From 1a5e352e8d1f08e4296cdac3e4a6a639ef5ccff00337fcd70e485ba6d5738032 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Wed, 11 Oct 2017 11:00:24 +0000 Subject: [PATCH] Wireshark 2.4.2 This release fixes minor vulnerabilities that could be used to trigger dissector crashes or infinite loops by making Wireshark read specially crafted packages from the network or a capture file (boo#1062645): * CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42) * CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43) * CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44) * CVE-2017-15190: RTSP dissector crash (wnpa-sec-2017-45) * CVE-2017-15189: DOCSIS infinite loop (wnpa-sec-2017-46) OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=232 --- SIGNATURES-2.4.1.txt | 60 ------------------------------------------ SIGNATURES-2.4.2.txt | 60 ++++++++++++++++++++++++++++++++++++++++++ wireshark-2.4.1.tar.xz | 3 --- wireshark-2.4.2.tar.xz | 3 +++ wireshark.changes | 14 ++++++++++ wireshark.spec | 3 +-- 6 files changed, 78 insertions(+), 65 deletions(-) delete mode 100644 SIGNATURES-2.4.1.txt create mode 100644 SIGNATURES-2.4.2.txt delete mode 100644 wireshark-2.4.1.tar.xz create mode 100644 wireshark-2.4.2.tar.xz diff --git a/SIGNATURES-2.4.1.txt b/SIGNATURES-2.4.1.txt deleted file mode 100644 index 4ad6331..0000000 --- a/SIGNATURES-2.4.1.txt +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -wireshark-2.4.1.tar.xz: 28780384 bytes -SHA256(wireshark-2.4.1.tar.xz)=02ddbcf9b10f9dfa1e36eec00fe00cb5b5ce8e07203843baf056ac7909911fcd -RIPEMD160(wireshark-2.4.1.tar.xz)=4e47f79741fe09ed404e03ab51be617abc3ae3d5 -SHA1(wireshark-2.4.1.tar.xz)=2a52aeefba0a45747b1e4593c82c6efc33aa4182 -MD5(wireshark-2.4.1.tar.xz)=22b925108e0b65d6560f0af161157266 - -Wireshark-win32-2.4.1.exe: 53597448 bytes -SHA256(Wireshark-win32-2.4.1.exe)=8a2be35c125010538692130af6fc4f9384e3a3caa4f49eec7fc17e238512c067 -RIPEMD160(Wireshark-win32-2.4.1.exe)=a9c9567857ca768835ed9ab040a2ae1b86df779f -SHA1(Wireshark-win32-2.4.1.exe)=392c5eebe1aef355e6e660e34cb98ad2dde5e2b2 -MD5(Wireshark-win32-2.4.1.exe)=f7daa36cdd469bf067e258c9d1847ee6 - -Wireshark-win64-2.4.1.exe: 59132608 bytes -SHA256(Wireshark-win64-2.4.1.exe)=c97d6a43bca6e706975b45bfa99d320674003673f8bc8337954694ef14e6cc26 -RIPEMD160(Wireshark-win64-2.4.1.exe)=70efd612db44caa65f40946557891fd952445a4e -SHA1(Wireshark-win64-2.4.1.exe)=0ccf8188aa3970adea3003c0e7bff12cd6d34313 -MD5(Wireshark-win64-2.4.1.exe)=2e71aed667c5a6de9acced176a504939 - -Wireshark-win32-2.4.1.msi: 43048960 bytes -SHA256(Wireshark-win32-2.4.1.msi)=467f29e274fa6da0072295198217ba324db7885d49f1d6e6e40008622ffe3ea0 -RIPEMD160(Wireshark-win32-2.4.1.msi)=16832d856347c305c14403e65c79f10c7961affd -SHA1(Wireshark-win32-2.4.1.msi)=a04faea8ee31bbd621719605c95ade9536aebab6 -MD5(Wireshark-win32-2.4.1.msi)=9000a088689fcd24253d363a853bb7aa - -Wireshark-win64-2.4.1.msi: 48398336 bytes -SHA256(Wireshark-win64-2.4.1.msi)=7a75a2eebfa197dd34c17707ddf6065921b24af58470fa85d44498402866db1c -RIPEMD160(Wireshark-win64-2.4.1.msi)=13ae3e3cace6968af1507d26d5b0224f3a5c427c -SHA1(Wireshark-win64-2.4.1.msi)=5f533bf7e6226ebb9d59f0cef149015869364e69 -MD5(Wireshark-win64-2.4.1.msi)=cfb3b9fe4b73e4cb6d5bfc0b37b7d841 - -WiresharkPortable_2.4.1.paf.exe: 46309696 bytes -SHA256(WiresharkPortable_2.4.1.paf.exe)=f75753a335cb6278527c21822c07a08a3ca977c83da23c7fc80c7bbdf3fabcce -RIPEMD160(WiresharkPortable_2.4.1.paf.exe)=953ed214dc32d07fa5891ec8738180a21b95a0d2 -SHA1(WiresharkPortable_2.4.1.paf.exe)=3ac54e3129c82c919c8c00fd5ce28cd8d8230297 -MD5(WiresharkPortable_2.4.1.paf.exe)=bee21315ce99ecfff83f61d950be8d46 - -Wireshark 2.4.1 Intel 64.dmg: 35197766 bytes -SHA256(Wireshark 2.4.1 Intel 64.dmg)=cbf1f66020d049e645edd9ee8f0ebdd7d71d019d3fb2c44e028fcd65195b268b -RIPEMD160(Wireshark 2.4.1 Intel 64.dmg)=37c33371a0b142fea753f3723f6a30f7476fea18 -SHA1(Wireshark 2.4.1 Intel 64.dmg)=d841c155e6aa8681cefdaffec4b95432de865957 -MD5(Wireshark 2.4.1 Intel 64.dmg)=911497d6ea05821321a824bae57d7835 ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlmluawACgkQgiRKeOb+ -ruo8BxAAogsZKu8S4y6VdpaZtJJA7SJChbtFnCn87rXgpYxwJkUBIXmf/B9Qj8Vp -e6wYmz5ijwngyLjeosvfA7TLiO4yVxTB8gpJyrAxSrDF7HBE33ZNnJmHys1GzEYS -5CG7e0QuaB6MYHuALkIgDCW39o8n9empd0ceKuPEtjf/YjcGLgz+qbvMMQ2l9Mqv -eVMZrzZaL6jBO/os9XbVwIWhC8tT6sQ0WNKAGgIyY75SGWAUKEzM23JpToq/Dlv2 -5dJxTMYl4yKZQXDpxvFc9xpro6GyVzYrqj668zrwmaF2V/c/9ujU3YJ84RzI8KKq -RJSFw6cyFu9J5SBlX1opaUg0I8sVJ8gdJI10THjSlW3QCN2z4Rry/YPMjyj7Sf64 -wcklGajDQsjOtjsp5x3ijRbeOD7Z02AJRws8ugh/lKAxOfWF4RMdM+rBeLSVD7AZ -z9edBVM7wXbBnrrIZuUZZt4oXZwUa6HGJQmb/ZXzBg6FuL4g2EX2cb+2TNN31rfX -NMJVA//no7DDUWdXbL4A4W9/igf2tD5DgLfFSHdewYpsUIr0w/oWy40BwpBQ5U1O -Vo41UMGSQK/b6Ep2T3iDyo/xwuZLeYQGP/j3s1FPbjVDtTBscb00F/Lit9SMr/Nk -PblN5mZB1nAlCgDWcH/c4W1TGK+4MCsUjaRTYjIz2NZlgwy+iVk= -=JnJn ------END PGP SIGNATURE----- diff --git a/SIGNATURES-2.4.2.txt b/SIGNATURES-2.4.2.txt new file mode 100644 index 0000000..9c7b9dc --- /dev/null +++ b/SIGNATURES-2.4.2.txt @@ -0,0 +1,60 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +wireshark-2.4.2.tar.xz: 28791712 bytes +SHA256(wireshark-2.4.2.tar.xz)=d1acb24735fd35e18e9b7a0555ec58277c2b87da45a19ebeb8087c3dda55f47d +RIPEMD160(wireshark-2.4.2.tar.xz)=3cbe6dfeecc7bf092064e1f91915c413d6cce2de +SHA1(wireshark-2.4.2.tar.xz)=93e1eff9380015a8a9df473ffa38ba0635d25238 + +Wireshark-win64-2.4.2.exe: 57888880 bytes +SHA256(Wireshark-win64-2.4.2.exe)=ef372d8c4e8873a75d2de4028cb4fc7e23db2913de47086e4046f338bbfc6ddc +RIPEMD160(Wireshark-win64-2.4.2.exe)=a601f1a379a1e5e5b830c20838b868a43188c060 +SHA1(Wireshark-win64-2.4.2.exe)=52279fd00aea1e164160789545ddb50a59e59088 + +Wireshark-win32-2.4.2.exe: 52669688 bytes +SHA256(Wireshark-win32-2.4.2.exe)=bcdf1cb77e7bf56b1f99b5d9abd9c555c89b4f32d2a865d5f13b3e43238bfdf8 +RIPEMD160(Wireshark-win32-2.4.2.exe)=5c79f6155bab4134ea16a83a5dcc307ca534188e +SHA1(Wireshark-win32-2.4.2.exe)=da297b6d068cd2313c5cb04333a92160fcff59ce + +Wireshark-win32-2.4.2.msi: 41938944 bytes +SHA256(Wireshark-win32-2.4.2.msi)=11dcf44a87f7f1e3dd514dff7ee49b0e61e59e37d2c881173d027ef9723137c1 +RIPEMD160(Wireshark-win32-2.4.2.msi)=542c0a17ff990d525495dbf92aa3d83d63572ee9 +SHA1(Wireshark-win32-2.4.2.msi)=ea5b56b7a9a861d80420a85e3d27c77ba3b8b009 + +Wireshark-win64-2.4.2.msi: 47005696 bytes +SHA256(Wireshark-win64-2.4.2.msi)=8e4e68751c01b1c89a2b5f07bc2001ab42431462043118f1aae1dacf4df23bf1 +RIPEMD160(Wireshark-win64-2.4.2.msi)=d8977ecc66cddcb5cde24435efbf15bdd1a76a95 +SHA1(Wireshark-win64-2.4.2.msi)=3b6e9e9acac5538ba433a4c0c82be47df6ddd018 + +WiresharkPortable_2.4.2.paf.exe: 45299336 bytes +SHA256(WiresharkPortable_2.4.2.paf.exe)=9aa5c49d28f5ec06db0afb7e31c0aa6cad449f9c74f5dc8a04d504631d752da3 +RIPEMD160(WiresharkPortable_2.4.2.paf.exe)=7cb47e45e82d050423192958e5ad99fb92d56f60 +SHA1(WiresharkPortable_2.4.2.paf.exe)=6c7051ab7dbf8f3739ec071e3409f6180cfd0bcc + +Wireshark 2.4.2 Intel 64.dmg: 35217464 bytes +SHA256(Wireshark 2.4.2 Intel 64.dmg)=111ff7313055ebbc72a2fee4f7b691c723e182c777f5341fd74b279b106686e8 +RIPEMD160(Wireshark 2.4.2 Intel 64.dmg)=ce9988494a9f125e878f8b50e21ebafb488e90c3 +SHA1(Wireshark 2.4.2 Intel 64.dmg)=c1e5c248e0e3793af793dfcf1342cebae33401ee + +You can validate these hashes using the following commands (among others): + + Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 + Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz + macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" + Other: openssl sha256 wireshark-x.y.z.tar.xz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlndHcwACgkQgiRKeOb+ +rupDow/+IIRv/SD6gb87vSTz7zL8O57eZHZWZVCLuyBW1tIouX1eBVMWXUHXuppe +DEuSOOHwXUjIU51qjS4sv4rKCv6kzM/umBPBVR7utWtPxPw9oms8rVFASlBDjyud +vMC8T8RGpY1XhsQJiYg4dAEcYLOkH73f8z46Sp3UMstXzIs64meKeQLcG2oBbP++ +yJbQiVQXJL/LPN1spTy16Q+v1GJQ1sIyw+ptoAl6M7N598Cwwvh+geuvDVE6BsjI +gi211PJ4Zbm8P9uVQgiVOwv5RsUBeGyPZmn+ASZp7bLNtaHdZ44xawuQ3hqqIpr1 +DBaohc55IymHkIWECMDK6bqkRLDYkO+7HnmF1XKiUJ6/Rn5qqLc4GahDPNIHonVE +e/9WL5aBCDjetaTFT3UQJLi9c9+ZhGiyGB9WiFaRBovm8+NodZ9Kj+sFJ/cnXsSG +PI0o6I4P7r0NyEhoeovMbyRfa8CUnnCgD4r8XpIrdZbpa9jfzRHm8kMF7wrgxaVS +UG7DtvFaQuvoxE9Fi6bQQYHQwZOjaZ3aLdnZXUP61g5qbjF1MywiEnjkMWVOzdrb +egqUwbGLrhtbOfgVtCL6TI+RrHt5rxQVecNn/l1FoM1Gsqo31884hBDaHyJsjOCJ +8YIn/Y1Fu6TE6YGTyQtW3z2h29cCnChqiHjohqB/NYGV8K3Oz7I= +=nEZj +-----END PGP SIGNATURE----- diff --git a/wireshark-2.4.1.tar.xz b/wireshark-2.4.1.tar.xz deleted file mode 100644 index 3e69769..0000000 --- a/wireshark-2.4.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:02ddbcf9b10f9dfa1e36eec00fe00cb5b5ce8e07203843baf056ac7909911fcd -size 28780384 diff --git a/wireshark-2.4.2.tar.xz b/wireshark-2.4.2.tar.xz new file mode 100644 index 0000000..4ef59ac --- /dev/null +++ b/wireshark-2.4.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d1acb24735fd35e18e9b7a0555ec58277c2b87da45a19ebeb8087c3dda55f47d +size 28791712 diff --git a/wireshark.changes b/wireshark.changes index a7724fe..6414e07 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Wed Oct 11 09:54:25 UTC 2017 - astieger@suse.com + +- Wireshark 2.4.2: + This release fixes minor vulnerabilities that could be used to + trigger dissector crashes or infinite loops by making Wireshark + read specially crafted packages from the network or a capture + file (boo#1062645): + * CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42) + * CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43) + * CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44) + * CVE-2017-15190: RTSP dissector crash (wnpa-sec-2017-45) + * CVE-2017-15189: DOCSIS infinite loop (wnpa-sec-2017-46) + ------------------------------------------------------------------- Thu Sep 7 17:06:44 UTC 2017 - jmatejek@suse.com diff --git a/wireshark.spec b/wireshark.spec index ae60a35..4eeb3db 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -36,7 +36,7 @@ %bcond_with geoip %endif Name: wireshark -Version: 2.4.1 +Version: 2.4.2 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ AND GPL-3.0+ @@ -193,7 +193,6 @@ This package contains the Qt based UI for Wireshark. %prep # The publisher doesn't sign the source tarball, but a signatures file containing multiple hashes. # Verify hashes in that file against source tarball. -echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep MD5 | head -n1 | cut -d= -f2` %{SOURCE0}" | md5sum -c echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep SHA1 | head -n1 | cut -d= -f2` %{SOURCE0}" | sha1sum -c echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep SHA256 | head -n1 | cut -d= -f2` %{SOURCE0}" | sha256sum -c