Debian Package Tracker

general

source: wireshark (main)
version: 2.6.7-1
maintainer: Balint Reczey [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8.2-5wheezy18
o-o-sec: 1.12.1+g01b65bf-4+deb8u6~deb7u11
o-o-bpo: 1.12.1+g01b65bf-4~bpo70+1
oldstable: 1.12.1+g01b65bf-4+deb8u14
old-sec: 1.12.1+g01b65bf-4+deb8u17
old-bpo: 2.2.4+gcc3dc1b-1~bpo8+1
stable: 2.6.5-1~deb9u1
stable-sec: 2.6.5-1~deb9u1
testing: 2.6.6-1
unstable: 2.6.7-1
NEW/experimental: 3.0.0-1~exp0

versioned links

1.8.2-5wheezy18: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4+deb8u6~deb7u11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4+deb8u14: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4+deb8u17: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4+gcc3dc1b-1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.6+g32dac6a-2+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.5-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libwireshark-data
libwireshark-dev
libwireshark11
libwiretap-dev
libwiretap8
libwscodecs2
libwsutil-dev
libwsutil9
tshark
wireshark
wireshark-common
wireshark-dev
wireshark-doc
wireshark-gtk
wireshark-qt

action needed

A new upstream version is available: 3.0.0 high

A new upstream version 3.0.0 is available, you should consider packaging it.

Created: 2019-03-07 Last update: 2019-03-19 00:10

3 security issues in buster high

There are 3 open security issues in buster.

3 important issues:

CVE-2019-9209: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
CVE-2019-9208: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.
CVE-2019-9214: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.

Please fix them.

Created: 2019-02-28 Last update: 2019-03-14 21:42

7 security issues in stretch high

There are 7 open security issues in stretch.

3 important issues:

CVE-2019-9209: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
CVE-2019-9208: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.
CVE-2019-9214: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.

4 issues skipped by the security teams:

CVE-2019-5719: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
CVE-2019-5718: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
CVE-2019-5717: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
CVE-2019-5716: In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.

Please fix them.

Created: 2019-01-09 Last update: 2019-03-14 21:42

20 security issues in jessie high

There are 20 open security issues in jessie.

1 important issue:

CVE-2019-9209: In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.

19 issues skipped by the security teams:

CVE-2017-9354: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.
CVE-2017-9345: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
CVE-2018-9271: In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.
CVE-2017-9617: In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
CVE-2018-12086: Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
CVE-2017-9346: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
CVE-2017-9616: In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
CVE-2017-13767: In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
CVE-2018-7337: In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
CVE-2017-9349: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
CVE-2017-9352: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.
CVE-2017-9344: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
CVE-2017-9350: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.
CVE-2018-9272: In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
CVE-2017-9351: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
CVE-2018-7332: In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.
CVE-2018-9258: In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources.
CVE-2017-9343: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
CVE-2017-7702: In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.

Please fix them.

Created: 2017-04-13 Last update: 2019-03-14 21:42

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 3.9.8).

Created: 2017-06-27 Last update: 2019-03-03 09:33

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2017-08-31 Last update: 2019-03-19 04:33

Multiarch hinter reports 3 issue(s) normal

There are issues with the multiarch metadata for this package.

libwiretap-dev could be marked Multi-Arch: same
libwsutil-dev could be marked Multi-Arch: same
wireshark could be marked Multi-Arch: same

Created: 2019-01-11 Last update: 2019-03-19 04:32

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 10-day delay is over. Check why.

