-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 01 Mar 2011 01:17:41 +0100 Source: wireshark Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg Architecture: source amd64 Version: 1.2.11-6+squeeze1 Distribution: stable-security Urgency: high Maintainer: Balint Reczey Changed-By: Balint Reczey Description: tshark - network traffic analyzer - console version wireshark - network traffic analyzer - GTK+ version wireshark-common - network traffic analyzer - common files wireshark-dbg - network traffic analyzer - debug symbols wireshark-dev - network traffic analyzer - development tools Closes: 613202 Changes: wireshark (1.2.11-6+squeeze1) stable-security; urgency=high . * security fixes from Wireshark 1.2.15: - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that Wireshark could free an uninitialized pointer while reading a malformed pcap-ng file. (CVE-2011-0538) (Closes: #613202) - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a large packet length in a pcap-ng file could crash Wireshark - Wireshark could overflow a buffer while reading a Nokia DCT3 trace file. (CVE-2011-0713) - joernchen of Phenoelit discovered that the LDAP and SMB dissectors could overflow the stack. - Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP Filter strings can consume excessive amounts of memory. Checksums-Sha1: be77ef401d994c75ab48017d7e9c51b86052f2c2 1747 wireshark_1.2.11-6+squeeze1.dsc ac8d845ccb8db3e9df6943e0f9a479f4016dac56 15413642 wireshark_1.2.11.orig.tar.bz2 385621c0e499b1aa263ac959634997ec4aea6eb8 68020 wireshark_1.2.11-6+squeeze1.debian.tar.gz bd511f383a12c77259a67a8fd29b73fd6640fe54 13776114 wireshark-common_1.2.11-6+squeeze1_amd64.deb 83de3ec3dc1adcc22a11654d55639ec5242e6024 798476 wireshark_1.2.11-6+squeeze1_amd64.deb 6a4225407e1d9e4aa0c85a09881dbb1c2dbdfa2d 133306 tshark_1.2.11-6+squeeze1_amd64.deb 015a022118885382c9415d724c114fc70a3f5a9a 775008 wireshark-dev_1.2.11-6+squeeze1_amd64.deb ba4ff35a530eb82869e6bee3ab6c9b5fa052a884 15779528 wireshark-dbg_1.2.11-6+squeeze1_amd64.deb Checksums-Sha256: 578bb43a115f885c2fe6ebd33aa14ad78b2214238e7947c2ca938ecd69248f61 1747 wireshark_1.2.11-6+squeeze1.dsc f1903013b1ca9f682a9c8879097af6ecf6c7587d0966f3325eddf55fba919689 15413642 wireshark_1.2.11.orig.tar.bz2 a366f9e117f86954bd15a61da8e54dc5e13ab0c46d7084678f142e559d9a6b3e 68020 wireshark_1.2.11-6+squeeze1.debian.tar.gz 495055a29f3be25cff4bd97f8786b4ee2b8e655248355c98be3e558b6d6e7548 13776114 wireshark-common_1.2.11-6+squeeze1_amd64.deb 931e64a53c07e3d3c1adb8169eb842c497935030c3bd6ee5bd96c3c48e5ddf31 798476 wireshark_1.2.11-6+squeeze1_amd64.deb 5b7c1f66dfd1f66429d6043eea6e4aa518f230b980120926001b21effcbd9c32 133306 tshark_1.2.11-6+squeeze1_amd64.deb 77f49fc775661985f34e2f1b74303db602bea58fb07e2b512093e25b06e62fe7 775008 wireshark-dev_1.2.11-6+squeeze1_amd64.deb 1d87ac8e596aef6330ebb98d19a0ce3303e935ccd927397d08d65aeacef3840a 15779528 wireshark-dbg_1.2.11-6+squeeze1_amd64.deb Files: 81dd68b4bba7c92dcb4c1d215898100a 1747 net optional wireshark_1.2.11-6+squeeze1.dsc 2a10d31a57d1d4df69400f9373fa7f60 15413642 net optional wireshark_1.2.11.orig.tar.bz2 a26a45c71210902dbe6ad88da2f3c774 68020 net optional wireshark_1.2.11-6+squeeze1.debian.tar.gz ed11d2dfaef2c10afe6a591f40a0e42e 13776114 net optional wireshark-common_1.2.11-6+squeeze1_amd64.deb 1f5cb7d19a07e9942cf5f1746ffd8b4a 798476 net optional wireshark_1.2.11-6+squeeze1_amd64.deb 33a1ccac475b903fb7bc5d457a3af5f4 133306 net optional tshark_1.2.11-6+squeeze1_amd64.deb 95869136c63aa9fce41bfce47b5c522b 775008 devel optional wireshark-dev_1.2.11-6+squeeze1_amd64.deb 1a0123d2e511ab8a5d88221042c54c2b 15779528 debug extra wireshark-dbg_1.2.11-6+squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2Dvd4ACgkQ0/r2+3z8lN2e1gCfWbF54pK1SP2Zq/2PgLl3Y88y lO4An1aEX73Hwjv3k4BKRcy7Z6pCwuQV =reAF -----END PGP SIGNATURE-----