Accepting request 563929 from home:AndreasStieger:branches:network:utilities

- Wireshark 2.4.4: * fixes for dissector crashes: + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) + CVE-2018-5335: WCP dissector could crash (bsc#1075738) + CVE-2018-5336: Multiple dissector crashes (bsc#1075739) * No longer enable the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753) * Further bug fixes and updated protocol support as listed in: ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html OBS-URL: https://build.opensuse.org/request/show/563929 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=238
2018-01-12 20:05:50 +00:00 · 2018-01-12 20:05:50 +00:00 · 3a06e42e9e
commit 3a06e42e9e
parent c420cc19e7
6 changed files with 79 additions and 65 deletions
--- a/SIGNATURES-2.4.3.txt
+++ b/SIGNATURES-2.4.3.txt
@ -1,60 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-wireshark-2.4.3.tar.xz: 28807920 bytes
-SHA256(wireshark-2.4.3.tar.xz)=189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e
-RIPEMD160(wireshark-2.4.3.tar.xz)=549b19ff84378536a4d2598ad92ac10db7a76244
-SHA1(wireshark-2.4.3.tar.xz)=1c52b5d03d0dd9fe33c6c225233e89ed6d1d6d28
-
-Wireshark-win32-2.4.3.exe: 52674464 bytes
-SHA256(Wireshark-win32-2.4.3.exe)=7e5288224c0efc666fd15852e49ed7864e0a70971b5c09181ccfe5f71fd27d6e
-RIPEMD160(Wireshark-win32-2.4.3.exe)=b9f488d384716404f25076eaa0dde81705982d5d
-SHA1(Wireshark-win32-2.4.3.exe)=8a17cd5eae1e373442b0ed154e56009fdaace790
-
-Wireshark-win64-2.4.3.exe: 57888152 bytes
-SHA256(Wireshark-win64-2.4.3.exe)=fbe322534581feba53564d99a342f8a75aaa178af8efbaa9fe9e9298233af41d
-RIPEMD160(Wireshark-win64-2.4.3.exe)=41fffe5f4f686921d5911365913fd3871f5e1d4d
-SHA1(Wireshark-win64-2.4.3.exe)=07f593d04185d79232dc839f8e8df65e46420098
-
-Wireshark-win32-2.4.3.msi: 41930752 bytes
-SHA256(Wireshark-win32-2.4.3.msi)=13114b733a2c2cdc1e6976d974bb89b6ab5bcaaf0eaac114e66e83e2a12bec78
-RIPEMD160(Wireshark-win32-2.4.3.msi)=866fd277727fab8aa0a56870491ae5e9c1c64f99
-SHA1(Wireshark-win32-2.4.3.msi)=b3ab06e999a3e8c81ec677287a46e1a0d044b35e
-
-Wireshark-win64-2.4.3.msi: 47005696 bytes
-SHA256(Wireshark-win64-2.4.3.msi)=a5aa656e7c6a894635e669d1927d2b71307f7f3b2069ba8c5d7a21048ded19d3
-RIPEMD160(Wireshark-win64-2.4.3.msi)=a9b8d4b073ffbdfe72276cf41be0f39d68be9687
-SHA1(Wireshark-win64-2.4.3.msi)=e41d08ef2cebdc19833abd0b3cee9788f82c5e6b
-
-WiresharkPortable_2.4.3.paf.exe: 45325376 bytes
-SHA256(WiresharkPortable_2.4.3.paf.exe)=50530cb69572b7891c05f1830c72f831336fd96c550ba5b8202da2b907e68f57
-RIPEMD160(WiresharkPortable_2.4.3.paf.exe)=57db4ebb9ba6aac54322545d0b4ecf99d1bee3b1
-SHA1(WiresharkPortable_2.4.3.paf.exe)=7bb2fbd347485b7e2a974dfa2814f84f8addd833
-
-Wireshark 2.4.3 Intel 64.dmg: 35234122 bytes
-SHA256(Wireshark 2.4.3 Intel 64.dmg)=61f500c923b729be56b4bf453c2fca865cd921b8cc153da8a79d45a3f932bdd3
-RIPEMD160(Wireshark 2.4.3 Intel 64.dmg)=e90cc219073785384f6137fbd74e86972fe1e30e
-SHA1(Wireshark 2.4.3 Intel 64.dmg)=711b9a11cced0e4d7b9284598c012217e3555f2d
