Your message dated Sun, 19 Apr 2020 21:21:44 +0000
with message-id <[email protected]>
and subject line Bug#958213: fixed in wireshark 3.2.3-1
has caused the Debian Bug report #958213,
regarding wireshark: CVE-2020-11647
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
958213: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958213
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wireshark
Version: 3.2.2-1
Severity: important
Tags: security upstream
Forwarded: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
Hi,
The following vulnerability was published for wireshark, filling
mainly only for tracking.
CVE-2020-11647[0]:
| In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the
| BACapp dissector could crash. This was addressed in epan/dissectors
| /packet-bacapp.c by limiting the amount of recursion.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-11647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11647
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
[2] https://www.wireshark.org/security/wnpa-sec-2020-07.html
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wireshark
Source-Version: 3.2.3-1
Done: Balint Reczey <[email protected]>
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <[email protected]> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 19 Apr 2020 23:04:12 +0200
Source: wireshark
Architecture: source
Version: 3.2.3-1
Distribution: unstable
Urgency: medium
Maintainer: Balint Reczey <[email protected]>
Changed-By: Balint Reczey <[email protected]>
Closes: 958213
Changes:
wireshark (3.2.3-1) unstable; urgency=medium
.
* debian: Ship codecs libraries in libwireshark0.
* New upstream version 3.2.3
- security fixes:
- The BACapp dissector could crash. (CVE-2020-11647) (Closes: #958213)
Checksums-Sha1:
2850762f360a062258d39ec2be1313b7cd4340f6 3505 wireshark_3.2.3-1.dsc
f50ba92e62435510df6ae7c4eb3ef14fe50d9d25 31363144 wireshark_3.2.3.orig.tar.xz
5d549e6178f5c83445f2873b55bcfb8cab94bec3 73804 wireshark_3.2.3-1.debian.tar.xz
2fd285dbecadf043f691ee63aa46881f3d70df28 18661
wireshark_3.2.3-1_source.buildinfo
Checksums-Sha256:
4492b3799bfed8961792fd215a09dcc3d845803cd29ca0877e733c48956a5819 3505
wireshark_3.2.3-1.dsc
aeb77915c1c7e40d277ef1d52335928fad86c6d49e46b214d87c8a83c019e2de 31363144
wireshark_3.2.3.orig.tar.xz
b02194219198363098d455051a80398d577015277d10a5692be7827aff99b5dd 73804
wireshark_3.2.3-1.debian.tar.xz
43a4dfd64718da719e7cb4a4a6e71a293f5768daafe4d88bc0edddf80fe16329 18661
wireshark_3.2.3-1_source.buildinfo
Files:
5e1fe1e25e4d80117bb8ff220686a15d 3505 net optional wireshark_3.2.3-1.dsc
3f5ff7b87d17fb3e0f6932b67be39a35 31363144 net optional
wireshark_3.2.3.orig.tar.xz
894c3db971605daa1f6e4ddcaf848c66 73804 net optional
wireshark_3.2.3-1.debian.tar.xz
bb77ec62e2ad75b001d41523199da1dc 18661 net optional
wireshark_3.2.3-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEI/PvTgXX55rLQUfDg6KBkWslS0UFAl6cvQ4ACgkQg6KBkWsl
S0Uw/BAAsUaC5vNunBzV/qt66tq/FfboLko3Momp/coWpYCEdGQEiTEgFziNS2Jh
iWUF1xYpt/FERv64+seq0aVjfIJfpQ32x+Q7Nk78AWI46P1vhnzwP2s+fe8RwWUm
wLWL2qvi4jghyXwZkNxr9cUrAsaLcO1+xXN1ANHymHZSKprq9H8KvDrd941/v5uA
1onjGbFbLwmj9j+QY/tG9EikMRYgYBkEEyeocRm3ZIvCqQILkfiq2uR9DqIw0vuf
uD5Z8vkUTAMb1dGKm6ImYSkp5ae32qQ6C2IrOSQkNpd3SSI9xo+b95rxSlyca40P
WWcFNIMTGMklBcZPpykCP4+n0PTmhYl2DcsK411gnsHTzhEeiIwlrinN4h59E8aY
vwl/T8HTAzFSi+kI6643vrSf1EHWeHf+pir1SKesTeX7g0TzEmwRbnX+vo8G+Uby
GMlCgN6VCEH7pAQOheG9rEFZ+KvXzwH+/t0Bs0wxuhBSqyOkT1Dkh4FHR8SUnKcv
0vVTpcWLennIMEhArZlAkOSBN3ef+7uw4vcz4wHcsGjTU0mNu/WE/RXYxJOOMHn9
iqhmzu0UNST4fW+3Vmh7JANFMaJh3CSO7P5vW9teveLgK6JDcTa0K3J/efleqn+N
nfA1K/MDTJ8wGqhxV+eDts1FLNeCoeTgzEAp1LvVYdVU7+ziXhg=
=tw5v
-----END PGP SIGNATURE-----
--- End Message ---
