From 33ccd5061633777fd8de9231903525352de4486f1939b40d844acf324ecbfcba Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Wed, 30 Jan 2013 20:18:37 +0000 Subject: [PATCH 1/2] Accepting request 150478 from home:AndreasStieger:branches:network:utilities update to 1.8.5 [bnc#801131] OBS-URL: https://build.opensuse.org/request/show/150478 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=79 --- wireshark-1.8.4.tar.bz2 | 3 --- wireshark-1.8.5.tar.bz2 | 3 +++ wireshark.changes | 28 ++++++++++++++++++++++++++++ wireshark.spec | 4 ++-- 4 files changed, 33 insertions(+), 5 deletions(-) delete mode 100644 wireshark-1.8.4.tar.bz2 create mode 100644 wireshark-1.8.5.tar.bz2 diff --git a/wireshark-1.8.4.tar.bz2 b/wireshark-1.8.4.tar.bz2 deleted file mode 100644 index a3192da..0000000 --- a/wireshark-1.8.4.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cae9ec0cb9fa0b732a76c0f72f8c15d763f8cdc2e389cda2da6c48c24559faac -size 24164286 diff --git a/wireshark-1.8.5.tar.bz2 b/wireshark-1.8.5.tar.bz2 new file mode 100644 index 0000000..b994f18 --- /dev/null +++ b/wireshark-1.8.5.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d4e4798216974a3c45e74b03644ee33b64481d2fe5c788c002266e5f141ee372 +size 24196532 diff --git a/wireshark.changes b/wireshark.changes index 4dae591..9f14d8c 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,31 @@ +------------------------------------------------------------------- +Tue Jan 29 22:31:50 UTC 2013 - andreas.stieger@gmx.de + +- update to 1.8.5 [bnc#801131] + + vulnerabilities fixed: + * Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI + DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, + SDP, and SIP dissectors + wnpa-sec-2013-01 + * The CLNP dissector could crash + wnpa-sec-2013-02 + * The DTN dissector could crash + wnpa-sec-2013-03 + * The MS-MMC dissector (and possibly others) could crash + wnpa-sec-2013-04 + * The DTLS dissector could crash + wnpa-sec-2013-05 + * The ROHC dissector could crash + wnpa-sec-2013-06 + * The DCP-ETSI dissector could corrupt memory + wnpa-sec-2013-07 + * The Wireshark dissection engine could crash + wnpa-sec-2013-08 + * The NTLMSSP dissector could overflow a buffer + wnpa-sec-2013-09 + + Further bug fixes and updated protocol support as listed in: + http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html + ------------------------------------------------------------------- Tue Dec 18 09:45:25 UTC 2012 - mvyskocil@suse.com diff --git a/wireshark.spec b/wireshark.spec index a33f4bf..4ee6299 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,7 +1,7 @@ # # spec file for package wireshark # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ %define use_caps 0 Name: wireshark -Version: 1.8.4 +Version: 1.8.5 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ and GPL-3.0+ From aea30e37aa97d5f453384776f44e8ff60db1af0a240364ef66b7ce0086640d62 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Thu, 31 Jan 2013 06:07:01 +0000 Subject: [PATCH 2/2] add CVE references OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=80 --- wireshark.changes | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/wireshark.changes b/wireshark.changes index 9f14d8c..09e99cc 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,28 +1,30 @@ ------------------------------------------------------------------- -Tue Jan 29 22:31:50 UTC 2013 - andreas.stieger@gmx.de +Thu Jan 31 06:01:17 UTC 2013 - andreas.stieger@gmx.de - update to 1.8.5 [bnc#801131] + vulnerabilities fixed: * Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors - wnpa-sec-2013-01 + wnpa-sec-2013-01 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 + CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 + CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 * The CLNP dissector could crash - wnpa-sec-2013-02 + wnpa-sec-2013-02 CVE-2013-1582 * The DTN dissector could crash - wnpa-sec-2013-03 + wnpa-sec-2013-03 CVE-2013-1583 CVE-2013-1584 * The MS-MMC dissector (and possibly others) could crash - wnpa-sec-2013-04 + wnpa-sec-2013-04 CVE-2013-1585 * The DTLS dissector could crash - wnpa-sec-2013-05 + wnpa-sec-2013-05 CVE-2013-1586 * The ROHC dissector could crash - wnpa-sec-2013-06 + wnpa-sec-2013-06 CVE-2013-1587 * The DCP-ETSI dissector could corrupt memory - wnpa-sec-2013-07 + wnpa-sec-2013-07 CVE-2013-1588 * The Wireshark dissection engine could crash - wnpa-sec-2013-08 + wnpa-sec-2013-08 CVE-2013-1589 * The NTLMSSP dissector could overflow a buffer - wnpa-sec-2013-09 + wnpa-sec-2013-09 CVE-2013-1590 + Further bug fixes and updated protocol support as listed in: http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html