From 2b71d2705ee2bbe13fb70bf3328a34e6a65ec1df5a910d7f52f29579b2e154b0 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Fri, 30 Oct 2009 15:28:02 +0000 Subject: [PATCH 1/5] - updated to 1.2.3 - dropped obsoleted 3 CVE patches (see previous entry) OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=8 --- ready | 0 wireshark.spec | 4 ++-- 2 files changed, 2 insertions(+), 2 deletions(-) delete mode 100644 ready diff --git a/ready b/ready deleted file mode 100644 index 473a0f4..0000000 diff --git a/wireshark.spec b/wireshark.spec index 3d46a46..28253ee 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,5 +1,5 @@ # -# spec file for package wireshark (Version 1.2.3) +# spec file for package wireshark (Version 1.2.1) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -23,7 +23,7 @@ License: GPL v2 or later Group: Productivity/Networking/Diagnostic Summary: A Network Traffic Analyser Version: 1.2.3 -Release: 1 +Release: 2 Url: http://www.wireshark.org/ Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2 Source1: include.filelist From d253ef2a1b8953423be5c34419dfbd4983408a675272f30d6e38f62f3a0823f0 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Mon, 2 Nov 2009 15:10:08 +0000 Subject: [PATCH 2/5] checked in OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=9 --- ready | 0 wireshark-1.2.1-CVE-2009-3241.patch | 293 ++++++++++++++++++++++++++++ wireshark-1.2.1-CVE-2009-3242.patch | 12 ++ wireshark-1.2.1-CVE-2009-3243.patch | 67 +++++++ wireshark-1.2.1.tar.bz2 | 3 + wireshark-1.2.3.tar.bz2 | 3 - wireshark.changes | 66 ------- wireshark.spec | 11 +- 8 files changed, 385 insertions(+), 70 deletions(-) create mode 100644 ready create mode 100644 wireshark-1.2.1-CVE-2009-3241.patch create mode 100644 wireshark-1.2.1-CVE-2009-3242.patch create mode 100644 wireshark-1.2.1-CVE-2009-3243.patch create mode 100644 wireshark-1.2.1.tar.bz2 delete mode 100644 wireshark-1.2.3.tar.bz2 diff --git a/ready b/ready new file mode 100644 index 0000000..473a0f4 diff --git a/wireshark-1.2.1-CVE-2009-3241.patch b/wireshark-1.2.1-CVE-2009-3241.patch new file mode 100644 index 0000000..bf75459 --- /dev/null +++ b/wireshark-1.2.1-CVE-2009-3241.patch @@ -0,0 +1,293 @@ +Index: plugins/opcua/opcua_simpletypes.c +=================================================================== +--- plugins/opcua/opcua_simpletypes.c (revision 29812) ++++ plugins/opcua/opcua_simpletypes.c (revision 29813) +@@ -34,9 +34,6 @@ + #include + #include + +-/* string buffer */ +-#define MAX_BUFFER 256 +- + #define DIAGNOSTICINFO_ENCODINGMASK_SYMBOLICID_FLAG 0x01 + #define DIAGNOSTICINFO_ENCODINGMASK_NAMESPACE_FLAG 0x02 + #define DIAGNOSTICINFO_ENCODINGMASK_LOCALIZEDTEXT_FLAG 0x04 +@@ -56,6 +53,9 @@ + #define EXTOBJ_ENCODINGMASK_BINBODY_FLAG 0x01 + #define EXTOBJ_ENCODINGMASK_XMLBODY_FLAG 0x02 + ++/* Chosen arbitrarily */ ++#define MAX_ARRAY_LEN 10000 ++ + static int hf_opcua_diag_mask_symbolicflag = -1; + static int hf_opcua_diag_mask_namespaceflag = -1; + static int hf_opcua_diag_mask_localizedtextflag = -1; +@@ -338,35 +338,28 @@ + + void parseString(proto_tree *tree, tvbuff_t *tvb, gint *pOffset, int hfIndex) + { +- char *szValue = ep_alloc(MAX_BUFFER); ++ char *szValue; + gint iOffset = *pOffset; + gint32 iLen = tvb_get_letohl(tvb, *pOffset); + iOffset+=4; + +- if (szValue) ++ if (iLen == -1) + { +- if (iLen == -1) +- { +- g_snprintf(szValue, MAX_BUFFER, "[OpcUa Null String]"); +- } +- else if (iLen >= 0) +- { +- int iStrLen = iLen; +- if (iStrLen > (MAX_BUFFER-1)) iStrLen = MAX_BUFFER - 1; +- /* copy non null terminated string of length iStrlen */ +- strncpy(szValue, (char*)&tvb->real_data[iOffset], iStrLen); +- /* set null terminator */ +- szValue[iStrLen] = 0; +- iOffset += iLen; /* eat the whole string */ +- } +- else +- { +- g_snprintf(szValue, MAX_BUFFER, "[Invalid String] Ups, something is wrong with this message."); +- } +- ++ proto_tree_add_string(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), ++ "[OpcUa Null String]"); ++ } ++ else if (iLen >= 0) ++ { ++ iOffset += iLen; /* eat the whole string */ ++ proto_tree_add_item(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), TRUE); ++ } ++ else ++ { ++ szValue = ep_strdup_printf("[Invalid String] Invalid length: %d", iLen); + proto_tree_add_string(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), szValue); +- *pOffset = iOffset; + } ++ ++ *pOffset = iOffset; + } + + void parseStatusCode(proto_tree *tree, tvbuff_t *tvb, gint *pOffset, int hfIndex) +@@ -644,10 +637,18 @@ + proto_tree *subtree = proto_item_add_subtree(ti, ett_opcua_array); + int i; + +- for (i=0; i MAX_ARRAY_LEN) ++ { ++ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); ++ return; ++ } ++ ++ *pOffset += 4; + for (i=0; i MAX_ARRAY_LEN) ++ { ++ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); ++ return; ++ } ++ ++ *pOffset += 4; + for (i=0; i MAX_ARRAY_LEN) ++ { ++ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); ++ return; ++ } ++ ++ *pOffset += 4; + for (i=0; icinfo, COL_PROTOCOL, "OpcUa"); + + /* parse message type */ +- if (tvb->real_data[0] == 'H' && tvb->real_data[1] == 'E' && tvb->real_data[2] == 'L') ++ if (tvb_memeql(tvb, 0, "HEL", 3)) + { + msgtype = MSG_HELLO; + pfctParse = parseHello; + } +- else if (tvb->real_data[0] == 'A' && tvb->real_data[1] == 'C' && tvb->real_data[2] == 'K') ++ else if (tvb_memeql(tvb, 0, "ACK", 3)) + { + msgtype = MSG_ACKNOWLEDGE; + pfctParse = parseAcknowledge; + } +- else if (tvb->real_data[0] == 'E' && tvb->real_data[1] == 'R' && tvb->real_data[2] == 'R') ++ else if (tvb_memeql(tvb, 0, "ERR", 3)) + { + msgtype = MSG_ERROR; + pfctParse = parseError; + } +- else if (tvb->real_data[0] == 'M' && tvb->real_data[1] == 'S' && tvb->real_data[2] == 'G') ++ else if (tvb_memeql(tvb, 0, "MSG", 3)) + { + msgtype = MSG_MESSAGE; + pfctParse = parseMessage; + } +- else if (tvb->real_data[0] == 'O' && tvb->real_data[1] == 'P' && tvb->real_data[2] == 'N') ++ else if (tvb_memeql(tvb, 0, "OPN", 3)) + { + msgtype = MSG_OPENSECURECHANNEL; + pfctParse = parseOpenSecureChannel; + } +- else if (tvb->real_data[0] == 'C' && tvb->real_data[1] == 'L' && tvb->real_data[2] == 'O') ++ else if (tvb_memeql(tvb, 0, "CLO", 3)) + { + msgtype = MSG_CLOSESECURECHANNEL; + pfctParse = parseCloseSecureChannel; +Index: plugins/opcua/opcua_transport_layer.c +=================================================================== +--- plugins/opcua/opcua_transport_layer.c (revision 29812) ++++ plugins/opcua/opcua_transport_layer.c (revision 29813) +@@ -126,35 +126,11 @@ + proto_register_field_array(proto, hf, array_length(hf)); + } + +-/** helper functions for adding strings, +- * that are not zero terminated. +- */ +-void addString(proto_tree *tree, +- int hfindex, +- tvbuff_t *tvb, +- gint start, +- gint length, +- const char *value) +-{ +- char *szValue = ep_alloc(256); +- +- if (szValue) +- { +- if (length > 255) length = 255; +- /* copy non null terminated string data */ +- strncpy(szValue, value, length); +- /* set null terminator */ +- szValue[length] = 0; +- +- proto_tree_add_string(tree, hfindex, tvb, start, length, szValue); +- } +-} +- + /* Transport Layer: message parsers */ + void parseHello(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) + { +- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; +- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; ++ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; ++ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; + proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_ver, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_rbs, tvb, *pOffset, 4, TRUE); *pOffset+=4; +@@ -166,8 +142,8 @@ + + void parseAcknowledge(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) + { +- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; +- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; ++ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; ++ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; + proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_ver, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_rbs, tvb, *pOffset, 4, TRUE); *pOffset+=4; +@@ -178,8 +154,8 @@ + + void parseError(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) + { +- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; +- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; ++ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; ++ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; + proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_error, tvb, *pOffset, 4, TRUE); *pOffset+=4; + parseString(tree, tvb, pOffset, hf_opcua_transport_reason); +@@ -192,8 +168,8 @@ + proto_tree *nodeid_tree; + int ServiceId = 0; + +- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; +- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; ++ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; ++ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; + proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; + +@@ -223,8 +199,8 @@ + proto_tree *nodeid_tree; + int ServiceId = 0; + +- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; +- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; ++ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; ++ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; + proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; + parseString(tree, tvb, pOffset, hf_opcua_transport_spu); +@@ -247,8 +223,8 @@ + + void parseCloseSecureChannel(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) + { +- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; +- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; ++ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; ++ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; + proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; + proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; + } diff --git a/wireshark-1.2.1-CVE-2009-3242.patch b/wireshark-1.2.1-CVE-2009-3242.patch new file mode 100644 index 0000000..5f5f59e --- /dev/null +++ b/wireshark-1.2.1-CVE-2009-3242.patch @@ -0,0 +1,12 @@ +Index: epan/dissectors/packet-gsm_a_rr.c +=================================================================== +--- epan/dissectors/packet-gsm_a_rr.c (revision 29402) ++++ epan/dissectors/packet-gsm_a_rr.c (revision 29403) +@@ -10154,6 +10154,7 @@ + void + proto_reg_handoff_gsm_a_rr(void) + { ++ data_handle = find_dissector("data"); + rrc_irat_ho_info_handle = find_dissector("rrc.irat.irat_ho_info"); + rrc_irat_ho_to_utran_cmd_handle = find_dissector("rrc.irat.ho_to_utran_cmd"); + } diff --git a/wireshark-1.2.1-CVE-2009-3243.patch b/wireshark-1.2.1-CVE-2009-3243.patch new file mode 100644 index 0000000..d241844 --- /dev/null +++ b/wireshark-1.2.1-CVE-2009-3243.patch @@ -0,0 +1,67 @@ +Index: epan/dissectors/packet-ssl-utils.c +=================================================================== +--- epan/dissectors/packet-ssl-utils.c (revision 29905) ++++ epan/dissectors/packet-ssl-utils.c (revision 29906) +@@ -43,6 +43,17 @@ + * Lookup tables + * + */ ++const gchar* ssl_version_short_names[] = { ++ "SSL", ++ "SSLv2", ++ "SSLv3", ++ "TLSv1", ++ "TLSv1.1", ++ "DTLSv1.0", ++ "PCT", ++ "TLSv1.2" ++}; ++ + const value_string ssl_20_msg_types[] = { + { SSL2_HND_ERROR, "Error" }, + { SSL2_HND_CLIENT_HELLO, "Client Hello" }, +Index: epan/dissectors/packet-ssl-utils.h +=================================================================== +--- epan/dissectors/packet-ssl-utils.h (revision 29905) ++++ epan/dissectors/packet-ssl-utils.h (revision 29906) +@@ -150,6 +150,7 @@ + * Lookup tables + * + */ ++extern const gchar* ssl_version_short_names[]; + extern const value_string ssl_20_msg_types[]; + extern const value_string ssl_20_cipher_suites[]; + extern const value_string ssl_20_certificate_type[]; +Index: epan/dissectors/packet-dtls.c +=================================================================== +--- epan/dissectors/packet-dtls.c (revision 29905) ++++ epan/dissectors/packet-dtls.c (revision 29906) +@@ -74,8 +74,6 @@ + #include "inet_v6defs.h" + #include "packet-ssl-utils.h" + +-extern const gchar *ssl_version_short_names[]; +- + /* we need to remember the top tree so that subdissectors we call are created + * at the root and not deep down inside the DTLS decode + */ +Index: epan/dissectors/packet-ssl.c +=================================================================== +--- epan/dissectors/packet-ssl.c (revision 29905) ++++ epan/dissectors/packet-ssl.c (revision 29906) +@@ -272,15 +272,6 @@ + static gchar* ssl_debug_file_name = NULL; + #endif + +-const gchar* ssl_version_short_names[] = { +- "SSL", +- "SSLv2", +- "SSLv3", +- "TLSv1", +- "TLSv1.1", +- "DTLSv1.0", +- "PCT" +-}; + + /* Forward declaration we need below */ + void proto_reg_handoff_ssl(void); diff --git a/wireshark-1.2.1.tar.bz2 b/wireshark-1.2.1.tar.bz2 new file mode 100644 index 0000000..67bccfd --- /dev/null +++ b/wireshark-1.2.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b3e1f4ec8385747e8aaf7aa33fe971df5e598b5bab6c8d106b90ea802e16b399 +size 15129422 diff --git a/wireshark-1.2.3.tar.bz2 b/wireshark-1.2.3.tar.bz2 deleted file mode 100644 index 3a0bb33..0000000 --- a/wireshark-1.2.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5515ba01277773a2f9c97599d4d28d0898d8b1d7afd5c8942cab087306c28703 -size 15215978 diff --git a/wireshark.changes b/wireshark.changes index c7b114c..35bc29f 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,69 +1,3 @@ -------------------------------------------------------------------- -Fri Oct 30 15:47:50 CET 2009 - prusnak@suse.cz - -- updated to 1.2.3 - * Security fixes: - - The Paltalk dissector could crash on alignment-sensitive processors. - - The DCERPC/NT dissector could crash. - - The SMB dissector could crash. - * Bug fixes: - - Wireshark memory leak with each file open and/or display filter change. - - DHCP Dissector displays negative lease time. - - Invalid advertised window line on tcptrace style graph. - - SMB get_dfs_referral referral entry is not dissected correctly. - - Error dissecting eMule sourceOBFU message. - - Typos in Diameter