[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

** Changed in: wireshark (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397091 Title: [Security] Update Wireshark in Precise, Trusty, and Utopic to

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

This bug was fixed in the package wireshark - 2.2.6+g32dac6a- 2ubuntu0.16.10 --- wireshark (2.2.6+g32dac6a-2ubuntu0.16.10) yakkety; urgency=medium * Security Update to Address Multiple CVEs (LP: #1397091) -- Balint Reczey Mon, 29 May 2017 20:10:55 +0200 **

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

Thanks Balint! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397091 Title: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches. To manage

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

This bug was fixed in the package wireshark - 2.2.6+g32dac6a- 2ubuntu0.16.04 --- wireshark (2.2.6+g32dac6a-2ubuntu0.16.04) xenial; urgency=medium * Security Update to Address Multiple CVEs (LP: #1397091) -- Balint Reczey Mon, 29 May 2017 20:10:45 +0200 --

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

This bug was fixed in the package wireshark - 2.2.6+g32dac6a- 2ubuntu0.17.04 --- wireshark (2.2.6+g32dac6a-2ubuntu0.17.04) zesty; urgency=medium * Security Update to Address Multiple CVEs (LP: #1397091) -- Balint Reczey Mon, 29 May 2017 20:11:04 +0200 **

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

This bug was fixed in the package wireshark - 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1 --- wireshark (1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1) trusty; urgency=medium * Security Update to Address Multiple CVEs (LP: #1397091) * Use GnuTLS available in Trusty -- Balint Reczey

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

Hi Balint - Thanks for the updates. I happened to notice that these are security updates. Security updates that are to be sponsored should follow this process: https://wiki.ubuntu.com/SecurityTeam/SponsorsQueue#Notes_for_Contributors I'll update the bug tasks and subscribe

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

I have uploaded the proposed packages to https://launchpad.net/~rbalint/+archive/ubuntu/wireshark-sru/ for Trusty, Xenial, Yakkeyt and Zesty. For Vivid please perform a fake sync from Debian jessie-security. -- You received this bug notification because you are a member of Ubuntu Bugs, which

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

The plan involving branching from versions in Ubuntu only like 1.6.x and 1.10.x would involve a lot of manpower which did not seem to be available in the last 2 years and unlikely to become available . Fake-syncing the security changes from Debian is on the other hand needs only a little effort

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

Due to my schedule becoming a little more hectic, as well as some issues with my primary system, my work on this has stalled for the time being - as such, I'm unassigning myself from the Precise and Trusty tasks - the community is free to contribute to this, but i'll pick this up again as soon as

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

** Patch removed: Utopic Debdiff: 1.12.0+git+4fab41a1-1 to 1.12.1+g01b65bf-2 (Utopic debian/ + 1.12.2 patches) https://bugs.launchpad.net/ubuntu/precise/+source/wireshark/+bug/1397091/+attachment/4279080/+files/utopic_debdiff_1.12.0-Utopic_1.12.1-Vivid.debdiff -- You received this bug

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

Debdiff updated per Marc's request on IRC. Additional changes outlined in debian/changelog entry (some additional changes from Vivid were needed). ** Patch added: Utopic Debdiff: 1.12.0+git+4fab41a1-1 to 1.12.1+g01b65bf-2 (Utopic debian/ + 1.12.2 patches and some Vivid changes)

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

This bug was fixed in the package wireshark - 1.12.1+g01b65bf-2~ubuntu14.10.1 --- wireshark (1.12.1+g01b65bf-2~ubuntu14.10.1) utopic-security; urgency=medium * Security Update to Address Multiple CVEs (LP: #1397091) * Use tarball from Vivid package of wireshark

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

Further discussion with mdeslaur on IRC and messages on https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1401314 from Evan have come up with a potential course of action, as follows: (Note the other bug there will be duped to this one). (1) For Precise, we will work off of 1.6.16 as a

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

** Changed in: wireshark (Ubuntu Precise) Importance: Undecided = High ** Changed in: wireshark (Ubuntu Precise) Status: New = In Progress ** Changed in: wireshark (Ubuntu Precise) Assignee: (unassigned) = Thomas Ward (teward) ** Changed in: wireshark (Ubuntu Trusty)

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

** Also affects: wireshark (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: wireshark (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: wireshark (Ubuntu Utopic) Importance: Undecided Status: New -- You received this bug

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

(2.4M diff) Diff attached is the Vivid tarball with the Utopic packaging. Additional changes are five (5) patches picked out from the Vivid packaging to address the CVEs of which 1.12.2 fixed (these fixes are already present in Vivid) ** Patch added: Utopic Debdiff: 1.12.0+git+4fab41a1-1 to

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

Utopic debdiff attached - set back to Confirmed and unassigned for Utopic. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397091 Title: [Security] Update Wireshark in Precise, Trusty, and Utopic to

[Bug 1397091] Re: [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches.

** Summary changed: - [Security] Update Wireshark in Precise, Trusty, and Utopic to 1.12.1+g01b65bf-2 (from Vivid) + [Security] Update Wireshark in Precise, Trusty, and Utopic to include relevant security patches. ** Description changed: + In further discussion with the security team and