Accepting request 339307 from network:utilities

Wireshark 1.12.8 [boo#950437] CVE-2015-7830

OBS-URL: https://build.opensuse.org/request/show/339307
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wireshark?expand=0&rev=102
This commit is contained in:
Dominique Leuenberger 2015-10-19 20:52:14 +00:00 committed by Git OBS Bridge
commit dc6797b830
7 changed files with 60 additions and 101 deletions

View File

@ -1,44 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
wireshark-1.12.7.tar.bz2: 29202490 bytes
MD5(wireshark-1.12.7.tar.bz2)=c8ae53f648b1dcbf6e74495401a0f1ab
SHA1(wireshark-1.12.7.tar.bz2)=bed365bacfd0b5c653d8568ad25e52957659bd9f
RIPEMD160(wireshark-1.12.7.tar.bz2)=4a36875d9203112045c41a9adf312b0a4f83bd49
Wireshark-win32-1.12.7.exe: 23613224 bytes
MD5(Wireshark-win32-1.12.7.exe)=cf407c3dcea767f67eb6bea7440e53c2
SHA1(Wireshark-win32-1.12.7.exe)=647ec4aceeee6b62697680c62e0cf105858287e2
RIPEMD160(Wireshark-win32-1.12.7.exe)=aeb49bdbaf9ea562fd3d5bd8b46904f4c43522c3
Wireshark-win64-1.12.7.exe: 29857792 bytes
MD5(Wireshark-win64-1.12.7.exe)=582a908bf6113c34a31c83d05477b3b2
SHA1(Wireshark-win64-1.12.7.exe)=2f57b9de65b655f3c724025c87a9f7a4578fc5c7
RIPEMD160(Wireshark-win64-1.12.7.exe)=7515b69a33ea2a559ea5632958deed9e7394d26a
WiresharkPortable-1.12.7.paf.exe: 29908896 bytes
MD5(WiresharkPortable-1.12.7.paf.exe)=b9bc91c5cea564c3407c4c5e431f051b
SHA1(WiresharkPortable-1.12.7.paf.exe)=8b097521fafe40fe1da7085a277c02a853a321fb
RIPEMD160(WiresharkPortable-1.12.7.paf.exe)=a44d9fcfff4383e43e360688ad1c246724d01d2e
Wireshark 1.12.7 Intel 64.dmg: 26429968 bytes
MD5(Wireshark 1.12.7 Intel 64.dmg)=e2d1da242114268be08ab9c78e578190
SHA1(Wireshark 1.12.7 Intel 64.dmg)=1e8efad7abce2dabf7c20d90594f69f0fa1ecb06
RIPEMD160(Wireshark 1.12.7 Intel 64.dmg)=2766b27ae03cc4df13fca9012b7bb11871c6aa59
Wireshark 1.12.7 Intel 32.dmg: 21884206 bytes
MD5(Wireshark 1.12.7 Intel 32.dmg)=501f54ce4070c747af8bb7f8d55990ff
SHA1(Wireshark 1.12.7 Intel 32.dmg)=68909564863fd56ab97f436c46a1642929b09306
RIPEMD160(Wireshark 1.12.7 Intel 32.dmg)=bc0275529a6d81322167f21e6399f3c97d5c43a0
patch-wireshark-1.12.6-to-1.12.7.bz2: 160154 bytes
MD5(patch-wireshark-1.12.6-to-1.12.7.bz2)=f8a470dd5a37236d63725743fc9b8cdb
SHA1(patch-wireshark-1.12.6-to-1.12.7.bz2)=7f624c9fd935eb2bd02cd8cb31425e42f1506bea
RIPEMD160(patch-wireshark-1.12.6-to-1.12.7.bz2)=65209e4bb5288e828b6cee33340818fde29bf0f6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlXLi0gACgkQpw8IXSHylJqrgwCgo3kIIdrdXL8i9og/w3a23ung
Z80Ani5rLhDpJOmdPuv0Gbn6EwPxPuYQ
=G12V
-----END PGP SIGNATURE-----

