Accepting request 500569 from network:utilities

- Wireshark 2.2.7 (bsc#1042330):
  This release fixes minor vulnerabilities that could be used to
  trigger dissector crashes, infinite loopsm or cause excessive use
  of CPU resources by making Wireshark read specially crafted
  packages from the network or a capture file:
  * CVE-2017-9352: Bazaar dissector infinite loop (bsc#1042304)
  * CVE-2017-9348: DOF dissector read overflow (bsc#1042303)
  * CVE-2017-9351: DHCP dissector read overflow (bsc#1042302)
  * CVE-2017-9346: SoulSeek dissector infinite loop (bsc#1042301)
  * CVE-2017-9345: DNS dissector infinite loop (bsc#1042300)
  * CVE-2017-9349: DICOM dissector infinite loop (bsc#1042305)
  * CVE-2017-9350: openSAFETY dissector memory exhaustion (bsc#1042299)
  * CVE-2017-9344: BT L2CAP dissector divide by zero (bsc#1042298)
  * CVE-2017-9343: MSNIP dissector crash (bsc#1042309)
  * CVE-2017-9347: ROS dissector crash (bsc#1042308)
  * CVE-2017-9354: RGMP dissector crash (bsc#1042307)
  * CVE-2017-9353: IPv6 dissector crash (bsc#1042306)

OBS-URL: https://build.opensuse.org/request/show/500569
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wireshark?expand=0&rev=125
This commit is contained in:
Dominique Leuenberger 2017-06-04 00:00:10 +00:00 committed by Git OBS Bridge
commit be6ef71e85
6 changed files with 73 additions and 52 deletions

View File

@ -1,48 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.2.6.tar.bz2: 32317335 bytes
SHA256(wireshark-2.2.6.tar.bz2)=f627d51eda85f5ae5f5c8c9fc1f6539ffc2a270dd7500dc7f67490a8534ca849
RIPEMD160(wireshark-2.2.6.tar.bz2)=12574c3536c621164215a5a3c1840d87489cc189
SHA1(wireshark-2.2.6.tar.bz2)=608c0ece0d7c0f9c82f031e69c87c0de57c3f0dd
MD5(wireshark-2.2.6.tar.bz2)=2cd9a35c2df8c32668c1776784f074df
Wireshark-win32-2.2.6.exe: 44522984 bytes
SHA256(Wireshark-win32-2.2.6.exe)=d43a3194d4cb6899bda39fb24e43bbfd8497d6c2794658f69955b7d6a111a796
RIPEMD160(Wireshark-win32-2.2.6.exe)=8ac37da27beaaeb6b982459c22c203ec5ad1e5f0
