Bug 152922 - Ethereal CAN-2005-0699,0704,0705,0739,1460 Multiple Dissection Buffer Overflows
Ethereal CAN-2005-0699,0704,0705,0739,1460 Multiple Dissection Buffer Overflows
Status: CLOSED ERRATA
Product: Fedora Legacy
Classification: Retired
Component: ethereal (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
https://rhn.redhat.com/errata/RHSA-20...
1, 2, LEGACY, rh73, rh90
: Security
: 152890 167294 174478 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-11 03:38 EST by John Dalbec
Modified: 2007-04-18 13:22 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-01-09 20:17:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Lawrence 2005-03-30 18:32:20 EST
05.10.18 CVE: CAN-2005-0699
Platform: Cross Platform
Title: Ethereal RADIUS Authentication Dissection Buffer Overflow
Description: Ethereal is a popular network protocol analyzer. Ethereal
is affected by a remote buffer overflow vulnerability. Ethereal
versions 0.10.8 and earlier are known to be vulnerable.
Ref: http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04 

Ethereal RADIUS Authentication Decoding Overflow
Affected:
Ethereal version 0.10.9 and prior

Description: Ethereal is a popular open source network sniffer and
protocol analyzer for UNIX and Windows platforms. The software contains
a stack-based buffer overflow in parsing the RADIUS authentication
packet used in CDMA2000 protocol. The buffer overflow can be exploited
to execute arbitrary code with the privileges of the ethereal process
(typically "root" when ethereal is being used as a sniffer). To exploit
the flaw, an attacker has to either inject the malicious packets into
the network traffic being sniffed by ethereal, or entice a client to
open a specially crafted packet capture file. A proof-of-concept exploit
has been posted. Note that any network applications based on ethereal
protocol decoder modules may also be affected.

Status: Vendor confirmed, fix available via CVS. Version 0.10.10 will
be released in a day according to the vendor.

Council Site Actions: The affected software is not in production or
widespread use, or is not officially supported at any of the council
sites.  However, two sites said they would patch known installations and
a third site notified their affected user base.

References:
Posting by LSS Security (Contains PoC exploit)
http://www.securityfocus.com/archive/1/392659/2005-03-05/2005-03-11/0 
Posting by Gerald Combs from ethereal
http://archives.neohapsis.com/archives/bugtraq/2005-03/0176.html  
CDMA2000 Protocol
http://www.protocols.com/pbook/cdma2000.htm 
Vendor Homepage
http://www.ethereal.com  
SecurityFocus BID
http://www.securityfocus.com/bid/12759



------- Additional Comments From marcdeslauriers@videotron.ca 2005-03-14 16:13:31 ----

The Etheric dissector was susceptible to a buffer overflow.
CAN-2005-0704

The GPRS-LLC dissector could crash if the "ignore cipher bit" option
CAN-2005-0705

The 3GPP2 A11 dissector was susceptible to a buffer overflow.
CAN-2005-0699



------- Additional Comments From marcdeslauriers@videotron.ca 2005-03-15 12:54:20 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated ethereal packages to QA:

Changelog:
* Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
0.10.10-0.73.1.legacy
- - Updated to 0.10.10 to fix multiple security issues (FL#2453)


e0504803d83a41cf20d08d456fbc5bef3e2fdf5f 
7.3/ethereal-0.10.10-0.73.1.legacy.i386.rpm
9b8f28cd118192ec1ae300a22b7ae67aa811487b  7.3/ethereal-0.10.10-0.73.1.legacy.src.rpm
bd2c4e63ceaa0139e753ac478c6a5a248f45a3ff 
7.3/ethereal-gnome-0.10.10-0.73.1.legacy.i386.rpm
e71bef39530bf73cab457f75d3588d9a17f5666d  9/ethereal-0.10.10-0.90.1.legacy.i386.rpm
06030abcd2e807ab6a703b1956a74c4ea6a60825  9/ethereal-0.10.10-0.90.1.legacy.src.rpm
c11b11f3a917f2203f2a9ebb468225da62b88e05 
9/ethereal-gnome-0.10.10-0.90.1.legacy.i386.rpm
9cc190896b68f055029048480501934b61f17f91  1/ethereal-0.10.10-1.FC1.1.legacy.i386.rpm
a64524f3232fc54280d2c3cd0ee6d0c523bb6ddb  1/ethereal-0.10.10-1.FC1.1.legacy.src.rpm
aff2eb0bf976380912977acbf746ff988d6cd501 
1/ethereal-gnome-0.10.10-1.FC1.1.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/7.3/ethereal-0.10.10-0.73.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/ethereal-0.10.10-0.73.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/ethereal-gnome-0.10.10-0.73.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ethereal-0.10.10-0.90.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ethereal-0.10.10-0.90.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ethereal-gnome-0.10.10-0.90.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/ethereal-0.10.10-1.FC1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/ethereal-0.10.10-1.FC1.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/ethereal-gnome-0.10.10-1.FC1.1.legacy.i386.rpm


