CVE-2008-1070 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1070): The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. CVE-2008-1071 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1071): The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. CVE-2008-1072 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1072): The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug.
I'm rating this B2 because since our last bug we encourage users to run Wireshark not as root. I hope this is appropriate, otherwise it'd be B1 as usual. Peter, please bump and let's go to stabling.
Will do later today. I just want to give ppc64 and alpha arch teams some time to keyword libsmi.
wireshark-0.99.8.ebuild is finally in portage.
Arches, please test and mark stable: =net-analyzer/wireshark-0.99.8 Target keywords : "alpha amd64 hppa ia64 ppc ppc64 release sparc x86"
net-analyzer/wireshark-0.99.8 USE="caps%* gtk pcre%* threads zlib%* -adns -gcrypt% -gnutls% -ipv6 -kerberos -lua% -pcap% -portaudio -profile% (-selinux) -smi% (-snmp%) (-ssl%*)" * Emerges on AMD64. * Works. - - Portage 2.1.4.4 (default-linux/amd64/2007.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.24-gentoo-r3 x86_64) ================================================================= System uname: 2.6.24-gentoo-r3 x86_64 AMD Turion(tm) 64 X2 Mobile Technology TL-56 Timestamp of tree: Mon, 17 Mar 2008 11:30:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] app-shells/bash: 3.2_p17-r1 dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r9 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=k8 -Os -msse3 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=k8 -Os -msse3 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protect distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://213.186.33.37/gentoo-distfiles/" LANG="en_US" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac acpi alsa amd64 amr amrnb amrwb bash-completion berkdb branding bzip2 cairo cli cracklib crypt cups dbus devhelp divx doc dvd dvdr emerald fam ffmpeg firefox flac fortran gd gdbm gif glade glib glitz gtk gtkspell hal hddtemp iconv imagemagick insecure-savers isdnlog javascript jpeg jpeg2k kqemu libcaca libnotify midi mmx mmxext mp2 mp3 mp4 mpeg mplayer mudflap musicbrainz mysql ncurses nls nptl nptlonly offensive ogg opengl openmp pam pcre png pppd python quicktime readline realmedia reflection samba sdl session smp sndfile sourceview spell spl sse sse2 ssl stream svg syslog taglib tcpd threads truetype type1 unicode v4l v4l2 vhosts vim-syntax vorbis wifi wmp xcomposite xorg xosd xpm xscreensaver xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev synaptics joystick" KERNEL="linux" LCD_DEVICES="xosd" USERLAND="GNU" VIDEO_CARDS="nv nvidia none" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
amd64 stable
x86 stable
*** Bug 213705 has been marked as a duplicate of this bug. ***
I don't understand how a build failure is a duplicate of this bug.. But USE=kerberos results in this failing to build.
Readding amd64 per bug #213705. Decide whether revert it back to ~amd64 or not.
We can revert.. or just fix it...
It's not amd64 specific. It's an issue with the options passed to the configure script with certain USE flag combinations. Same issue exists on my x86 box.
I can't reproduce #213705. net-analyzer/wireshark-0.99.8 USE="caps gtk kerberos pcre threads zlib -adns -gcrypt -gnutls -ipv6 -lua -pcap -portaudio -profile (-selinux) -smi" Emerges fine on this AMD64.
What kerberos implementation are you using?
Kerberos was not present on my system (as I don't use it). Emerging USE="kerberos" wireshark pulled in this: app-crypt/mit-krb5-1.5.3-r1 USE="doc -ipv6 -krb4 -tcl"
Try heimdal: [ebuild R ] app-crypt/heimdal-0.7.2-r3 USE="X berkdb ipv6 ldap ssl" 0 kB
(In reply to comment #16) > Try heimdal: > > [ebuild R ] app-crypt/heimdal-0.7.2-r3 USE="X berkdb ipv6 ldap ssl" 0 kB > I can reproduce with this implementation.
Cant're reproduce it on my x86 box either. * app-crypt/mit-krb5 [R 1.5.3-r1] -doc ipv6 -krb4 -tcl * net-analyzer/wireshark [R 0.99.8] <target> -adns caps -gcrypt -gnutls -gtk ipv6 kerberos -lua -pcap pcre -portaudio -profile (-selinux) -smi -threads zlib x86: what do we do?
(In reply to comment #18) > Cant're reproduce it on my x86 box either. > > * app-crypt/mit-krb5 [R 1.5.3-r1] > -doc ipv6 -krb4 -tcl > * net-analyzer/wireshark [R 0.99.8] <target> > -adns caps -gcrypt -gnutls -gtk ipv6 kerberos -lua -pcap pcre -portaudio > -profile (-selinux) -smi -threads zlib > > x86: what do we do? Try with heimdal, as suggested above...and then revert if it is really broken. But check if it is broken with the prior stable version. If yes, keep the stable keyword.
Guys, you are welcome to document all your finding in bug 213705, and please comment suggested there solution. This bug about security issue. BTW this minor build problem should not stop stabilization. Also no need for amd64 to revert keywords - this is really small configuration issue.
Here we go again, compilation error fixed. Arches, please stable our refreshed ebuild.
amd64 already done
so is x86
Stable for HPPA (net-libs/libsmi too).
ppc stable
ppc64 stable
uh...alpha/ia64/sparc stable
Fixed in release snapshot.
request filed
Isn't this handled in GLSA 200803-23? http://www.gentoo.org/security/en/glsa/glsa-200803-32.xml
true, thanks for noticing.