Your message dated Sun, 30 Dec 2012 18:47:06 +0000
with message-id <e1tpnuc-0000f7...@franck.debian.org>
and subject line Bug#680056: fixed in wireshark 1.2.11-6+squeeze8
has caused the Debian Bug report #680056,
regarding wireshark: CVE-2012-4048: PPP dissector crash/segfault
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
680056: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680056
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wireshark
Version: 1.8.0-1
Severity: important
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Attempting to load a usbmon dump previously captured by wireshark
version 1.6.8-1 results in a segfault:
bjorn@nemi:~$ wireshark -r
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump
Segmentation fault
The dump is of some size, but not that big:
bjorn@nemi:~$ file
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump: tcpdump
capture file (little-endian) - version 2.4, capture length 65535)
bjorn@nemi:~$ ls -lh
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump
-r--r--r-- 1 bjorn bjorn 41M May 22 17:47
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump
tshark is able to read the file, but seems to truncate the output
without crashing:
bjorn@nemi:~$ tshark -r
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump|head
1 0.000000 host 20.0 USB
URB_CONTROL out
2 0.003208 20.0 host USB
URB_CONTROL out
3 0.005203 20.5 host USB
URB_INTERRUPT in
4 0.005214 host 20.0 USB
URB_CONTROL in
5 0.005223 host 20.5 USB
URB_INTERRUPT in
6 0.006204 20.0 host USB
URB_CONTROL in
7 0.032426 host 20.0 USB
URB_CONTROL out
8 0.035215 20.0 host USB
URB_CONTROL out
9 0.039213 20.5 host USB
URB_INTERRUPT in
10 0.039221 host 20.0 USB
URB_CONTROL in
bjorn@nemi:~$ tshark -r
docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump|tail
56313 132.172335 1.0 host USBHUB
GET_STATUS Response
56314 132.227996 host 1.0 USBHUB
CLEAR_FEATURE Request
56315 132.228010 1.0 host USBHUB
CLEAR_FEATURE Response
56316 132.228017 host 0.0 USB SET
ADDRESS Request
56317 132.228583 0.0 host USB SET
ADDRESS Response
56318 132.247976 host 23.0 USB GET
DESCRIPTOR Request DEVICE
56319 132.248578 23.0 host USB GET
DESCRIPTOR Response DEVICE
56320 132.248616 host 23.0 USB GET
DESCRIPTOR Request CONFIGURATION
56321 132.249577 23.0 host USB GET
DESCRIPTOR Response CONFIGURATION
56322 132.249bjorn@nemi:~$
I did not notice any of these problems when using this file with
wireshark version 1.6.8-1
Bjørn
- -- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (700, 'stable'), (600, 'unstable'), (500,
'stable-updates'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5.0-rc2+ (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages wireshark depends on:
ii libc6 2.13-33
ii libcairo2 1.12.2-2
ii libgdk-pixbuf2.0-0 2.26.1-1
ii libglib2.0-0 2.32.3-1
ii libgtk2.0-0 2.24.10-1
ii libpango1.0-0 1.30.0-1
ii libpcap0.8 1.3.0-1
ii libportaudio2 19+svn20111121-1
ii libwireshark2 1.8.0-1
ii libwiretap2 1.8.0-1
ii libwsutil2 1.8.0-1
ii wireshark-common 1.8.0-1
ii zlib1g 1:1.2.7.dfsg-13
wireshark recommends no packages.
wireshark suggests no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAk/yrlQACgkQ10rqkowbIsmCSgCfScif2UQlQ+OzAegv3A+yUn2D
6w0AoIJp/HMrDdqYqN0MvSc5OpA+L371
=CA+H
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: wireshark
Source-Version: 1.2.11-6+squeeze8
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 680...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <bal...@balintreczey.hu> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 20 Oct 2012 20:46:34 +0200
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg
Architecture: source amd64
Version: 1.2.11-6+squeeze8
Distribution: stable-security
Urgency: high
Maintainer: Balint Reczey <bal...@balintreczey.hu>
Changed-By: Balint Reczey <bal...@balintreczey.hu>
Description:
tshark - network traffic analyzer - console version
wireshark - network traffic analyzer - GTK+ version
wireshark-common - network traffic analyzer - common files
wireshark-dbg - network traffic analyzer - debug symbols
wireshark-dev - network traffic analyzer - development tools
Closes: 680056
Changes:
wireshark (1.2.11-6+squeeze8) stable-security; urgency=high
.
