Comment 3 for bug 730413

Thank you for preparing this update! Unfortunately I have to NACK the lucid debdiff for the following reasons:
* debian/patches/CVE-2011-0444.patch lists this as fixing https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5530, and there are two commits for this (as mentioned in the patch):
 http://anonsvn.wireshark.org/viewvc?view=rev&revision=35292
 http://anonsvn.wireshark.org/viewvc?view=rev&revision=35298

However the patch to epan/dissectors/packet-snmp.c is missing.

* debian/patches/CVE-2010-3445.patch lists this as fixing https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230, with the fix in http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ber.c?r1=34111&r2=34110&pathrev=34111&view=patch. Now, packet-ber.c differs a bit in Lucid as opposed to later releases of wireshark, but I found this at the end of the patch:
@@ -1001,7 +1013,7 @@
  tmp_length = 0;
  tmp_ind = FALSE;

- if (nest_level > BER_MAX_INDEFINITE_NESTING) {
+ if (nest_level > BER_MAX_NESTING) {
   /* Assume that we have a malformed packet. */
   THROW(ReportedBoundsError);
  }

The Lucid version does not have the if statement at all, but I wonder if it should use the patched version. Can you comment?

* debian/patches/CVE-2011-0538.patch uses the Debian bug for both 'Bug' and 'Bug-Debian'. It should use https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5652 for 'Bug'.

* debian/patches/CVE-2011-0713.patch has two 'Origin' statements, but no upstream 'Bug' statement. One of the Origin statements is wrong and is for CVE-2011-0538. The correct one should be http://anonsvn.wireshark.org/viewvc?revision=35953&view=revision.

* debian/patches/CVE-2011-1139.patch does not reference the upstream bug (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5661) or the Ubuntu bug (https://launchpad.net/bugs/730409)

Please adjust the debdiff for the above issues, and respond to my question regarding the 'if (nest_level > BER_MAX_NESTING)' test in the patch for CVE-2010-3445. Thanks!