Bug#608990: marked as done (CVE-2010-4538: ENTTEC dissector)

Fri, 14 Jan 2011 02:21:23 -0800 

Your message dated Fri, 14 Jan 2011 10:18:15 +0000
with message-id <e1pdgjx-0004zw...@franck.debian.org>
and subject line Bug#608990: fixed in wireshark 1.4.3-1
has caused the Debian Bug report #608990,
regarding CVE-2010-4538: ENTTEC dissector
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
608990: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608990
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: wireshark
Severity: grave
Tags: security

This has been assigned CVE-2010-4538:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539

Fix:
http://anonsvn.wireshark.org/viewvc?view=rev&revision=35318

Please upload a fix for sid and request an unblock and check
the Lenny status.

Cheers,
        Moritz

--- End Message ---
--- Begin Message --- 
Source: wireshark
Source-Version: 1.4.3-1

We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:

libwireshark-data_1.4.3-1_all.deb
  to main/w/wireshark/libwireshark-data_1.4.3-1_all.deb
libwireshark-dev_1.4.3-1_i386.deb
  to main/w/wireshark/libwireshark-dev_1.4.3-1_i386.deb
libwireshark0_1.4.3-1_i386.deb
  to main/w/wireshark/libwireshark0_1.4.3-1_i386.deb
libwiretap-dev_1.4.3-1_i386.deb
  to main/w/wireshark/libwiretap-dev_1.4.3-1_i386.deb
libwiretap0_1.4.3-1_i386.deb
  to main/w/wireshark/libwiretap0_1.4.3-1_i386.deb
libwsutil-dev_1.4.3-1_i386.deb
  to main/w/wireshark/libwsutil-dev_1.4.3-1_i386.deb
libwsutil0_1.4.3-1_i386.deb
  to main/w/wireshark/libwsutil0_1.4.3-1_i386.deb
tshark_1.4.3-1_i386.deb
  to main/w/wireshark/tshark_1.4.3-1_i386.deb
wireshark-common_1.4.3-1_i386.deb
  to main/w/wireshark/wireshark-common_1.4.3-1_i386.deb
wireshark-dbg_1.4.3-1_i386.deb
  to main/w/wireshark/wireshark-dbg_1.4.3-1_i386.deb
wireshark-dev_1.4.3-1_i386.deb
  to main/w/wireshark/wireshark-dev_1.4.3-1_i386.deb
wireshark-doc_1.4.3-1_all.deb
  to main/w/wireshark/wireshark-doc_1.4.3-1_all.deb
wireshark_1.4.3-1.debian.tar.gz
  to main/w/wireshark/wireshark_1.4.3-1.debian.tar.gz
wireshark_1.4.3-1.dsc
  to main/w/wireshark/wireshark_1.4.3-1.dsc
wireshark_1.4.3-1_i386.deb
  to main/w/wireshark/wireshark_1.4.3-1_i386.deb
wireshark_1.4.3.orig.tar.bz2
  to main/w/wireshark/wireshark_1.4.3.orig.tar.bz2



