-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1942-1                  security@debian.org
http://www.debian.org/security/                       Moritz Muehlenhoff
November 29, 2009                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : wireshark
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-1268 CVE-2008-1829 CVE-2009-2560 CVE-2009-2562 CVE-2009-3241 CVE-2009-3550 CVE-2009-3829

Several remote vulnerabilities have been discovered in the Wireshark
network traffic analyzer, which may lead to the execution of arbitrary
code or denial of service. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-2560

    A NULL pointer dereference was found in the RADIUS dissector.

CVE-2009-3550

    A NULL pointer dereference was found in the DCERP/NT dissector.

CVE-2009-3829

    An integer overflow was discovered in the ERF parser.

This update also includes fixes for three minor issues, which were
scheduled for the next stable point update. (CVE-2008-1829,
CVE-2009-2562, CVE-2009-3241). Also CVE-2009-1268 was fixed for Etch.
Since this security update was issued prior to the release of the
point update, the fixes were included.

For the old stable distribution (etch), this problem has been fixed in
version 0.99.4-5.etch.4.

For the stable distribution (lenny), this problem has been fixed in 
version 1.0.2-3+lenny7.

For the unstable distribution (sid) these problems have been fixed in
version 1.2.3-1.

We recommend that you upgrade your Wireshark packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

      Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b
      Size/MD5 checksum:     1075 2ff729c1b7aae033dd3e79fb29a63d68
      Size/MD5 checksum:    55126 25d98bc41c567ebc537f05ce2b36aa31

alpha architecture (DEC Alpha)

      Size/MD5 checksum:    22916 9264867811ed85406dc802359dffe812
      Size/MD5 checksum:   182750 844f036a9ea0914ad12d4c98ed12b3ed
      Size/MD5 checksum:    22552 6c949e6c7a92734b9887096ff78bed52
      Size/MD5 checksum:   117444 643a41c38a8438d451cb1c38148f7ebb
      Size/MD5 checksum:  9320680 b3421e4559d56c59818f449f050e81eb
      Size/MD5 checksum:   673918 f958912a6d20834c00cb11ae11fc7e61
      Size/MD5 checksum:    22572 cfc4c2a166b66d11323ba7005a9ec458
      Size/MD5 checksum:    22564 9068787bffebdbaddd82dc9f1a351a11

amd64 architecture (AMD x86_64 (AMD64))

      Size/MD5 checksum:   619974 36ff84eb0469a0fc58fa4d74a4dc2d94
      Size/MD5 checksum:   112510 210d916bf2fd3e62ee786038d0baf8e0
      Size/MD5 checksum:  9120186 27328e93c02088bf3651ff91478ffdb0
      Size/MD5 checksum:    22596 bb66aced30828d44a7391d34a79c47de
      Size/MD5 checksum:    22972 80ee26e1a6c2bdaa6b59c6fc7f523788
      Size/MD5 checksum:    22580 24fbe526a3b1f89270ac7487dd1a2449
      Size/MD5 checksum:    22588 cc4698a2e130908886800a44fee7a430
      Size/MD5 checksum:   181778 aeb3324cb404333d00d073ae5626c85b

arm architecture (ARM)

      Size/MD5 checksum:    21906 63ad883dd41145fbe730954c9e853388
      Size/MD5 checksum:    21894 4b84544460f1fb35ea30b6a14c669ef4
      Size/MD5 checksum:   182202 6fb71186a9da6540c1d85630ab24cd1c
      Size/MD5 checksum:   107214 a5e3093fef0133b17f538b65b8d87342
      Size/MD5 checksum:  7737436 9b38f9f70345db66a4cd251c78584074
      Size/MD5 checksum:    22170 592174ccf980e88b00bfeb0bc6fadff8
      Size/MD5 checksum:   600704 96858438e740b509da8701ebc4dd56b8
      Size/MD5 checksum:    21908 a283e65475356d9e945da09890b0427a

hppa architecture (HP PA RISC)