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCN2d2LMAs/0C4zNoRArKnAKCdN7qzWh+ujGL91SxFW+/fhGVKKgCdEvF7
Hkfi1JaIAbmBj88cWOaQ7DY=
=BCyC
-----END PGP SIGNATURE-----




------- Additional Comments From jpdalbec@ysu.edu 2005-03-18 05:09:47 ----

(8) Ethereal RADIUS Authentication Decoding Overflow

Description: Ethereal version 0.10.0 fixes multiple buffer overflows and
denial-of-service vulnerabilities in various protocol decoders. Exploit
code to leverage the flaw in RADIUS authentication has been publicly
posted.

Council Site Actions: No change in response due to exploit release.  The
two sites who are using this program have already updated their affected
systems.

References:
Exploit Code by Diego Giago
http://www.securityfocus.com/archive/1/393190/2005-03-12/2005-03-18/0 
Other Overflows in Ethereal Fixed with version 0.10.0
http://www.securityfocus.com/archive/1/393026/2005-03-12/2005-03-18/0  
http://www.securityfocus.com/bid/12762/discussion/  
Previous @RISK Newsletter Posting
http://www.sans.org/newsletters/risk/display.php?v=4&i=10#other2 



------- Additional Comments From pekkas@netcore.fi 2005-03-18 06:11:43 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

QA for w/ rpm-build-compare.sh:
 - source integrity verified from upstream
 - spec file changes minimal

+PUBLISH RHL73,RHL9,FC1

9b8f28cd118192ec1ae300a22b7ae67aa811487b  ethereal-0.10.10-0.73.1.legacy.src.rpm
06030abcd2e807ab6a703b1956a74c4ea6a60825  ethereal-0.10.10-0.90.1.legacy.src.rpm
a64524f3232fc54280d2c3cd0ee6d0c523bb6ddb  ethereal-0.10.10-1.FC1.1.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFCOvzqGHbTkzxSL7QRAjBXAKC0aoym/IZ0RbqCy1f4pPB8reL5ZgCfWjPz
PzbvWTIsoOEGpgjUvqv7TNQ=
=ay4F
-----END PGP SIGNATURE-----



------- Additional Comments From jpdalbec@ysu.edu 2005-03-18 10:39:44 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

++PUBLISH RHL 7.3, RHL 9

sha1sums:
9b8f28cd118192ec1ae300a22b7ae67aa811487b
ethereal-0.10.10-0.73.1.legacy.src.rpm
06030abcd2e807ab6a703b1956a74c4ea6a60825
ethereal-0.10.10-0.90.1.legacy.src.rpm

signature check:
ethereal-0.10.10-0.73.1.legacy.src.rpm:
    Header V3 DSA signature: OK, key ID 40b8ccda
    Header SHA1 digest: OK (6b737febc4c5dd2a702a2b32e66c13e7fa1007b2)
    MD5 digest: OK (4106f4d8da735d84291a5572b0f98c14)
    V3 DSA signature: OK, key ID 40b8ccda
ethereal-0.10.10-0.90.1.legacy.src.rpm:
    Header V3 DSA signature: OK, key ID 40b8ccda
    Header SHA1 digest: OK (77c06bc9196ba12e35b5c18cab848ffac2d01ed3)
    MD5 digest: OK (c1f769b13b34f6b9badd8f8582bca424)
    V3 DSA signature: OK, key ID 40b8ccda

gpg --list-keys:
pub  1024D/40B8CCDA 2004-04-28 Marc Deslauriers <marcdeslauriers@videotron.ca>
sub  1024g/2036F883 2004-04-28

