From fe9dc4891c06b7d5af73b4143e09c52e854b21afdf06276cc6d9f13004a75fba Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Wed, 15 Aug 2012 22:08:39 +0000 Subject: [PATCH] Accepting request 130973 from home:AndreasStieger:branches:network:utilities update to upstream 1.8.2 (bnc#776083) CVE-2012-4285 CVE-2012-4287 CVE-2012-4288 CVE-2012-4294 CVE-2012-4295 CVE-2012-4289 CVE-2012-4296 CVE-2012-4297 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4290 CVE-2012-4286 CVE-2012-4298 OBS-URL: https://build.opensuse.org/request/show/130973 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=65 --- wireshark-1.2.0-disable-warning-dialog.patch | 10 +++--- wireshark-1.8.1.tar.bz2 | 3 -- wireshark-1.8.2.tar.bz2 | 3 ++ wireshark.changes | 35 ++++++++++++++++++++ wireshark.spec | 2 +- 5 files changed, 44 insertions(+), 9 deletions(-) delete mode 100644 wireshark-1.8.1.tar.bz2 create mode 100644 wireshark-1.8.2.tar.bz2 diff --git a/wireshark-1.2.0-disable-warning-dialog.patch b/wireshark-1.2.0-disable-warning-dialog.patch index 0ab19bd..e442b76 100644 --- a/wireshark-1.2.0-disable-warning-dialog.patch +++ b/wireshark-1.2.0-disable-warning-dialog.patch @@ -1,8 +1,8 @@ Index: ui/gtk/main.c =================================================================== ---- ui/gtk/main.c.orig 2012-06-16 19:38:51.000000000 +0100 -+++ ui/gtk/main.c 2012-06-21 22:17:49.000000000 +0100 -@@ -1400,11 +1400,13 @@ main_colorize_changed(gboolean packet_li +--- ui/gtk/main.c.orig 2012-08-10 01:35:00.000000000 +0100 ++++ ui/gtk/main.c 2012-08-15 20:28:59.000000000 +0100 +@@ -1399,11 +1399,13 @@ main_colorize_changed(gboolean packet_li static GtkWidget *close_dlg = NULL; @@ -16,7 +16,7 @@ Index: ui/gtk/main.c #ifdef _WIN32 static void -@@ -2082,9 +2084,10 @@ check_and_warn_user_startup(gchar *cf_na +@@ -2081,9 +2083,10 @@ check_and_warn_user_startup(gchar *cf_na #endif { gchar *cur_user, *cur_group; @@ -28,7 +28,7 @@ Index: ui/gtk/main.c if (running_with_special_privs() && recent.privs_warn_if_elevated) { cur_user = get_cur_username(); cur_group = get_cur_groupname(); -@@ -2099,6 +2102,7 @@ check_and_warn_user_startup(gchar *cf_na +@@ -2098,6 +2101,7 @@ check_and_warn_user_startup(gchar *cf_na simple_dialog_check_set(priv_warning_dialog, "Don't show this message again."); simple_dialog_set_cb(priv_warning_dialog, priv_warning_dialog_cb, NULL); } diff --git a/wireshark-1.8.1.tar.bz2 b/wireshark-1.8.1.tar.bz2 deleted file mode 100644 index 5744918..0000000 --- a/wireshark-1.8.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5966a3e23d34972eb35433ae8198fccf1945617f71b89c1af26dada9f342feb7 -size 24125571 diff --git a/wireshark-1.8.2.tar.bz2 b/wireshark-1.8.2.tar.bz2 new file mode 100644 index 0000000..f0afde8 --- /dev/null +++ b/wireshark-1.8.2.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3f0e688d889345033e0a7e4f36aea78248e5c7b32d0dfc19eac044188aac11cc +size 24121798 diff --git a/wireshark.changes b/wireshark.changes index 5185efe..cdfd9fa 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,38 @@ +------------------------------------------------------------------- +Wed Aug 15 21:13:20 UTC 2012 - andreas.stieger@gmx.de + +- update to upstream 1.8.2 (bnc#776083) + + vulnerabilities fixed: + * The DCP ETSI dissector could trigger a zero division. + (wnpa-sec-2012-13 CVE-2012-4285) + * The MongoDB dissector could go into a large loop. + (wnpa-sec-2012-14 CVE-2012-4287) + * The XTP dissector could go into an infinite loop. + (wnpa-sec-2012-15 CVE-2012-4288) + * The ERF dissector could overflow a buffer. + (wnpa-sec-2012-16 CVE-2012-4294 CVE-2012-4295) + * The AFP dissector could go into a large loop. + (wnpa-sec-2012-17 CVE-2012-4289) + * The RTPS2 dissector could overflow a buffer. + (wnpa-sec-2012-18 CVE-2012-4296) + * The GSM RLC MAC dissector could overflow a buffer. + (wnpa-sec-2012-19 CVE-2012-4297) + * The CIP dissector could exhaust system memory. + (wnpa-sec-2012-20 CVE-2012-4291) + * The STUN dissector could crash. + (wnpa-sec-2012-21 CVE-2012-4292) + * The EtherCAT Mailbox dissector could abort. + (wnpa-sec-2012-22 CVE-2012-4293) + * The CTDB dissector could go into a large loop. + (wnpa-sec-2012-23 CVE-2012-4290) + * The pcap-ng file parser could trigger a zero division. + (wnpa-sec-2012-24 CVE-2012-4286) + * The Ixia IxVeriWave file parser could overflow a buffer. + (wnpa-sec-2012-25 CVE-2012-4298) + + Further bug fixes and updated protocol support as listed in: + http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html +- adjust wireshark-1.2.0-disable-warning-dialog.patch for moved lines + ------------------------------------------------------------------- Tue Jul 24 05:00:53 UTC 2012 - andreas.stieger@gmx.de diff --git a/wireshark.spec b/wireshark.spec index 7277322..34ff5f8 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -20,7 +20,7 @@ %define use_caps 0 Name: wireshark -Version: 1.8.1 +Version: 1.8.2 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+