      Size/MD5 checksum:   109752 78730ace71c084bf3e65e5c968485687
      Size/MD5 checksum:    22576 ee65584380fe41b4eff538d1261971c3
      Size/MD5 checksum:    22950 a44e59b3879ae0a71bcd300c53786bf5
      Size/MD5 checksum:    22572 806d4541a0a6fedc98708a98b3150c2a
      Size/MD5 checksum:   182156 049ea6eb94efd5a3dfa5ae9dc30614b1
      Size/MD5 checksum:   635026 71adda51739be4aaaa22eb3d851877e9
      Size/MD5 checksum:  9854940 40cd33e4cff6e4150c0f1a455356efde
      Size/MD5 checksum:    22584 9785e5fa7e4560488ad8ae0dc9ca30e9

i386 architecture (Intel ia32)

      Size/MD5 checksum:    21900 7ac4f600c97bf045debdd6d3beb17c63
      Size/MD5 checksum:   181616 4ba5807945434988b11614e5c51fcad4
      Size/MD5 checksum:   565182 34dd0aa961fbe70b0ed0d09a811a70b4
      Size/MD5 checksum:    21894 99830ad6fc6c8e6009e68e6fc1122500
      Size/MD5 checksum:  7499524 4d49ade6925540936649c9272fb4389d
      Size/MD5 checksum:    22166 2cf78a9cfbe7e5571adead12aa9042e2
      Size/MD5 checksum:   102254 cd10b44ecca11449e9e04dd183eefd3f
      Size/MD5 checksum:    21906 0b31fd8f824915bcad7b5d91a98367a0

ia64 architecture (Intel ia64)

      Size/MD5 checksum:    22566 0aa3c204facfbf284f11871187a0eb7c
      Size/MD5 checksum:    22910 38378c14e8cdc6c24ed656352b21a34d
      Size/MD5 checksum:   145810 d3e7be3aaaa760ba81c05eacbf4aa44b
      Size/MD5 checksum: 10648322 7c47fad99b8b9fa55327825ee9cc447f
      Size/MD5 checksum:    22560 9f24c28d59dc3f0f5e896333d3d9bdf4
      Size/MD5 checksum:    22552 60aad869b41bbf52d287fcab648457bc
      Size/MD5 checksum:   827672 0bf989273e3b5a6044dc5cae5771859f
      Size/MD5 checksum:   182720 5fc96026980d5348dda2a52d107c54b6

mips architecture (MIPS (Big Endian))

      Size/MD5 checksum:    22160 d8290ac7830ef34ec4b7c0dc0c6d736d
      Size/MD5 checksum:   104886 3c9ef63521f5487537c003fd414caa1e
      Size/MD5 checksum:    21900 5e0d86e61c76e2c5e8757b018a422784
      Size/MD5 checksum:   588894 dbe0163151865a2ebc0de7dc15115cb4
      Size/MD5 checksum:    21904 c60608c00b86e6a9179f336f4d7c298b
      Size/MD5 checksum:   181616 2a34792935505310fa697872ea18ce23
      Size/MD5 checksum:    21890 86d703936559a664f9fecf9b874cc7be
      Size/MD5 checksum:  8017732 42c7bbc57b980cafa4684927159545bd

mipsel architecture (MIPS (Little Endian))

      Size/MD5 checksum:  7405334 a65008d2ff4d5ad004870805554bc3e7
      Size/MD5 checksum:   575950 a24c28544c0a7c90c91567fbe1cc1ebd
      Size/MD5 checksum:   104576 b32a2cbcdf02d4cc48c7ebec6c6630b3
      Size/MD5 checksum:   182756 cb2276effe227636a7f0261b34d50642
      Size/MD5 checksum:    22572 50a34025145b9c68619536836137bbb3
      Size/MD5 checksum:    22564 a6bf0c153e84a88219f4ea41a420886b
      Size/MD5 checksum:    22910 ffccf61f6478f35c91ffe9573f9efb25
      Size/MD5 checksum:    22556 e854c72d464872867e22681111fd3229

powerpc architecture (PowerPC)

