From 74cf028b712df2917b829a8bda4186d0348e6e6089ce4dc1605a3f9fb11a260e Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Wed, 29 Aug 2018 20:38:17 +0000 Subject: [PATCH 1/2] Accepting request 632198 from home:AndreasStieger:branches:network:utilities - Update to 2.6.3: * CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) * CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) * CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46) - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.3.html OBS-URL: https://build.opensuse.org/request/show/632198 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=260 --- SIGNATURES-2.6.2.txt | 60 ------------------------------------------ SIGNATURES-2.6.3.txt | 60 ++++++++++++++++++++++++++++++++++++++++++ wireshark-2.6.2.tar.xz | 3 --- wireshark-2.6.3.tar.xz | 3 +++ wireshark.changes | 10 +++++++ wireshark.spec | 2 +- 6 files changed, 74 insertions(+), 64 deletions(-) delete mode 100644 SIGNATURES-2.6.2.txt create mode 100644 SIGNATURES-2.6.3.txt delete mode 100644 wireshark-2.6.2.tar.xz create mode 100644 wireshark-2.6.3.tar.xz diff --git a/SIGNATURES-2.6.2.txt b/SIGNATURES-2.6.2.txt deleted file mode 100644 index 39385be..0000000 --- a/SIGNATURES-2.6.2.txt +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -wireshark-2.6.2.tar.xz: 28392140 bytes -SHA256(wireshark-2.6.2.tar.xz)=49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094 -RIPEMD160(wireshark-2.6.2.tar.xz)=e9b782d49d9a063ba556320e9f2c08dea079967d -SHA1(wireshark-2.6.2.tar.xz)=52517c30926211b0b718815b51a3f06a18d8f5da - -Wireshark-win64-2.6.2.exe: 59963968 bytes -SHA256(Wireshark-win64-2.6.2.exe)=88aa2ca018090fc73ffb273aa1ba9f690ec06deb77d1ec7ff9b39fe646ca2877 -RIPEMD160(Wireshark-win64-2.6.2.exe)=3b947ada3e64bfb1c1b16a470926d94ed9db391b -SHA1(Wireshark-win64-2.6.2.exe)=90217eb0ed020a53a9ae80682c0881d347d11b4a - -Wireshark-win32-2.6.2.exe: 54249888 bytes -SHA256(Wireshark-win32-2.6.2.exe)=3d886e435570b7326f53d00996040ef65b9e2a5bffe48645ce29ea5a23930801 -RIPEMD160(Wireshark-win32-2.6.2.exe)=c2c5afa101559976439f36401ea1cc4564fa624e -SHA1(Wireshark-win32-2.6.2.exe)=eb7c50e80d6e7ec834599c1facfd6a3fd66aebf8 - -Wireshark-win32-2.6.2.msi: 43728896 bytes -SHA256(Wireshark-win32-2.6.2.msi)=99d5d94345a20e177736533840ff59859a76e864247a8146a73fca227f004043 -RIPEMD160(Wireshark-win32-2.6.2.msi)=7f21412e4d335f6e797356b968fbef14afb03b8c -SHA1(Wireshark-win32-2.6.2.msi)=05f1f9c4b9bed8c4447e5e31f907c578f52cf067 - -Wireshark-win64-2.6.2.msi: 49364992 bytes -SHA256(Wireshark-win64-2.6.2.msi)=381076d09c757038072f761f7eee9d5aa45fa8423b771ba34ddbd8b56f2c429c -RIPEMD160(Wireshark-win64-2.6.2.msi)=a080eec0f8bd089f493d0c76837d7fe03c1fa0dd -SHA1(Wireshark-win64-2.6.2.msi)=2c6b5bf555729d1e5ee3a1dda8d2b14d3bb01759 - -WiresharkPortable_2.6.2.paf.exe: 37482552 bytes -SHA256(WiresharkPortable_2.6.2.paf.exe)=d36727bdb8cc3a72bfb80084d3c634c3bfa4661f4de68d644b43ef5d41c52b69 -RIPEMD160(WiresharkPortable_2.6.2.paf.exe)=a98756bf5a67e47e1ca9ecd8836f2e6913a56f27 -SHA1(WiresharkPortable_2.6.2.paf.exe)=dd11e62f34212be77abee9d2227a2fd3b613b0a5 - -Wireshark 2.6.2 Intel 64.dmg: 169012317 bytes -SHA256(Wireshark 2.6.2 Intel 64.dmg)=ef54b04a73df4069e29e77bc1940f3b767ee498c4e28f739eabda78ef71ab4a9 -RIPEMD160(Wireshark 2.6.2 Intel 64.dmg)=f93d2cc4057337ca76d1aa435b0039a60927bebb -SHA1(Wireshark 2.6.2 Intel 64.dmg)=3a46de720848b286e7c115c75c7b00bcd08155aa - -You can validate these hashes using the following commands (among others): - - Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 - Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz - macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" - Other: openssl sha256 wireshark-x.y.z.tar.xz ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAltPqKQACgkQgiRKeOb+ -rurNbg//dw5903/0W2vw1a6u8F9JVvXfctb9/t1IOD2yT2omPXFTfqEkcwcY5c8W -FoSsflHM6g4rf8jqpqyipSPb6lYRJjm1fZGDzTilVPe+pcAV/HZ2QSdwOgw9FiAs -sV2eZdqPMVqdeLgDGtC4aHHabwsytFNaWtZLVyKr4ojdUfJNIBa40iUrItxXfgxA -GDCnVpdapuygk4rMeDpi3qZtvEKmgZ9Yj5aseX+wBYIT21EShP/gHSKNSA8x3gGz -xnpvOrz2qyJmWB6sBmIQndEXrYdazKr14Fzhmc2ajFMOJLwTGIZg5wl+UDnmPikW -6R1gRzSwkjEtgTKlZ9Gcel8eg6fNjW9HC9d4VjZzG4N693YrYwlpu0FIvaK+QGxE -yEJKPJnlaCi37Q6GBiKIpC5NUkTnt38Gb5DJ4/N3tk4P2LGlSyyMxLc5U096Zd8V -KCE/OVUuZs/4NsgIYaTYWDyTeNjjN2ZXnyx0N3x8yzWHcB6gYVPJc2lKouZe9XqZ -9Gz1Fr0/LEbx+r0iFOEm9pX/W8a5pzZnMn5YYUeTue61ZZp/yBOf7oTqjCVvSPHU -rZhsHMLcZnBNFoYKr03dcvukgSNsndTJPXvAEIX9FVmQUcQAEsdXRFO/csihG7l/ -7KWgNjReI7eoWkBUH8sx7J+4wZVy9leWjHTtkZKTeOo6OO1vJx4= -=OiJq ------END PGP SIGNATURE----- diff --git a/SIGNATURES-2.6.3.txt b/SIGNATURES-2.6.3.txt new file mode 100644 index 0000000..e6e27c9 --- /dev/null +++ b/SIGNATURES-2.6.3.txt @@ -0,0 +1,60 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +wireshark-2.6.3.tar.xz: 28384004 bytes +SHA256(wireshark-2.6.3.tar.xz)=d158a8a626dc0997a826cf12b5316a3d393fb9f93d84cc86e75b212f0044a3ec +RIPEMD160(wireshark-2.6.3.tar.xz)=74a558e7a004c64ff118870d525025beda4a665d +SHA1(wireshark-2.6.3.tar.xz)=d239fd091d59968ac8a1b42b28e61aeef09c20b7 + +Wireshark-win64-2.6.3.exe: 60001560 bytes +SHA256(Wireshark-win64-2.6.3.exe)=40701d569f75ba08bd3fb9d79e6841095d6d3001e5d8f1e9f50c996bcf0657ff +RIPEMD160(Wireshark-win64-2.6.3.exe)=d2068b7c1d7a95a2d57470ae7831fd988b5183a6 +SHA1(Wireshark-win64-2.6.3.exe)=800bc4d9b6a8b1d96844e706863f0e636839b5cc + +Wireshark-win32-2.6.3.exe: 54282456 bytes +SHA256(Wireshark-win32-2.6.3.exe)=3b1519d04d982220941a9fff03af74110b68fbe7f1cedd79ad3f097593c5f456 +RIPEMD160(Wireshark-win32-2.6.3.exe)=b86dc149ca96f7e1efca3e6c7439ae41d9553e19 +SHA1(Wireshark-win32-2.6.3.exe)=cad7ba639d2e7f538eee4b771ed3e6f1c763da25 + +Wireshark-win64-2.6.3.msi: 49381376 bytes +SHA256(Wireshark-win64-2.6.3.msi)=93e31bc9ec4871475d7ca1c608507e6b9815f7a767cd10aa9cc33dbd078fbd1c +RIPEMD160(Wireshark-win64-2.6.3.msi)=dd4f223c7f471fc482c9f1fc80de1a805c2bd375 +SHA1(Wireshark-win64-2.6.3.msi)=78e267546f13596ffedd2d94c6a58c0b99e7dec9 + +Wireshark-win32-2.6.3.msi: 43741184 bytes +SHA256(Wireshark-win32-2.6.3.msi)=063232cde36dbce1a8a73abf26aacec94798b3d42af4cd423a30c6cc6834c762 +RIPEMD160(Wireshark-win32-2.6.3.msi)=9270a9c45c862891c88a07961bbb1a247dee5909 +SHA1(Wireshark-win32-2.6.3.msi)=ad302be6a55731d676756d5dc60b6de355f311ff + +WiresharkPortable_2.6.3.paf.exe: 37485464 bytes +SHA256(WiresharkPortable_2.6.3.paf.exe)=419a784a070adbb261991eada51e489f704e13808fcd7516b0edb5c6d91a8480 +RIPEMD160(WiresharkPortable_2.6.3.paf.exe)=fe4926b7abb83a28bf327de345f2eca10bcc510d +SHA1(WiresharkPortable_2.6.3.paf.exe)=6218dff001e2e1ac8a733f8a82e878622b9647fc + +Wireshark 2.6.3 Intel 64.dmg: 169056690 bytes +SHA256(Wireshark 2.6.3 Intel 64.dmg)=5f919d58ba1286631f2a878d7ec5acf430680f57d3d630d76e096077b4494418 +RIPEMD160(Wireshark 2.6.3 Intel 64.dmg)=4e35d92b01e15f2500b6f7e4ad8f1225a518c183 +SHA1(Wireshark 2.6.3 Intel 64.dmg)=5809c04cdda26e124027bb55d318c99dfd61b008 + +You can validate these hashes using the following commands (among others): + + Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 + Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz + macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" + Other: openssl sha256 wireshark-x.y.z.tar.xz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAluG5dQACgkQgiRKeOb+ +rupuhhAA7tWYs068DvPgUzIFrd58A1RogpoAdANICaRgqNJLpVsIR/5SiF2RU1oO +KFCgy83qufQcokGNS77cX3lrnCP0T6Q1QY1CpS/ZiLAxBk8e+rQNKqn1/Z34Tsso +T6EbMZqEZA3HAerDGlwsgy5AuOcOLWCdBqMC6bwbF4zd0Vj/q9x5Io88sKJjbX7z +gsMiSM3A5tFdmc+/HQqqAg6+u77fRih6w8pBGSQDEj7NEYhQYa3y0RdjF/6o9YQt +Q1ISmCpGcpdr8cE/+uwTz7CaKtQz9FkbpuG23ow1/vJDH1Qi5WSNrp5exhrCAZAk +ZY9Jy3cVviDDUao5gOHM67ytci171zslO+JcXweNiBSzdcP/tUAdmJBVUZSfTgeJ +bVyWCa4RRGRSSOCxGvaAKQKH/k50WK2lzvlh/4q9OI/yuuQVDobVwFdyHUIwZVOf +A8IwXuqGju8y9yjAmnMJUEYBdbXUuaPuocqgIs4vSOsOw+A2o10MLu50rAs0cvWi +40a/olOS7THk6dHuIHEARp/oGbMCfOFYJl9JdM/UFY1PU2cTvtFGhC2EYIFQYoKx +pTcJ1IXk4H6BDfU14sWud1lEONXCCqxunMqzd8LI5wpcTJ7dyjYkR770UpVhVYm4 +gwshi3OJoUGDd2O/uZdutfWr7G03/mp2eEcZQMj2NVB1zxaSmEE= +=kvMc +-----END PGP SIGNATURE----- diff --git a/wireshark-2.6.2.tar.xz b/wireshark-2.6.2.tar.xz deleted file mode 100644 index b37d4b4..0000000 --- a/wireshark-2.6.2.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094 -size 28392140 diff --git a/wireshark-2.6.3.tar.xz b/wireshark-2.6.3.tar.xz new file mode 100644 index 0000000..c2f7a54 --- /dev/null +++ b/wireshark-2.6.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d158a8a626dc0997a826cf12b5316a3d393fb9f93d84cc86e75b212f0044a3ec +size 28384004 diff --git a/wireshark.changes b/wireshark.changes index d79a76e..c725f12 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Wed Aug 29 20:29:12 UTC 2018 - astieger@suse.com + +- Update to 2.6.3: + * CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) + * CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) + * CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46) +- Further bug fixes and updated protocol support as listed in: + https://www.wireshark.org/docs/relnotes/wireshark-2.6.3.html + ------------------------------------------------------------------- Fri Jul 20 09:32:42 UTC 2018 - astieger@suse.com diff --git a/wireshark.spec b/wireshark.spec index 0918362..22e975f 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -37,7 +37,7 @@ %bcond_with lz4 %endif Name: wireshark -Version: 2.6.2 +Version: 2.6.3 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0-or-later AND GPL-3.0-or-later From 12d185b1afeb2bac4c0f3ee3dca8208f64857f63df97298461dcb88319d369a0 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Thu, 30 Aug 2018 07:12:41 +0000 Subject: [PATCH 2/2] OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=261 --- wireshark.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wireshark.changes b/wireshark.changes index c725f12..1f5be8e 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,7 +1,7 @@ ------------------------------------------------------------------- Wed Aug 29 20:29:12 UTC 2018 - astieger@suse.com -- Update to 2.6.3: +- Update to 2.6.3 (boo#1106514): * CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) * CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) * CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)