Created: 2019-03-13 Last update: 2019-03-19 04:08

Depends on packages which need a new maintainer normal

The packages that wireshark depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl
lsb (#924519)
- Build-Depends: lsb-release
snmp-mibs-downloader (#878723)
- Suggests: snmp-mibs-downloader
docbook-xml (#802368)
- Build-Depends: docbook-xml

Created: 2017-12-02 Last update: 2019-03-19 03:48

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2018-06-28 Last update: 2019-01-10 14:12

testing migrations

excuses:
- 16 days old (10 needed)
- Piuparts tested OK - https://piuparts.debian.org/sid/source/w/wireshark.html
- Not touching package due to block request by freeze (please contact debian-release if update is needed)
- Not considered

news

[rss feed]

[2019-03-02] Accepted wireshark 2.6.7-1 (source) into unstable (Balint Reczey)
[2019-01-28] Accepted wireshark 1.12.1+g01b65bf-4+deb8u17 (source amd64 all) into oldstable (Thorsten Alteholz)
[2019-01-15] Accepted wireshark 1.12.1+g01b65bf-4+deb8u16 (source amd64 all) into oldstable (Thorsten Alteholz)
[2019-01-12] wireshark 2.6.6-1 MIGRATED to testing (Debian testing watch)
[2019-01-09] Accepted wireshark 2.6.6-1 (source) into unstable (Balint Reczey)
[2018-12-28] Accepted wireshark 2.6.5-1~deb9u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Balint Reczey)
[2018-12-27] Accepted wireshark 2.6.5-1~deb9u1 (source all amd64) into stable->embargoed, stable (Balint Reczey)
[2018-12-02] wireshark 2.6.5-1 MIGRATED to testing (Debian testing watch)
[2018-11-29] Accepted wireshark 2.6.5-1 (source) into unstable (Balint Reczey)
[2018-11-11] wireshark 2.6.4-2 MIGRATED to testing (Debian testing watch)
[2018-11-08] Accepted wireshark 2.6.4-2 (source) into unstable (Balint Reczey)
[2018-10-24] Accepted wireshark 2.6.3-1~deb9u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Balint Reczey) (signed by: Moritz Mühlenhoff)
[2018-10-19] wireshark 2.6.4-1 MIGRATED to testing (Debian testing watch)
[2018-10-13] Accepted wireshark 2.6.4-1 (source) into unstable (Balint Reczey)
[2018-10-12] Accepted wireshark 2.6.3-1~deb9u1 (source all amd64) into stable->embargoed, stable (Balint Reczey) (signed by: Moritz Mühlenhoff)
[2018-09-05] wireshark 2.6.3-1 MIGRATED to testing (Debian testing watch)
[2018-08-30] Accepted wireshark 2.6.3-1 (source) into unstable (Balint Reczey)
[2018-08-15] wireshark 2.6.2-2 MIGRATED to testing (Debian testing watch)
[2018-07-29] Accepted wireshark 2.6.2-2 (source) into unstable (Balint Reczey)
[2018-07-29] Accepted wireshark 1.12.1+g01b65bf-4+deb8u15 (source amd64 all) into oldstable (Thorsten Alteholz)
[2018-07-27] Accepted wireshark 2.6.2-1 (source) into unstable (Balint Reczey)
[2018-06-30] wireshark 2.6.1-1 MIGRATED to testing (Debian testing watch)
[2018-06-27] Accepted wireshark 2.6.1-1 (source all amd64) into unstable, unstable (Balint Reczey)
[2018-06-12] Accepted wireshark 2.2.6+g32dac6a-2+deb9u3 (source all amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2018-06-12] Accepted wireshark 1.12.1+g01b65bf-4+deb8u14 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2018-06-03] Accepted wireshark 2.2.6+g32dac6a-2+deb9u3 (source all amd64) into stable->embargoed, stable (Moritz Mühlenhoff)
[2018-06-03] Accepted wireshark 1.12.1+g01b65bf-4+deb8u14 (source amd64 all) into oldstable->embargoed, oldstable (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2018-05-28] Accepted wireshark 1.12.1+g01b65bf-4+deb8u6~deb7u11 (source amd64 all) into oldoldstable (Thorsten Alteholz)
[2018-05-04] wireshark 2.4.6-1 MIGRATED to testing (Debian testing watch)
[2018-05-01] Accepted wireshark 2.4.6-1 (source) into unstable (Balint Reczey)

bugs [bug history graph]

all: 34
RC: 0
I&N: 15
M&W: 19
F&P: 0
patch: 0

links

homepage
buildd: logs, checks, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.6.7-1
34 bugs