Accepting request 87344 from home:cyliu:branches:network:utilities
- security fixes (#bnc 718032) * CVE-2011-3266: Wireshark IKE dissector vulnerability * CVE-2011-3360: Wireshark Lua script execution vulnerability * CVE-2011-3483: Wireshark buffer exception handling vulnerability OBS-URL: https://build.opensuse.org/request/show/87344 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=44
This commit is contained in:
parent
429cb13517
commit
c87cef8c94
19
wireshark-1.6.2-CVE-2011-3266.patch
Normal file
19
wireshark-1.6.2-CVE-2011-3266.patch
Normal file
@ -0,0 +1,19 @@
|
||||
--- trunk/epan/dissectors/packet-isakmp.c 2011/07/28 18:17:16 38246
|
||||
+++ trunk/epan/dissectors/packet-isakmp.c 2011/07/28 22:19:46 38247
|
||||
@@ -3880,12 +3880,13 @@
|
||||
offset += 2;
|
||||
length -= 2;
|
||||
|
||||
-
|
||||
- while (length > 0) {
|
||||
+ if (spi_size > 0) {
|
||||
+ while (length > 0) {
|
||||
proto_tree_add_item(tree, hf_isakmp_delete_spi, tvb, offset, spi_size, FALSE);
|
||||
offset+=spi_size;
|
||||
length-=spi_size;
|
||||
- }
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
|
||||
|
10
wireshark-1.6.2-CVE-2011-3360.patch
Normal file
10
wireshark-1.6.2-CVE-2011-3360.patch
Normal file
@ -0,0 +1,10 @@
|
||||
--- trunk/epan/wslua/template-init.lua 2011/08/08 17:59:32 38413
|
||||
+++ trunk/epan/wslua/template-init.lua 2011/08/08 19:10:19 38414
|
||||
@@ -73,5 +73,5 @@
|
||||
DATA_DIR = datafile_path()
|
||||
USER_DIR = persconffile_path()
|
||||
|
||||
-dofile("console.lua")
|
||||
---dofile("dtd_gen.lua")
|
||||
+dofile(DATA_DIR.."console.lua")
|
||||
+--dofile(DATA_DIR.."dtd_gen.lua")
|
12
wireshark-1.6.2-CVE-2011-3483.patch
Normal file
12
wireshark-1.6.2-CVE-2011-3483.patch
Normal file
@ -0,0 +1,12 @@
|
||||
Index: wireshark-1.4.4/epan/packet.c
|
||||
===================================================================
|
||||
--- wireshark-1.4.4.orig/epan/packet.c
|
||||
+++ wireshark-1.4.4/epan/packet.c
|
||||
@@ -321,6 +321,7 @@ dissect_packet(epan_dissect_t *edt, unio
|
||||
edt->pi.annex_a_used = MTP2_ANNEX_A_USED_UNKNOWN;
|
||||
edt->pi.dcerpc_procedure_name="";
|
||||
edt->pi.link_dir = LINK_DIR_UNKNOWN;
|
||||
+ edt->tvb = NULL;
|
||||
|
||||
/* to enable decode as for ethertype=0x0000 (fix for bug 4721) */
|
||||
edt->pi.ethertype = G_MAXINT;
|
@ -1,3 +1,11 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 26 14:07:31 CST 2011 - cyliu@novell.com
|
||||
|
||||
- security fixes (#bnc 718032)
|
||||
* CVE-2011-3266: Wireshark IKE dissector vulnerability
|
||||
* CVE-2011-3360: Wireshark Lua script execution vulnerability
|
||||
* CVE-2011-3483: Wireshark buffer exception handling vulnerability
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 10 06:25:28 UTC 2011 - cyliu@novell.com
|
||||
|
||||
|
@ -45,6 +45,9 @@ Patch9: %{name}-1.2.17-CVE-2011-2175.patch
|
||||
Patch10: %{name}-1.2.17-CVE-2011-1958.patch
|
||||
Patch11: %{name}-1.4.8-CVE-2011-2597.patch
|
||||
Patch12: %{name}-1.4.8-CVE-2011-2698.patch
|
||||
Patch13: %{name}-1.6.2-CVE-2011-3266.patch
|
||||
Patch14: %{name}-1.6.2-CVE-2011-3360.patch
|
||||
Patch15: %{name}-1.6.2-CVE-2011-3483.patch
|
||||
BuildRequires: bison
|
||||
BuildRequires: cairo-devel
|
||||
BuildRequires: flex
|
||||
@ -114,6 +117,9 @@ view the reconstructed stream of a TCP session.
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
|
||||
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark.desktop
|
||||
# run as root on 11.3 and older - bnc#349782
|
||||
|
Loading…
Reference in New Issue
Block a user