From cab071b013e5d6f4ca85a2d7d24bd932c93b09ed809d3222c2f70bc381540919 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Sat, 18 May 2013 06:29:42 +0000 Subject: [PATCH 1/2] Accepting request 176025 from home:AndreasStieger:branches:network:utilities update to 1.8.7 [bnc#820566] OBS-URL: https://build.opensuse.org/request/show/176025 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=86 --- SIGNATURES-1.8.6.txt | 54 ----------------------------------------- SIGNATURES-1.8.7.txt | 54 +++++++++++++++++++++++++++++++++++++++++ wireshark-1.8.6.tar.bz2 | 3 --- wireshark-1.8.7.tar.bz2 | 3 +++ wireshark.changes | 26 ++++++++++++++++++++ wireshark.spec | 2 +- 6 files changed, 84 insertions(+), 58 deletions(-) delete mode 100644 SIGNATURES-1.8.6.txt create mode 100644 SIGNATURES-1.8.7.txt delete mode 100644 wireshark-1.8.6.tar.bz2 create mode 100644 wireshark-1.8.7.tar.bz2 diff --git a/SIGNATURES-1.8.6.txt b/SIGNATURES-1.8.6.txt deleted file mode 100644 index 21033b1..0000000 --- a/SIGNATURES-1.8.6.txt +++ /dev/null @@ -1,54 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -wireshark-1.8.6.tar.bz2: 24250787 bytes -MD5(wireshark-1.8.6.tar.bz2)=317361e701936c72f7f18f857059b944 -SHA1(wireshark-1.8.6.tar.bz2)=0f51ed901b5e07cceb1373f3368f739be8f1e827 -RIPEMD160(wireshark-1.8.6.tar.bz2)=21688bef39816cc81d596205eefc5a067e5d6c25 - -Wireshark-win64-1.8.6.exe: 26847472 bytes -MD5(Wireshark-win64-1.8.6.exe)=ddd3d98096538e357e2dd0d6cd04ed6b -SHA1(Wireshark-win64-1.8.6.exe)=0d042dce029072dfcb8f52f49aa0c84bfb6d8a69 -RIPEMD160(Wireshark-win64-1.8.6.exe)=2656bf18e3131da2b64feeb4d91c687768fe6f1f - -Wireshark-win32-1.8.6.exe: 21173600 bytes -MD5(Wireshark-win32-1.8.6.exe)=3a0de374fc4979001727bfa5fc19d3c5 -SHA1(Wireshark-win32-1.8.6.exe)=bed78fb3c51cfec9914bf46f6257da2541407d5c -RIPEMD160(Wireshark-win32-1.8.6.exe)=e6cb0e40236093f5bf45909d1c306b64b0b99264 - -Wireshark-1.8.6.u3p: 28607931 bytes -MD5(Wireshark-1.8.6.u3p)=fa19996f6c69f68d011565b2c49c27b3 -SHA1(Wireshark-1.8.6.u3p)=e29efab380c4da61b25678c764403719b0088875 -RIPEMD160(Wireshark-1.8.6.u3p)=01cb4634b95e8b08387711fab79f674d1dcae4b4 - -WiresharkPortable-1.8.6.paf.exe: 22184584 bytes -MD5(WiresharkPortable-1.8.6.paf.exe)=a09a4ab23ffff08685d0ef42a0dc0f09 -SHA1(WiresharkPortable-1.8.6.paf.exe)=f6f39ee3b202488ce3c48521692599a458c024e0 -RIPEMD160(WiresharkPortable-1.8.6.paf.exe)=68a2dcf651c661499717a0f6c2abacabca48d94e - -Wireshark 1.8.6 Intel 32.dmg: 22122012 bytes -MD5(Wireshark 1.8.6 Intel 32.dmg)=41b1249c0e0bdf0d851a816d20e01c12 -SHA1(Wireshark 1.8.6 Intel 32.dmg)=d8eaf89fd2fdf13f47aaa9a25c1587a760534635 -RIPEMD160(Wireshark 1.8.6 Intel 32.dmg)=ccadbdadddfd19991a6c7af9d2643a343fb3db75 - -Wireshark 1.8.6 PPC 32.dmg: 22934708 bytes -MD5(Wireshark 1.8.6 PPC 32.dmg)=e9556eeacd50ddb4e70c9e5f98c442fa -SHA1(Wireshark 1.8.6 PPC 32.dmg)=a8c8b2f6fb659b20ef2ae7785a2b5646f33c7ff5 -RIPEMD160(Wireshark 1.8.6 PPC 32.dmg)=7b6a0e6161c1fb1d31caf7a6b5007cd38fce62f6 - -Wireshark 1.8.6 Intel 64.dmg: 21799059 bytes -MD5(Wireshark 1.8.6 Intel 64.dmg)=265318dd55f4fd3dca228d9afc9348fe -SHA1(Wireshark 1.8.6 Intel 64.dmg)=475ae0f50e65399a9a16c8266e505e8d9b27d308 -RIPEMD160(Wireshark 1.8.6 Intel 64.dmg)=281386411018db57322e04c6c24927e9a7a774e7 - -patch-wireshark-1.8.5-to-1.8.6.diff.bz2: 385614 bytes -MD5(patch-wireshark-1.8.5-to-1.8.6.diff.bz2)=1a61fcdfaf6d17d40cbe961951c1133e -SHA1(patch-wireshark-1.8.5-to-1.8.6.diff.bz2)=18d53194b13de978d950394734ab7302f6d0394a -RIPEMD160(patch-wireshark-1.8.5-to-1.8.6.diff.bz2)=b542539170925e88b52940ca41b65be1d0167a7c ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.12 (Darwin) - -iEYEARECAAYFAlE3xcUACgkQpw8IXSHylJrbBQCfZNtcBR0tbayTH4LSikKn/tVY -3/kAoK21Cq19K4bhkOcEnHHEyelZWFOm -=arCK ------END PGP SIGNATURE----- diff --git a/SIGNATURES-1.8.7.txt b/SIGNATURES-1.8.7.txt new file mode 100644 index 0000000..7ce04c5 --- /dev/null +++ b/SIGNATURES-1.8.7.txt @@ -0,0 +1,54 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +wireshark-1.8.7.tar.bz2: 24273700 bytes +MD5(wireshark-1.8.7.tar.bz2)=f4198728a20aa40752906031e08544f8 +SHA1(wireshark-1.8.7.tar.bz2)=c131ce10555e608e691aa36190c8d5a1b271c955 +RIPEMD160(wireshark-1.8.7.tar.bz2)=c9a2b59441a517e4943a2b7e3e994694125b1759 + +Wireshark-win32-1.8.7.exe: 20868704 bytes +MD5(Wireshark-win32-1.8.7.exe)=7aee0d82ed4efa3e709aa9e42a86c34c +SHA1(Wireshark-win32-1.8.7.exe)=95f42bfaee23351b504aca3fa57e29c0c2cd3227 +RIPEMD160(Wireshark-win32-1.8.7.exe)=a95e303f9176d754d86a8f8198a801cba5c3e04f + +Wireshark-win64-1.8.7.exe: 26549232 bytes +MD5(Wireshark-win64-1.8.7.exe)=a832cae3e9d0e312c3c1241a970f1080 +SHA1(Wireshark-win64-1.8.7.exe)=845da671608323ca3154c03e47365e26fce80d69 +RIPEMD160(Wireshark-win64-1.8.7.exe)=696f0c8090bcb22e7c2c641925db7b6958ce5df1 + +Wireshark-1.8.7.u3p: 28621210 bytes +MD5(Wireshark-1.8.7.u3p)=e38ae665e9a6799961c75e1c794b0241 +SHA1(Wireshark-1.8.7.u3p)=5feb3b235ffe38315b94bd1de1fd269249737853 +RIPEMD160(Wireshark-1.8.7.u3p)=162f88f661a31fd1902ece049b6d8a4937dd18f7 + +WiresharkPortable-1.8.7.paf.exe: 22051216 bytes +MD5(WiresharkPortable-1.8.7.paf.exe)=5f7624d355520650b1d61f86552ef06c +SHA1(WiresharkPortable-1.8.7.paf.exe)=7fbba81263fb957f37a8694ab36f39aa2d0dda7c +RIPEMD160(WiresharkPortable-1.8.7.paf.exe)=f1ee0f1aff528a88aad79024df371560a593f963 + +Wireshark 1.8.7 PPC 32.dmg: 22938629 bytes +MD5(Wireshark 1.8.7 PPC 32.dmg)=2df64ff6c884f8c9aa036be0ac850dc4 +SHA1(Wireshark 1.8.7 PPC 32.dmg)=fac403ed5616d4f3736dc26ad6b46b43d92eeca5 +RIPEMD160(Wireshark 1.8.7 PPC 32.dmg)=a3a2de3aeac6bfce17f95ed1bc803277cab504b5 + +Wireshark 1.8.7 Intel 64.dmg: 21653924 bytes +MD5(Wireshark 1.8.7 Intel 64.dmg)=8615eade01f43e6229d83a3148bd5566 +SHA1(Wireshark 1.8.7 Intel 64.dmg)=3816f7a1d9fdea109a02c49d559f804516ebab6d +RIPEMD160(Wireshark 1.8.7 Intel 64.dmg)=847401b192639fd9ae85c4f2fe33cf6fc25df077 + +Wireshark 1.8.7 Intel 32.dmg: 19734453 bytes +MD5(Wireshark 1.8.7 Intel 32.dmg)=4c5e9c6ae11d0db53cb101acf06fe96f +SHA1(Wireshark 1.8.7 Intel 32.dmg)=5aaf4924318705e041041f2af4145966b63f4baf +RIPEMD160(Wireshark 1.8.7 Intel 32.dmg)=e324792142ea8a76f6f949b3fbe998dba7290c84 + +patch-wireshark-1.8.6-to-1.8.7.diff.bz2: 238913 bytes +MD5(patch-wireshark-1.8.6-to-1.8.7.diff.bz2)=898cc367b1ca964d13d5add01abd7dc3 +SHA1(patch-wireshark-1.8.6-to-1.8.7.diff.bz2)=44668ceb45fc4953d9f782c61abcd67bd75cb8d1 +RIPEMD160(patch-wireshark-1.8.6-to-1.8.7.diff.bz2)=43047d437df36cefce63d295fbbde1973d4867f7 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.12 (Darwin) + +iEYEARECAAYFAlGWkAQACgkQpw8IXSHylJo+gQCgiLc/mfvg7xrsMJ3kEauFEc6/ +uNEAoJz+W0IDVOfXTeHrOTq/WRKiw6vD +=334H +-----END PGP SIGNATURE----- diff --git a/wireshark-1.8.6.tar.bz2 b/wireshark-1.8.6.tar.bz2 deleted file mode 100644 index cc9ef97..0000000 --- a/wireshark-1.8.6.