[ubuntu/trusty-updates] wireshark 2.6.3-1~ubuntu14.04.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Oct 15 15:28:19 UTC 2018
wireshark (2.6.3-1~ubuntu14.04.1) trusty-security; urgency=medium
* No change rebuild for the -security pocket
wireshark (2.6.3-1~14.04.0) trusty-security; urgency=medium
* Use GnuTLS available in Trusty
* Drop build dependencies disabling relevant features:
libssh-gcrypt-dev, libmaxminddb-dev and libnghttp2-dev
* Rebuild for Trusty to fix multiple CVEs (LP: #1793091)
wireshark (2.6.3-1) unstable; urgency=medium
* Use GLX extension in autopkgtest, Qt needs it
* New upstream version 2.6.3
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.3.html
- security fixes:
- Bluetooth AVDTP dissector crash. (CVE-2018-16058)
- Bluetooth Attribute Protocol dissector crash. (CVE-2018-16056)
- Radiotap dissector crash. (CVE-2018-16057)
* Refresh patches
* Update symbols
wireshark (2.6.2-2) unstable; urgency=medium
* Add missing autopkgtest dependencies (Closes: #904920)
* Use automatic xvfb server number in tests
* Add Lintian override for extra patch for backporting
wireshark (2.6.2-1) unstable; urgency=medium
* Fix shipping README.Debian (Closes: #903722)
* Drop unused 06_release-version.patch.
* Drop unused backport-to-qt4.patch.
* Refresh backport-to-old-gnutls.patch.
* Skip building users and developers guide on Trusty.
Asciidoctor does not accept --require option there and breaks the build
and people can read documentation on more recent releases if they wish to.
* Add autopkgtest for testing starting GUI.
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.2.html
- security fixes:
- BGP dissector large loop (CVE-2018-14342)
- ISMP dissector crash (CVE-2018-14344)
- Multiple dissectors could crash (CVE-2018-14340)
- ASN.1 BER dissector crash (CVE-2018-14343)
- MMSE dissector infinite loop (CVE-2018-14339)
- DICOM dissector crash (CVE-2018-14341)
- Bazaar dissector infinite loop (CVE-2018-14368)
- HTTP2 dissector crash (CVE-2018-14369)
- CoAP dissector crash (CVE-2018-14367)
* Drop patches fixing shared library names, they are fixed upstream
* Refresh patches
* Update symbols files
wireshark (2.6.1-1) unstable; urgency=medium
[ Balint Reczey ]
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html
- security fixes (Closes: #900708):
- The LDSS dissector could crash. (CVE-2018-11362)
- The IEEE 1905.1a dissector could crash. (CVE-2018-11354)
- The RTCP dissector could crash. (CVE-2018-11355)
- Multiple dissectors could consume excessive memory. (CVE-2018-11357)
- The DNS dissector could crash. (CVE-2018-11356)
- The GSM A DTAP dissector could crash. (CVE-2018-11360)
- The Q.931 dissector could crash. (CVE-2018-11358)
- The IEEE 802.11 dissector could crash. (CVE-2018-11361)
- Multiple dissectors could crash. (CVE-2018-11359)
* debian/gbp.conf: describe repository layout
* Update Vcs-{Browser|Git} to point to Salsa
* Drop packaging changes for ipmap.html since it is also dropped upstream.
* Refresh patches.
* Switch to use asciidoctor instead of asciidoc
* Fix shared library symlink names.
* Update shared library package names and symbols files.
* Adjust packaging to upstream file name changes.
* Ship README.Debian in every binary package.
* Ship asn2deb and idl2deb documentation.
[ Peter Wu ]
* remove imagemagick build dependency and demote xdg-utils deps
xdg-utils is needed for xdg-open (opening websites) at runtime in GTK+,
but not for Qt nor during the build, remove it or mark it as optional.
* debian/rules: Skip installing icons and .desktop files.
They are now installed by CMake
[ Gerald Combs ]
* Transition from GeoIP Legacy to MaxMindDB.
MaxMind is discontinuing its legacy databases in April in favor of
GeoIP2, which use a newer database format (MaxMind DB). The reference C
library (libmaxminddb) is available under the Apache 2.0 license which
isn't quite compatible with ours.