-
-You can validate these hashes using the following commands (among others):
-
-    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
-    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
-    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
-    Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlog0R4ACgkQgiRKeOb+
-ruqtHA/7B/+EgBKG6HFGqz9I2E25adozILjnsOrnFaqnh1j7c5gaLhstsw9LY2Xz
-rogCUA9i5BGT0RqEvGBtxFWZPBKcSkKmfOhW/VZoxePvnilL6pyqPzGB/rww8MTw
-oh1U63A9n6gmgxJMfFGkVg5dyufaOKVywJ/DPAkLmIQR7lZfxCvHddlKx/10hq6k
-YbAaupqo/ZA8I05SV2Ovrj8LAeqxwv9C7vrHmp2lBTslTPxCO6+byBgKaw8zuAO/
-6yjrplQy6fji+lcOKrNVhELo5D9L9vlPRx0Drvpktb4jd+lt+Rz2oLrIa5auOrlD
-SzKH05HdSkzjdStHlzOwRy2mCOusY0EIGZ6eFQRZz4w+KRWWIlU87SXifuzczMwt
-gnJRWT2owFrmeN1ihqK8iiH+4/zcWDxElNWw3L0INKmWXaWchRkJ1M7TP86Sr60F
-s15RhkkljFEFHBo8DHDs2XJ81N0eDskHliZzjV87wbMEDp3mXAiyOKjyiFflOH9e
-DsSxsnt+PfthkmwsFnF8kVEeylKMeihrNMTQHMJ6o1srwowRZa0mP6Pl/TrdyGZr
-+6ER/kxkltmZjZBwOCszMZxZdNoyteANwZzGu/y/I1IpRGVI6WGxYIhLRiOJTljZ
-90N+3nRv9Qff6CJvn9peAZS7/Rz2dldRiggHu2NFozCQExAlG3k=
-=yV+r
-----END PGP SIGNATURE-----
--- a/SIGNATURES-2.4.4.txt
+++ b/SIGNATURES-2.4.4.txt
@ -0,0 +1,60 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+wireshark-2.4.4.tar.xz: 28818372 bytes
+SHA256(wireshark-2.4.4.tar.xz)=049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58
+RIPEMD160(wireshark-2.4.4.tar.xz)=ee062bc380db3efce21640774bf6cb5c327b8b27
+SHA1(wireshark-2.4.4.tar.xz)=cefc8e6666ee2f73d7f96f2708d582c57abb486f
+
+Wireshark-win32-2.4.4.exe: 52697912 bytes
+SHA256(Wireshark-win32-2.4.4.exe)=1f93c1df271aeaa60161d67abd9e17f48f07f1a7cfc84c3c09076be23b2a845e
+RIPEMD160(Wireshark-win32-2.4.4.exe)=93ce703dc83c6cc0c23ade12a59bcbaa6088b8ba
+SHA1(Wireshark-win32-2.4.4.exe)=1d14fb39f382909587ac9ce65477f1702570cb3a
+
+Wireshark-win64-2.4.4.exe: 57913704 bytes
+SHA256(Wireshark-win64-2.4.4.exe)=f532b664921a317c151ef0fb2b4e7badcdb9ecd5a969d38bd54568a6a0a18c68
+RIPEMD160(Wireshark-win64-2.4.4.exe)=137f4225a15183bacc9c4c51522a99b624095c39
+SHA1(Wireshark-win64-2.4.4.exe)=e7890e6445118a9238cab51cf89407c6fdd2235d
+
+Wireshark-win64-2.4.4.msi: 47095808 bytes
+SHA256(Wireshark-win64-2.4.4.msi)=38293816156d0aa51302e09fa2901a24913eb8e1b8cebee9bb90b318d85343f5
+RIPEMD160(Wireshark-win64-2.4.4.msi)=5b50bc5d30dad6f5e9eac8539da57c373f5c291d
+SHA1(Wireshark-win64-2.4.4.msi)=70c0be5ff3d5d61428e7b07885a979d12e82ea6b
+
+Wireshark-win32-2.4.4.msi: 41943040 bytes
+SHA256(Wireshark-win32-2.4.4.msi)=0407314ae45c391ca6cccddf428b8f452e6dbbfee13143d4cb178f643e8a5a8b
+RIPEMD160(Wireshark-win32-2.4.4.msi)=22b168509f5bf9e8df2013aed781686ad89959b8
+SHA1(Wireshark-win32-2.4.4.msi)=003c2d7c3670b19b4397fc9855683e65ea12ea56
+
+WiresharkPortable_2.4.4.paf.exe: 45378496 bytes
+SHA256(WiresharkPortable_2.4.4.paf.exe)=4c6c0481ed216e797351fc38ba63754e37ac4cb2686595204f9be00d3b5dd4bb
+RIPEMD160(WiresharkPortable_2.4.4.paf.exe)=773aa2c4fc2cd4126fd3da06da3066c27e45cd79
