Bug#709167: marked as done (wireshark: Security vulnerabilities fixed in 1.8.7 (CVE-2013-3555 to CVE-2013-3562))

Thu, 23 May 2013 11:36:31 -0700 

Your message dated Thu, 23 May 2013 18:34:23 +0000
with message-id <[email protected]>
and subject line Bug#709167: fixed in wireshark 1.8.7-1
has caused the Debian Bug report #709167,
regarding wireshark: Security vulnerabilities fixed in 1.8.7 (CVE-2013-3555 to 
CVE-2013-3562)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
709167: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709167
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: wireshark
Version: 1.8.6-3
Severity: important
Tags: security

Please check and fix security vulnerabilities in wireshark. Contact me if you 
need assistance. CVEs assigned in here: 
http://www.openwall.com/lists/oss-security/2013/05/20/7

---
Henri Salo

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message --- 
Source: wireshark
Source-Version: 1.8.7-1

We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Balint Reczey <[email protected]> (supplier of updated wireshark package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 22 May 2013 19:31:12 -0500
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg 
wireshark-doc libwireshark2 libwsutil2 libwsutil-dev libwireshark-data 
libwireshark-dev libwiretap2 libwiretap-dev
Architecture: source all amd64
Version: 1.8.7-1
Distribution: unstable
Urgency: high
Maintainer: Balint Reczey <[email protected]>
Changed-By: Balint Reczey <[email protected]>
Description: 
 libwireshark-data - network packet dissection library -- data files
 libwireshark-dev - network packet dissection library -- development files
 libwireshark2 - network packet dissection library -- shared library
 libwiretap-dev - network packet capture library -- development files
 libwiretap2 - network packet capture library -- shared library
 libwsutil-dev - network packet dissection utilities library -- shared library
 libwsutil2 - network packet dissection utilities library -- shared library
 tshark     - network traffic analyzer - console version
 wireshark  - network traffic analyzer - GTK+ version
 wireshark-common - network traffic analyzer - common files
 wireshark-dbg - network traffic analyzer - debug symbols
 wireshark-dev - network traffic analyzer - development tools
 wireshark-doc - network traffic analyzer - documentation
Closes: 709167
Changes: 
 wireshark (1.8.7-1) unstable; urgency=high
 .
   * New upstream release 1.8.7:
     - release notes:
       http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
     - security fixes (Closes: #709167):
       - The RELOAD dissector could go into an infinite loop.
         Discovered by Evan Jensen. (CVE-2013-2486 CVE-2013-2487)
       - The GTPv2 dissector could crash (CVE-2013-3555)
       - The ASN.1 BER dissector could crash (CVE-2013-3556)