XML files. - - RSL dissector for MS Power IE is broken. - - FIP dissector throws assertion. - - TCAP problem with indefinite length 'components' SEQ OF. - - GSM MAP: an-APDU not decoded. - - Add "Drag and Drop entries..." message on Columns preferences page. - - Editcap -t and -w option parses fractional digits incorrectly. - * Updated Protocol Support - - DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP, - Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS - -- updated to 1.2.2 - * Security fixes: - - The GSM A RR dissector could crash. (Bug 3893) - - The OpcUa dissector could use excessive CPU and memory. (Bug 3986) - - The TLS dissector could crash on some platforms. (Bug 4008) - * Bug fixes: - - The "Capture->Interfaces" window can't be closed. - - tshark-1.0.2 (dumpcap) signal abort core saved. - - Memory leak fixes. - - Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields. - - Wireshark Portable includes wrong WinPcap installer. - - Crash when loading a profile. - - The proto,colinfo tap doesn't work if the INFO column isn't being printed. - - Flow Graph adds too much unnecessary garbage. - - The EAP Diameter dictionary file was missing in the distribution. - - Graph analysis window is behind other window. - - IKEv2 Cert Request payload dissection error. - - DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name. - - Malformed RTCP Packet error while sending Payload specific RTCP feedback packet (as per RFC 4585). - - 802.11n Block Ack packet Bitmap field missing. - - Wireshark doesn't decode WBXML/ActiveSync information correctly. - - Malformed packet when IPv6 packet has Next Header == 59. - - Wireshark could crash while reading an ERF file. - - Minor errors in gsm rr dissectors. - - WPA Decryption Issues. - - GSM A RR sys info dissection problem. - - GSM A RR inverts MEAS-VALID values. - - PDML output leaks ~300 bytes / packet. - - Incorrect station identifier parsing in Kingfisher dissector. - - DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect. - - Wireshark could leak memory while analyzing SSL. - - Wireshark could crash while updating menu items after reading a file in some cases. - * Updated Protocol Support - - DCERPC, DHCPv6, DNS, E.212, GSM A RR, GTPv2, H.248, IEEE 802.11, - IPMI, ISAKMP/IKE, ISUP, Kingfisher, LDAP, OpcUA, RTCP, SCTP, SIP, - SSL, TCP, WBXML, ZRTP - * Updated Capture File Support - - ERF - -- dropped obsoleted 3 CVE patches (see previous entry) - ------------------------------------------------------------------- Fri Oct 2 18:19:09 CEST 2009 - prusnak@suse.cz diff --git a/wireshark.spec b/wireshark.spec index 28253ee..cf21e88 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -22,7 +22,7 @@ Name: wireshark License: GPL v2 or later Group: Productivity/Networking/Diagnostic Summary: A Network Traffic Analyser -Version: 1.2.3 +Version: 1.2.1 Release: 2 Url: http://www.wireshark.org/ Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2 @@ -35,6 +35,12 @@ Patch1: %{name}-1.2.0-disable-warning-dialog.patch Patch2: %{name}-1.2.0-asneeded.patch # PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders Patch3: %{name}-1.2.0-geoip.patch +# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3241.patch prusnak@suse.cz - secfix [bnc#541654] +Patch4: %{name}-1.2.1-CVE-2009-3241.patch +# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3242.patch prusnak@suse.cz - secfix [bnc#541659] +Patch5: %{name}-1.2.1-CVE-2009-3242.patch +# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3243.patch prusnak@suse.cz - secfix [bnc#541655] +Patch6: %{name}-1.2.1-CVE-2009-3243.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: xdg-utils Provides: ethereal = %{version} @@ -151,6 +157,9 @@ Authors: %patch1 %patch2 %patch3 +%patch4 +%patch5 +%patch6 %build %configure From dcf79d61c1677e039ad58d50bc783baeec09bbb3137e9588c7a896e7fda59e62 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 23 Nov 2009 15:58:34 +0000 Subject: [PATCH 3/5] 1.2.4 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=10 --- wireshark-1.2.1-CVE-2009-3241.patch | 293 ---------------------------- wireshark-1.2.1-CVE-2009-3242.patch | 12 -- wireshark-1.2.1-CVE-2009-3243.patch | 67 ------- wireshark-1.2.1.tar.bz2 | 3 - wireshark-1.2.4.tar.bz2 | 3 + wireshark.changes | 75 +++++++ wireshark.spec | 15 +- 7 files changed, 81 insertions(+), 387 deletions(-) delete mode 100644 wireshark-1.2.1-CVE-2009-3241.patch delete mode 100644 wireshark-1.2.1-CVE-2009-3242.patch delete mode 100644 wireshark-1.2.1-CVE-2009-3243.patch delete mode 100644 wireshark-1.2.1.tar.bz2 create mode 100644 wireshark-1.2.4.tar.bz2 diff --git a/wireshark-1.2.1-CVE-2009-3241.patch b/wireshark-1.2.1-CVE-2009-3241.patch