Packages build OK in Mach.
Exploit code does not crash ethereal or tethereal.
No obvious problems noted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCOzuiJL4A+ldA7asRAgF3AJ9mGRKp5Y6QqN3E4yG3d+UAF0KkwACePS8E
H0HCAEuWsQZwgIZLvbFerDs=
=CZi3
-----END PGP SIGNATURE-----




------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:32 -------

This bug previously known as bug 2453 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2453
Originally filed under the Fedora Legacy product and Package request component.
Bug blocks bug(s) 2407.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.

Comment 1 Marc Deslauriers 2005-04-05 18:31:34 EDT
Packages were pushed to updates-testing.
Comment 2 John Dalbec 2005-04-29 12:35:58 EDT
05.17.32 CVE: Not Available
Platform: Cross Platform
Title: Ethereal RSVP Decoding Routines Denial Of Service
Description: Ethereal is prone to a vulnerability that may allow a
remote attacker to cause a denial of service condition in the
software. The issue occurs due to the way Ethereal decodes Resource
ReSerVation Protocol (RSVP) packets. A remote attacker may cause the
software to enter an infinite loop by sending malformed RSVP packets
resulting in the software hanging. An attacker may exploit this issue
to deny Ethereal service for legitimate users. Ethereal versions up to
and including 0.10.10 are prone to this issue.
Ref: http://www.securityfocus.com/bid/13391 
Comment 3 Eric Jon Rostetter 2005-05-02 11:21:29 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
++VERIFY for RHL9
 
Packages: ethereal-0.10.10-0.90.1.legacy.i386.rpm
          ethereal-gnome-0.10.10-0.90.1.legacy.i386.rpm
Signatures:
ethereal-0.10.10-0.90.1.legacy.i386.rpm:
    Header V3 DSA signature: NOKEY, key ID 731002fa
    Header SHA1 digest: OK (a4e2d6e5cf2e7625a5c554fc437876511a10d971)
    MD5 digest: OK (e7e04bc2b7577c49fea4ce309aaedc2d)
    V3 DSA signature: NOKEY, key ID 731002fa
ethereal-gnome-0.10.10-0.90.1.legacy.i386.rpm:
    Header V3 DSA signature: NOKEY, key ID 731002fa
    Header SHA1 digest: OK (781a3c901198f558491e9bf4ddb669458f000d98)
    MD5 digest: OK (f44a4844439bbbc3c74f96063a6a765a)
    V3 DSA signature: NOKEY, key ID 731002fa
 
Installed on RHL 9 without problem/error.  Ran, collected some packets, no
obvious problems noted. Vote for release.
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
 
iD8DBQFCdkS94jZRbknHoPIRAs2pAJsGykULDBjCcoiEK++WHLjGG8awPgCfbXuU
k1ec7DF1XV3VjmdsF5jo2hk=
=ezLQ
-----END PGP SIGNATURE-----
Comment 4 Pekka Savola 2005-05-03 06:24:33 EDT
The ethereal developers seem to be preparing a new Ethereal version release for
tomorrow, fixing a couple of dozen security problems:

http://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/NEWS?rev=14270&view=auto

Maybe we should wait until that's released and re-spin so we don't need to do it
immediately afterwards?
Comment 5 Marc Deslauriers 2005-05-03 18:05:02 EDT
Because by the time everything is ready, has been QA'd, has been built and
people start doing VERIFY's on it, a new ethereal release will come out again...
Comment 6 Pekka Savola 2005-05-05 02:47:30 EDT
Well, we have just one verify now, and the new version is already out and merged
in FC.  Getting it built might take just a couple of days, because I could
pretty trivially give the new packages a PUBLISH.