       - The PPP CCP dissector could crash (CVE-2013-3558)
       - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
         (CVE-2013-3559)
       - The MPEG DSM-CC dissector could crash (CVE-2013-3560)
       - The Websocket dissector could crash. Discovered by Moshe Kaplan.
         (CVE-2013-3561 CVE-2013-3562)
       - The MySQL dissector could go into an infinite loop.
         Discovered by Moshe Kaplan.
       - The ETCH dissector could go into a large loop. Discovered by Moshe 
Kaplan.
Checksums-Sha1: 
 6a84aa58bed477f1480eb40c56760bae0fe17864 2922 wireshark_1.8.7-1.dsc
 c131ce10555e608e691aa36190c8d5a1b271c955 24273700 wireshark_1.8.7.orig.tar.bz2
 d1ba2c96049a708d9167c92375f833f17ef11dee 78563 wireshark_1.8.7-1.debian.tar.gz
 c09c62bb46e867fd9751adde13f8c4af6619fe72 3853938 wireshark-doc_1.8.7-1_all.deb
 dac2b2a689b61bbc710a5be4f90f7a03ffb92571 1261280 
libwireshark-data_1.8.7-1_all.deb
 04a5f48c0c8f15fd8c8bdabd89bad4072512d7eb 229124 
wireshark-common_1.8.7-1_amd64.deb
 aa22b05f0166f5834509a8e0543dea346a207dff 978918 wireshark_1.8.7-1_amd64.deb
 76605d79f3424b6341f565ab4e65b1ee1ada7830 180290 tshark_1.8.7-1_amd64.deb
 92058c39fddd348758df3da6c32d218c99d8e1e0 180792 wireshark-dev_1.8.7-1_amd64.deb
 5b50a0db50ef1ac544d94f27aea771591c50e581 27972104 
wireshark-dbg_1.8.7-1_amd64.deb
 1001042514c9bed5a1e31e21a0547d69d1cfa0ed 13461712 
libwireshark2_1.8.7-1_amd64.deb
 6b666c2a2861acb680020098cdcdd713d09b174d 54320 libwsutil2_1.8.7-1_amd64.deb
 d9f43b1fd43f0aa955a8ade5312a4d0a6ddd20c0 53316 libwsutil-dev_1.8.7-1_amd64.deb
 58232dd2dc84640dc57af0e7e957016950f9ab9a 889816 
libwireshark-dev_1.8.7-1_amd64.deb
 c5d215beba7a1d8692d887dd0070043ee73019fa 193610 libwiretap2_1.8.7-1_amd64.deb
 b5a4e9fd659ef061eef1877ad77f182a08b3de2b 73790 libwiretap-dev_1.8.7-1_amd64.deb
Checksums-Sha256: 
 dacfea6cdcab0b7b40193887b4e6e3d6eb3ca54eab6d4ab9b975adc36865715b 2922 
wireshark_1.8.7-1.dsc
 5c7e429c1e410289b49d65a2e635e00c0becdcb56fe703a1d3e7b5e275fca842 24273700 
wireshark_1.8.7.orig.tar.bz2
 69450ef410c0598be21f575047cf3385fa7657c743abb390218ba465d1f390dd 78563 
wireshark_1.8.7-1.debian.tar.gz
 136dd884b39664716eab6092fd2d178bad23f5efa9b7904bd4e064e5bce7cda8 3853938 
wireshark-doc_1.8.7-1_all.deb
 4047f1606f25e8cbd01577ced5214242cc5130db7da5e411f9d7fea5098a6031 1261280 
libwireshark-data_1.8.7-1_all.deb
 15b2a40543d9543d7f521bae47824ea8f4b9ea3ba8582fa04f54ca2a675e1717 229124 
wireshark-common_1.8.7-1_amd64.deb
 523643e45ee980f3781cdd6e96f3949b71a320528f0bb076a23590ea9059dc7b 978918 
wireshark_1.8.7-1_amd64.deb
 e9f00a02e4fa6156d7750e66f437621813d2c06330774bfe1373c7c935a558fe 180290 
tshark_1.8.7-1_amd64.deb
 6edf204ddb34c19bad61206092ade6f1dda0bdac44265397eafd565c52e20a48 180792 
wireshark-dev_1.8.7-1_amd64.deb
 7edc00ce6ba5fddc718f76c24b6b4c5530a27e91d112cd8f2df89f9e96ad6d42 27972104 
wireshark-dbg_1.8.7-1_amd64.deb