deleted file mode 100644 index bf75459..0000000 --- a/wireshark-1.2.1-CVE-2009-3241.patch +++ /dev/null @@ -1,293 +0,0 @@ -Index: plugins/opcua/opcua_simpletypes.c -=================================================================== ---- plugins/opcua/opcua_simpletypes.c (revision 29812) -+++ plugins/opcua/opcua_simpletypes.c (revision 29813) -@@ -34,9 +34,6 @@ - #include - #include - --/* string buffer */ --#define MAX_BUFFER 256 -- - #define DIAGNOSTICINFO_ENCODINGMASK_SYMBOLICID_FLAG 0x01 - #define DIAGNOSTICINFO_ENCODINGMASK_NAMESPACE_FLAG 0x02 - #define DIAGNOSTICINFO_ENCODINGMASK_LOCALIZEDTEXT_FLAG 0x04 -@@ -56,6 +53,9 @@ - #define EXTOBJ_ENCODINGMASK_BINBODY_FLAG 0x01 - #define EXTOBJ_ENCODINGMASK_XMLBODY_FLAG 0x02 - -+/* Chosen arbitrarily */ -+#define MAX_ARRAY_LEN 10000 -+ - static int hf_opcua_diag_mask_symbolicflag = -1; - static int hf_opcua_diag_mask_namespaceflag = -1; - static int hf_opcua_diag_mask_localizedtextflag = -1; -@@ -338,35 +338,28 @@ - - void parseString(proto_tree *tree, tvbuff_t *tvb, gint *pOffset, int hfIndex) - { -- char *szValue = ep_alloc(MAX_BUFFER); -+ char *szValue; - gint iOffset = *pOffset; - gint32 iLen = tvb_get_letohl(tvb, *pOffset); - iOffset+=4; - -- if (szValue) -+ if (iLen == -1) - { -- if (iLen == -1) -- { -- g_snprintf(szValue, MAX_BUFFER, "[OpcUa Null String]"); -- } -- else if (iLen >= 0) -- { -- int iStrLen = iLen; -- if (iStrLen > (MAX_BUFFER-1)) iStrLen = MAX_BUFFER - 1; -- /* copy non null terminated string of length iStrlen */ -- strncpy(szValue, (char*)&tvb->real_data[iOffset], iStrLen); -- /* set null terminator */ -- szValue[iStrLen] = 0; -- iOffset += iLen; /* eat the whole string */ -- } -- else -- { -- g_snprintf(szValue, MAX_BUFFER, "[Invalid String] Ups, something is wrong with this message."); -- } -- -+ proto_tree_add_string(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), -+ "[OpcUa Null String]"); -+ } -+ else if (iLen >= 0) -+ { -+ iOffset += iLen; /* eat the whole string */ -+ proto_tree_add_item(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), TRUE); -+ } -+ else -+ { -+ szValue = ep_strdup_printf("[Invalid String] Invalid length: %d", iLen); - proto_tree_add_string(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), szValue); -- *pOffset = iOffset; - } -+ -+ *pOffset = iOffset; - } - - void parseStatusCode(proto_tree *tree, tvbuff_t *tvb, gint *pOffset, int hfIndex) -@@ -644,10 +637,18 @@ - proto_tree *subtree = proto_item_add_subtree(ti, ett_opcua_array); - int i; - -- for (i=0; i MAX_ARRAY_LEN) -+ { -+ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); -+ return; -+ } -+ -+ *pOffset += 4; - for (i=0; i MAX_ARRAY_LEN) -+ { -+ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); -+ return; -+ } -+ -+ *pOffset += 4; - for (i=0; i MAX_ARRAY_LEN) -+ { -+ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); -+ return; -+ } -+ -+ *pOffset += 4; - for (i=0; icinfo, COL_PROTOCOL, "OpcUa"); - - /* parse message type */ -- if (tvb->real_data[0] == 'H' && tvb->real_data[1] == 'E' && tvb->real_data[2] == 'L') -+ if (tvb_memeql(tvb, 0, "HEL", 3)) - { - msgtype = MSG_HELLO; - pfctParse = parseHello; - } -- else if (tvb->real_data[0] == 'A' && tvb->real_data[1] == 'C' && tvb->real_data[2] == 'K') -+ else if (tvb_memeql(tvb, 0, "ACK", 3)) - { - msgtype = MSG_ACKNOWLEDGE; - pfctParse = parseAcknowledge; - } -- else if (tvb->real_data[0] == 'E' && tvb->real_data[1] == 'R' && tvb->real_data[2] == 'R') -+ else if (tvb_memeql(tvb, 0, "ERR", 3)) - { - msgtype = MSG_ERROR; - pfctParse = parseError; - } -- else if (tvb->real_data[0] == 'M' && tvb->real_data[1] == 'S' && tvb->real_data[2] == 'G') -+ else if (tvb_memeql(tvb, 0, "MSG", 3)) - { - msgtype = MSG_MESSAGE; - pfctParse = parseMessage; - } -- else if (tvb->real_data[0] == 'O' && tvb->real_data[1] == 'P' && tvb->real_data[2] == 'N') -+ else if (tvb_memeql(tvb, 0, "OPN", 3)) - { - msgtype = MSG_OPENSECURECHANNEL; - pfctParse = parseOpenSecureChannel; - } -- else if (tvb->real_data[0] == 'C' && tvb->real_data[1] == 'L' && tvb->real_data[2] == 'O') -+ else if (tvb_memeql(tvb, 0, "CLO", 3)) - { - msgtype = MSG_CLOSESECURECHANNEL; - pfctParse = parseCloseSecureChannel; -Index: plugins/opcua/opcua_transport_layer.c -=================================================================== ---- plugins/opcua/opcua_transport_layer.c (revision 29812) -+++ plugins/opcua/opcua_transport_layer.c (revision 29813) -@@ -126,35 +126,11 @@ - proto_register_field_array(proto, hf, array_length(hf)); - } - --/** helper functions for adding strings, -- * that are not zero terminated. -- */ --void addString(proto_tree *tree, -- int hfindex, -- tvbuff_t *tvb, -- gint start, -- gint