[ Guy Harris ]
* Give more detailed information about capture permissions on Debian.
Indicate what you're supposed to do when running dpkg-reconfigure
wireshark-common, and indicate that you have to run it as root using
sudo.
Emphasize in README.Debian, and indicate in the permission failure
secondary message, that you have to add users to the "wireshark" group
after doing that, and that a user may have to log out and log in again
to make this change take effect.
wireshark (2.4.6-1) unstable; urgency=medium
[ Yuri Kozlov ]
* Updated Russian translation for debconf messages (Closes: #892902)
[ Balint Reczey ]
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html
- security fixes:
- The MP4 dissector could crash. (CVE-2018-9259)
- The ADB dissector could crash. (CVE-2018-9264)
- The IEEE 802.15.4 dissector could crash. ()
- The NBAP dissector could crash. (CVE-2018-9261)
- The VLAN dissector could crash. (CVE-2018-9262)
- The LWAPP dissector could crash. (CVE-2018-9256)
- The TCP dissector could crash. (CVE-2018-9258)
- The CQL dissector could to into an infinite loop. (CVE-2018-9257)
- The Kerberos dissector could crash. (CVE-2018-9263)
- Multiple dissectors and other modules could leak memory.
The TN3270 (CVE-2018-9265), ISUP (CVE-2018-9266),
LAPD (CVE-2018-9267), SMB2 (CVE-2018-9268),
GIOP (CVE-2018-9269), ASN.1 (CVE-2018-9270),
MIME multipart (CVE-2018-9271), H.223 (CVE-2018-9272),
and PCP (CVE-2018-9273) dissectors were susceptible along with
Wireshark (CVE-2018-9274) and TShark.
wireshark (2.4.5-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html
- security fixes:
- The SIGCOMP dissector could crash (CVE-2018-7320, CVE-2018-7418)
- Multiple dissectors could go into large infinite loops.
All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow,
RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB,
and WCCP dissectors were susceptible. (CVE-2018-7321, CVE-2018-7322,
CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326,
CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330,
CVE-2018-7331, CVE-2018-7332, CVE-2018-7333)
- The UMTS MAC dissector could crash (CVE-2018-7334)
- The IEEE 802.11 dissector could crash (CVE-2018-7335)
- The FCP dissector could crash (CVE-2018-7336)
- The DOCSIS dissector could crash (CVE-2018-7337)
- The IPMI dissector could crash (CVE-2018-7417)
- The NBAP disssector could crash (CVE-2018-7419)
- The pcapng file parser could crash (CVE-2018-7420)
* Only recommend libjs-openlayers (Closes: #888744)
wireshark (2.4.4-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html
- security fixes:
- Multiple dissectors could crash (CVE-2018-5336)
- The IxVeriWave file parser could crash (CVE-2018-5334)
- The WCP dissector could crash (CVE-2018-5335)
- Prior to this release dumpcap enabled the Linux kernel’s BPF JIT
compiler via the net.core.bpf_jit_enable sysctl. This could make
systems more vulnerable to Spectre variant 1 (CVE-2017-5753) and
this feature has been removed (Closes: #886619)
- There was a potential buffer underflow in File_read_line function
in epan/wslua/wslua_file.c file (CVE-2017-17935) (Closes: #885831)
* Update symbols files
* Fix dh_clean target in debian/rules
* Change wireshark-doc's priority to optional from extra following Policy
change
wireshark (2.4.3-1) unstable; urgency=medium
* Show version info instead of just "Git Rev Unknown from unknown"
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.3.html
- security fixes:
- The IWARP_MPA dissector could crash (CVE-2017-17084)
- The NetBIOS dissector could crash (CVE-2017-17083)
Discovered by Kamil Frankowicz
- The CIP Safety dissector could crash (CVE-2017-17085)
wireshark (2.4.2-1) unstable; urgency=medium
[ Pedro Ribeiro ]
* Updated Portuguese translation for debconf messages (Closes: #874522)
[ Balint Reczey ]
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.2.html
- security fixes:
- BT ATT dissector crash (CVE-2017-15192)
