Bug#863380: marked as done (unblock: wireshark/2.2.6+g32dac6a-2)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sun, 28 May 2017 10:51:22 +0000
with message-id <E1dEvn8-0001qP-Ea@respighi.debian.org>
and subject line unblock wireshark
has caused the Debian Bug report #863380,
regarding unblock: wireshark/2.2.6+g32dac6a-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
863380: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863380
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: wireshark/2.2.6+g32dac6a-2
• From: Bálint Réczey <balint@balintreczey.hu>
• Date: Fri, 26 May 2017 00:25:07 +0200
• Message-id: <[🔎] CAK0OdpzJKY+bFE9Lv9Ow61TBjaQnWayAypqWo7ChFz2RJAGFDw@mail.gmail.com>
• Reply-to: balint@balintreczey.hu

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear Release Team,

I have prepared wireshark 2.2.6+g32dac6a-1 in experimental which fixes
10 vulnerabilities and other bugs which are not listed here, just on
the release notes link.

Changes:
 wireshark (2.2.6+g32dac6a-1) experimental; urgency=medium
 .
   * New upstream release
     - release notes:
       https://www.wireshark.org/docs/relnotes/wireshark-2.2.6.html
     - security fixes:
       - The IMAP dissector could crash (CVE-2017-7703)
       - The WBXML dissector could enter an infinite loop (CVE-2017-7702)
       - The NetScaler file parser could enter an infinite loop
         (CVE-2017-7700)
       - The RPCoRDMA dissector enter an infinite loop (CVE-2017-7705)
       - The BGP dissector could enter an infinite loop (CVE-2017-7701)
       - The DOF dissector could enter an infinite loop (CVE-2017-7704)
       - The PacketBB dissector could crash (CVE-2017-7747)
       - The SLSK dissector could enter a long loop (CVE-2017-7746)
       - The SIGCOMP dissector could enter an infinite loop
         (CVE-2017-7745)
       - The WSP dissector could enter an infinite loop (CVE-2017-7748)


I believe wireshark point releases very rarely cause regressions due
to the heavy testing performed upstream and I think it would be safe
to upload this point release to unstable and let it migrate to
testing.

If you wouldn't like to accept the full point release to Stretch I
will happily backport the security fixes to 2.2.5 and upload that to
unstable.

Please share your preference regarding the next upload.

Cheers,
Balint

unblock wireshark/2.2.6+g32dac6a-2

Attachment: wireshark_2.2.6+g32dac6a-1.patch.gz
Description: GNU Zip compressed data

--- End Message ---

--- Begin Message ---

• To: 863380-done@bugs.debian.org
• Subject: unblock wireshark
• From: Ivo De Decker <ivodd@respighi.debian.org>
• Date: Sun, 28 May 2017 10:51:22 +0000
• Message-id: <E1dEvn8-0001qP-Ea@respighi.debian.org>

Unblocked wireshark.

--- End Message ---