length, -- const char *value) --{ -- char *szValue = ep_alloc(256); -- -- if (szValue) -- { -- if (length > 255) length = 255; -- /* copy non null terminated string data */ -- strncpy(szValue, value, length); -- /* set null terminator */ -- szValue[length] = 0; -- -- proto_tree_add_string(tree, hfindex, tvb, start, length, szValue); -- } --} -- - /* Transport Layer: message parsers */ - void parseHello(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_ver, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_rbs, tvb, *pOffset, 4, TRUE); *pOffset+=4; -@@ -166,8 +142,8 @@ - - void parseAcknowledge(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_ver, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_rbs, tvb, *pOffset, 4, TRUE); *pOffset+=4; -@@ -178,8 +154,8 @@ - - void parseError(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_error, tvb, *pOffset, 4, TRUE); *pOffset+=4; - parseString(tree, tvb, pOffset, hf_opcua_transport_reason); -@@ -192,8 +168,8 @@ - proto_tree *nodeid_tree; - int ServiceId = 0; - -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; - -@@ -223,8 +199,8 @@ - proto_tree *nodeid_tree; - int ServiceId = 0; - -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; - parseString(tree, tvb, pOffset, hf_opcua_transport_spu); -@@ -247,8 +223,8 @@ - - void parseCloseSecureChannel(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; - } diff --git a/wireshark-1.2.1-CVE-2009-3242.patch b/wireshark-1.2.1-CVE-2009-3242.patch deleted file mode 100644 index 5f5f59e..0000000 --- a/wireshark-1.2.1-CVE-2009-3242.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: epan/dissectors/packet-gsm_a_rr.c -=================================================================== ---- epan/dissectors/packet-gsm_a_rr.c (revision 29402) -+++ epan/dissectors/packet-gsm_a_rr.c (revision 29403) -@@ -10154,6 +10154,7 @@ - void - proto_reg_handoff_gsm_a_rr(void) - { -+ data_handle = find_dissector("data"); - rrc_irat_ho_info_handle = find_dissector("rrc.irat.irat_ho_info"); - rrc_irat_ho_to_utran_cmd_handle = find_dissector("rrc.irat.ho_to_utran_cmd"); - } diff --git a/wireshark-1.2.1-CVE-2009-3243.patch b/wireshark-1.2.1-CVE-2009-3243.patch deleted file mode 100644 index d241844..0000000 --- a/wireshark-1.2.1-CVE-2009-3243.patch +++ /dev/null @@ -1,67 +0,0 @@ -Index: epan/dissectors/packet-ssl-utils.c -=================================================================== ---- epan/dissectors/packet-ssl-utils.c (revision 29905) -+++ epan/dissectors/packet-ssl-utils.c (revision 29906) -@@ -43,6 +43,17 @@ - * Lookup tables - * - */ -+const gchar* ssl_version_short_names[] = { -+ "SSL", -+ "SSLv2", -+ "SSLv3", -+ "TLSv1", -+ "TLSv1.1", -+ "DTLSv1.0", -+ "PCT", -+ "TLSv1.2" -+}; -+ - const value_string ssl_20_msg_types[] = { - { SSL2_HND_ERROR, "Error" }, - { SSL2_HND_CLIENT_HELLO, "Client Hello" }, -Index: epan/dissectors/packet-ssl-utils.h -=================================================================== ---- epan/dissectors/packet-ssl-utils.h (revision 29905) -+++ epan/dissectors/packet-ssl-utils.h (revision 29906) -@@ -150,6 +150,7 @@ - * Lookup tables - * - */ -+extern const gchar* ssl_version_short_names[]; - extern const value_string ssl_20_msg_types[]; - extern const value_string ssl_20_cipher_suites[]; - extern const value_string ssl_20_certificate_type[]; -Index: epan/dissectors/packet-dtls.c -=================================================================== ---- epan/dissectors/packet-dtls.c (revision 29905) -+++ epan/dissectors/packet-dtls.c (revision 29906) -@@ -74,8 +74,6 @@ - #include "inet_v6defs.h" - #include "packet-ssl-utils.h" - --extern const gchar *ssl_version_short_names[]; -- - /* we need to remember the top tree so that subdissectors we call are created - * at the root and not deep down inside the DTLS decode - */ -Index: epan/dissectors/packet-ssl.c -=================================================================== ---- epan/dissectors/packet-ssl.c (revision 29905) -+++ epan/dissectors/packet-ssl.c (revision 29906) -@@ -272,15 +272,6 @@ - static gchar* ssl_debug_file_name = NULL; - #endif - --const gchar* ssl_version_short_names[] = { -- "SSL", -- "SSLv2", -- "SSLv3", -- "TLSv1", -- "TLSv1.1", -- "DTLSv1.0", -- "PCT" --}; - - /* Forward declaration we need below */ - void proto_reg_handoff_ssl(void); diff --git a/wireshark-1.2.1.tar.bz2 b/wireshark-1.2.1.tar.bz2 deleted file mode 100644 index 67bccfd..0000000 --- a/wireshark-1.2.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b3e1f4ec8385747e8aaf7aa33fe971df5e598b5bab6c8d106b90ea802e16b399 -size 15129422 diff --git a/wireshark-1.2.4.tar.bz2 b/wireshark-1.2.4.tar.bz2 new file mode 100644 index 0000000..aef058d --- /dev/null +++ b/wireshark-1.2.