+SHA1(WiresharkPortable_2.4.4.paf.exe)=f484dd8d2bba9ccaefe187c0e50f30c231141bce
+
+Wireshark 2.4.4 Intel 64.dmg: 35240389 bytes
+SHA256(Wireshark 2.4.4 Intel 64.dmg)=eb6d9a304b2697a90f267bd8734926a9fe37939aab8394a550cd4c272dd15e11
+RIPEMD160(Wireshark 2.4.4 Intel 64.dmg)=9cdf3614de288ae38170fae1d540bb3b874f997b
+SHA1(Wireshark 2.4.4 Intel 64.dmg)=c1e169fbf3797a082b638cd8415d20f63d476131
+
+You can validate these hashes using the following commands (among others):
+
+    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
+    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
+    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
+    Other: openssl sha256 wireshark-x.y.z.tar.xz
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlpXv64ACgkQgiRKeOb+
+ruqbgxAA3QnAr+1jKvBZUCApOSPxe/Hfz3MUoVBdnhj/bCDyAjACRLfRf91ODXPL
+KGIt6d33W9N/FyK4M+6woYNHNdBiRW1UUuCsby1Z/0vdZ/LAtwJz6IeqNFS+g3Co
+jVMVYBGLivSfwi0ZJWEiP1VILe2vKlUmAfgU5CTgtHrAHMTtrdvZIuzjnMLPNNqZ
+1CYA7130Rda2pRWXbZWtgNf10VyRorpcMJ1y6ADZzm66GOJUQ585k0JCYgmLARPJ
+1gy/VROrISMkVXETJnw6mR5pnSoqSoUrzz7QJoaDBDHXQugWhdLBDjKAcYTxQDZK
+jcpDzPzXVeMF2l6LG+B0zDNzfPhAZHA5E9RRNew1Gth+bhC5UYV4+KW59Ovu3i/e
+PfYWjUUmctzsOmibk3icf1PY5b6VqBNC9LMfnhmn/wg/uFDRwBWVe8pyvZCl7TVy
+W+Y/YF6buB1L2aacKMmCyM8Gxptd+Tp3gnYrEInUVof+SsLulLrEM83dBEjvT3zr
+Bxuv/47ZLSFmKv51/jj/3zNQ7NX3IYJbLTwWdGUsQE8ue2VBKE7mgLmvbtaRpAEh
+5z18cPVMzdba7ufYGVt4ZuXR4sWrWBjVsaXWyjhGZxVygR/l0feVm8kcCufVJb4C
+jNsdTLruH0Z6P9AuVPFf/ebgbARBytPfQI1zSBwM2NyCDKAwMno=
+=uhIZ
+-----END PGP SIGNATURE-----
--- a/wireshark-2.4.3.tar.xz
+++ b/wireshark-2.4.3.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e
-size 28807920
--- a/wireshark-2.4.4.tar.xz
+++ b/wireshark-2.4.4.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58
+size 28818372
--- a/wireshark.changes
+++ b/wireshark.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Fri Jan 12 19:38:34 UTC 2018 - astieger@suse.com
+
+- Wireshark 2.4.4:
+  * fixes for dissector crashes:
+    + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
+    + CVE-2018-5335: WCP dissector could crash (bsc#1075738)
+    + CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
+  * No longer enable the Linux kernel BPF JIT compiler via the
+    net.core.bpf_jit_enable sysctl, as this would make systems
+    more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753) 
+  * Further bug fixes and updated protocol support as listed in:
+    ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html
+
 -------------------------------------------------------------------
 Fri Dec  1 13:02:14 UTC 2017 - astieger@suse.com

--- a/wireshark.spec
+++ b/wireshark.spec
@ -1,7 +1,7 @@
 #
 # spec file for package wireshark
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -36,7 +36,7 @@
 %bcond_with geoip
 %endif
 Name:           wireshark
-Version:        2.4.3
+Version:        2.4.4
 Release:        0
 Summary:        A Network Traffic Analyser
 License:        GPL-2.0+ AND GPL-3.0+