-
wireshark (2.6.8-1~ubuntu18.10.0) cosmic-security; urgency=medium
* Rebuild for Cosmic to fix multiple security issues
wireshark (2.6.8-1) unstable; urgency=medium
* New upstream version 2.6.8
- security fixes (Closes: #926718):
- NetScaler file parser crash. (CVE-2019-10895)
- SRVLOC dissector crash. (CVE-2019-10899)
- GSS-API dissector crash. (CVE-2019-10894)
- DOF dissector crash. (CVE-2019-10896)
- LDSS dissector crash. (CVE-2019-10901)
- DCERPC SPOOLSS dissector crash. (CVE-2019-10903)
wireshark (2.6.7-1) unstable; urgency=medium
[ Balint Reczey ]
* Drop unapplied backport-to-old-gnutls.patch
* Ship captype and randpkt in wireshark-common (Closes: #919027)
* Override a few Lintian issues
* New upstream version 2.6.7
- security fixes (Closes: #923611):
- ASN.1 BER and related dissectors crash. (CVE-2019-9209)
- TCAP dissector crash. (CVE-2019-9208)
- RPCAP dissector crash. (CVE-2019-9214)
[ Joe Hansen ]
* Danish debconf translate translation update (Closes: #923064)
wireshark (2.6.6-1) unstable; urgency=medium
[ Jean-Philippe MENGUAL ]
* French debconf translation update (Closes: #915161)
[ Balint Reczey ]
* New upstream version 2.6.6
- security fixes:
- The P_MUL dissector could crash. (CVE-2019-5717)
- The RTSE dissector and other dissectors could crash. (CVE-2019-5718)
- The ISAKMP dissector could crash. (CVE-2019-5719)
- The 6LoWPAN dissector could crash. (CVE-2019-5716)
* Mention GPLv3+ code snippet in tools/pidl/idl.yp (Closes: #918089)
-- Balint Reczey <email address hidden> Mon, 13 May 2019 20:32:15 +0200
-
wireshark (2.6.6-1~ubuntu18.10.0) cosmic-security; urgency=medium
* Rebuild for Cosmic to fix multiple security issues
wireshark (2.6.6-1) unstable; urgency=medium
[ Jean-Philippe MENGUAL ]
* French debconf translation update (Closes: #915161)
[ Balint Reczey ]
* New upstream version 2.6.6
- security fixes:
- The P_MUL dissector could crash. (CVE-2019-5717)
- The RTSE dissector and other dissectors could crash. (CVE-2019-5718)
- The ISAKMP dissector could crash. (CVE-2019-5719)
- The 6LoWPAN dissector could crash. (CVE-2019-5716)
* Mention GPLv3+ code snippet in tools/pidl/idl.yp (Closes: #918089)
-- Balint Reczey <email address hidden> Sat, 19 Jan 2019 12:24:04 +0700
-
wireshark (2.6.5-1~ubuntu18.10.0) cosmic-security; urgency=medium
* Rebuild for Cosmic to fix multiple security issues
-- Balint Reczey <email address hidden> Wed, 05 Dec 2018 12:40:23 +0100
-
wireshark (2.6.4-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Removing redundant Priority field in binary package
* d/changelog: Remove trailing whitespaces
[ Balint Reczey ]
* Install at-spi2-core in gui autopkgtest to avoid error messages
* debian/test/gui: Ignore stderr from wireshark-gtk since upstream deprecated
it and also start bigger virtual screen
* New upstream version 2.6.4
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html
- security fixes:
- MS-WSP dissector crash (CVE-2018-18227)
- Steam IHS Discovery dissector memory leak (CVE-2018-18226)
- CoAP dissector crash (CVE-2018-18225)
- OpcUA dissector crash (CVE-2018-12086)
-- Balint Reczey <email address hidden> Sat, 13 Oct 2018 19:47:47 +0200
-
wireshark (2.6.3-1) unstable; urgency=medium
* Use GLX extension in autopkgtest, Qt needs it
* New upstream version 2.6.3
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.3.html
- security fixes:
- Bluetooth AVDTP dissector crash. (CVE-2018-16058)
- Bluetooth Attribute Protocol dissector crash. (CVE-2018-16056)
- Radiotap dissector crash. (CVE-2018-16057)
* Refresh patches
* Update symbols
-- Balint Reczey <email address hidden> Thu, 30 Aug 2018 12:59:09 +0200
-
wireshark (2.6.2-2) unstable; urgency=medium
* Add missing autopkgtest dependencies (Closes: #904920)
* Use automatic xvfb server number in tests
* Add Lintian override for extra patch for backporting
-- Balint Reczey <email address hidden> Mon, 30 Jul 2018 04:31:02 +0800
-
wireshark (2.6.2-1) unstable; urgency=medium
* Fix shipping README.Debian (Closes: #903722)
* Drop unused 06_release-version.patch.
* Drop unused backport-to-qt4.patch.
* Refresh backport-to-old-gnutls.patch.
* Skip building users and developers guide on Trusty.
Asciidoctor does not accept --require option there and breaks the build
and people can read documentation on more recent releases if they wish to.
* Add autopkgtest for testing starting GUI.