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d2eb6902fb8ccdc1dd2c797b6a76e6383aca593f0c6ee16e835d0dcf89d63338 +size 15209570 diff --git a/wireshark.changes b/wireshark.changes index 35bc29f..64f3bf1 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,78 @@ +------------------------------------------------------------------- +Mon Nov 23 16:02:25 UTC 2009 - prusnak@suse.cz + +- updated to 1.2.4 + * Bug Fixes + - Can't save RTP stream in both directions. (Bug 4120) + * Updated Protocol Support + - DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC + +------------------------------------------------------------------- +Fri Oct 30 15:47:50 CET 2009 - prusnak@suse.cz + +- updated to 1.2.3 + * Security fixes: + - The Paltalk dissector could crash on alignment-sensitive processors. + - The DCERPC/NT dissector could crash. + - The SMB dissector could crash. + * Bug fixes: + - Wireshark memory leak with each file open and/or display filter change. + - DHCP Dissector displays negative lease time. + - Invalid advertised window line on tcptrace style graph. + - SMB get_dfs_referral referral entry is not dissected correctly. + - Error dissecting eMule sourceOBFU message. + - Typos in Diameter XML files. + - RSL dissector for MS Power IE is broken. + - FIP dissector throws assertion. + - TCAP problem with indefinite length 'components' SEQ OF. + - GSM MAP: an-APDU not decoded. + - Add "Drag and Drop entries..." message on Columns preferences page. + - Editcap -t and -w option parses fractional digits incorrectly. + * Updated Protocol Support + - DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP, + Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS + +- updated to 1.2.2 + * Security fixes: + - The GSM A RR dissector could crash. (Bug 3893) + - The OpcUa dissector could use excessive CPU and memory. (Bug 3986) + - The TLS dissector could crash on some platforms. (Bug 4008) + * Bug fixes: + - The "Capture->Interfaces" window can't be closed. + - tshark-1.0.2 (dumpcap) signal abort core saved. + - Memory leak fixes. + - Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields. + - Wireshark Portable includes wrong WinPcap installer. + - Crash when loading a profile. + - The proto,colinfo tap doesn't work if the INFO column isn't being printed. + - Flow Graph adds too much unnecessary garbage. + - The EAP Diameter dictionary file was missing in the distribution. + - Graph analysis window is behind other window. + - IKEv2 Cert Request payload dissection error. + - DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name. + - Malformed RTCP Packet error while sending Payload specific RTCP feedback packet (as per RFC 4585). + - 802.11n Block Ack packet Bitmap field missing. + - Wireshark doesn't decode WBXML/ActiveSync information correctly. + - Malformed packet when IPv6 packet has Next Header == 59. + - Wireshark could crash while reading an ERF file. + - Minor errors in gsm rr dissectors. + - WPA Decryption Issues. + - GSM A RR sys info dissection problem. + - GSM A RR inverts MEAS-VALID values. + - PDML output leaks ~300 bytes / packet. + - Incorrect station identifier parsing in Kingfisher dissector. + - DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect. + - Wireshark could leak memory while analyzing SSL. + - Wireshark could crash while updating menu items after reading a file in some cases. + * Updated Protocol Support + - DCERPC, DHCPv6, DNS, E.212, GSM A RR, GTPv2, H.248, IEEE 802.11, + IPMI, ISAKMP/IKE, ISUP, Kingfisher, LDAP, OpcUA, RTCP, SCTP, SIP, + SSL, TCP, WBXML, ZRTP + * Updated Capture File Support + - ERF + +- dropped obsoleted 3 CVE patches (see previous entry) + ------------------------------------------------------------------- Fri Oct 2 18:19:09 CEST 2009 - prusnak@suse.cz diff --git a/wireshark.spec b/wireshark.spec index cf21e88..6974fba 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,5 +1,5 @@ # -# spec file for package wireshark (Version 1.2.1) +# spec file for package wireshark (Version 1.2.3) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -22,8 +22,8 @@ Name: wireshark License: GPL v2 or later Group: Productivity/Networking/Diagnostic Summary: A Network Traffic Analyser -Version: 1.2.1 -Release: 2 +Version: 1.2.4 +Release: 1 Url: http://www.wireshark.org/ Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2 Source1: include.filelist @@ -35,12 +35,6 @@ Patch1: %{name}-1.2.0-disable-warning-dialog.patch Patch2: %{name}-1.2.0-asneeded.patch # PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders Patch3: %{name}-1.2.0-geoip.patch -# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3241.patch prusnak@suse.cz - secfix [bnc#541654] -Patch4: %{name}-1.2.1-CVE-2009-3241.patch -# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3242.patch prusnak@suse.cz - secfix [bnc#541659] -Patch5: %{name}-1.2.1-CVE-2009-3242.patch -# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3243.patch prusnak@suse.cz - secfix [bnc#541655] -Patch6: %{name}-1.2.1-CVE-2009-3243.