Debian Package Tracker

general

source: wireshark (main)
version: 2.6.6-1
maintainer: Balint Reczey [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8.2-5wheezy18
o-o-sec: 1.12.1+g01b65bf-4+deb8u6~deb7u11
o-o-bpo: 1.12.1+g01b65bf-4~bpo70+1
oldstable: 1.12.1+g01b65bf-4+deb8u14
old-sec: 1.12.1+g01b65bf-4+deb8u16
old-bpo: 2.2.4+gcc3dc1b-1~bpo8+1
stable: 2.6.3-1~deb9u1
stable-sec: 2.6.5-1~deb9u1
stable-p-u: 2.6.5-1~deb9u1
testing: 2.6.6-1
unstable: 2.6.6-1

versioned links

1.8.2-5wheezy18: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4+deb8u6~deb7u11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4+deb8u14: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+g01b65bf-4+deb8u16: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.4+gcc3dc1b-1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.6+g32dac6a-2+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.3-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.5-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libwireshark-data
libwireshark-dev
libwireshark11
libwiretap-dev
libwiretap8
libwscodecs2
libwsutil-dev
libwsutil9
tshark
wireshark
wireshark-common
wireshark-dev
wireshark-doc
wireshark-gtk
wireshark-qt

action needed

24 security issues in jessie high

There are 24 open security issues in jessie.

5 important issues:

CVE-2019-5718: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
CVE-2019-5717: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
CVE-2019-5719: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
CVE-2019-5721: In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
CVE-2019-5716: In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.

19 issues skipped by the security teams:

CVE-2017-9349: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
CVE-2018-9258: In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources.
CVE-2018-12086: Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
CVE-2017-9345: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
CVE-2017-9344: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
CVE-2017-9617: In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
CVE-2018-9272: In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
CVE-2017-13767: In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
CVE-2017-9343: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
CVE-2017-9351: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
CVE-2017-9616: In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
CVE-2018-7337: In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
CVE-2017-9346: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
CVE-2018-7332: In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.
CVE-2017-9350: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.
CVE-2017-9354: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.
CVE-2017-9352: In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.
CVE-2017-7702: In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.
CVE-2018-9271: In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.

Please fix them.

Created: 2017-04-13 Last update: 2019-01-19 08:05

lintian reports 2 errors and 14 warnings high

Lintian reports 2 errors and 14 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-01-13 Last update: 2019-01-13 08:47

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 3.9.8).

Created: 2017-06-27 Last update: 2019-01-09 18:36

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2017-08-31 Last update: 2019-01-19 09:31

Multiarch hinter reports 3 issue(s) normal

There are issues with the multiarch metadata for this package.

libwiretap-dev could be marked Multi-Arch: same
libwsutil-dev could be marked Multi-Arch: same
wireshark could be marked Multi-Arch: same

Created: 2019-01-11 Last update: 2019-01-19 09:18

Depends on packages which need a new maintainer normal

The packages that wireshark depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl
docbook-xml (#802368)
- Build-Depends: docbook-xml
snmp-mibs-downloader (#878723)
- Suggests: snmp-mibs-downloader

Created: 2017-12-02 Last update: 2019-01-19 08:02

4 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.6.6-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 259dade0a3cab37d41ad8d3ace7e90ddf65521ea
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Mon Jan 14 16:42:17 2019 +0700

    Override a few Lintian issues

commit e5b51104fe3ab49fd7d414a5968838e91a59c34e
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Jan 12 22:57:56 2019 +0700

    Update changelog

commit 898d106514f76c2cb286ca03afaea63c767aa298
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Sat Jan 12 22:54:44 2019 +0700

    Ship captype and randpkt in wireshark-common
    
    Closes: #919027

commit 22909a2fc14cac81b903149d9758148953e6e2bd
Author: Balint Reczey <balint.reczey@canonical.com>
Date:   Thu Jan 10 12:59:50 2019 +0700

    Drop unapplied backport-to-old-gnutls.patch

Created: 2019-01-14 Last update: 2019-01-19 00:14

4 ignored security issues in stretch low

There are 4 open security issues in stretch.

