Your message dated Sun, 30 Dec 2012 18:47:06 +0000 with message-id <e1tpnuc-0000f7...@franck.debian.org> and subject line Bug#680056: fixed in wireshark 1.2.11-6+squeeze8 has caused the Debian Bug report #680056, regarding wireshark: CVE-2012-4048: PPP dissector crash/segfault to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 680056: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680056 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: wireshark Version: 1.8.0-1 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Attempting to load a usbmon dump previously captured by wireshark version 1.6.8-1 results in a segfault: bjorn@nemi:~$ wireshark -r docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump Segmentation fault The dump is of some size, but not that big: bjorn@nemi:~$ file docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump: tcpdump capture file (little-endian) - version 2.4, capture length 65535) bjorn@nemi:~$ ls -lh docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump -r--r--r-- 1 bjorn bjorn 41M May 22 17:47 docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump tshark is able to read the file, but seems to truncate the output without crashing: bjorn@nemi:~$ tshark -r docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump|head 1 0.000000 host 20.0 USB URB_CONTROL out 2 0.003208 20.0 host USB URB_CONTROL out 3 0.005203 20.5 host USB URB_INTERRUPT in 4 0.005214 host 20.0 USB URB_CONTROL in 5 0.005223 host 20.5 USB URB_INTERRUPT in 6 0.006204 20.0 host USB URB_CONTROL in 7 0.032426 host 20.0 USB URB_CONTROL out 8 0.035215 20.0 host USB URB_CONTROL out 9 0.039213 20.5 host USB URB_INTERRUPT in 10 0.039221 host 20.0 USB URB_CONTROL in bjorn@nemi:~$ tshark -r docs/hardware/sierra/mc7710/mc7710-firmware-upgrade-usbmon.dump|tail 56313 132.172335 1.0 host USBHUB GET_STATUS Response 56314 132.227996 host 1.0 USBHUB CLEAR_FEATURE Request 56315 132.228010 1.0 host USBHUB CLEAR_FEATURE Response 56316 132.228017 host 0.0 USB SET ADDRESS Request 56317 132.228583 0.0 host USB SET ADDRESS Response 56318 132.247976 host 23.0 USB GET DESCRIPTOR Request DEVICE 56319 132.248578 23.0 host USB GET DESCRIPTOR Response DEVICE 56320 132.248616 host 23.0 USB GET DESCRIPTOR Request CONFIGURATION 56321 132.249577 23.0 host USB GET DESCRIPTOR Response CONFIGURATION 56322 132.249bjorn@nemi:~$ I did not notice any of these problems when using this file with wireshark version 1.6.8-1 Bjørn - -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (990, 'testing'), (700, 'stable'), (600, 'unstable'), (500, 'stable-updates'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5.0-rc2+ (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wireshark depends on: ii libc6 2.13-33 ii libcairo2 1.12.2-2 ii libgdk-pixbuf2.0-0 2.26.1-1 ii libglib2.0-0 2.32.3-1 ii libgtk2.0-0 2.24.10-1 ii libpango1.0-0 1.30.0-1 ii libpcap0.8 1.3.0-1 ii libportaudio2 19+svn20111121-1 ii libwireshark2 1.8.0-1 ii libwiretap2 1.8.0-1 ii libwsutil2 1.8.0-1 ii wireshark-common 1.8.0-1 ii zlib1g 1:1.2.7.dfsg-13 wireshark recommends no packages. wireshark suggests no packages. - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/yrlQACgkQ10rqkowbIsmCSgCfScif2UQlQ+OzAegv3A+yUn2D 6w0AoIJp/HMrDdqYqN0MvSc5OpA+L371 =CA+H -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: wireshark Source-Version: 1.2.11-6+squeeze8 We believe that the bug you reported is fixed in the latest version of wireshark, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 680...