Ubuntu

“wireshark” 1.0.0-1ubuntu0.2 source package in Ubuntu

Changelog

wireshark (1.0.0-1ubuntu0.2) hardy-security; urgency=low

   * SECURITY UPDATE: packet-usb.c in the USB dissector in Wireshark 0.99.7
    through 1.0.3 allows remote attackers to cause a denial of service
    (application crash or abort) via a malformed USB Request Block (URB).
    (LP #290716)
    - debian/patches/30_CVE-2008-4680.dpatch - Properly initialise
      data structures in packet-usb.c - Gerald Combs.
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 26333
    - CVE-2008-4680
  * SECURITY UPDATE: Unspecified vulnerability in the Bluetooth RFCOMM
    dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers
    to cause a denial of service (application crash or abort) via unknown
    packets. (LP #290716)
    - debian/patches/31_CVE-2008-4681.dpatch - Properly initialise
      data structures in btrfcomm.c - Gerald Combs.
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 26333
    - CVE-2008-4681
  * SECURITY UPDATE: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote
    attackers to cause a denial of service (application abort) via a
    malformed Tamos CommView capture file (aka .ncf file) with an
    "unknown/unexpected packet type" that triggers a failed assertion.
    (LP #290716)
    - debian/patches/32_CVE-2008-4682.dpatch - Return an error if it
      finds an unknown/unexpected packet type - Jeff Morris.
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 26327
    - CVE-2008-4682
  * SECURITY UPDATE: The dissect_btacl function in packet-bthci_acl.c in the
    Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote
    attackers to cause a denial of service (application crash or abort) via
    a packet with an invalid length, related to an erroneous tvb_memcpy call.
    (LP #290716)
    - debian/patches/33_CVE-2008-4683.dpatch - buffer check to prevent
      overflow - Jeff Morris.
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 25195
    - Included patch not listed by CVE to prevent memory overflow in
      bluetooth dissector - Jeff Morris.
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 25196
    - CVE-2008-4683
  * SECURITY UPDATE: packet-frame in Wireshark 0.99.2 through 1.0.3 does not
    properly handle exceptions thrown by post dissectors, which allows
    remote attackers to cause a denial of service (application crash) via
    a certain series of packets, as demonstrated by enabling the (1) PRP
    or (2) MATE post dissector. (LP #290716)
    - debian/patches/34_CVE-2008-4684.dpatch - Catch errors given
      post dissectors - Jeff Morris, wmeier
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 25339, 25342, 25344
    - CVE-2008-4684
  * SECURITY UPDATE: Use-after-free vulnerability in the dissect_q931_cause_ie
    function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through
    1.0.3 allows remote attackers to cause a denial of service (application crash
    or abort) via certain packets that trigger an exception. (LP #290716)
    - debian/patches/35_CVE-2008-4685.dpatch - Wrap dissect_q931_cause_ie() in
      which clears the have_valid_q931_pi semaphore - Jaap Keuter.
    - Cherrypicked from http://anonsvn.wireshark.org/wireshark/trunk
    - Revision: 26190
    - CVE-2008-4685

 -- Stefan Lesicnik <email address hidden>   Thu, 30 Oct 2008 13:17:54 +0200

Upload details

Uploaded by:
Stefan Lesicnik on 2009-01-08
Sponsored by:
Kees Cook
Uploaded to:
Hardy
Original maintainer:
MOTU
Component:
main
Architectures:
any
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Hardy updates on 2009-02-05 universe net
Hardy security on 2009-01-26 universe net

Downloads

File Size MD5 Checksum
wireshark_1.0.0.orig.tar.gz 16.2 MiB f3f3d2211fe8b1f4358cd9250d99abe8
wireshark_1.0.0-1ubuntu0.2.diff.gz 50.4 KiB 1ff7137c2da5f793167b5e3074ad0848
wireshark_1.0.0-1ubuntu0.2.dsc 1.2 KiB 0e355b3eac89f3ffc9344efd4ef1dbc0

Binary packages built by this source

ethereal: dummy upgrade package for ethereal -> wireshark

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 It was previously named ethereal. This is a transitional package
 so ethereal users get wireshark on upgrades. This package handles
 ethereal -> wireshark. It can be safely removed.

ethereal-common: dummy upgrade package for ethereal -> wireshark

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 It was previously named ethereal. This is a transitional package
 so ethereal users get wireshark on upgrades. This package handles
 ethereal-common -> wireshark-common. It can be safely removed.

ethereal-dev: dummy upgrade package for ethereal -> wireshark

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 It was previously named ethereal. This is a transitional package
 so ethereal users get wireshark on upgrades. This package handles
 ethereal-dev -> wireshark-dev. It can be safely removed.

tethereal: dummy upgrade package for ethereal -> wireshark

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 It was previously named ethereal. This is a transitional package
 so ethereal users get wireshark on upgrades. This package handles
 tethereal -> tshark. It can be safely removed.

tshark: network traffic analyzer (console)

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 This package provides the console version of wireshark, named
 "tshark".

wireshark: network traffic analyzer

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 This package provides wireshark (the GTK+ version)

wireshark-common: network traffic analyser (common files)

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 This package provides files common to both wireshark (the GTK+ version)
 and tshark (the console version).

wireshark-dev: network traffic analyser (development tools)

 Wireshark is a network traffic analyzer, or "sniffer", for Unix and
 Unix-like operating systems. A sniffer is a tool used to capture
 packets off the wire. Wireshark decodes numerous protocols (too many
 to list).
 .
 This package provides idl2wrs and other necessary files to develop
 new packet dissectors.