4 issues skipped by the security teams:

CVE-2019-5718: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
CVE-2019-5717: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
CVE-2019-5719: In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
CVE-2019-5716: In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.

Please fix them.

Created: 2019-01-09 Last update: 2019-01-19 08:05

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2018-06-28 Last update: 2019-01-10 14:12

news

[rss feed]

[2019-01-15] Accepted wireshark 1.12.1+g01b65bf-4+deb8u16 (source amd64 all) into oldstable (Thorsten Alteholz)
[2019-01-12] wireshark 2.6.6-1 MIGRATED to testing (Debian testing watch)
[2019-01-09] Accepted wireshark 2.6.6-1 (source) into unstable (Balint Reczey)
[2018-12-28] Accepted wireshark 2.6.5-1~deb9u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Balint Reczey)
[2018-12-27] Accepted wireshark 2.6.5-1~deb9u1 (source all amd64) into stable->embargoed, stable (Balint Reczey)
[2018-12-02] wireshark 2.6.5-1 MIGRATED to testing (Debian testing watch)
[2018-11-29] Accepted wireshark 2.6.5-1 (source) into unstable (Balint Reczey)
[2018-11-11] wireshark 2.6.4-2 MIGRATED to testing (Debian testing watch)
[2018-11-08] Accepted wireshark 2.6.4-2 (source) into unstable (Balint Reczey)
[2018-10-24] Accepted wireshark 2.6.3-1~deb9u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Balint Reczey) (signed by: Moritz Mühlenhoff)
[2018-10-19] wireshark 2.6.4-1 MIGRATED to testing (Debian testing watch)
[2018-10-13] Accepted wireshark 2.6.4-1 (source) into unstable (Balint Reczey)
[2018-10-12] Accepted wireshark 2.6.3-1~deb9u1 (source all amd64) into stable->embargoed, stable (Balint Reczey) (signed by: Moritz Mühlenhoff)
[2018-09-05] wireshark 2.6.3-1 MIGRATED to testing (Debian testing watch)
[2018-08-30] Accepted wireshark 2.6.3-1 (source) into unstable (Balint Reczey)
[2018-08-15] wireshark 2.6.2-2 MIGRATED to testing (Debian testing watch)
[2018-07-29] Accepted wireshark 2.6.2-2 (source) into unstable (Balint Reczey)
[2018-07-29] Accepted wireshark 1.12.1+g01b65bf-4+deb8u15 (source amd64 all) into oldstable (Thorsten Alteholz)
[2018-07-27] Accepted wireshark 2.6.2-1 (source) into unstable (Balint Reczey)
[2018-06-30] wireshark 2.6.1-1 MIGRATED to testing (Debian testing watch)
[2018-06-27] Accepted wireshark 2.6.1-1 (source all amd64) into unstable, unstable (Balint Reczey)
[2018-06-12] Accepted wireshark 2.2.6+g32dac6a-2+deb9u3 (source all amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2018-06-12] Accepted wireshark 1.12.1+g01b65bf-4+deb8u14 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2018-06-03] Accepted wireshark 2.2.6+g32dac6a-2+deb9u3 (source all amd64) into stable->embargoed, stable (Moritz Mühlenhoff)
[2018-06-03] Accepted wireshark 1.12.1+g01b65bf-4+deb8u14 (source amd64 all) into oldstable->embargoed, oldstable (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2018-05-28] Accepted wireshark 1.12.1+g01b65bf-4+deb8u6~deb7u11 (source amd64 all) into oldoldstable (Thorsten Alteholz)
[2018-05-04] wireshark 2.4.6-1 MIGRATED to testing (Debian testing watch)
[2018-05-01] Accepted wireshark 2.4.6-1 (source) into unstable (Balint Reczey)
[2018-04-18] Accepted wireshark 1.12.1+g01b65bf-4+deb8u6~deb7u10 (source amd64 all) into oldoldstable (Thorsten Alteholz)
[2018-03-03] wireshark 2.4.5-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 35
RC: 0
I&N: 16
M&W: 19
F&P: 0
patch: 0

links

homepage
lintian (2, 14)
buildd: logs, checks, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.6.6-1
33 bugs