Bug 48409
| Summary: | wireshark: Multiple issues (4.3) | ||
|---|---|---|---|
| Product: | UCS | Reporter: | Quality Assurance <qa> |
| Component: | Security updates | Assignee: | Quality Assurance <qa> |
| Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
| Severity: | normal | ||
| Priority: | P3 | ||
| Version: | UCS 4.3 | ||
| Target Milestone: | UCS 4.3-3-errata | ||
| Hardware: | All | ||
| OS: | Linux | ||
| What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
| Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
| User Pain: | Enterprise Customer affected?: | ||
| School Customer affected?: | ISV affected?: | ||
| Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
| Ticket number: | Bug group (optional): | ||
| Max CVSS v3 score: | 7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) | ||
|
Description
Quality Assurance
--- mirror/ftp/4.3/unmaintained/4.3-3/source/wireshark_2.6.3-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-3/source/wireshark_2.6.5-1~deb9u1.dsc @@ -1,6 +1,58 @@ -2.6.3-1~deb9u1 [Tue, 02 Oct 2018 21:11:06 +0200] Balint Reczey <rbalint@ubuntu.com>: +2.6.5-1~deb9u1 [Fri, 07 Dec 2018 23:50:12 +0100] Balint Reczey <rbalint@ubuntu.com>: - * Rebuild for stretch + * Rebuild for Stretch + +2.6.5-1 [Thu, 29 Nov 2018 14:41:14 +0100] Balint Reczey <rbalint@ubuntu.com>: + + * Add debian/gitlab-ci.yml + * New upstream version 2.6.5 + - release notes: + https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html + - security fixes: + - The Wireshark dissection engine could crash. (CVE-2018-19625) + - The DCOM dissector could crash. (CVE-2018-19626) + - The LBMPDM dissector could crash. (CVE-2018-19623) + - The MMSE dissector could go into an infinite loop. (CVE-2018-19622) + - The IxVeriWave file parser could crash. (CVE-2018-19627) + - The PVFS dissector could crash. (CVE-2018-19624) + - The ZigBee ZCL dissector could crash. (CVE-2018-19628) + * Update symbols + +2.6.4-2 [Thu, 08 Nov 2018 22:51:48 +0100] Balint Reczey <rbalint@ubuntu.com>: + + [ nyov ] + * Build and install mmdbresolve to make GeoIP-lookup work. + (adds dependency on libmaxminddb) (Closes: #911567) + + [ Gregor Jasny ] + * debian: libwireshark-dev must depend on libwiretap-dev + because wireshark/epan/packet_info.h (libwireshark-dev) + depends on wireshark/wiretap/wtap.h (libwiretap-dev) + (LP: #1801666) + + [ Balint Reczey ] + * Ship man page for mmdbresolve + * debian/tests/gui: Redirect stderr to stdout because Lua prints to stderr + making the test fail + +2.6.4-1 [Sat, 13 Oct 2018 19:47:47 +0200] Balint Reczey <rbalint@ubuntu.com>: + + [ Ondřej Nový ] + * d/control: Removing redundant Priority field in binary package + * d/changelog: Remove trailing whitespaces + + [ Balint Reczey ] + * Install at-spi2-core in gui autopkgtest to avoid error messages + * debian/test/gui: Ignore stderr from wireshark-gtk since upstream deprecated + it and also start bigger virtual screen + * New upstream version 2.6.4 + - release notes: + https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html + - security fixes: + - MS-WSP dissector crash (CVE-2018-18227) + - Steam IHS Discovery dissector memory leak (CVE-2018-18226) + - CoAP dissector crash (CVE-2018-18225) + - OpcUA dissector crash (CVE-2018-12086) 2.6.3-1 [Thu, 30 Aug 2018 12:59:09 +0200] Balint Reczey <rbalint@ubuntu.com>: <http://10.200.17.11/4.3-3/#8992661573787046411> OK: yaml OK: announce_errata OK: patch ~OK: piuparts <http://10.200.17.11/4.3-3/#666462770913830501> fails because the -dbgsym packages no longer match the binNMU rebuilds from Debian. This is irrelevant for UCS. [4.3-3] ae052ddd35 Bug #48409: wireshark 2.6.5-1~deb9u1 doc/errata/staging/wireshark.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) |