Debian Bug report logs - #469488
wireshark: CVE-2008-107[0-2] multiple ways to crash wireshark via crafted packets

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: submit@bugs.debian.org

Subject: wireshark: CVE-2008-107[0-2] multiple ways to crash wireshark via crafted packets

Date: Wed, 5 Mar 2008 15:17:47 +0100

[Message part 1 (text/plain, inline)]

Package: wireshark
Version: 0.99.7-1
Severity: important
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for wireshark.

CVE-2008-1072[0]:
| The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through
| 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause
| a denial of service (crash or memory consumption) via a malformed
| packet, possibly related to a Cairo library bug.

CVE-2008-1071[1]:
| The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through
| 0.99.7 allows remote attackers to cause a denial of service (crash)
| via a malformed packet.

CVE-2008-1070[2]:
| The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through
| 0.99.7 allows remote attackers to cause a denial of service (crash)
| via a malformed packet.

If you fix these vulnerabilities please also include the CVE ids
in your changelog entry.

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1072
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1071
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1070

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Message #10 received at 469488@bugs.debian.org (full text, mbox, reply):

From: Frederic Peters <fpeters@debian.org>

To: debian-devel@lists.debian.org, 467527@bugs.debian.org, 469488@bugs.debian.org, 445609@bugs.debian.org

Subject: RFH: wireshark, libgphoto2, exif, etc.

Date: Fri, 7 Mar 2008 11:56:42 +0100

[Message part 1 (text/plain, inline)]

Hello all,

I was away then I got back and got buried by work and misc real life
things, and Debian release critical bugs :(

I have been on the http://wiki.debian.org/LowThresholdNmu list for a
long time and I want to encourage you all to consider this and step
for NMU, or team-maintenance (especially for wireshark and libgphoto2,
I should have done this earlier).  I am all for alioth but no news yet
about my request for a pkg-wireshark project.

Here ends my request for help, thanks,


        Frederic

[signature.asc (application/pgp-signature, inline)]

Message #15 received at 469488@bugs.debian.org (full text, mbox, reply):

From: Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>

To: 467527@bugs.debian.org, 469488@bugs.debian.org, 445609@bugs.debian.org

Subject: Fwd: Re: RFH: wireshark, libgphoto2, exif, etc.

Date: Mon, 10 Mar 2008 16:17:55 +0100

[Message part 1 (text/plain, inline)]

Forwarding my answer so that people know libgphoto2 and exif will be
taken care of through pkg-phototools.

Cheers,

-- 
Cyril Brulebois

[Message part 2 (message/rfc822, inline)]

From: Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>

To: debian-devel@lists.debian.org

Subject: Re: RFH: wireshark, libgphoto2, exif, etc.

Date: Fri, 07 Mar 2008 12:41:18 +0100

[Message part 3 (text/plain, inline)]

On 07/03/2008, Frederic Peters wrote:
> Hello all,

Hi Frederic,

> I have been on the http://wiki.debian.org/LowThresholdNmu list for a
> long time and I want to encourage you all to consider this and step
> for NMU, or team-maintenance (especially for wireshark and libgphoto2,
> I should have done this earlier).  I am all for alioth but no news yet
> about my request for a pkg-wireshark project.

I'd be pleased to welcome your photo-related packages (libgphoto, exif,
etc.) into the pkg-phototools group. I'm currently lacking time a bit,
but I should be able to step in during the next week.

Cheers,

-- 
Cyril Brulebois

[Message part 4 (application/pgp-signature, inline)]

[Message part 5 (application/pgp-signature, inline)]

Message #22 received at 469488-close@bugs.debian.org (full text, mbox, reply):

From: Joost Yervante Damad <andete@debian.org>

To: 469488-close@bugs.debian.org

Subject: Bug#469488: fixed in wireshark 0.99.8-1

Date: Fri, 14 Mar 2008 22:02:14 +0000

Source: wireshark
Source-Version: 0.99.8-1

We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:

