Please merge wireshark 1.0.7-1 (universe) from Debian unstable (main)

Subscribed motu-release based on discussion on irc.

<geser> directhex: 66 files changed, 14757 insertions(+), 1619 deletions(-)
 based on the debdiff of the Debian and Ubuntu packages
 there are many small changes and one big: epan/enterprise-numbers |10933 +++++++++++++++++++++++++++-
<wgrant> I'd suggest going with the update - it is going to have an awful lot of security updates.

2009/4/14 Launchpad Bug Tracker <email address hidden>

> *** This bug is a security vulnerability ***
>
> You have been subscribed to a public security bug by Hew McLachlan (hew):
>
> Binary package hint: wireshark
>
> this version fixes a few security issues, including an arbitrary code
> execution and denial of service vulnerabilities. please upgrade.
> changelog: http://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html.
>
> wireshark (1.0.7-1) unstable; urgency=low
>
> * New upstream release 1.0.7
> - release notes:
> http://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html
> - security fixes:
> - The PROFINET dissector was vulnerable to a format string
> overflow. (CVE-2009-1210)
> - The LDAP dissector could crash on Windows. (CVE-2009-1267)
> - The Check Point High-Availability Protocol (CPHAP) dissector
> could crash. (CVE-2009-1268)
> - Wireshark could crash while loading a Tektronix .rf5 file
> (CVE-2009-1269)
> * update standards-version to 3.8.1
> * add 21_dumpcap.dpatch with patch from Rob Leslie <email address hidden>
> that should avoid dumpcap seeing stop on CTRL-C as an error
> (Closes: #518435)
>
> -- Joost Yervante Damad <email address hidden> Sat, 11 Apr 2009 10:06:45
> +0200
>
> Ubuntu changes to be merged:
> - replace gksu with menu in Recommends
> - Add debian/README.source.
>
> ** Affects: wireshark (Ubuntu)
> Importance: Undecided
> Status: New
>
>
> ** Tags: upgrade
> --
> Please merge wireshark 1.0.7-1 (universe) from Debian unstable (main)
> https://bugs.edge.launchpad.net/bugs/360661
> You received this bug notification because you are a member of MOTU Release
> Team, which is a direct subscriber.
>

1516.18 <iulian> Hew: It looks like there are no new features, so it's a bug
fix release with a lot of security fixes. I'll acknowledge it. Would you
like to take care of the merge?

If yes, I will sponsor it.

--
Iulian Udrea
<email address hidden>

I agree with wgrant. Ack from moru-release for upload.

Merge debdiff attached.

Marking 'In Progress' per https://wiki.ubuntu.com/SecurityUpdateProcedures

Looking at the debdiff: where are the previous Ubuntu changelog entries? why create a README.source file with a dpatch howto inside? why remove gksu and add menu to Recommends:?

menu instead of gksu gives you the ability to start as root in other de,
such as KDE. That needs to stay (and be documented).

It looks like both changes were first included with wireshark 1.0.2-1ubuntu1. The gksu fix is important and is bug 209084. I'm not sure about the README.source change, but it's already being applied to wireshark 1.0.6-1ubuntu1, so to remove this from the debdiff would actually be an additional change to the current Ubuntu version.

Proper merge patch this time, sourced from merges.ubuntu.com, includes Ubuntu changelog entries.

You forgot to add '#' in front of bug number in the changelog. Hence the bug was not closed automatically.