Accepting request 563929 from home:AndreasStieger:branches:network:utilities

- Wireshark 2.4.4:
  * fixes for dissector crashes:
    + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
    + CVE-2018-5335: WCP dissector could crash (bsc#1075738)
    + CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
  * No longer enable the Linux kernel BPF JIT compiler via the
    net.core.bpf_jit_enable sysctl, as this would make systems
    more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753) 
  * Further bug fixes and updated protocol support as listed in:
    ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html

OBS-URL: https://build.opensuse.org/request/show/563929
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=238
This commit is contained in:
Andreas Stieger 2018-01-12 20:05:50 +00:00 committed by Git OBS Bridge
parent c420cc19e7
commit 3a06e42e9e
6 changed files with 79 additions and 65 deletions

View File

@ -1,60 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.4.3.tar.xz: 28807920 bytes
SHA256(wireshark-2.4.3.tar.xz)=189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e
RIPEMD160(wireshark-2.4.3.tar.xz)=549b19ff84378536a4d2598ad92ac10db7a76244
SHA1(wireshark-2.4.3.tar.xz)=1c52b5d03d0dd9fe33c6c225233e89ed6d1d6d28
Wireshark-win32-2.4.3.exe: 52674464 bytes
SHA256(Wireshark-win32-2.4.3.exe)=7e5288224c0efc666fd15852e49ed7864e0a70971b5c09181ccfe5f71fd27d6e
RIPEMD160(Wireshark-win32-2.4.3.exe)=b9f488d384716404f25076eaa0dde81705982d5d
SHA1(Wireshark-win32-2.4.3.exe)=8a17cd5eae1e373442b0ed154e56009fdaace790
Wireshark-win64-2.4.3.exe: 57888152 bytes
SHA256(Wireshark-win64-2.4.3.exe)=fbe322534581feba53564d99a342f8a75aaa178af8efbaa9fe9e9298233af41d
RIPEMD160(Wireshark-win64-2.4.3.exe)=41fffe5f4f686921d5911365913fd3871f5e1d4d
SHA1(Wireshark-win64-2.4.3.exe)=07f593d04185d79232dc839f8e8df65e46420098
Wireshark-win32-2.4.3.msi: 41930752 bytes
SHA256(Wireshark-win32-2.4.3.msi)=13114b733a2c2cdc1e6976d974bb89b6ab5bcaaf0eaac114e66e83e2a12bec78
RIPEMD160(Wireshark-win32-2.4.3.msi)=866fd277727fab8aa0a56870491ae5e9c1c64f99
SHA1(Wireshark-win32-2.4.3.msi)=b3ab06e999a3e8c81ec677287a46e1a0d044b35e
Wireshark-win64-2.4.3.msi: 47005696 bytes
SHA256(Wireshark-win64-2.4.3.msi)=a5aa656e7c6a894635e669d1927d2b71307f7f3b2069ba8c5d7a21048ded19d3
RIPEMD160(Wireshark-win64-2.4.3.msi)=a9b8d4b073ffbdfe72276cf41be0f39d68be9687
SHA1(Wireshark-win64-2.4.3.msi)=e41d08ef2cebdc19833abd0b3cee9788f82c5e6b
WiresharkPortable_2.4.3.paf.exe: 45325376 bytes
SHA256(WiresharkPortable_2.4.3.paf.exe)=50530cb69572b7891c05f1830c72f831336fd96c550ba5b8202da2b907e68f57
RIPEMD160(WiresharkPortable_2.4.3.paf.exe)=57db4ebb9ba6aac54322545d0b4ecf99d1bee3b1
SHA1(WiresharkPortable_2.4.3.paf.exe)=7bb2fbd347485b7e2a974dfa2814f84f8addd833
Wireshark 2.4.3 Intel 64.dmg: 35234122 bytes
SHA256(Wireshark 2.4.3 Intel 64.dmg)=61f500c923b729be56b4bf453c2fca865cd921b8cc153da8a79d45a3f932bdd3
RIPEMD160(Wireshark 2.4.3 Intel 64.dmg)=e90cc219073785384f6137fbd74e86972fe1e30e
SHA1(Wireshark 2.4.3 Intel 64.dmg)=711b9a11cced0e4d7b9284598c012217e3555f2d
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlog0R4ACgkQgiRKeOb+
ruqtHA/7B/+EgBKG6HFGqz9I2E25adozILjnsOrnFaqnh1j7c5gaLhstsw9LY2Xz
rogCUA9i5BGT0RqEvGBtxFWZPBKcSkKmfOhW/VZoxePvnilL6pyqPzGB/rww8MTw
oh1U63A9n6gmgxJMfFGkVg5dyufaOKVywJ/DPAkLmIQR7lZfxCvHddlKx/10hq6k
YbAaupqo/ZA8I05SV2Ovrj8LAeqxwv9C7vrHmp2lBTslTPxCO6+byBgKaw8zuAO/
6yjrplQy6fji+lcOKrNVhELo5D9L9vlPRx0Drvpktb4jd+lt+Rz2oLrIa5auOrlD
SzKH05HdSkzjdStHlzOwRy2mCOusY0EIGZ6eFQRZz4w+KRWWIlU87SXifuzczMwt
gnJRWT2owFrmeN1ihqK8iiH+4/zcWDxElNWw3L0INKmWXaWchRkJ1M7TP86Sr60F
s15RhkkljFEFHBo8DHDs2XJ81N0eDskHliZzjV87wbMEDp3mXAiyOKjyiFflOH9e
DsSxsnt+PfthkmwsFnF8kVEeylKMeihrNMTQHMJ6o1srwowRZa0mP6Pl/TrdyGZr
+6ER/kxkltmZjZBwOCszMZxZdNoyteANwZzGu/y/I1IpRGVI6WGxYIhLRiOJTljZ
90N+3nRv9Qff6CJvn9peAZS7/Rz2dldRiggHu2NFozCQExAlG3k=
=yV+r
-----END PGP SIGNATURE-----