 1cbdbb6824edb7d167e2c680915e36acb0537dae2cd3ee0c8f70163b590137ef 13461712 
libwireshark2_1.8.7-1_amd64.deb
 16489e39a8b841fb7b217353d16bf863ea1d23317664f1367943586629942946 54320 
libwsutil2_1.8.7-1_amd64.deb
 40d3e2f1dc2d5a348b1a9ced0a7b84da0341024ddd03d67ffa95ceb4d71d445e 53316 
libwsutil-dev_1.8.7-1_amd64.deb
 7c8de1a9ec008714659ebc6b2d7934694ada4692c0fe497deb7324fd2c40446e 889816 
libwireshark-dev_1.8.7-1_amd64.deb
 1ae592030474bd4f919d2a7c0aede0497d8073ec64a25f6148fd9ed3c3171afc 193610 
libwiretap2_1.8.7-1_amd64.deb
 e54da2d41625d754c02726e9ada7f7c1f5fd616f2636a391be2709c50efe206a 73790 
libwiretap-dev_1.8.7-1_amd64.deb
Files: 
 0e8dfc9419e290f6e83e12c197427abd 2922 net optional wireshark_1.8.7-1.dsc
 f4198728a20aa40752906031e08544f8 24273700 net optional 
wireshark_1.8.7.orig.tar.bz2
 57b761b06d654ba228e4d0d821f8d207 78563 net optional 
wireshark_1.8.7-1.debian.tar.gz
 a54f62c488aa8b188603dc71682abf76 3853938 doc extra 
wireshark-doc_1.8.7-1_all.deb
 945999fc8aaf7ce4a7944f26f3c58e8c 1261280 libs optional 
libwireshark-data_1.8.7-1_all.deb
 3e9ae8ce9fbf1d9750c9ea010a7b2138 229124 net optional 
wireshark-common_1.8.7-1_amd64.deb
 5ad86a4c3e8ca3391b3f950352e22c1d 978918 net optional 
wireshark_1.8.7-1_amd64.deb
 ea93c9a8a8bd272f551751a275b40b18 180290 net optional tshark_1.8.7-1_amd64.deb
 cbb190f65a8cc3bbd710d3e9a772534e 180792 devel optional 
wireshark-dev_1.8.7-1_amd64.deb
 97a769f8fb306ac875edc47347d7c6e2 27972104 debug extra 
wireshark-dbg_1.8.7-1_amd64.deb
 a0c5a2b47bf79004cbeb6ea6768e8ed9 13461712 libs optional 
libwireshark2_1.8.7-1_amd64.deb
 1f6e608733ca2c1efec3c21298fc8ef2 54320 libs optional 
libwsutil2_1.8.7-1_amd64.deb
 1fec1152bfd5184786b5e22cec3ddb16 53316 libdevel optional 
libwsutil-dev_1.8.7-1_amd64.deb
 77622b7910c914dae33d4a27935a54ec 889816 libdevel optional 
libwireshark-dev_1.8.7-1_amd64.deb
 f2c13e41587679b501f3e09cb610ca0d 193610 libs optional 
libwiretap2_1.8.7-1_amd64.deb
 af30ebc814430cddc5db3bce71884c47 73790 libdevel optional 
libwiretap-dev_1.8.7-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRnlCkAAoJEPZk0la0aRp9B58QALEgIyWCxjwzboS7e+yGK7Jw
uuGqPVkabVZeV4w0JvvPLAcINtyUrNKowkzGV0LUnr7E4eluAa3w7j34TPSuqfEY
5Rh2ek2cx2r218g/qeNpKeeSDC9MIjdMIoFFqxjSOW4lgPRqCmPCTYEfJ3ppcbFC
oaHm9tnjRio6wv0E5K8OYwqHP31Dr+dcjoLud1sWf7SdM72g4QV0aDW0Tp/qHsmm
WjS+hPh0fuW9xCZMByqwlHToN6NF++TIVYqOCFsn1zVGAuOfQ52V1nV2H7Mu2O1X
EULG61HBCfDAc38p0WMX7V6cohO9R5RcawtyXafP5bN+aiGXkBTr21wxbpSykU+j
3sa6k6xqDvLlqblyTIaQPZoY9FFum9HL5TX4x2PPn9QgAezBoxn3LptxhaaoTjdM
6wVElHo6eiQ5pFmTl/Grj5dPwwHu9TwPDfgbOrYE+jOj8TV+Au2gEltOlFGlgjAQ
tdMDawPi+na/atgDFYp0JSYe06WiGAeGUIuKlxTGu812PqPLeqVqkNK39rhOS3TB
02DKXagWin2DA0TeJVQprNL4Ix5XEKYvU5bozrf2VpEAA5oLORPMwfLZaw/RDx5i
wSZE7oR0DkykCx/Da66yhXnxaGb/YXg48xp/0FSZHgu2qn3429287Mt+KBOcBpiu
NYFxcyYjUrcWvdafbzDa
=7qYO
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to