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2722ed3e926c26648faec31a81b7881d829df85762c21794b9dd9e4f227331ea -size 24250787 diff --git a/wireshark-1.8.7.tar.bz2 b/wireshark-1.8.7.tar.bz2 new file mode 100644 index 0000000..f4c9f16 --- /dev/null +++ b/wireshark-1.8.7.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5c7e429c1e410289b49d65a2e635e00c0becdcb56fe703a1d3e7b5e275fca842 +size 24273700 diff --git a/wireshark.changes b/wireshark.changes index 9489e6e..8a890f4 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Sat May 18 05:40:13 UTC 2013 - andreas.stieger@gmx.de + +- update to 1.8.7 [bnc#820566] + + vulnerabilities fixed: + * The RELOAD dissector could go into an infinite loop. + wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 + * The GTPv2 dissector could crash. + wnpa-sec-2013-24 + * The ASN.1 BER dissector could crash. + wnpa-sec-2013-25 + * The PPP CCP dissector could crash. + wnpa-sec-2013-26 + * The DCP ETSI dissector could crash. + wnpa-sec-2013-27 + * The MPEG DSM-CC dissector could crash. + wnpa-sec-2013-28 + * The Websocket dissector could crash. + wnpa-sec-2013-29 + * The MySQL dissector could go into an infinite loop. + wnpa-sec-2013-30 + * The ETCH dissector could go into a large loop. + wnpa-sec-2013-31 + + Further bug fixes and updated protocol support as listed in: + https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html + ------------------------------------------------------------------- Sat Mar 9 11:24:29 UTC 2013 - andreas.stieger@gmx.de diff --git a/wireshark.spec b/wireshark.spec index ac620a7..31c3285 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -20,7 +20,7 @@ %define use_caps 0 Name: wireshark -Version: 1.8.6 +Version: 1.8.7 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ and GPL-3.0+ From 23ef4be00188f59aedb18f733d7512bc796352eeb3448aaf7e98dff9693e0959 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Thu, 23 May 2013 19:39:53 +0000 Subject: [PATCH 2/2] added CVEs for last changelog entry OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=87 --- wireshark.changes | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/wireshark.changes b/wireshark.changes index 8a890f4..7003586 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,26 +1,26 @@ ------------------------------------------------------------------- -Sat May 18 05:40:13 UTC 2013 - andreas.stieger@gmx.de +Thu May 23 19:37:57 UTC 2013 - andreas.stieger@gmx.de - update to 1.8.7 [bnc#820566] + vulnerabilities fixed: * The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 * The GTPv2 dissector could crash. - wnpa-sec-2013-24 + wnpa-sec-2013-24 CVE-2013-3555 * The ASN.1 BER dissector could crash. - wnpa-sec-2013-25 + wnpa-sec-2013-25 CVE-2013-3556 CVE-2013-3557 * The PPP CCP dissector could crash. - wnpa-sec-2013-26 + wnpa-sec-2013-26 CVE-2013-3558 * The DCP ETSI dissector could crash. - wnpa-sec-2013-27 + wnpa-sec-2013-27 CVE-2013-3559 * The MPEG DSM-CC dissector could crash. - wnpa-sec-2013-28 + wnpa-sec-2013-28 CVE-2013-3560 * The Websocket dissector could crash. - wnpa-sec-2013-29 + wnpa-sec-2013-29 CVE-2013-3561 CVE-2013-3562 * The MySQL dissector could go into an infinite loop. - wnpa-sec-2013-30 + wnpa-sec-2013-30 CVE-2013-3561 * The ETCH dissector could go into a large loop. - wnpa-sec-2013-31 + wnpa-sec-2013-31 CVE-2013-3561 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html