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 608...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Balint Reczey <bal...@balintreczey.hu> (supplier of updated wireshark package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 12 Jan 2011 15:31:35 +0100
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg 
wireshark-doc libwireshark0 libwsutil0 libwsutil-dev libwireshark-data 
libwireshark-dev libwiretap0 libwiretap-dev
Architecture: source i386 all
Version: 1.4.3-1
Distribution: experimental
Urgency: high
Maintainer: Balint Reczey <bal...@balintreczey.hu>
Changed-By: Balint Reczey <bal...@balintreczey.hu>
Description: 
 libwireshark-data - a network packet dissection library -- data files
 libwireshark-dev - a network packet dissection library -- development files
 libwireshark0 - a network packet dissection library -- shared library
 libwiretap-dev - a network packet capture library -- development files
 libwiretap0 - a network packet capture library -- shared library
 libwsutil-dev - network packet dissection utilities library -- shared library
 libwsutil0 - network packet dissection utilities library -- shared library
 tshark     - network traffic analyzer - console version
 wireshark  - network traffic analyzer - GTK+ version
 wireshark-common - network traffic analyzer - common files
 wireshark-dbg - network traffic analyzer - debug symbols
 wireshark-dev - network traffic analyzer - development tools
 wireshark-doc - network traffic analyzer - documentation
Closes: 608990
Changes: 
 wireshark (1.4.3-1) experimental; urgency=high
 .
   * New upstream release 1.4.3
     - release notes:
       http://www.wireshark.org/docs/relnotes/wireshark-1.4.3.html
     - security fixes
        - FRAsse discovered that the MAC-LTE dissector could overflow a buffer.
          (No assigned CVE number.)
        - FRAsse discovered that the ENTTEC dissector could overflow a buffer.
          (CVE-2010-4538) (Closes: #608990)
        - The ASN.1 BER dissector could assert and make Wireshark exit
          prematurely. (No assigned CVE number.)
   * drop 25_libwsutil-version.patch since it has been integrated upstream
Checksums-Sha1: 
 9609f2a22c3e38bd275eeb3b7a25346f00a9f7f5 1834 wireshark_1.4.3-1.dsc
 776c757e6a6a085232ac843ec28b026bf4ca9c8d 20469021 wireshark_1.4.3.orig.tar.bz2
 33b3768c0bf15643d00957d1e0ffe71e8b987aea 55994 wireshark_1.4.3-1.debian.tar.gz
 c92cfc431be48e4c5501b21c5ada3f66b9d077fc 1363862 
wireshark-common_1.4.3-1_i386.deb
 5e7afbdd87fdc7a5645e0c9da1e108c42d0fedb9 784248 wireshark_1.4.3-1_i386.deb
 d5d97f5d9dc92c4fcfa338c05fcb712cb42d9332 138292 tshark_1.4.3-1_i386.deb
 82c2155f5c8c89c5263eb74e1d66ef9e69a2d7d6 165422 wireshark-dev_1.4.3-1_i386.deb
 062c15d57253e84f02e61b83ec6d0ba06a6a1de9 16309740 
wireshark-dbg_1.4.3-1_i386.deb
 dff4546b29d2fe1dd057f24413616d28312583a9 3465340 wireshark-doc_1.4.3-1_all.deb
 cc70e1a6f6362d25386bf288ba17ae3d55e339d7 9405140 libwireshark0_1.4.3-1_i386.deb
 223b09a22fa7e435c03dfa76117e2a01e106a964 33662 libwsutil0_1.4.3-1_i386.deb
 a13bec1bceee2c6497dc1da9bbe9af2719d78e71 37184 libwsutil-dev_1.4.3-1_i386.deb
 e8ba8cb9781e0957ad3c63ea0b33ec96e3a5f966 2207598 
libwireshark-data_1.4.3-1_all.deb
 2b3d53b4b198ec3c98d607e2631e6a9a982a6d84 866590 
libwireshark-dev_1.4.3-1_i386.deb
 06097e090921e9734fe13abc06b3434cf65864a2 157768 libwiretap0_1.4.3-1_i386.deb