      Size/MD5 checksum:   182764 d6e8d0457c6680fb71e53d012593532e
      Size/MD5 checksum:    22562 ee928728d4aeeecf45ff03b3ffbe66db
      Size/MD5 checksum:   104318 62b6fdb42fc8b828feaebe68b94d10d8
      Size/MD5 checksum:    22578 499505e0c67287e9e4bddd2c520f911c
      Size/MD5 checksum:  8603008 0734d75f6c5edaaaa6ab90cdca36f4b9
      Size/MD5 checksum:    22920 90f46d5c142354d40d0d5e134e07bc2b
      Size/MD5 checksum:    22572 3577d9aca2b8372a04483b2b881a4290
      Size/MD5 checksum:   583630 7c027623b17eed73130d0c851239a3b6

s390 architecture (IBM S/390)

      Size/MD5 checksum:    22914 bd4eebd01f47b771d46feb10cd370e68
      Size/MD5 checksum:    22574 ae0f0e473a8b4d1393d42db4f8c8ce2a
      Size/MD5 checksum:   115668 0ad97c94342ac14d4acebe5969ef7379
      Size/MD5 checksum:  9752846 f122226986acd89968a30710348205c6
      Size/MD5 checksum:    22560 079c886952f5258ed59f6d1573890140
      Size/MD5 checksum:   641020 3fd0f64fcaea16198e9533084cd0b567
      Size/MD5 checksum:    22566 a4db075ff6f6877289c6333e55a791ab
      Size/MD5 checksum:   182782 b1f4a269dd14fab055fed4a60dcb5c12

sparc architecture (Sun SPARC/UltraSPARC)

      Size/MD5 checksum:    22562 cfbe034d2fb71b9aadf903c8d4a55439
      Size/MD5 checksum:   586600 a2816359a42e5cb03dc36775a82c7ea3
      Size/MD5 checksum:   104180 376bd28f3a920a0ee62927004c09a8d4
      Size/MD5 checksum:   182148 6c3522ad4e94a8904789cb2ba8e8ece8
      Size/MD5 checksum:    22934 4594c2c680b000253f6fa301e7b4e6c6
      Size/MD5 checksum:    22570 d7ee740d72ce48b2f5d41e9532308fa7
      Size/MD5 checksum:  8679472 4815608bf180edcbdc56e08d728a520a
      Size/MD5 checksum:    22554 6e0336bf14d034653999ce50fe83c267


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

      Size/MD5 checksum:   110161 250e28a303aa2313bf9c8c92e938b543
      Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d
      Size/MD5 checksum:     1502 70bc384e5c51e5b1c05817b5404ec0c6

alpha architecture (DEC Alpha)

      Size/MD5 checksum:   126172 5b2e9b063121cd415647515718aa1f90
      Size/MD5 checksum:   731338 7691c8c717923ad7f11755393c67ed4b
      Size/MD5 checksum: 12096806 f7a7e542ab24455fde2d62258e35dfe6
      Size/MD5 checksum:   583592 2dc280bc416e8a8eba573f10bd9a4c61

amd64 architecture (AMD x86_64 (AMD64))

      Size/MD5 checksum:   583890 2dc231341d713172bff1e122b5c1ed53
      Size/MD5 checksum:   659554 f4d744de8dc70ff988e2c625505545cb
      Size/MD5 checksum:   119016 f6c6d48c2f7cc0f47d112df9c74302b4
      Size/MD5 checksum: 11869634 c33d47f0ba58f5b476a3038aa54e10ca

arm architecture (ARM)

      Size/MD5 checksum:   584248 eda8fbd1f0706d58b7d25ed6f2646e6b
      Size/MD5 checksum:   614108 fd591bbf2469527ea552e0dbbb4eed26
      Size/MD5 checksum:   111024 6800249d87bb21dceb604527ec92b654
      Size/MD5 checksum: 10215708 a33f1fa02617480ed3321d552a5b2e08

armel architecture (ARM EABI)