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: xdg-utils Provides: ethereal = %{version} @@ -157,9 +151,6 @@ Authors: %patch1 %patch2 %patch3 -%patch4 -%patch5 -%patch6 %build %configure From 119c153ca4537dbaa11af24efa244d1a9c21edcbc012c45030744857a34438c4 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Wed, 25 Nov 2009 14:24:53 +0000 Subject: [PATCH 4/5] checked in OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=11 --- wireshark-1.2.3.tar.bz2 | 3 +++ wireshark-1.2.4.tar.bz2 | 3 --- wireshark.changes | 9 --------- wireshark.spec | 2 +- 4 files changed, 4 insertions(+), 13 deletions(-) create mode 100644 wireshark-1.2.3.tar.bz2 delete mode 100644 wireshark-1.2.4.tar.bz2 diff --git a/wireshark-1.2.3.tar.bz2 b/wireshark-1.2.3.tar.bz2 new file mode 100644 index 0000000..3a0bb33 --- /dev/null +++ b/wireshark-1.2.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5515ba01277773a2f9c97599d4d28d0898d8b1d7afd5c8942cab087306c28703 +size 15215978 diff --git a/wireshark-1.2.4.tar.bz2 b/wireshark-1.2.4.tar.bz2 deleted file mode 100644 index aef058d..0000000 --- a/wireshark-1.2.4.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d2eb6902fb8ccdc1dd2c797b6a76e6383aca593f0c6ee16e835d0dcf89d63338 -size 15209570 diff --git a/wireshark.changes b/wireshark.changes index 64f3bf1..c7b114c 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,12 +1,3 @@ -------------------------------------------------------------------- -Mon Nov 23 16:02:25 UTC 2009 - prusnak@suse.cz - -- updated to 1.2.4 - * Bug Fixes - - Can't save RTP stream in both directions. (Bug 4120) - * Updated Protocol Support - - DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC - ------------------------------------------------------------------- Fri Oct 30 15:47:50 CET 2009 - prusnak@suse.cz diff --git a/wireshark.spec b/wireshark.spec index 6974fba..3d46a46 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -22,7 +22,7 @@ Name: wireshark License: GPL v2 or later Group: Productivity/Networking/Diagnostic Summary: A Network Traffic Analyser -Version: 1.2.4 +Version: 1.2.3 Release: 1 Url: http://www.wireshark.org/ Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2 From bc46274e19164d88f239835339700f31f20ac58851faf64f5b4296b6fe0fea1e Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Wed, 25 Nov 2009 14:24:54 +0000 Subject: [PATCH 5/5] Updating link to change in openSUSE:Factory/wireshark revision 27.0 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=46f8294b6e5589de0532ef768462d6d0 --- wireshark-1.2.3.tar.bz2 | 3 --- wireshark-1.2.4.tar.bz2 | 3 +++ wireshark.changes | 9 +++++++++ wireshark.spec | 4 ++-- 4 files changed, 14 insertions(+), 5 deletions(-) delete mode 100644 wireshark-1.2.3.tar.bz2 create mode 100644 wireshark-1.2.4.tar.bz2 diff --git a/wireshark-1.2.3.tar.bz2 b/wireshark-1.2.3.tar.bz2 deleted file mode 100644 index 3a0bb33..0000000 --- a/wireshark-1.2.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5515ba01277773a2f9c97599d4d28d0898d8b1d7afd5c8942cab087306c28703 -size 15215978 diff --git a/wireshark-1.2.4.tar.bz2 b/wireshark-1.2.4.tar.bz2 new file mode 100644 index 0000000..aef058d --- /dev/null +++ b/wireshark-1.2.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d2eb6902fb8ccdc1dd2c797b6a76e6383aca593f0c6ee16e835d0dcf89d63338 +size 15209570 diff --git a/wireshark.changes b/wireshark.changes index c7b114c..64f3bf1 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Mon Nov 23 16:02:25 UTC 2009 - prusnak@suse.cz + +- updated to 1.2.4 + * Bug Fixes + - Can't save RTP stream in both directions. (Bug 4120) + * Updated Protocol Support + - DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC + ------------------------------------------------------------------- Fri Oct 30 15:47:50 CET 2009 - prusnak@suse.cz diff --git a/wireshark.spec b/wireshark.spec index 3d46a46..b8f1cb9 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,5 +1,5 @@ # -# spec file for package wireshark (Version 1.2.3) +# spec file for package wireshark (Version 1.2.4) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -22,7 +22,7 @@ Name: wireshark License: GPL v2 or later Group: Productivity/Networking/Diagnostic Summary: A Network Traffic Analyser -Version: 1.2.3 +Version: 1.2.4 Release: 1 Url: http://www.wireshark.org/ Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2