60
SIGNATURES-2.4.4.txt Normal file
View File

@ -0,0 +1,60 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.4.4.tar.xz: 28818372 bytes
SHA256(wireshark-2.4.4.tar.xz)=049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58
RIPEMD160(wireshark-2.4.4.tar.xz)=ee062bc380db3efce21640774bf6cb5c327b8b27
SHA1(wireshark-2.4.4.tar.xz)=cefc8e6666ee2f73d7f96f2708d582c57abb486f
Wireshark-win32-2.4.4.exe: 52697912 bytes
SHA256(Wireshark-win32-2.4.4.exe)=1f93c1df271aeaa60161d67abd9e17f48f07f1a7cfc84c3c09076be23b2a845e
RIPEMD160(Wireshark-win32-2.4.4.exe)=93ce703dc83c6cc0c23ade12a59bcbaa6088b8ba
SHA1(Wireshark-win32-2.4.4.exe)=1d14fb39f382909587ac9ce65477f1702570cb3a
Wireshark-win64-2.4.4.exe: 57913704 bytes
SHA256(Wireshark-win64-2.4.4.exe)=f532b664921a317c151ef0fb2b4e7badcdb9ecd5a969d38bd54568a6a0a18c68
RIPEMD160(Wireshark-win64-2.4.4.exe)=137f4225a15183bacc9c4c51522a99b624095c39
SHA1(Wireshark-win64-2.4.4.exe)=e7890e6445118a9238cab51cf89407c6fdd2235d
Wireshark-win64-2.4.4.msi: 47095808 bytes
SHA256(Wireshark-win64-2.4.4.msi)=38293816156d0aa51302e09fa2901a24913eb8e1b8cebee9bb90b318d85343f5
RIPEMD160(Wireshark-win64-2.4.4.msi)=5b50bc5d30dad6f5e9eac8539da57c373f5c291d
SHA1(Wireshark-win64-2.4.4.msi)=70c0be5ff3d5d61428e7b07885a979d12e82ea6b
Wireshark-win32-2.4.4.msi: 41943040 bytes
SHA256(Wireshark-win32-2.4.4.msi)=0407314ae45c391ca6cccddf428b8f452e6dbbfee13143d4cb178f643e8a5a8b
RIPEMD160(Wireshark-win32-2.4.4.msi)=22b168509f5bf9e8df2013aed781686ad89959b8
SHA1(Wireshark-win32-2.4.4.msi)=003c2d7c3670b19b4397fc9855683e65ea12ea56
WiresharkPortable_2.4.4.paf.exe: 45378496 bytes
SHA256(WiresharkPortable_2.4.4.paf.exe)=4c6c0481ed216e797351fc38ba63754e37ac4cb2686595204f9be00d3b5dd4bb
RIPEMD160(WiresharkPortable_2.4.4.paf.exe)=773aa2c4fc2cd4126fd3da06da3066c27e45cd79
SHA1(WiresharkPortable_2.4.4.paf.exe)=f484dd8d2bba9ccaefe187c0e50f30c231141bce
Wireshark 2.4.4 Intel 64.dmg: 35240389 bytes
SHA256(Wireshark 2.4.4 Intel 64.dmg)=eb6d9a304b2697a90f267bd8734926a9fe37939aab8394a550cd4c272dd15e11
RIPEMD160(Wireshark 2.4.4 Intel 64.dmg)=9cdf3614de288ae38170fae1d540bb3b874f997b
