-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 31 Jan 2021 19:44:22 +0200 Source: wireshark Binary: wireshark-common wireshark wireshark-qt wireshark-gtk tshark wireshark-dev wireshark-doc libwireshark11 libwsutil9 libwsutil-dev libwscodecs2 libwireshark-data libwireshark-dev libwiretap8 libwiretap-dev Architecture: source Version: 2.6.20-0+deb9u1 Distribution: stretch-security Urgency: medium Maintainer: Balint Reczey <rbalint@ubuntu.com> Changed-By: Adrian Bunk <bunk@debian.org> Description: libwireshark-data - network packet dissection library -- data files libwireshark-dev - network packet dissection library -- development files libwireshark11 - network packet dissection library -- shared library libwiretap-dev - network packet capture library -- development files libwiretap8 - network packet capture library -- shared library libwscodecs2 - network packet dissection codecs library -- shared library libwsutil-dev - network packet dissection utilities library -- development files libwsutil9 - network packet dissection utilities library -- shared library tshark - network traffic analyzer - console version wireshark - network traffic analyzer - meta-package wireshark-common - network traffic analyzer - common files wireshark-dev - network traffic analyzer - development tools wireshark-doc - network traffic analyzer - documentation wireshark-gtk - network traffic analyzer - GTK+ version wireshark-qt - network traffic analyzer - Qt version Closes: 958213 974688 974689 Changes: wireshark (2.6.20-0+deb9u1) stretch-security; urgency=medium . * Non-maintainer upload. * New upstream version including the following security fixes: - CVE-2019-16319: The Gryphon dissector could go into an infinite loop. - CVE-2019-19553: The CMS dissector could crash. - CVE-2020-7045: The BT ATT dissector could crash. - CVE-2020-9428: The EAP dissector could crash. - CVE-2020-9430: The WiMax DLMAP dissector could crash. - CVE-2020-9431: The LTE RRC dissector could leak memory. - CVE-2020-11647: The BACapp dissector could crash. (Closes: #958213) - CVE-2020-13164: The NFS dissector could crash. - CVE-2020-15466: The GVCP dissector could go into an infinite loop. - CVE-2020-25862: The TCP dissector could crash. - CVE-2020-25863: The MIME Multipart dissector could crash. * Adjust 17_libdir_location.patch for context changes. * Since Wireshark 2.6.14 tests are run automatically by debhelper, backport the build fix and making test failures non-fatal. * CVE-2020-26575: The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. (Closes: #974688) * CVE-2020-28030: The GQUIC dissector could crash. (Closes: #974689) * CVE-2020-26418: Memory leak in the Kafka protocol dissector. * CVE-2020-26421: Crash in USB HID protocol dissector. . wireshark (2.6.10-1) unstable; urgency=medium . * New upstream version 2.6.10 - security fixes: - ASN.1 BER and related dissectors crash (CVE-2019-13619) - fix QIcon crash on exit on Ubuntu 16.04 with Qt 5.5.1 (LP: #1803808) * debian/gitlab-ci.yml: User minimal reference configuration . wireshark (2.6.9-1) unstable; urgency=medium . * Acknowledge NMU * New upstream version 2.6.9 * Drop obsolete CVE-2019-12295.patch * Refresh patches Checksums-Sha1: 6336c87d140c045ec860e8daa11bae7276bf8462 3558 wireshark_2.6.20-0+deb9u1.dsc 2e4295eeba3f54134c1f37a6e931e0f4a67c0487 28805496 wireshark_2.6.20.orig.tar.xz d40581ee82ff9647b76ec9eb955963ef14b4e97d 74504 wireshark_2.6.20-0+deb9u1.debian.tar.xz Checksums-Sha256: c80da006b19a6d19aa5b1d2517f168b6982918d464b6768bed22fc4366554775 3558 wireshark_2.6.20-0+deb9u1.dsc a97a5f3934ef09b93236f7dbc97a162c0348667cbc9dd68291473b8f7b276c60 28805496 wireshark_2.6.20.orig.tar.xz c607bd77a297fc0a342fae1cdbda7c35e8edbfd28934095ebcbfde90cc305487 74504 wireshark_2.6.20-0+deb9u1.debian.tar.xz Files: 9f6c3063f96b4296f82734868b78500d 3558 net optional wireshark_2.6.20-0+deb9u1.dsc ac4f79c6878703634797e041fd136a98 28805496 net optional wireshark_2.6.20.orig.tar.xz 00390321d085490f2d7683ad3dfa872f 74504 net optional wireshark_2.6.20-0+deb9u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmAe1dkACgkQiNJCh6LY mLEJYxAApNPnxxMEwKfpU5gwyxRQt9jOdzTcEcGFX6+bJd3iOwyG9lN8sXDoDmbq sUO8atcZXA8sJKTG5BZQ9VHWVivz/yUIcOxtEQsTsFzDcej60hQTfvJ7KgoyzhpK cjDufK0cacKPHm/5DHqum3GJJhqEt3LCC0IVlMMTF4glPiHlef5SA3vTzMhrEcig mzBQ1h/3u/8qUEg8INfrz0Ncty13802BkD3ARW/kqV/yCL6YFn1n5pSu6BO8x3bx fmmJEG9MACIX6WWpeFpPfrZ9pmOwjfqAWLAH4W8R8XxF+fSvpx2yCN2xxsy/Q6rZ aAuXSLrbqCyMWOfXfl3ra+EkApdGVvuNk5FXf6wM2YZ4jURpTXyajyUWt7TY4QxD /0+xOJK18QPthDNsgclBKVYsubf1fWA/I67DJHZnbA8HotIhXa3wxcHMaBOOd7q6 aQQx7sqn6r9koGEuiO7dbuu3zq3E2rjQgYmaShxKlomKqxZCmJN9EMcPuyvAtExc ev3V6i1b1JaDeHDrGvGoEMXeEi3QNvhuQ6BOuev1YGCHhxRE0QSGo+tylCb8WdAI Hh8TqTN7WRGrmzlEVWQVh3wnzCQNQk1ZNGRHqeoEIjQ8htYWFWojybvpXHCCrNdj FwGKbG/IqTzGI1ofvFysDGq3BEovvy9pvroMcmG5iJj+xBRUflE= =DvTy -----END PGP SIGNATURE-----