If there was just one or two trivial fixes, it might not be worth it, but the
new release fixes about 20-30 security bugs.
Comment 7 John Dalbec 2005-05-13 17:06:31 EDT
05.19.31 CVE: Search Results
Platform: Cross Platform
Title: Ethereal DISTCC Dissection Stack Buffer Overflow
Description: A remote buffer overflow vulnerability reportedly affects
Ethereal.  This issue is due to a failure of the application to
securely copy network-derived data into sensitive process buffers. The
specific issue exists in the DISTCC protocol dissector. An attacker
may exploit this issue to execute arbitrary code with the privileges
of the user that activated the vulnerable application. This may
facilitate unauthorized access or privilege escalation. This
vulnerability affects Ethereal versions 0.8.13 through to 0.10.10.
Ref: http://www.securityfocus.com/advisories/8551 
Comment 8 John Dalbec 2005-05-13 17:19:05 EDT
05.19.40 CVE: CAN-2005-1456, CAN-2005-1457, CAN-2005-1458,
CAN-2005-1459, CAN-2005-1460, CAN-2005-1461, CAN-2005-1462,
CAN-2005-1463, CAN-2005-1464, CAN-2005-1465, CAN-2005-1466,
CAN-2005-1467, CAN-2005-1468, CAN-2005-1469, CAN-2005-1470
Platform: Cross Platform
Title: Ethereal Multiple Remote Protocol Dissector Vulnerabilities
Description: Ethereal is a multi-platform network protocol sniffer and
analyzer. It is reported to be vulnerable to buffer overflow, format
string, null pointer dereference, denial of service and double-free
vulnerabilities. Ethereal versions 0.10.10 and earlier are reported to
be vulnerable.
Ref: http://www.securityfocus.com/bid/13504 
Comment 9 Pekka Savola 2005-05-16 06:38:59 EDT
*** Bug 152890 has been marked as a duplicate of this bug. ***
Comment 10 Eric Jon Rostetter 2005-06-03 15:36:46 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
                                                                                
++VERIFY for RHL 7.3
                                                                                
Packages: ethereal-0.10.10-0.73.1.legacy.i386.rpm
          ethereal-gnome-0.10.10-0.73.1.legacy.i386.rpm
           
Signatures and checksums all okay.
 
Installed on two RHL 7.3 machines without problems/errors. Ran, collected
some packets, looked at a few packet details, noticed no obvious problems
or issues.
 
Vote for release. ++VERIFY
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
 
iD8DBQFCoLD54jZRbknHoPIRAkl4AJ48WNqQyEVE2/MjtXMVfxTcH0hBHACfcTqo
/542AQIPkqqfTA8PNyUw5z8=
=9sPn
-----END PGP SIGNATURE-----
Comment 11 David Eisenstein 2005-09-02 10:41:25 EDT
Looks like there are a whole bunch more vulnerabilities for ethereal, according
to Bugtraq BID 14399  <http://www.securityfocus.com/bid/14399>:

  CAN-2005-2360, CAN-2005-2361, CAN-2005-2362, CAN-2005-2363, CAN-2005-2364,
  CAN-2005-2365, CAN-2005-2366, CAN-2005-2367

in addition to all those above.  Wonder if we should just respin new
packages for these + all those mentioned in comment #8 by John Dalbec?

We can refer to RHSA-2005:687-03 of 10-Aug-2005:
     <http://rhn.redhat.com/errata/RHSA-2005-687.html> or
     <http://tinyurl.com/96u67>  (Enterprise Watch List)
     & Bugzilla Bug #164243

It looks like Red Hat upgraded to ethereal-0-10-12 packages for all their
Enterprise Linux distros.  Might we be able to do the same, even for RH7.3?
Comment 12 Pekka Savola 2005-09-02 13:25:39 EDT
Yeah, IMHO we should just update the latest ethereal (like we have done in the
past).

I believe the issue just has been that no one has found the time/energy to
provide the new packages for all 4 versions..
Comment 13 Pekka Savola 2005-09-05 03:54:17 EDT
*** Bug 167294 has been marked as a duplicate of this bug. ***
Comment 14 Pekka Savola 2005-09-05 03:55:52 EDT
More vulns in #167294, but let's track this in one place..
Comment 15 David Eisenstein 2005-10-26 07:01:39 EDT
Ethereal 0.10.13 has been released, which fixes the following issues (in 
addition to all above issues mentioned):