* security fixes from Wireshark 1.6.9 and 1.6.10:
- The PPP dissector could crash (CVE-2012-4048) (Closes: #680056)
- The RTPS2 dissector could overflow a buffer. Reported by
Laurent Butti. (CVE-2012-4296)
* drop obsolete patches:
- debian-changes-1.2.11-6+squeeze3
- 03_preferences.dpatch
Checksums-Sha1:
e6c43821022d3d36f6a326f2b17fbd5067df8d37 1747 wireshark_1.2.11-6+squeeze8.dsc
933eda1dade7c64aa7320d04f2fa940b9679b662 94770
wireshark_1.2.11-6+squeeze8.debian.tar.gz
5014eba4e78dfeb9f2aa63fae1936f6a5294b58a 13778974
wireshark-common_1.2.11-6+squeeze8_amd64.deb
eb682b19bcbed3f91d8cc5accfcf545ac87b63e1 797192
wireshark_1.2.11-6+squeeze8_amd64.deb
59dc203c5315dfb3a9d01f3d12ea47b383ef13e1 133418
tshark_1.2.11-6+squeeze8_amd64.deb
a89569be776a9b7232cfa1a1744803474083917b 795510
wireshark-dev_1.2.11-6+squeeze8_amd64.deb
4d517e90bcf5c6863dac2db5c0c9595ac59a2f8b 15786554
wireshark-dbg_1.2.11-6+squeeze8_amd64.deb
Checksums-Sha256:
6be9a87d640a7a00f579a7fa4fd798b01ff300d2aa44e60e21253231e448f12c 1747
wireshark_1.2.11-6+squeeze8.dsc
11028e101f8d8558931b0cbdb64db95ccc4c70333ac68b98785ea68225ef225b 94770
wireshark_1.2.11-6+squeeze8.debian.tar.gz
028a44664bd0a48e94d23c5498e425480ab8c5165c1bf3428ca3fa735d8ec3f5 13778974
wireshark-common_1.2.11-6+squeeze8_amd64.deb
cbb19c24410e9874e60f7a19fc1733d22250a846377b6217abb17b1388d949cb 797192
wireshark_1.2.11-6+squeeze8_amd64.deb
f472b3656dcb3000683a7cfb252bbe511687faaa04442006f9e8c8dfebcadd80 133418
tshark_1.2.11-6+squeeze8_amd64.deb
614d8e310fb9030163a184403f8eb350f8f65989c7c858a437bbe678111f8d4b 795510
wireshark-dev_1.2.11-6+squeeze8_amd64.deb
fa9f6d0a12dadec7ef3cfb8a21c796eda52b71ada15c275b5b22278c441e834d 15786554
wireshark-dbg_1.2.11-6+squeeze8_amd64.deb
Files:
900e9713288799e72f518aa4f715dd97 1747 net optional
wireshark_1.2.11-6+squeeze8.dsc
9d7421c4ad852da3adc3a601bc7d3c5f 94770 net optional
wireshark_1.2.11-6+squeeze8.debian.tar.gz
ab71d7e10f28790c30b8dd6ed9200fd7 13778974 net optional
wireshark-common_1.2.11-6+squeeze8_amd64.deb
a68eb50950b3b6d8bff4b18bcc5dc03e 797192 net optional
wireshark_1.2.11-6+squeeze8_amd64.deb
f8ee3891c83acf9cac4e2b77c87d0bb3 133418 net optional
tshark_1.2.11-6+squeeze8_amd64.deb
490e270d0c092b2456cfd840c4bc2b2a 795510 devel optional
wireshark-dev_1.2.11-6+squeeze8_amd64.deb
c4c3b7dc2cb4b1fdb8b63a6c32364531 15786554 debug extra
wireshark-dbg_1.2.11-6+squeeze8_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlDZiYUACgkQXm3vHE4uyloQEwCgokktUZqTTGqtqRCc08JqYROm
xu8An2uBMKW1Z7DO/EgZEBZ1fRb1dtQf
=gB4f
-----END PGP SIGNATURE-----
--- End Message ---