Your message dated Mon, 13 Oct 2025 14:39:29 +0000
with message-id <[email protected]>
and subject line Bug#1117852: fixed in wireshark 4.6.0-1
has caused the Debian Bug report #1117852,
regarding wireshark: CVE-2025-11626
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1117852: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117852
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wireshark
Version: 4.4.9-1
Severity: important
Tags: security upstream
Forwarded: https://gitlab.com/wireshark/wireshark/-/issues/20724
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Control: found -1 4.4.7-1
Hi,
The following vulnerability was published for wireshark.
CVE-2025-11626[0]:
| MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0
| to 4.2.13 allows denial of service
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-11626
https://www.cve.org/CVERecord?id=CVE-2025-11626
[1] https://gitlab.com/wireshark/wireshark/-/issues/20724
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wireshark
Source-Version: 4.6.0-1
Done: Balint Reczey <[email protected]>
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <[email protected]> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 12 Oct 2025 18:34:33 +0200
Source: wireshark
Built-For-Profiles: noudeb
Architecture: source
Version: 4.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Balint Reczey <[email protected]>
Changed-By: Balint Reczey <[email protected]>
Closes: 1117852
Changes:
wireshark (4.6.0-1) unstable; urgency=medium
.
* Upload to unstable
.
wireshark (4.6.0-0exp1) experimental; urgency=medium
.
* New upstream release (Closes: #1117852)
- security fixes:
* MONGO dissector infinite loop (CVE-2025-11626)
* Drop patches integrated upstream
* Update symbols files
.
wireshark (4.6.0~rc1-0exp2) experimental; urgency=medium
.
* Fix FTBFS on i386 by cherry-picking upstream patch
* Cherry-pick upstream patch to fix building external C plugins
* Install extcap binaries under /usr/libexec
* Ship stratoshark and strato, the console version.
Based on upstream's packaging changes
.
wireshark (4.6.0~rc1-0exp1) experimental; urgency=medium
.
* New upstream release candidate
* Bump SO versions
* Update symbols files
* wireshark-dev: Stop shipping README.plugins.
It is now part of the Developer Guide.
* debian/control: Sort build dependencies
Checksums-Sha1:
bdf955f1dc5efb10d9d93a98068ee7d6b17df507 3626 wireshark_4.6.0-1.dsc
010c4ec0f9c0664d16831b3f50d9e8086773f35a 87616 wireshark_4.6.0-1.debian.tar.xz
a3b53bb0c2cccab96b0b19bb3f6d8be69259b017 25114
wireshark_4.6.0-1_source.buildinfo
Checksums-Sha256:
bb2c6f7f17a25588d11939966cc5136d607dc41de248f0770f0328a0306d73a6 3626
wireshark_4.6.0-1.dsc
e19c0f5db82ab42afcdad48094aa7b782539326134229d01afa1e1f87cd9a4d2 87616
wireshark_4.6.0-1.debian.tar.xz
ce5bc0d24bb88789222cbb93fa601e58ad57cbc8eee328861172dd475c367949 25114
wireshark_4.6.0-1_source.buildinfo
Files:
f4f1cad2e4cd3c08f8332858faaf03b6 3626 net optional wireshark_4.6.0-1.dsc
a7b54c10ec569c574bc975b33e926c7e 87616 net optional
wireshark_4.6.0-1.debian.tar.xz
b3dfe7f889a2b317e6fa59841e556bf9 25114 net optional
wireshark_4.6.0-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEI/PvTgXX55rLQUfDg6KBkWslS0UFAmjtCBIACgkQg6KBkWsl
S0VU9hAAkPqxZALCNesUnYKpBJ4pyUeLemklGhBI99ofTMbdc1NlEM7wDRe5ykMK
sd6LAnQCN3TSdjyKvJzHtC8AllXYXOwFvoPJYJuQl3Mxqdh2jCkSAvzsHZdIV/Fe
kPAoV898W9EevKUldxkmnbIoSDHBiZdHWyf+wKBu804vu1549smbDs145ARDK1eZ
NIMW4WWQkMdHWVOJphpf06+posCmW3ZmNpdX/MaONHqRpiWpizH1tlcpFq/gpd08
pBswvCJ5dbiwh2VYPYyJtYo5+MThFidPzVa5y5GE7xGEZLp6XlAG448LKScvn0K9
DGG6pUvUhtbfNbI80zUEYjOgO0td1E20jCc/qbhT15Ale0tHcbfi4Kj++1umbDnw
/8kkhkgsvF5waPf5gC94yfax/R67nkGasm1Q5SPLoMU24Y5k5S1C+emuWIRYh8tI
5ameMpDdxjh0jd1gcfVWi5j8qh5fWAfzlBGzcTMu93lzITf1+7cye7zkYpSQwpZ+
1hVV+VtLv3Xm8ElJg0e12o6NHvHWNuoNemFL92GxXQ8PmH6qqDhVKCqIVhmj0Z7Y
3GNntJbACPD+ZX1Xc6MMiIMD5zD7P1onUjKQZTlExdxGFZNe6R8V7Tc5jWz3fzvO
EUFmh5dz3D9IaWMWCAqsAFQYFZ1PulDPuNP0sX8X5Q7+LMFK81k=
=TkmB
-----END PGP SIGNATURE-----
pgp7rWK7vnYIs.pgp
Description: PGP signature
--- End Message ---
