*** This bug is a security vulnerability ***
Public security bug reported:
Here's the debian/changelog diff:
+wireshark (1.8.2-5wheezy3) wheezy-security; urgency=high
+
+ * security fixes from Wireshark 1.8.7 (Closes: #709167):
+ - The GTPv2 dissector could crash (CVE-2013-3555)
+ - The ASN.1 BER dissector could crash (CVE-2013-3557)
+ - The PPP CCP dissector could crash (CVE-2013-3558)
+ - The DCP ETSI dissector could crash. Discovered by Evan Jensen.
+ (CVE-2013-3559)
+ - The MPEG DSM-CC dissector could crash. (CVE-2013-3560)
+ - The Websocket dissector could crash. Discovered by Moshe Kaplan.
+ (CVE-2013-3562)
+
+ -- Balint Reczey <bal...@balintreczey.hu> Tue, 28 May 2013 19:39:33 -0500
+
+wireshark (1.8.2-5wheezy2) wheezy-proposed-updates; urgency=low
+
+ * make libwsutil-dev confict with and replace wireshark-dev (<< 1.4.0~rc2-1)
+ (Closes: #704561)
+
+ -- Balint Reczey <bal...@balintreczey.hu> Wed, 03 Apr 2013 03:22:46 +0200
+
+wireshark (1.8.2-5wheezy1) wheezy-security; urgency=high
+
+ * re-upload to Wheezy security without changes in the content
+
+ -- Balint Reczey <bal...@balintreczey.hu> Sat, 16 Mar 2013 12:02:44 +0100
It seems like a sync from stable-security is the simplest way to get this fixed.
** Affects: wireshark (Ubuntu)
Importance: High
Status: New
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1187615
Title:
Please sync wireshark 1.8.2-5wheezy3 from Debian stable-security to
raring-security
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1187615/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