      Size/MD5 checksum:   584856 3dd565d67eb4c6e18b21623292c4551f
      Size/MD5 checksum:   619918 06683265eff3c5ca0853a9b3c053af48
      Size/MD5 checksum:   113466 14b53be93f55eb1430a25264361cb87d
      Size/MD5 checksum: 10216784 6c1f84c62053658adcc6c14822f4a64a

hppa architecture (HP PA RISC)

      Size/MD5 checksum: 13271300 55580fd284ab37e4bae7fcc9b1ee4669
      Size/MD5 checksum:   694714 6cae9b82e13e3c812ea0e3286955a35e
      Size/MD5 checksum:   584266 7c55dcbb1727e575ed3a99f5e22ba9f2
      Size/MD5 checksum:   120924 734b01b1cebfa52fac30578a22104902

i386 architecture (Intel ia32)

      Size/MD5 checksum: 10108360 5157ee3d041ccbb2931e13a8551706ff
      Size/MD5 checksum:   582516 2621c64b953d5f87b0f80ba8614637f9
      Size/MD5 checksum:   619208 4a34e3203d08488ac5df37bdfde269a6
      Size/MD5 checksum:   111392 aac2e88f950cbf280786af3449a952f8

ia64 architecture (Intel ia64)

      Size/MD5 checksum: 13688788 0b6e89ff7c538a86479e2cc72e98d048
      Size/MD5 checksum:   153864 d49889a0de70d2a4ae08397b43e16d59
      Size/MD5 checksum:   569656 690330248a894259db9caef7d032627a
      Size/MD5 checksum:   930064 b697cd603d6769efaa24975f41038a87

mips architecture (MIPS (Big Endian))

      Size/MD5 checksum:   112318 4fcb6546e6d121413976df774bcb4e0a
      Size/MD5 checksum:   583750 2bdf2ecef90acdc4cd450aebeba1d8b3
      Size/MD5 checksum:   636448 7bcf284817662a74d8c00bb7b7d3156b
      Size/MD5 checksum: 10417404 cfd63f84d47af76a912b86ef5b58b3d7

mipsel architecture (MIPS (Little Endian))

      Size/MD5 checksum:   569688 d0219a56c1ef0b9bab390cb785670dcf
      Size/MD5 checksum:  9730674 4ec33f0b1ab577373d3d65226edd48cb
      Size/MD5 checksum:   113170 e17b2b66a26cd2b86b878b1bb6927fb1
      Size/MD5 checksum:   626942 938890f711e3cd6f84f504d8874372b9

powerpc architecture (PowerPC)

      Size/MD5 checksum: 11227316 dbcd7366171cec00edf706699b91399f
      Size/MD5 checksum:   122336 672aedc7957f3ae9f18e5e6ce33da56f
      Size/MD5 checksum:   677424 06cdd9eef16be333ccb60b94e3309d16
      Size/MD5 checksum:   584610 cc6c9ad46b6e371764cb7193d6a18214

s390 architecture (IBM S/390)

      Size/MD5 checksum:   121886 9f312812e02428d07075d543b99d41ba
      Size/MD5 checksum: 12488896 55d3da11d6a7a5af75d549b08e0dd59f
      Size/MD5 checksum:   671222 331a3c79fd70ea249cab31263686d678
      Size/MD5 checksum:   569648 08e4ba2371daeb6fcf724d7bf85d64be

sparc architecture (Sun SPARC/UltraSPARC)

      Size/MD5 checksum: 11290100 d57f0c2b031b2721e1298cfe7f4881ff
      Size/MD5 checksum:   629584 83b68e8b43bdf971116fdafc9fc885a5
      Size/MD5 checksum:   569692 e006fc660e26f034936184464d2f540b
      Size/MD5 checksum:   113466 85d3fa0b0e7baf6b1679394cffea5948


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/