SHA1(Wireshark-win32-2.2.6.exe)=710a1540fb39b15db7db7c2fa652ab80eeca296c
MD5(Wireshark-win32-2.2.6.exe)=32807564710c35f67b10750f4d570b6a
Wireshark-win64-2.2.6.exe: 49385272 bytes
SHA256(Wireshark-win64-2.2.6.exe)=faa10fe979440aa231478b8ad35ae5810020f814438e735e6edd57611465c405
RIPEMD160(Wireshark-win64-2.2.6.exe)=b584223cea4db8f2cabd04e7654732cb3696d26c
SHA1(Wireshark-win64-2.2.6.exe)=cdbb1b95293238dce38c3e1a8940b99daf48fbdc
MD5(Wireshark-win64-2.2.6.exe)=74ce176674b5c7e26874f2a8f3c55153
WiresharkPortable_2.2.6.paf.exe: 46147304 bytes
SHA256(WiresharkPortable_2.2.6.paf.exe)=d884196b54e198621d8b2e0315edd54ee7e38efa9acdd1bfe97841f87e63d878
RIPEMD160(WiresharkPortable_2.2.6.paf.exe)=bce2be0909bfe84d075d0ed852d8663d3fcde5ae
SHA1(WiresharkPortable_2.2.6.paf.exe)=4d25cd67b46b27ab55b6b47b5752b4b9507e008d
MD5(WiresharkPortable_2.2.6.paf.exe)=a019ab377c55dcf9df7692c2aa44fb23
Wireshark 2.2.6 Intel 64.dmg: 32858564 bytes
SHA256(Wireshark 2.2.6 Intel 64.dmg)=efe30c1729543ae95ce22ad89d41251fee94e38d3d72a4f7a2a25e86a8bc66fe
RIPEMD160(Wireshark 2.2.6 Intel 64.dmg)=e9cf275b5531905366d27ffc65482dcde4c7e35b
SHA1(Wireshark 2.2.6 Intel 64.dmg)=d38a9b38f4a662da6299fd9301f22d3b877b002e
MD5(Wireshark 2.2.6 Intel 64.dmg)=f52d767768925ebae7b7e70bf86ca974
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAljunhAACgkQgiRKeOb+
rupGxhAAoux2lVYbvQuF/56W+MPJP//XL7AeDb0DLFPsg+2CvnnIG4xRWGD/Xs74
zzxDd8d/L6YYfn1BB/pGZDwRHtEpb7srBFxU59K7Lndgt58TyumvBddHq2vuTG0i
KolOJnIMnIgS6zRAXLbPiRnEXbVncT7HglV0XPMqldCQ+UeeeLn17BwW06nD8DlD
qCn4ZLL0Ko1nT6BcfDQ6AifrrOdJ5IVCezZZ7+aWb54+xSR3DPzKEaFBO6P7Q0G9
8u4sIyyc3WUv9j9fCqCwyHwaaWgeWaSVcgU39ta7lUF03wzl8t7ZTKAs2O7c71yr
EN8Lm2IuYzAEwx2vSV164yu4y1l/CsF64QLHwhPFLR5QagydI6qBjCBGgykctzqc
8bHnueguFb+9kF+PdH5rH6bOXArYZAkBSP+fXdHyxfCPwO7GjK7kbGCD7k5uhdjG
R3B7VqxRFzed3LHIAaJ52GcjLZ6gzhqp+zOpZLzCAvJVmryIgq/Eo8/Dsi87/jxp
GuJEKAvBdZfaGdYXTOOzwo6ktTHdCa8w2V2RBMXoulUCqQMT+NYFeZlVsa9Mju7M
hzdevy/DjIDkQgW6nVSjYCdMpCRyRPkbXspSG5SRb4WV/LOP1poWwKBXxT4qai1F
6MyAoqODydWcpypUU6qEU4MGvhyVfylOhFsmmHDLY/Y/sgx51TM=
=cvmE
-----END PGP SIGNATURE-----