ethereal-common_0.99.8-1_i386.deb
  to pool/main/w/wireshark/ethereal-common_0.99.8-1_i386.deb
ethereal-dev_0.99.8-1_i386.deb
  to pool/main/w/wireshark/ethereal-dev_0.99.8-1_i386.deb
ethereal_0.99.8-1_i386.deb
  to pool/main/w/wireshark/ethereal_0.99.8-1_i386.deb
tethereal_0.99.8-1_i386.deb
  to pool/main/w/wireshark/tethereal_0.99.8-1_i386.deb
tshark_0.99.8-1_i386.deb
  to pool/main/w/wireshark/tshark_0.99.8-1_i386.deb
wireshark-common_0.99.8-1_i386.deb
  to pool/main/w/wireshark/wireshark-common_0.99.8-1_i386.deb
wireshark-dev_0.99.8-1_i386.deb
  to pool/main/w/wireshark/wireshark-dev_0.99.8-1_i386.deb
wireshark_0.99.8-1.diff.gz
  to pool/main/w/wireshark/wireshark_0.99.8-1.diff.gz
wireshark_0.99.8-1.dsc
  to pool/main/w/wireshark/wireshark_0.99.8-1.dsc
wireshark_0.99.8-1_i386.deb
  to pool/main/w/wireshark/wireshark_0.99.8-1_i386.deb
wireshark_0.99.8.orig.tar.gz
  to pool/main/w/wireshark/wireshark_0.99.8.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 469488@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joost Yervante Damad <andete@debian.org> (supplier of updated wireshark package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 12 Mar 2008 20:47:56 +0100
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev ethereal-common ethereal-dev ethereal tethereal
Architecture: source i386
Version: 0.99.8-1
Distribution: unstable
Urgency: medium
Maintainer: Frederic Peters <fpeters@debian.org>
Changed-By: Joost Yervante Damad <andete@debian.org>
Description: 
 ethereal   - dummy upgrade package for ethereal -> wireshark
 ethereal-common - dummy upgrade package for ethereal -> wireshark
 ethereal-dev - dummy upgrade package for ethereal -> wireshark
 tethereal  - dummy upgrade package for ethereal -> wireshark
 tshark     - network traffic analyzer (console)
 wireshark  - network traffic analyzer
 wireshark-common - network traffic analyser (common files)
 wireshark-dev - network traffic analyser (development tools)
Closes: 452772 454051 458689 469488
Changes: 
 wireshark (0.99.8-1) unstable; urgency=medium
 .
   * New upstream release.
     * release notes:
       http://www.wireshark.org/docs/relnotes/wireshark-0.99.8.html
     * Fixes strptime() problem; debian/patches/18_strptime_proto.dpatch
       no longer needed; (closes: #452772)
     * Fixed security issues:
       * The SCTP dissector could crash. (CVE-2008-1070)
       * The SNMP dissector could crash. (CVE-2008-1071)
       * (closes: #469488)
   * updated debian/patches/05_plugin-libdir.dpatch, as upstream
     incorporated part of the patch
   * updated debian/patches/08_wireshark-desktop-menu.dpatch
   * updated debian/patches/14_disable-cmip.dpatch
   * use su-to-root isof gksu (closes: #454051)
   * make init.lua a conffile (closes: #458689)
   * use $(CURDIR) isof `pwd` in debian/rules
   * lintian fixes:
     * I: wireshark binary: desktop-entry-contains-encoding-key
       /usr/share/applications/wireshark-root.desktop
     * W: wireshark binary: su-wrapper-not-su-to-root
       /usr/share/applications/wireshark-root.desktop gksu
   * bump standards version to 3.7.2.2 (3.7.3.0 still needs more checking)
   * update debhelper compat to 5
   * bump standards version to 3.7.3.0
   * update debhelper compat to 6
   * remove debian/ dir from upstream tar file
Files: 
 9b10ffefe7cb4a2920e146cc1ec83282 1126 net optional wireshark_0.99.8-1.dsc
 5ca5a4832c8b38297e512d388b385efc 16981917 net optional wireshark_0.99.8.orig.tar.gz
 2077969da815b3beea4dcce2540c19ab 47022 net optional wireshark_0.99.8-1.diff.gz
 da0ce7f28477db961c0c0fba9488eec9 9830330 net optional wireshark-common_0.99.8-1_i386.deb
 bd508754d66354e75f90266d290d0575 605332 net optional wireshark_0.99.8-1_i386.deb
 dea24fa335faf208c44923e638a09dde 109446 net optional tshark_0.99.8-1_i386.deb
 7159e4c2f7fd379bf523162efe37b24c 565646 devel optional wireshark-dev_0.99.8-1_i386.deb
 2de01ca776934f2e9cc1a5e556963382 23638 net optional ethereal-common_0.99.8-1_i386.deb
 8418423480aef2c75f9f15fa36a4ea11 23256 devel optional ethereal-dev_0.99.8-1_i386.deb
 b4f06cc023e4b969adce9c3baffc207b 23240 net optional ethereal_0.99.8-1_i386.deb
 551041d151796fb2d2702c4a166d9125 23248 net optional tethereal_0.99.8-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH2u9U0/r2+3z8lN0RAliXAKC+9Wn7o3hV1HA89bqNOe7vgBXOBQCfW6Or
5E3lBZx2UDXB+iMBvpvykNk=
=Rq1v
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.