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.2.html
- security fixes:
- BGP dissector large loop (CVE-2018-14342)
- ISMP dissector crash (CVE-2018-14344)
- Multiple dissectors could crash (CVE-2018-14340)
- ASN.1 BER dissector crash (CVE-2018-14343)
- MMSE dissector infinite loop (CVE-2018-14339)
- DICOM dissector crash (CVE-2018-14341)
- Bazaar dissector infinite loop (CVE-2018-14368)
- HTTP2 dissector crash (CVE-2018-14369)
- CoAP dissector crash (CVE-2018-14367)
* Drop patches fixing shared library names, they are fixed upstream
* Refresh patches
* Update symbols files
-- Balint Reczey <email address hidden> Fri, 27 Jul 2018 12:41:38 +0800
-
wireshark (2.6.1-1) unstable; urgency=medium
[ Balint Reczey ]
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html
- security fixes (Closes: #900708):
- The LDSS dissector could crash. (CVE-2018-11362)
- The IEEE 1905.1a dissector could crash. (CVE-2018-11354)
- The RTCP dissector could crash. (CVE-2018-11355)
- Multiple dissectors could consume excessive memory. (CVE-2018-11357)
- The DNS dissector could crash. (CVE-2018-11356)
- The GSM A DTAP dissector could crash. (CVE-2018-11360)
- The Q.931 dissector could crash. (CVE-2018-11358)
- The IEEE 802.11 dissector could crash. (CVE-2018-11361)
- Multiple dissectors could crash. (CVE-2018-11359)
* debian/gbp.conf: describe repository layout
* Update Vcs-{Browser|Git} to point to Salsa
* Drop packaging changes for ipmap.html since it is also dropped upstream.
* Refresh patches.
* Switch to use asciidoctor instead of asciidoc
* Fix shared library symlink names.
* Update shared library package names and symbols files.
* Adjust packaging to upstream file name changes.
* Ship README.Debian in every binary package.
* Ship asn2deb and idl2deb documentation.
[ Peter Wu ]
* remove imagemagick build dependency and demote xdg-utils deps
xdg-utils is needed for xdg-open (opening websites) at runtime in GTK+,
but not for Qt nor during the build, remove it or mark it as optional.
* debian/rules: Skip installing icons and .desktop files.
They are now installed by CMake
[ Gerald Combs ]
* Transition from GeoIP Legacy to MaxMindDB.
MaxMind is discontinuing its legacy databases in April in favor of
GeoIP2, which use a newer database format (MaxMind DB). The reference C
library (libmaxminddb) is available under the Apache 2.0 license which
isn't quite compatible with ours.
[ Guy Harris ]
* Give more detailed information about capture permissions on Debian.
Indicate what you're supposed to do when running dpkg-reconfigure
wireshark-common, and indicate that you have to run it as root using
sudo.
Emphasize in README.Debian, and indicate in the permission failure
secondary message, that you have to add users to the "wireshark" group
after doing that, and that a user may have to log out and log in again
to make this change take effect.
-- Balint Reczey <email address hidden> Fri, 22 Jun 2018 18:42:57 +0200
-
wireshark (2.4.6-1) unstable; urgency=medium
[ Yuri Kozlov ]
* Updated Russian translation for debconf messages (Closes: #892902)
[ Balint Reczey ]
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html
- security fixes:
- The MP4 dissector could crash. (CVE-2018-9259)
- The ADB dissector could crash. (CVE-2018-9264)
- The IEEE 802.15.4 dissector could crash. ()
- The NBAP dissector could crash. (CVE-2018-9261)
- The VLAN dissector could crash. (CVE-2018-9262)
- The LWAPP dissector could crash. (CVE-2018-9256)
- The TCP dissector could crash. (CVE-2018-9258)
- The CQL dissector could to into an infinite loop. (CVE-2018-9257)
- The Kerberos dissector could crash. (CVE-2018-9263)
- Multiple dissectors and other modules could leak memory.
The TN3270 (CVE-2018-9265), ISUP (CVE-2018-9266),
LAPD (CVE-2018-9267), SMB2 (CVE-2018-9268),
GIOP (CVE-2018-9269), ASN.1 (CVE-2018-9270),
MIME multipart (CVE-2018-9271), H.223 (CVE-2018-9272),
and PCP (CVE-2018-9273) dissectors were susceptible along with
Wireshark (CVE-2018-9274) and TShark.
-- Balint Reczey <email address hidden> Sun, 29 Apr 2018 21:27:02 +0200
-
wireshark (2.4.5-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html
- security fixes:
- The SIGCOMP dissector could crash (CVE-2018-7320, CVE-2018-7418)
- Multiple dissectors could go into large infinite loops.
All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow,
RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB,
and WCCP dissectors were susceptible. (CVE-2018-7321, CVE-2018-7322,
CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326,
CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330,
CVE-2018-7331, CVE-2018-7332, CVE-2018-7333)
- The UMTS MAC dissector could crash (CVE-2018-7334)
- The IEEE 802.11 dissector could crash (CVE-2018-7335)
- The FCP dissector could crash (CVE-2018-7336)
- The DOCSIS dissector could crash (CVE-2018-7337)
- The IPMI dissector could crash (CVE-2018-7417)
- The NBAP disssector could crash (CVE-2018-7419)
- The pcapng file parser could crash (CVE-2018-7420)
* Only recommend libjs-openlayers (Closes: #888744)
-- Balint Reczey <email address hidden> Mon, 26 Feb 2018 16:45:39 +0700