- MBIM dissector crash (CVE-2017-15193)
- DMP dissector crash (CVE-2017-15191)
- RTSP dissector crash (CVE-2017-15190)
- DOCSIS infinite loop (CVE-2017-15189)
[ Helge Kreutzmann ]
* Updated German translation for debconf messages (Closes: #877636)
[ Frans Spiesschaert ]
* Updated Dutch translation for debconf messages (Closes: #877244)
wireshark (2.4.1-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.1.html
- security fixes:
- MSDP dissector infinite loop (CVE-2017-13767)
- Profinet I/O buffer overrun (CVE-2017-13766)
- Modbus dissector crash (CVE-2017-13764)
- IrCOMM dissector buffer overrun (CVE-2017-13765)
* Refresh patches
* Drop 0001-Set-libwscodecs.so-s-version-to-1.1.0.patch which is now
integrated upstream
wireshark (2.4.0-1) unstable; urgency=medium
* Use debconf messages instead of "echo" in postinst/postrm (LP: #1687344)
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.0.html
- security fixes:
- deeply nested DAAP data may cause stack exhaustion
(uncontrolled recursion) in the dissect_daap_one_tag function
(CVE-2017-9617) (Closes: #870174)
- PROFINET IO data with a high recursion depth allows remote
attackers to cause a denial of service (stack exhaustion)
in the dissect_IODWriteReq function. (CVE-2017-9766)
(Closes: #870175)
- the DOCSIS dissector could go into an infinite loop (CVE-2017-11406)
(Closes: #870172)
- the MQ dissector could crash (CVE-2017-11407) (Closes: #870172)
- the AMQP dissector could crash (CVE-2017-11408) (Closes: #870172)
- the WBXML dissector could go into an infinite loop, triggered
by packet injection or a malformed capture file (CVE-2017-11410)
(Closes: #870180)
- the openSAFETY dissector could crash or exhaust system memory
(CVE-2017-11411) (Closes: #870179)
* Update shared library package names to match new .so versions
* Refresh patches
* Drop workaround to use system's nghttp2 since upstream does not
ship the embedded copy anymore
* Add build-dependency on libparse-yapp-perl, liblz4-dev, libsnappy-dev,
libspandsp-dev, libxml2-dev and lynx to enable new upstream features
* Update PO files about debconf templates
wireshark (2.2.7-1) unstable; urgency=medium
[ Balint Reczey ]
* Convert d/copyright to machine readable format
* Download releases from GitHub excluding upstream's debian/ dir
* Use my @ubuntu.com email address in Maintainer field
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.7.html
- security fixes (Closes: #864058):
- Bazaar dissector infinite loop (CVE-2017-9352)
- DOF dissector read overflow (CVE-2017-9348)
- DHCP dissector read overflow (CVE-2017-9351)
- SoulSeek dissector infinite loop (CVE-2017-9346)
- DNS dissector infinite loop (CVE-2017-9345)
- DICOM dissector infinite loop (CVE-2017-9349)
- openSAFETY dissector memory exhaustion (CVE-2017-9350)
- BT L2CAP dissector divide by zero (CVE-2017-9344)
- MSNIP dissector crash (CVE-2017-9343)
- ROS dissector crash (CVE-2017-9347)
- RGMP dissector crash (CVE-2017-9354)
- IPv6 dissector crash (CVE-2017-9353)
[ Alexander Gerasiov ]
* Fix pkg-config libdir (Closes: #857729)
wireshark (2.2.6+g32dac6a-2) unstable; urgency=medium
* Upload to unstable
wireshark (2.2.6+g32dac6a-1) experimental; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.6.html
- security fixes:
- The IMAP dissector could crash (CVE-2017-7703)
- The WBXML dissector could enter an infinite loop (CVE-2017-7702)
- The NetScaler file parser could enter an infinite loop
(CVE-2017-7700)
- The RPCoRDMA dissector enter an infinite loop (CVE-2017-7705)
- The BGP dissector could enter an infinite loop (CVE-2017-7701)
- The DOF dissector could enter an infinite loop (CVE-2017-7704)
- The PacketBB dissector could crash (CVE-2017-7747)
- The SLSK dissector could enter a long loop (CVE-2017-7746)
- The SIGCOMP dissector could enter an infinite loop
(CVE-2017-7745)
- The WSP dissector could enter an infinite loop (CVE-2017-7748)
wireshark (2.2.5+g440fd4d-2) unstable; urgency=medium