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Balint Reczey <bal...@balintreczey.hu> (supplier of updated wireshark package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 20 Oct 2012 20:46:34 +0200 Source: wireshark Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg Architecture: source amd64 Version: 1.2.11-6+squeeze8 Distribution: stable-security Urgency: high Maintainer: Balint Reczey <bal...@balintreczey.hu> Changed-By: Balint Reczey <bal...@balintreczey.hu> Description: tshark - network traffic analyzer - console version wireshark - network traffic analyzer - GTK+ version wireshark-common - network traffic analyzer - common files wireshark-dbg - network traffic analyzer - debug symbols wireshark-dev - network traffic analyzer - development tools Closes: 680056 Changes: wireshark (1.2.11-6+squeeze8) stable-security; urgency=high . * security fixes from Wireshark 1.6.9 and 1.6.10: - The PPP dissector could crash (CVE-2012-4048) (Closes: #680056) - The RTPS2 dissector could overflow a buffer. Reported by Laurent Butti. (CVE-2012-4296) * drop obsolete patches: - debian-changes-1.2.11-6+squeeze3 - 03_preferences.dpatch Checksums-Sha1: e6c43821022d3d36f6a326f2b17fbd5067df8d37 1747 wireshark_1.2.11-6+squeeze8.dsc 933eda1dade7c64aa7320d04f2fa940b9679b662 94770 wireshark_1.2.11-6+squeeze8.debian.tar.gz 5014eba4e78dfeb9f2aa63fae1936f6a5294b58a 13778974 wireshark-common_1.2.11-6+squeeze8_amd64.deb eb682b19bcbed3f91d8cc5accfcf545ac87b63e1 797192 wireshark_1.2.11-6+squeeze8_amd64.deb 59dc203c5315dfb3a9d01f3d12ea47b383ef13e1 133418 tshark_1.2.11-6+squeeze8_amd64.deb a89569be776a9b7232cfa1a1744803474083917b 795510 wireshark-dev_1.2.11-6+squeeze8_amd64.deb 4d517e90bcf5c6863dac2db5c0c9595ac59a2f8b 15786554 wireshark-dbg_1.2.11-6+squeeze8_amd64.deb Checksums-Sha256: 6be9a87d640a7a00f579a7fa4fd798b01ff300d2aa44e60e21253231e448f12c 1747 wireshark_1.2.11-6+squeeze8.dsc 11028e101f8d8558931b0cbdb64db95ccc4c70333ac68b98785ea68225ef225b 94770 wireshark_1.2.11-6+squeeze8.debian.tar.gz 028a44664bd0a48e94d23c5498e425480ab8c5165c1bf3428ca3fa735d8ec3f5 13778974 wireshark-common_1.2.11-6+squeeze8_amd64.deb cbb19c24410e9874e60f7a19fc1733d22250a846377b6217abb17b1388d949cb 797192 wireshark_1.2.11-6+squeeze8_amd64.deb f472b3656dcb3000683a7cfb252bbe511687faaa04442006f9e8c8dfebcadd80 133418 tshark_1.2.11-6+squeeze8_amd64.deb 614d8e310fb9030163a184403f8eb350f8f65989c7c858a437bbe678111f8d4b 795510 wireshark-dev_1.2.11-6+squeeze8_amd64.deb fa9f6d0a12dadec7ef3cfb8a21c796eda52b71ada15c275b5b22278c441e834d 15786554 wireshark-dbg_1.2.11-6+squeeze8_amd64.deb Files: 900e9713288799e72f518aa4f715dd97 1747 net optional wireshark_1.2.11-6+squeeze8.dsc 9d7421c4ad852da3adc3a601bc7d3c5f 94770 net optional wireshark_1.2.11-6+squeeze8.debian.tar.gz ab71d7e10f28790c30b8dd6ed9200fd7 13778974 net optional wireshark-common_1.2.11-6+squeeze8_amd64.deb a68eb50950b3b6d8bff4b18bcc5dc03e 797192 net optional wireshark_1.2.11-6+squeeze8_amd64.deb f8ee3891c83acf9cac4e2b77c87d0bb3 133418 net optional tshark_1.2.11-6+squeeze8_amd64.deb 490e270d0c092b2456cfd840c4bc2b2a 795510 devel optional wireshark-dev_1.2.11-6+squeeze8_amd64.deb c4c3b7dc2cb4b1fdb8b63a6c32364531 15786554 debug extra wireshark-dbg_1.2.11-6+squeeze8_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlDZiYUACgkQXm3vHE4uyloQEwCgokktUZqTTGqtqRCc08JqYROm xu8An2uBMKW1Z7DO/EgZEBZ1fRb1dtQf =gB4f -----END PGP SIGNATURE-----
--- End Message ---