44
SIGNATURES-1.12.8.txt Normal file
View File

@ -0,0 +1,44 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
wireshark-1.12.8.tar.bz2: 29216939 bytes
MD5(wireshark-1.12.8.tar.bz2)=988a4595a4a87dafb3c4870ea40e89b5
SHA1(wireshark-1.12.8.tar.bz2)=d8c23120525a2f3505e822b7684e7367bcd0ba70
RIPEMD160(wireshark-1.12.8.tar.bz2)=bf87fd1e3404d04f6123d09798b46ea5b2af49e9
Wireshark-win64-1.12.8.exe: 29873720 bytes
MD5(Wireshark-win64-1.12.8.exe)=c84ebbac5e745baa9ac111d65b2bfa47
SHA1(Wireshark-win64-1.12.8.exe)=390007f3a8b9272b02ec0e582363c80e9b7f2a3b
RIPEMD160(Wireshark-win64-1.12.8.exe)=4fa29aa0059770ec92b72b2e5ba6d1f5646d74e9
Wireshark-win32-1.12.8.exe: 23626472 bytes
MD5(Wireshark-win32-1.12.8.exe)=4ce67178ca615d20fc4df6969e8c8358
SHA1(Wireshark-win32-1.12.8.exe)=f29629affdf09643c0dec192c4a666e599052263
RIPEMD160(Wireshark-win32-1.12.8.exe)=938ee624703f23b4af7fefa466665f957ba7389c
WiresharkPortable-1.12.8.paf.exe: 29925920 bytes
MD5(WiresharkPortable-1.12.8.paf.exe)=fd32d16cdd9f5c4df966a5ebabe38581
SHA1(WiresharkPortable-1.12.8.paf.exe)=98719b8b6ce699ec1dbe8267a844a3972f32f33b
RIPEMD160(WiresharkPortable-1.12.8.paf.exe)=bb08ee9f16d5da3cb105bf99656307bad6a42381
Wireshark 1.12.8 Intel 64.dmg: 26464983 bytes
MD5(Wireshark 1.12.8 Intel 64.dmg)=c80a98b5d8f22bda5c563e4d404f0f7c
SHA1(Wireshark 1.12.8 Intel 64.dmg)=11449cb460a1272de7deaa9d65e97159835753fc
RIPEMD160(Wireshark 1.12.8 Intel 64.dmg)=70f353c5b54fa704508916a114d06d53c5aa1349
Wireshark 1.12.8 Intel 32.dmg: 21918844 bytes
MD5(Wireshark 1.12.8 Intel 32.dmg)=0bc58a80dc827ff2b84c24b04334e8e7
SHA1(Wireshark 1.12.8 Intel 32.dmg)=48ef32167f4705bfef4cae969fe407a69afa27ac
RIPEMD160(Wireshark 1.12.8 Intel 32.dmg)=c05e586f2ff6a966eceaccb4db68c6c5bfefb9e0
patch-wireshark-1.12.7-to-1.12.8.bz2: 441533 bytes
MD5(patch-wireshark-1.12.7-to-1.12.8.bz2)=0346dea0f19d86f67ecc38f0bb3f0906
SHA1(patch-wireshark-1.12.7-to-1.12.8.bz2)=c4abf43357e1a1686c80cba2109e82c1f8a5ae08
RIPEMD160(patch-wireshark-1.12.7-to-1.12.8.bz2)=021f138a52ba6c430d9bedd906423a69a084102e
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlYen/EACgkQpw8IXSHylJrGzwCgkOcONces9ITtuWb3CtCb5ici
IUUAoJ5EmfJO8t9yNGmtgrd+BnPCoUOY
=bwGX
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c74a1c14e72ce0f198a93d832e71742c7f312cbbe719e5def9ecef176860f92c
size 29202490

3
wireshark-1.12.8.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:357e0a4e49525d80cdc740bb16539fcdb526ad38cc2ed6cabedafc9bdee5c7e7
size 29216939