48
SIGNATURES-2.2.7.txt Normal file
View File

@ -0,0 +1,48 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.2.7.tar.bz2: 32309420 bytes
SHA256(wireshark-2.2.7.tar.bz2)=689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5
RIPEMD160(wireshark-2.2.7.tar.bz2)=baf598f495c04f3709cb02c9046b8176f5f5c72e
SHA1(wireshark-2.2.7.tar.bz2)=2bb1cdf56a93fb22a66e8179214b587c71f06c9e
MD5(wireshark-2.2.7.tar.bz2)=a4d880554c7f925dafef60fa313b580d
Wireshark-win64-2.2.7.exe: 49400720 bytes
SHA256(Wireshark-win64-2.2.7.exe)=cc8e6feff1e72d1baaafb277e33c9137a76a5edeca629fe4c764070a0719df50
RIPEMD160(Wireshark-win64-2.2.7.exe)=e1b5395752ff672593bb02e02c9d43b969a6d136
SHA1(Wireshark-win64-2.2.7.exe)=bb9f0c2f8448069e8ef33302e3e8a5182a066788
MD5(Wireshark-win64-2.2.7.exe)=30570a7b54c17da897cf155e35a2f44a
Wireshark-win32-2.2.7.exe: 44550128 bytes
SHA256(Wireshark-win32-2.2.7.exe)=6f5ef2ed9aed62f3613f66b960f50663cfb4ec4b59c9fe1fa11ff08137c8a0c0
RIPEMD160(Wireshark-win32-2.2.7.exe)=14aa5ae001272ac7ce1eea2d166f02b89a1de76c
SHA1(Wireshark-win32-2.2.7.exe)=1c778e2885fbf0668f75567841d0b00c73b9c7d6
MD5(Wireshark-win32-2.2.7.exe)=ab254d59f70aec9178aeb8a76a24de50
WiresharkPortable_2.2.7.paf.exe: 46147736 bytes
SHA256(WiresharkPortable_2.2.7.paf.exe)=3fc82830a4d2b0d620ef37c1fd406d99e5cad7ff2c831b1d284f5e87282ae2c1
RIPEMD160(WiresharkPortable_2.2.7.paf.exe)=2d699d1fe6d1bd2e30000cff21837d17d069725f
SHA1(WiresharkPortable_2.2.7.paf.exe)=5cc73524dfc49780ce22f8dfe4d74876c2f9eb5a
MD5(WiresharkPortable_2.2.7.paf.exe)=d05d04a6ce82a7253949d45cc5fb6186
Wireshark 2.2.7 Intel 64.dmg: 32873230 bytes
SHA256(Wireshark 2.2.7 Intel 64.dmg)=6d46e7270fc6b661ece24c0fcaf56c7e4ce4f65501ef055ea46c6cfdf95c6dcb
RIPEMD160(Wireshark 2.2.7 Intel 64.dmg)=7b1ab739f9dc24c03b9b825a8533e0e891ee822f
SHA1(Wireshark 2.2.7 Intel 64.dmg)=50fa591d6fb0d4f59a5c2c9c12c1f114522f8377
MD5(Wireshark 2.2.7 Intel 64.dmg)=2814af6a4f0c851e1d44213d96428919
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlkwdzIACgkQgiRKeOb+
ruqeLw//XkRVualJQ8H5drJUSDQwxDwGwona4R20Bh1EETMeCW+g+IFEx2Me1qcj
460oEZ7JshsUYI2rGeqJSoK3xPLWLsNwdaMrV3hJOT5WiglJq/OZ6XUUrAsWZ25B
+pzYK95SCl3OWeNOpVvj7BKmI8GljzE6MkItSwHeK4+GC4R144UxGBtOjm6iiQHV
stIbec6+lqGYjAAq9V/I+ukYuOoFomlXZcRIMl1/RBB3L8Y2R+xiu+vEUBSNuNgV
IfgBej3ydzHvZpidOMQMGTpiffZ/BMhh/NRvTwv18MHAn60tuyJ3EoQpUMWVOxTR
AZ5dADVvu7ojtCnx5M5rsOdNRq1eW2gHUClVlYYJWWjJ+FD9yu0tyOjsJXkuJHfa
ayrsDATBYFjX3xVEszeUiNj4uYdKt055wa0W6Ra7uvkKH6YrVViROh3WyYVHKofz
JthcSkoqLFZvqkTq01viDcmk3GvNrkxBB5ziCgT4hzHFPh+JQld6GgD9LbUajydR
BOnmKVJlBaozCSJhKd7dIg+dnJeQG8GBEU2rviWqQsYovRl9YOMGa9vmeZApTa5y
WwTbI7OFitfVAgPuLymWActbEBREJfKx5A3RDV/HSgO1UjXs/FEOzbj2RSOT14T5
+tliAL+bMbnLzBDdGKzCDb9Aq/6bgzYfzJFjvF4raopGYsLccqk=
=KpEA
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f627d51eda85f5ae5f5c8c9fc1f6539ffc2a270dd7500dc7f67490a8534ca849
size 32317335

3
wireshark-2.2.7.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5
size 32309420

View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Fri Jun 2 09:21:15 UTC 2017 - astieger@suse.com
- Wireshark 2.2.7 (bsc#1042330):
This release fixes minor vulnerabilities that could be used to
trigger dissector crashes, infinite loopsm or cause excessive use
of CPU resources by making Wireshark read specially crafted
packages from the network or a capture file:
* CVE-2017-9352: Bazaar dissector infinite loop (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exhaustion (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (bsc#1042307)
* CVE-2017-9353: IPv6 dissector crash (bsc#1042306)
------------------------------------------------------------------- -------------------------------------------------------------------
Wed May 17 09:51:33 UTC 2017 - astieger@suse.com Wed May 17 09:51:33 UTC 2017 - astieger@suse.com

View File

@ -36,7 +36,7 @@
%bcond_with geoip %bcond_with geoip
%endif %endif
Name: wireshark Name: wireshark
Version: 2.2.6 Version: 2.2.7
Release: 0 Release: 0
Summary: A Network Traffic Analyser Summary: A Network Traffic Analyser
License: GPL-2.0+ and GPL-3.0+ License: GPL-2.0+ and GPL-3.0+