* The ISAKMP dissector could exhaust system memory. (CAN-2005-3241)
* The FC-FCS dissector could exhaust system memory. (CAN-2005-3241)
* The RSVP dissector could exhaust system memory. (CAN-2005-3241)
* The ISIS LSP dissector could exhaust system memory. (CAN-2005-3241)
* The IrDA dissector could crash. (CAN-2005-3242)
* The SLIMP3 dissector could overflow a buffer. (CAN-2005-3243)
* The BER dissector was susceptible to an infinite loop. (CAN-2005-3244)
* The SCSI dissector could dereference a null pointer and crash. (CAN-2005-3246)
* If the "Dissect unknown RPC program numbers" option was enabled,
  the ONC RPC dissector might be able to exhaust system memory.
  This option is disabled by default. (CAN-2005-3245)
* The sFlow dissector could dereference a null pointer and crash (CAN-2005-3246)
* The RTnet dissector could dereference a null pointer and crash (CAN-2005-3246)
* The SigComp UDVM could go into an infinite loop or crash. (CAN-2005-3247)
* If SMB transaction payload reassembly is enabled the SMB dissector 
  could crash. This preference is disabled by default. (CAN-2005-3242)
* The X11 dissector could attempt to divide by zero. (CAN-2005-3248)
* The AgentX dissector could overflow a buffer. (CAN-2005-3243)
* The WSP dissector could free an invalid pointer. (CAN-2005-3249)
* iDEFENSE found a buffer overflow in the SRVLOC dissector. (CAN-2005-3184)

We can refer to RHSA-2005:809-6 of 25-Oct-2005:
     <http://rhn.redhat.com/errata/RHSA-2005-809.html>
     <http://tinyurl.com/97p2m>  (Enterprise Watch List)
     & Bugzilla Bug #171062.
Comment 16 David Eisenstein 2005-10-26 12:23:26 EDT
I am going ahead and creating new .src.rpm's for RH7.3, RH9, FC1 and FC2.  Hope
to have them submitted within a day or so.
Comment 17 David Eisenstein 2005-11-13 02:22:40 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is a source package for ethereal version 0.10.13 for FC1, plus the
corresponding binary packages, for source-level (publish) QA:

SHA1SUM					  Package
========================================__=======================================
382a9351d5941ab7a1c49753d136cc405d99c067>>ethereal-0.10.13-1.FC1.2.legacy.src.rpm

1e927a2aa452d427b8a39ac18eb94d615721620a>>ethereal-0.10.13-1.FC1.2.legacy.i386.rpm
7e3c55fd4f728cd25c6dd8f48a0248446da2b141>>ethereal-gnome-0.10.13-1.FC1.2.legacy.i386.rpm


All at:

  http://fedoralegacy.org/contrib/ethereal/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFDdukrxou1V/j9XZwRAii7AKC9fAfTypr83T+RIx4n7TS1NJ+jKQCg0NGN
DDmQqc40sdgp7Dq9uJD6bvw=
=gCbB
-----END PGP SIGNATURE-----
Comment 18 David Eisenstein 2005-11-13 02:30:01 EST
Oh, the changelog for the FC1 source .rpm in comment 17:

* Tue Nov  8 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC1.2.legacy
- Add missing /usr/sbin/randpkt to files section so it will build.

* Mon Nov  7 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC1.1.legacy
- Updated to 0.10.13 to fix multiple security issues (Bug #152922)
- Removed the no-longer-needed ethereal-0.10.8-htmlview.patch
- Added ethereal-0.10.6-old.patch from RHEL3 0.10.13 .src.rpm after remov-
  ing a hunk from it that already had been applied upstream to packet-smb.c

* Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.10-1.FC1.1.legacy
- Updated to 0.10.10 to fix multiple security issues (FL#2453)
Comment 19 Marc Deslauriers 2005-11-13 20:29:43 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did QA on the fc1 ethereal package:

382a9351d5941ab7a1c49753d136cc405d99c067 ethereal-0.10.13-1.FC1.2.legacy.src.rpm

- - Tarball matches upstream
- - Spec file changes are good
- - Patch from RHEL is good

+PUBLISH

Marc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDd+l2LMAs/0C4zNoRAvbLAJ0agpVuG74ly5jXFcbEm0owMCJ/EQCfbFxo
EdKAfO08PgwdmEe4Nck4t4E=
=PeSa
-----END PGP SIGNATURE-----
Comment 20 Pekka Savola 2005-11-16 01:56:21 EST
Packages still needed for other distros.
Comment 21 Pekka Savola 2005-11-21 08:22:06 EST
a gentle reminder.. ;-)
Comment 22 John Dalbec 2005-11-29 12:01:00 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dave Eisenstein's RHL 7.3, RHL 9, and FC 2 .src.rpm packages are available at
http://www.fedoralegacy.org/contrib/ethereal/
although he hasn't posted a notice of their availability yet.  There's also a
newer FC1 package.