View File

@ -1,50 +0,0 @@
From: Andreas Stieger <andreas.stieger@gmx.de>
Date: Wed, 03 Dec 2014 00:09:42 +0000
Subject: allow use of deprecated gdk-pixbuf functions
References: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10750 https://git.gnome.org/browse/gdk-pixbuf/commit/?id=48d76fb7f2d059013f5781b199245274998f05c9
Upstream: no
gdk-pixbuf 2.31.2 marked GdkPixdata including as deprecated,
including gdk_pixbuf_new_from_inline. Wireshark builds with
deprecated functions turned off by default, in this case
GDK_PIXBUF_DISABLE_DEPRECATED. Patch to configure.ac to allow use of
deprecated function until upstream has ported the code, or a
replacement patch is available.
Reported upstream:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10750
gdk-pixbuf change:
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=48d76fb7f2d059013f5781b199245274998f05c9
Initial warning:
ui_utils.c: In function 'window_icon_realize_cb':
ui_utils.c:115:5: warning: implicit declaration of function 'gdk_pixbuf_new_from_inline' [-Wimplicit-function-declaration]
icon = gdk_pixbuf_new_from_inline(-1, wsicon_16_pb_data, FALSE, NULL);
^
Causes these warnings due to the implicit declaration:
gui_utils.c:115:10: warning: assignment makes pointer from integer without a cast [enabled by default]
icon = gdk_pixbuf_new_from_inline(-1, wsicon_16_pb_data, FALSE, NULL);
^
Fails the package checks in these lines:
E: wireshark 64bit-portability-issue gui_utils.c:115, 117, 119, 121, 512
E: wireshark 64bit-portability-issue main.c:1513, 1519, 1525, 1531
E: wireshark 64bit-portability-issue prefs_layout.c:346, 347, 348, 349, 350, 351
E: wireshark 64bit-portability-issue stock_icons.c:413, 425
---
configure.ac | 1 -
1 file changed, 1 deletion(-)
Index: wireshark-1.12.2/configure.ac
===================================================================
--- wireshark-1.12.2.orig/configure.ac 2014-11-12 18:44:05.000000000 +0000
+++ wireshark-1.12.2/configure.ac 2014-12-03 00:06:17.000000000 +0000
@@ -1531,7 +1531,6 @@ fi
if test "$have_gtk" = "yes" ; then
# If we have GTK then add flags for it.
- CPPFLAGS="-DGDK_PIXBUF_DISABLE_DEPRECATED $CPPFLAGS"
CPPFLAGS="-DGDK_DISABLE_DEPRECATED $CPPFLAGS"
if test \( $gtk_config_major_version -eq 3 -a $gtk_config_minor_version -ge 10 \) ; then
## Allow use of deprecated & disable deprecated warnings if Gtk >= 3.10;

View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Fri Oct 16 14:36:16 UTC 2015 - astieger@suse.com
- Wireshark 1.12.8 [boo#950437]
The following vulnerabilities have been fixed:
* pcapng file parser could crash while copying an interface filter.
wnpa-sec-2015-30 CVE-2015-7830
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.8.html
- drop upstream wireshark-1.12.x-allow-gdk-pixbuf-deprecation.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Aug 12 19:40:25 UTC 2015 - astieger@suse.com Wed Aug 12 19:40:25 UTC 2015 - astieger@suse.com

View File

@ -25,7 +25,7 @@
%define use_gnutls 0%{?suse_version} >= 1310 || 0%{?suse_version} == 1110 %define use_gnutls 0%{?suse_version} >= 1310 || 0%{?suse_version} == 1110
Name: wireshark Name: wireshark
Version: 1.12.7 Version: 1.12.8
Release: 0 Release: 0
Summary: A Network Traffic Analyser Summary: A Network Traffic Analyser
License: GPL-2.0+ and GPL-3.0+ License: GPL-2.0+ and GPL-3.0+
@ -41,7 +41,6 @@ Patch1: wireshark-1.2.0-disable-warning-dialog.patch
Patch2: wireshark-1.2.0-geoip.patch Patch2: wireshark-1.2.0-geoip.patch
Patch4: wireshark-1.10.0-enable_lua.patch Patch4: wireshark-1.10.0-enable_lua.patch
Patch5: wireshark-1.10.0-authors-pod2man.patch Patch5: wireshark-1.10.0-authors-pod2man.patch
Patch6: wireshark-1.12.x-allow-gdk-pixbuf-deprecation.patch
Patch7: wireshark-pkg-config.patch Patch7: wireshark-pkg-config.patch
Patch8: wireshark-1.12.6-fix-QT-PIC-PIE.patch Patch8: wireshark-1.12.6-fix-QT-PIC-PIE.patch
BuildRequires: bison BuildRequires: bison
@ -108,7 +107,7 @@ BuildRequires: libgnutls-devel >= 1.2.0
BuildConflicts: libgnutls-devel >= 3.0.0 BuildConflicts: libgnutls-devel >= 3.0.0
%endif # SLE 11 %endif # SLE 11
%endif # use_gnutls %endif # use_gnutls
# for patch6 wireshark-1.12.x-allow-gdk-pixbuf-deprecation.patch # for patch7 wireshark-1.12.6-fix-QT-PIC-PIE.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: libtool BuildRequires: libtool
@ -193,7 +192,6 @@ sed \
%endif # with qt %endif # with qt
%patch5 -p1 %patch5 -p1
%patch6 -p1
%patch7 -p1 %patch7 -p1
%patch8 -p1 %patch8 -p1