Your message dated Tue, 10 Jun 2025 16:36:00 +0000
with message-id <[email protected]>
and subject line Bug#1107515: fixed in wireshark 4.4.7-1
has caused the Debian Bug report #1107515,
regarding wireshark: CVE-2025-5601
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1107515: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107515
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wireshark
Version: 4.4.6-2
Severity: grave
Tags: security upstream
Forwarded: https://gitlab.com/wireshark/wireshark/-/issues/20509
X-Debbugs-Cc: s, [email protected], Debian Security Team
<[email protected]>
Control: fixed -1 4.4.7-0exp1
Hi,
The following vulnerability was published for wireshark.
Note, technically not necessary RC level, but we should try to get
this fixed in trixie before the trixie release. It is already fixed in
experimental via the 4.4.7-0exp1 upload.
CVE-2025-5601[0]:
| Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to
| 4.2.12 allows denial of service via packet injection or crafted
| capture file
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-5601
https://www.cve.org/CVERecord?id=CVE-2025-5601
[1] https://www.wireshark.org/security/wnpa-sec-2025-02.html
[2] https://gitlab.com/wireshark/wireshark/-/issues/20509
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wireshark
Source-Version: 4.4.7-1
Done: Balint Reczey <[email protected]>
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <[email protected]> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 10 Jun 2025 16:45:06 +0200
Source: wireshark
Built-For-Profiles: noudeb
Architecture: source
Version: 4.4.7-1
Distribution: unstable
Urgency: medium
Maintainer: Balint Reczey <[email protected]>
Changed-By: Balint Reczey <[email protected]>
Closes: 1107515
Changes:
wireshark (4.4.7-1) unstable; urgency=medium
.
* Upload to unstable (Closes: #1107515)
.
wireshark (4.4.7-0exp1) experimental; urgency=medium
.
* New upstream version
- security fixes:
* Dissection engine crash (CVE-2025-5601)
* Target experimental due to the freeze
Checksums-Sha1:
89d3b6233ba2e3570ffb33dedfde5493b8388e05 3431 wireshark_4.4.7-1.dsc
1265e30114c0338f60f95bd5f153bf5d52628a90 87060 wireshark_4.4.7-1.debian.tar.xz
60a70e3389c3421db5e78fac185b9fc4f79b2345 24569
wireshark_4.4.7-1_source.buildinfo
Checksums-Sha256:
31185067f58e9f7aa30f0998e86b6d857ee25556fd1fcc3b04f0d15f6d17d6d0 3431
wireshark_4.4.7-1.dsc
5cd72f85af7109682aac639e3e868f8af238e5ecefbf9cfac2567e00f7e9c685 87060
wireshark_4.4.7-1.debian.tar.xz
b6c058123cd049acfc8fde2bea69e17f3ee407a310a003905de6772ebc04d450 24569
wireshark_4.4.7-1_source.buildinfo
Files:
58720d09e05e3f6414357b6e973a6e93 3431 net optional wireshark_4.4.7-1.dsc
cf1c5e0d6ded4222c482ab4b1523e892 87060 net optional
wireshark_4.4.7-1.debian.tar.xz
b96a6026611de900b3bbc4648d053e09 24569 net optional
wireshark_4.4.7-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEI/PvTgXX55rLQUfDg6KBkWslS0UFAmhISNsACgkQg6KBkWsl
S0UkYQ//ci8sn/kGk2NCbp1Z+4vDXRxQfUarvy9QC7EmsVL7s7P0tM5ORovJsRQa
B6jpfYJLt8QBTziKKu7R6IQgTNFkcpLVjlJrHmWkhbXIOVUrsInBihHLnyEecPey
K706S0DMfmKxtaT068uEgCV8rY1aSr1pf9zf4MekT7pOcc0fri4LlYw1ynADTIcH
ub5Xdp9P24nSs+fU8JfT2EOBZ8n9Z418BCw5XWjzDahssVo3YhMnDlhBWNetwfJb
jZ1X7sIT4bB+snFFYfZjioMwpwvuMgrfCmxwyi1b3dS+liwX26Ly/hKpiLv9EMNt
XoGwnZJ59OgRTaviC48kSQO+ye21pqdz54+CereFTsql45eMJrut3v3Y7qx60O+U
/5D6s27KP+qvC3S9dc+6emmbdVavDUGZWgXUWU4aYmp1kixLe5kpzM29Qz8/r/8x
Hd3c+alHdB3VgRBW8RknKfjyopbfo/FpXbfxaraHic6Tznbv3P/5FWGxpinu++W7
bmha/mcmxGuvCWQ0DsHZTXvNum7CLlGeA9oOR3a7KpDObhp79wJaXWa9Qh7uIyNY
j0HQRnEk6n/DS7X4XEtTo8A2yuV84LuXr5+RyS1REIrlQ+oyYn6A3prLRV1xcNku
Pk+IT8u+KkF3KC6XCGuQzXOPO9lqt9ckMmLHzfjTF48s0M04HEo=
=w08n
-----END PGP SIGNATURE-----
pgpN4zbfux_vQ.pgp
Description: PGP signature
--- End Message ---