++PUBLISH FC2

sha1sum:
e8207888a1eb25262071934faf4ecd301816dd64
ethereal-0.10.13-1.FC2.2.legacy.src.rpm

Good signature:
ethereal-0.10.13-1.FC2.2.legacy.src.rpm:
    Header V3 DSA signature: OK, key ID f8fd5d9c
    Header SHA1 digest: OK (5714fb66f297c8dc3edd3cc0510719d281278c08)
    MD5 digest: OK (ce45626b7401e21353de7741fe0cb8b1)
    V3 DSA signature: OK, key ID f8fd5d9c

.tar.bz2 file matches download from SourceForge.

Changes look reasonable.

Package builds OK in mach.

tethereal captures SSH packets OK.
ethereal(-gnome) captures SSH packets OK once I got it to run from the mach
chroot.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFDjHupJL4A+ldA7asRAig/AJsHVUfC7VoCVBCqAzPqCdo2xvOT0ACeOjkX
P0HGx5MFPZ0C2QlYt5HEHec=
=z+90
-----END PGP SIGNATURE-----
Comment 23 Pekka Savola 2005-11-29 12:09:37 EST
Oh, David has created pkgs but forgot to tell us :)
Comment 24 Pekka Savola 2005-11-29 12:25:13 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

QA w/ rpm-build-compare.sh:
 - source integrity verified from upstream
 - spec file changes good
 - the one patch veririfed from RHEL; htmlview
   seems to have been fixed in a slightly different
   way in upstream, let's hope it works.

+PUBLISH RHL73, RHL9, FC1

bf89a9d7d95b7a6f18af92e0df884c57a367e709  ethereal-0.10.13-0.73.1.legacy.src.rpm
76c2ae846206f4adc69103f3c3cdd99261b7da71  ethereal-0.10.13-0.90.1.legacy.src.rpm
dc4c2b18dd8e0e00d5a29ef5a91101270df98a81  ethereal-0.10.13-1.FC1.3.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFDjI+lGHbTkzxSL7QRAl8tAKCOytbD5qqtqZmzt0gOLRsxjGMrjACfVX0T
1GEMUXSEYHhHfjQvehGsQw8=
=+abD
-----END PGP SIGNATURE-----
Comment 25 David Eisenstein 2005-11-29 23:09:06 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thank you all for having done source QA on the Ethereal packages.  For the
sake of completeness, here is what you tested:

SHA1SUM					  Source Package
________________________________________  ______________________________________
bf89a9d7d95b7a6f18af92e0df884c57a367e709__ethereal-0.10.13-0.73.1.legacy.src.rpm
76c2ae846206f4adc69103f3c3cdd99261b7da71__ethereal-0.10.13-0.90.1.legacy.src.rpm
dc4c2b18dd8e0e00d5a29ef5a91101270df98a81__ethereal-0.10.13-1.FC1.3.legacy.src.rpm
e8207888a1eb25262071934faf4ecd301816dd64__ethereal-0.10.13-1.FC2.2.legacy.src.rpm

Available at:
http://fedoralegacy.org/contrib/ethereal/ethereal-0.10.13-0.73.1.legacy.src.rpm
http://fedoralegacy.org/contrib/ethereal/ethereal-0.10.13-0.90.1.legacy.src.rpm
http://fedoralegacy.org/contrib/ethereal/ethereal-0.10.13-1.FC1.3.legacy.src.rpm
http://fedoralegacy.org/contrib/ethereal/ethereal-0.10.13-1.FC2.2.legacy.src.rpm

Changelogs (changes since last release):
RH7.3:
* Tue Nov 22 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-0.73.1.legacy
- - Updated to 0.10.13 to fix multiple security issues (Bug #152922)
- - Add lines to specfile to package /usr/sbin/{randpkt,capinfos} and
  {_mandir}/man1/capinfos.*

* Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.10-0.73.1.legacy
- - Updated to 0.10.10 to fix multiple security issues (FL#2453)

* Wed Feb 23 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.9-0.73.2.legacy
- - Added the evil plugins hack to get plugins built

* Mon Feb  7 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.9-0.73.1.legacy
- - Updated to 0.10.9 to fix multiple security issues (FL#2407)
- - Modified configure parameters
- - Added gcc patch

RH9:
* Mon Nov 28 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-0.90.1.legacy
- - Updated to 0.10.13 to fix multiple security issues (Bug #152922)
- - Added ethereal-0.10.6-old.patch from RHEL3 0.10.13 .src.rpm.
- - Package /usr/sbin/randpkt
- - Add ldconfig commands to post-install and post-uninstall, like RHEL3.

* Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.10-0.90.1.legacy
- - Updated to 0.10.10 to fix multiple security issues (FL#2453)

* Wed Feb 23 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.9-0.90.2.legacy
- - Added the evil plugins hack to get plugins built

* Tue Feb  8 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.9-0.90.1.legacy
- - Updated to 0.10.9 to fix multiple security issues (FL#2407)
- - Modified configure parameters

FC1:
* Sun Nov 27 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC1.3.legacy
- - Oops.  The hunk I removed from the ethereal-0.10.6-old.patch had *NOT*
  been applied upstream.  Reinstate it.  Sorry 'bout that.

* Tue Nov  8 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC1.2.legacy
- - Add missing /usr/sbin/randpkt to files section so it will build.

* Mon Nov  7 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC1.1.legacy
- - Updated to 0.10.13 to fix multiple security issues (Bug #152922)
- - Removed the no-longer-needed ethereal-0.10.8-htmlview.patch
- - Added ethereal-0.10.6-old.patch from RHEL3 0.10.13 .src.rpm after remov-
  ing a hunk from it that already had been applied upstream to packet-smb.c

* Mon Mar 14 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.10-1.FC1.1.legacy
- - Updated to 0.10.10 to fix multiple security issues (FL#2453)

* Wed Feb 23 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.9-1.FC1.2.legacy
- - Added the evil plugins hack to get plugins built

* Tue Feb  8 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
  0.10.9-1.FC1.1.legacy
- - Updated to 0.10.9 to fix multiple security issues (FL#2407)
- - Added htmlview patch
- - Changed BuildRequires to gtk2

FC2:
* Mon Nov 28 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC2.2.legacy
- - Add autoconf, automake16, libtool BuildRequires.

* Mon Nov 28 2005 David Eisenstein <deisenst@gtw.net> 0.10.13-1.FC2.1.legacy
- - Updated to 0.10.13 to fix multiple security issues (Bug #152922)
- - Removed the no-longer-needed ethereal-0.10.8-htmlview.patch
- - Package /usr/sbin/randpkt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFDjSY9xou1V/j9XZwRAmEDAJ9yJBdWOlIvo6gL5yhsNFQulwRJaQCg51+R
ox+saRsANQRP/9Y+EBpcgG0=
=n8Dh
-----END PGP SIGNATURE-----
Comment 26 Marc Deslauriers 2005-12-06 23:08:23 EST
Packages were pushed to updates-testing
Comment 27 Pekka Savola 2005-12-07 08:32:13 EST
*** Bug 174478 has been marked as a duplicate of this bug. ***
Comment 28 Pekka Savola 2005-12-08 02:00:06 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
QA for RHL73 and RHL9.  Signatures OK. Tethereal seems to work OK.
Gnome-ethereal seems to work fine on RHL9.
 
+VERIFY RHL73, RHL9
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
 
iD8DBQFDl9oRGHbTkzxSL7QRAlLcAJ9VCTnUAJezp9ntMLu4I4oTjlq88ACfagw7
j9GrUpQ4zmFYm91b/LpTDtg=
=X+8N
-----END PGP SIGNATURE-----


Timeout in 2 weeks
Comment 29 Pekka Savola 2005-12-28 13:51:21 EST
Timeout over..
Comment 30 Marc Deslauriers 2006-01-09 20:17:48 EST
Packages were released to updates.

Note You need to log in before you can comment on or make changes to this bug.