SHA1(Wireshark 2.4.4 Intel 64.dmg)=c1e169fbf3797a082b638cd8415d20f63d476131
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlpXv64ACgkQgiRKeOb+
ruqbgxAA3QnAr+1jKvBZUCApOSPxe/Hfz3MUoVBdnhj/bCDyAjACRLfRf91ODXPL
KGIt6d33W9N/FyK4M+6woYNHNdBiRW1UUuCsby1Z/0vdZ/LAtwJz6IeqNFS+g3Co
jVMVYBGLivSfwi0ZJWEiP1VILe2vKlUmAfgU5CTgtHrAHMTtrdvZIuzjnMLPNNqZ
1CYA7130Rda2pRWXbZWtgNf10VyRorpcMJ1y6ADZzm66GOJUQ585k0JCYgmLARPJ
1gy/VROrISMkVXETJnw6mR5pnSoqSoUrzz7QJoaDBDHXQugWhdLBDjKAcYTxQDZK
jcpDzPzXVeMF2l6LG+B0zDNzfPhAZHA5E9RRNew1Gth+bhC5UYV4+KW59Ovu3i/e
PfYWjUUmctzsOmibk3icf1PY5b6VqBNC9LMfnhmn/wg/uFDRwBWVe8pyvZCl7TVy
W+Y/YF6buB1L2aacKMmCyM8Gxptd+Tp3gnYrEInUVof+SsLulLrEM83dBEjvT3zr
Bxuv/47ZLSFmKv51/jj/3zNQ7NX3IYJbLTwWdGUsQE8ue2VBKE7mgLmvbtaRpAEh
5z18cPVMzdba7ufYGVt4ZuXR4sWrWBjVsaXWyjhGZxVygR/l0feVm8kcCufVJb4C
jNsdTLruH0Z6P9AuVPFf/ebgbARBytPfQI1zSBwM2NyCDKAwMno=
=uhIZ
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e
size 28807920

3
wireshark-2.4.4.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58
size 28818372

View File

@ -1,3 +1,17 @@
-------------------------------------------------------------------
Fri Jan 12 19:38:34 UTC 2018 - astieger@suse.com
- Wireshark 2.4.4:
* fixes for dissector crashes:
+ CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
+ CVE-2018-5335: WCP dissector could crash (bsc#1075738)
+ CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
* No longer enable the Linux kernel BPF JIT compiler via the
net.core.bpf_jit_enable sysctl, as this would make systems
more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753)
* Further bug fixes and updated protocol support as listed in:
ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html
-------------------------------------------------------------------
Fri Dec 1 13:02:14 UTC 2017 - astieger@suse.com

View File

@ -1,7 +1,7 @@
#
# spec file for package wireshark
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -36,7 +36,7 @@
%bcond_with geoip
%endif
Name: wireshark
Version: 2.4.3
Version: 2.4.4
Release: 0
Summary: A Network Traffic Analyser
License: GPL-2.0+ AND GPL-3.0+