* Upload to unstable
wireshark (2.2.5+g440fd4d-1) experimental; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.5.html
- security fixes:
- The STANAG 4607 file parser could go into an infinite loop
(CVE-2017-6014)
- The NetScaler file parser could go into an infinite loop
(CVE-2017-6467)
- The NetScaler file parser could crash (CVE-2017-6468)
- The LDSS dissector could crash (CVE-2017-6469)
- The IAX2 dissector could go into an infinite loop
(CVE-2017-6470)
- The WSP dissector could go into an infinite loop (CVE-2017-6471)
- The RTMTP dissector could go into an infinite loop
(CVE-2017-6472)
- The K12 file parser could crash (CVE-2017-6473)
- The NetScaler file parser could go into an infinite loop
(CVE-2017-6474)
* Update symbols file for libwireshark8
wireshark (2.2.4+gcc3dc1b-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.4.html
- security fixes:
- The ASTERIX dissector could go into an infinite loop
- The DHCPv6 dissector could go into a large loop
* Update symbols file
wireshark (2.2.3+g57531cd-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.3.html
* Add basic tshark autopkgtest
wireshark (2.2.2+g9c5aae3-1) unstable; urgency=medium
* Use HTTPS links in README.Debian
* Ship sshdump and ciscodump
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
- security fixes:
- Profinet I/O long loop (CVE-2016-9372)
- AllJoyn dissector crash (CVE-2016-9374)
- OpenFlow dissector crash (CVE-2016-9376)
- DCERPC dissector crash (CVE-2016-9373)
- DTN dissector infinite loop (CVE-2016-9375)
* Update symbols file
wireshark (2.2.1+ga6fbd27-1) unstable; urgency=medium
* Build-depend on cmake >= 2.8.8
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.1.html
wireshark (2.2.0+g5368c50-1) unstable; urgency=medium
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html
* Don't show version in window title by default (Closes: #642427)
wireshark (2.2.0~rc2+g7670a27-1) unstable; urgency=medium
* Use proper CC flags when test-compiling with development headers
* New upstream release candidate
* Update symbols files
* Build-depend on lsb-release to make release detection work
* Build-depend on libnghttp2-dev and use system's libnghttp2
wireshark (2.2.0~rc1+g438c022-1) unstable; urgency=medium
* New upstream release candidate
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.0rc1.html
- bug fixes
- Fix null dereference in stats (Closes: #786704)
- Detect proper large file defines (Closes: #776206)
- Use field info length instead of packet length for protocol
hierarchy stats (Closes: #151017)
* Drop obsolete patches integrated upstream
* Refresh patches
wireshark (2.0.5+ga3be9c6-1) unstable; urgency=medium
* Generate better pkg-config file (Closes: #832926)
* New upstream release
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.0.5.html
- bug fixes
- Allow restoring maximized windows as maximized (Closes: #780089)
- Restart current capture fails with "no interface selected" error
when capturing in promiscuous mode (Closes: #812495, #813680,
#826385)
- security fixes:
- PacketBB dissector could divide by zero (CVE-2016-6505)
- WSP infinite loop (CVE-2016-6506)
- RLC long loop (CVE-2016-6508)
- LDSS dissector crash (CVE-2016-6509)
- RLC dissector crash (CVE-2016-6510)
- OpenFlow long loop (CVE-2016-6511)
- MMSE, WAP, WBXML, and WSP infinite loop (CVE-2016-6512)
- WBXML crash (CVE-2016-6513)
* Bump standards version to 3.9.8
wireshark (2.0.4+gdd7746e-1) unstable; urgency=high
* Stop listing debconf in wireshark-common's dependencies in control
file, the versioned depends is generated by the package build
(Closes: #825957)
* New upstream release 2.0.4
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.0.4.html
- security fixes:
- The SPOOLS dissector could go into an infinite loop.
Discovered by the CESG.
- The IEEE 802.11 dissector could crash
- The IEEE 802.11 dissector could crash. Discovered by
Mateusz Jurczyk.
