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. (CVE-2007-6121) * current wireshark has SSL support (closes: #172939) * and H323 support (closes: #117201) * resizing columns bugfix was applied last year (closes: #369044) * new upstream release 1.0.0 http://www.wireshark.org/docs/relnotes/wireshark-1.0.0.html * remove debian/ directory from upstream * update 14_disable-cmip.dpatch. * if wireshark has no priv, it now prints: dumpcap: There are no interfaces on which a capture can be done (closes: #468400) * wireshark uses su-to-root now (closes: #472478) * vulnerabilities fixed: * The X.509sat and other dissector could crash (CVE-2008-1561) * The LDAP dissector could crash on Windows and other platforms. (CVE-2008-1562) * The SCCP dissector could crash while using the "decode as" feature (CVE-2008-1563) -- Stephan Hermann <email address hidden> Thu, 03 Apr 2008 13:45:15 +0100
Upload details
- Uploaded by:
- Stephan Rügamer
- Uploaded to:
- Hardy
- Original maintainer:
- Frédéric Péters
- Architectures:
- any
- Section:
- net
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
wireshark_1.0.0.orig.tar.gz | 16.2 MiB | ded6535231919fba5cc3c674e0753612f544ca46281005453f03d131d0e795ca |
wireshark_1.0.0-1.diff.gz | 46.7 KiB | 92ca02d62c28ae63f9eba00a16b93dd54dea0fa7387976585c9bc1bf5ab32ea1 |
wireshark_1.0.0-1.dsc | 1.1 KiB | 16b2e42ccd02780dae116874126bb71185754f3c1ad53bc18c37302acc075067 |
Binary packages built by this source
- ethereal: No summary available for ethereal in ubuntu hardy.
No description available for ethereal in ubuntu hardy.
- ethereal-common: No summary available for ethereal-common in ubuntu hardy.
No description available for ethereal-common in ubuntu hardy.
- ethereal-dev: No summary available for ethereal-dev in ubuntu intrepid.
No description available for ethereal-dev in ubuntu intrepid.
- tethereal: No summary available for tethereal in ubuntu intrepid.
No description available for tethereal in ubuntu intrepid.
- tshark: No summary available for tshark in ubuntu hardy.
No description available for tshark in ubuntu hardy.
- wireshark: No summary available for wireshark in ubuntu intrepid.
No description available for wireshark in ubuntu intrepid.
- wireshark-common: No summary available for wireshark-common in ubuntu intrepid.
No description available for wireshark-common in ubuntu intrepid.
- wireshark-dev: No summary available for wireshark-dev in ubuntu intrepid.
No description available for wireshark-dev in ubuntu intrepid.