 038c8d5c3f669bfb8add1c95ce855b6d87b80588 57930 libwiretap-dev_1.4.3-1_i386.deb
Checksums-Sha256: 
 1300b652fc9acbfc8ec2a4fd604130d70dc41d49770f609b142dd3fdadfb8053 1834 
wireshark_1.4.3-1.dsc
 3ec9b709ea0e2b26c4d5869374a9013a5c7ca4493f2a2a64640824c5a477eda6 20469021 
wireshark_1.4.3.orig.tar.bz2
 cd1cffc727d9f88b6d8d2f8ce446a4b82709423d29d0bb8d77d5495ceb7c73a7 55994 
wireshark_1.4.3-1.debian.tar.gz
 079a6e4fa18fa33ece45a4b487053374533ef7ef8851af62e49a1eb8f25b1359 1363862 
wireshark-common_1.4.3-1_i386.deb
 37180f82ffe5fe6c6b405b8ab2bbeca7a8d7f426ab81ccb1ba99ce37b743c87e 784248 
wireshark_1.4.3-1_i386.deb
 26d8d2b656b922a453bfe687d7e02df72d927920aee88e374545791696bb1fad 138292 
tshark_1.4.3-1_i386.deb
 d718dbf59ade556da56529a9a181601994e600da18c643dfea6335eb8a131c0b 165422 
wireshark-dev_1.4.3-1_i386.deb
 fbf4ae05cb76e19915f0fd0716ad90ef01d3ce6ac4b6a1aba594940e9601d16a 16309740 
wireshark-dbg_1.4.3-1_i386.deb
 b3dc4e3831081a1742843f5c344373048fc9f1b096db54d6d247cba609e6833c 3465340 
wireshark-doc_1.4.3-1_all.deb
 33a713f2372b9e0f77844d08cd1abf7457be1322e510c97634a3bf85589e3280 9405140 
libwireshark0_1.4.3-1_i386.deb
 48e27f4c257e3ea8e90c868ea5a0f058c34acfd21cf212688088bc6e245170d4 33662 
libwsutil0_1.4.3-1_i386.deb
 49161800bc9472f9fb831bcfd68616927ce791df57ee6bdbb685f1370bec4d54 37184 
libwsutil-dev_1.4.3-1_i386.deb
 2c67bc4d93870f26192497bf8dcf5bfeb0277155c19634f175afd180996d3e55 2207598 
libwireshark-data_1.4.3-1_all.deb
 2aaff0375323fd98d736c8392d175a58b36210dd45b28b2c724805252c4fa0df 866590 
libwireshark-dev_1.4.3-1_i386.deb
 b053a9946a680d8ceec2a86d08c61df97402250f7a8155900c2df376f2bffa1d 157768 
libwiretap0_1.4.3-1_i386.deb
 6e9cfdf9840541ce336f05973410a6cb8f3ae0aa0145c9591a4c1261885e68b4 57930 
libwiretap-dev_1.4.3-1_i386.deb
Files: 
 ea7e7b378865d0b60c20de0493b71618 1834 net optional wireshark_1.4.3-1.dsc
 ac3dcc8c128c38d9ef3d9c93d1dec83e 20469021 net optional 
wireshark_1.4.3.orig.tar.bz2
 ffe8f3081f92f46f2ded5eda0e28e6b0 55994 net optional 
wireshark_1.4.3-1.debian.tar.gz
 738d3ac26a0c0af17044f97c7200fedb 1363862 net optional 
wireshark-common_1.4.3-1_i386.deb
 42c38e51a388eb98bd31b7914e54b61e 784248 net optional wireshark_1.4.3-1_i386.deb
 c1621568e86eb5edf1d18c8e0177a98a 138292 net optional tshark_1.4.3-1_i386.deb
 201db3a16d128a347d418f96dbe07609 165422 devel optional 
wireshark-dev_1.4.3-1_i386.deb
 fbf5a27e94cad9766d11e52a4b41fe0a 16309740 debug extra 
wireshark-dbg_1.4.3-1_i386.deb
 ae7514d83b96702d5b8d3a2fb5d705d6 3465340 doc extra 
wireshark-doc_1.4.3-1_all.deb
 8644da95dea97c224f804750c4be5da1 9405140 libs optional 
libwireshark0_1.4.3-1_i386.deb
 8292f985fbdd15ab46e188079a5b504c 33662 libs optional 
libwsutil0_1.4.3-1_i386.deb
 53f89251c2741978924c8d137c0a5df7 37184 libdevel optional 
libwsutil-dev_1.4.3-1_i386.deb
 9e1f7c3abcae54664be1bd767bc6da5b 2207598 libs optional 
libwireshark-data_1.4.3-1_all.deb
 45e076dfc510dbfd7d562ba493e110ab 866590 libdevel optional 
libwireshark-dev_1.4.3-1_i386.deb
 8d8e4fb75dba2bf24cff1c92cf687df0 157768 libs optional 
libwiretap0_1.4.3-1_i386.deb
 74c465e990bc595eaf5a2aa534fff37f 57930 libdevel optional 
libwiretap-dev_1.4.3-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFNMBkTmSuMdaVnTsERAn4pAKDwirvtioNnnboJAKg+9Co3/MzyDgCg4Bmr
lQE0qACVByYu28z/zLfsdz0=
=ZQKF
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to