- The UMTS FP dissector could crash
- Some USB dissectors could crash. Discovered by Mateusz Jurczyk.
- The Toshiba file parser could crash. Discovered by iDefense Labs.
- The CoSine file parser could crash. Discovered by iDefense Labs.
- The NetScreen file parser could crash. Discovered by
iDefense Labs.
- The Ethernet dissector could crash
wireshark (2.0.3+geed34f0-1) unstable; urgency=medium
[ Pino Toscano ]
* Improve .desktop files (Closes: #812489)
[ Balint Reczey ]
* New upstream release 2.0.3
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html
- security fixes:
- The NCP dissector could crash
- TShark could crash due to a packet reassembly bug
- The IEEE 802.11 dissector could crash
- The PKTC dissector could crash
- The PKTC dissector could crash
- The IAX2 dissector could go into an infinite loop
- Wireshark and TShark could exhaust the stack
- The GSM CBCH dissector could crash
- MS-WSP dissector crash
* Drop cherry-picked patch fixing SO version
wireshark (2.0.2+ga16e22e-1) unstable; urgency=high
* New upstream release 2.0.2
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.0.2.html
- security fixes:
- DLL hijacking vulnerability (CVE-2016-2521)
- ASN.1 BER dissector crash (CVE-2016-2522)
- DNP dissector infinite loop (CVE-2016-2523)
- X.509AF dissector crash (CVE-2016-2524)
- HTTP/2 dissector crash (CVE-2016-2525)
- HiQnet dissector crash (CVE-2016-2526)
- 3GPP TS 32.423 Trace file parser crash (CVE-2016-2527)
- LBMC dissector crash (CVE-2016-2528)
- iSeries file parser crash (CVE-2016-2529)
- RSL dissector crash (CVE-2016-2530 CVE-2016-2531)
- LLRP dissector crash (CVE-2016-2532)
- Ixia IxVeriWave file parser crash
- IEEE 802.11 dissector crash
- GSM A-bis OML dissector crash
- ASN.1 BER dissector crash
- SPICE dissector large loop
- NFS dissector crash
- ASN.1 BER dissector crash
* Update symbols file
* Bump SO version properly using patch cherry-picked from upstream
* Drop obsolete and unused
0002-Fix-wireshark.pc-when-CMAKE_INSTALL_LIBDIR-is-absolu.patch
wireshark (2.0.1+g59ea380-3) unstable; urgency=medium
* Fix setting -Wl,-Bsymbolic on Wheezy only (Closes: #810159)
* Override a few lintian warnings which can't be fixed
wireshark (2.0.1+g59ea380-2) unstable; urgency=medium
* Stop providing wireshark-dbg and migrate to automatic debug packages
wireshark (2.0.1+g59ea380-1) unstable; urgency=medium
* Set license tab content on Qt UI to the same as shown on GTK+ UI
(Closes: #807127)
* Fix build on wheezy when PIE is enabled
* Recommend libqt5multimedia5-plugins for wireshark-qt
This makes RTP Player actually play RTP stream using Qt, too.
* New upstream release 2.0.1
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.0.1.html
- security fixes:
- NBAP dissector crashes
- NLM dissector crash
- BER dissector crash
- Zlib decompression crash
- SCTP dissector crash
- 802.11 decryption crash
- DIAMETER dissector crash
- VeriWave file parser crashes
- RSVP dissector crash
- ANSI A & GSM A dissector crashes
- Ascend file parser crash
- NBAP dissector crash
- RSL dissector crash
- ZigBee ZCL dissector crash
- Sniffer file parser crash
- NWP dissector crash
- BT ATT dissector crash
- MP2T file parser crashes
- S7COMM dissector crash
- IPMI dissector crash
- TDS dissector crash
- PPI dissector crash
- MS-WSP dissector crash
* Drop 0001-Set-major-SO-versions-for-release.patch which has been
integrated upstream
* Update symbols file
wireshark (2.0.0+g9a73b82-2) unstable; urgency=medium
* Make wireshark depend on wireshark-qt _or_ wireshark-gtk
(Closes: #805758)
* Build-depend on qtmultimedia5-dev and libqt5svg5-dev
This fixes missing RTP player functionality in wireshark-qt
* Refresh patches for back-porting
* Ship wireshark-dbg only on amd64
This is the most popular architecture and the debug package is rarely
used anyway. In the next step the package will switch to relying on
automatic debug packages.
wireshark (2.0.0+g9a73b82-1) unstable; urgency=medium
* Don't ship unused duplicated images for guides
* Fix my email address in README.Debian
* New upstream release 2.0.0
- release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.0.0.html
* Update symbols files
* Upload to unstable
wireshark (2.0.0~rc3+g841d5e1-1) experimental; urgency=medium
* New upstream release candidate 2.0.0 RC3
* Add note to README.Debian to log in again to be able to capture packets
* Move icon and mime info file to wireshark-common
* Ship .desktop file for GTK+ interface
* Update symbols files
wireshark (2.0.0~rc2+g74e5b56-1) experimental; urgency=medium
* New upstream release candidate 2.0.0 RC2
* Set library versions to the proper value
* Rename library packages to reflect SOVERSION bumps
* Drop obsolete patches
* Refresh patches
* Enable parallel build
* Provide wireshark metapackage which depends on wireshark-qt
This makes the Qt interface the default GUI for Wireshark in sync with
upstream's intention. The GTK interface is shipped in wireshark-gtk.
* Build-depend on libsbc-dev
* Stop shipping menu entry
wireshark (1.12.8+g5b6e543-2) unstable; urgency=medium
* Split arch and indep rules in debian/rules to fix FTBFS
* Fix short description of libwsutil-dev
* Fix packaging repository URLs
wireshark (1.12.8+g5b6e543-1) unstable; urgency=high
* New upstream release 1.12.8
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.12.8.html
- security fixes:
- Pcapng file parser crash. Discovered by Dario Lombardo and
Shannon Sabens.(CVE-2015-7830)
* Enable all hardening flags
wireshark (1.12.7+g7fc8978-1) unstable; urgency=high
* New upstream release 1.12.7
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.12.7.html
- security fixes:
- Protocol tree crash
- Memory manager crash
- Dissector table crash
- ZigBee crash
- GSM RLC/MAC infinite loop
- WaveAgent crash
- OpenFlow infinite loop
- Ptvcursor crash
- WCCP crash
* Use system's OpenLayers.js to avoid privacy breach
* Recommend geoip-database and geoip-database-extra
* Set location of system's GeoIP database as default. This makes GeoIP
features work out of the box.
wireshark (1.12.6+gee1fce6-1) unstable; urgency=high
* New upstream release 1.12.6
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.12.6.html
- security fixes:
- WCCP dissector crash
- GSM DTAP dissector crash
wireshark (1.12.5+g5819e5b-1) unstable; urgency=high
* Ship reordercap in wireshark-common
* New upstream release 1.12.5
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.12.5.html
- security fixes:
- The LBMR dissector could go into an infinite loop (CVE-2015-3809)
- The WebSocket dissector could recurse excessively (CVE-2015-3810)
- The WCP dissector could crash while decompressing data (CVE-2015-3811)
- The X11 dissector could leak memory (CVE-2015-3812)
- The packet reassembly code could leak memory (CVE-2015-3813)
- The IEEE 802.11 dissector could go into an infinite loop (CVE-2015-3814)
- The Android Logcat file parser could crash. Discovered by Hanno Böck.
(CVE-2015-3815)
* Update symbols files
* Build-depend on dh-python
wireshark (1.12.4+gb4861da-1) unstable; urgency=medium
[Arnd Hannemann]
* Fix German debconf translation (Closes: #779826)
[Balint Reczey]
* Fix pkg-config file (Closes: #779788)
* New upstream release 1.12.4 from git snapshot:
- release notes:
https://wireshark.org/docs/relnotes/wireshark-1.12.4.html
* Drop obsolete patches
* Bump standards version
wireshark (1.12.1+g01b65bf-5) unstable; urgency=medium
* Finish postinst of wireshark-common even when wireshark group is a
user group (LP: #1447893)
Date: 2018-10-15 12:27:14.186569+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Maintainer: Balint Reczey <balint.reczey at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/wireshark/2.6.3-1~ubuntu14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list