From 3a06e42e9ee877105ac4cc3c073c418c46e1ead7e9677e361c3662dece728802 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Fri, 12 Jan 2018 20:05:50 +0000 Subject: [PATCH] Accepting request 563929 from home:AndreasStieger:branches:network:utilities - Wireshark 2.4.4: * fixes for dissector crashes: + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) + CVE-2018-5335: WCP dissector could crash (bsc#1075738) + CVE-2018-5336: Multiple dissector crashes (bsc#1075739) * No longer enable the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753) * Further bug fixes and updated protocol support as listed in: ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html OBS-URL: https://build.opensuse.org/request/show/563929 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=238 --- SIGNATURES-2.4.3.txt | 60 ------------------------------------------ SIGNATURES-2.4.4.txt | 60 ++++++++++++++++++++++++++++++++++++++++++ wireshark-2.4.3.tar.xz | 3 --- wireshark-2.4.4.tar.xz | 3 +++ wireshark.changes | 14 ++++++++++ wireshark.spec | 4 +-- 6 files changed, 79 insertions(+), 65 deletions(-) delete mode 100644 SIGNATURES-2.4.3.txt create mode 100644 SIGNATURES-2.4.4.txt delete mode 100644 wireshark-2.4.3.tar.xz create mode 100644 wireshark-2.4.4.tar.xz diff --git a/SIGNATURES-2.4.3.txt b/SIGNATURES-2.4.3.txt deleted file mode 100644 index 63c4d8e..0000000 --- a/SIGNATURES-2.4.3.txt +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -wireshark-2.4.3.tar.xz: 28807920 bytes -SHA256(wireshark-2.4.3.tar.xz)=189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e -RIPEMD160(wireshark-2.4.3.tar.xz)=549b19ff84378536a4d2598ad92ac10db7a76244 -SHA1(wireshark-2.4.3.tar.xz)=1c52b5d03d0dd9fe33c6c225233e89ed6d1d6d28 - -Wireshark-win32-2.4.3.exe: 52674464 bytes -SHA256(Wireshark-win32-2.4.3.exe)=7e5288224c0efc666fd15852e49ed7864e0a70971b5c09181ccfe5f71fd27d6e -RIPEMD160(Wireshark-win32-2.4.3.exe)=b9f488d384716404f25076eaa0dde81705982d5d -SHA1(Wireshark-win32-2.4.3.exe)=8a17cd5eae1e373442b0ed154e56009fdaace790 - -Wireshark-win64-2.4.3.exe: 57888152 bytes -SHA256(Wireshark-win64-2.4.3.exe)=fbe322534581feba53564d99a342f8a75aaa178af8efbaa9fe9e9298233af41d -RIPEMD160(Wireshark-win64-2.4.3.exe)=41fffe5f4f686921d5911365913fd3871f5e1d4d -SHA1(Wireshark-win64-2.4.3.exe)=07f593d04185d79232dc839f8e8df65e46420098 - -Wireshark-win32-2.4.3.msi: 41930752 bytes -SHA256(Wireshark-win32-2.4.3.msi)=13114b733a2c2cdc1e6976d974bb89b6ab5bcaaf0eaac114e66e83e2a12bec78 -RIPEMD160(Wireshark-win32-2.4.3.msi)=866fd277727fab8aa0a56870491ae5e9c1c64f99 -SHA1(Wireshark-win32-2.4.3.msi)=b3ab06e999a3e8c81ec677287a46e1a0d044b35e - -Wireshark-win64-2.4.3.msi: 47005696 bytes -SHA256(Wireshark-win64-2.4.3.msi)=a5aa656e7c6a894635e669d1927d2b71307f7f3b2069ba8c5d7a21048ded19d3 -RIPEMD160(Wireshark-win64-2.4.3.msi)=a9b8d4b073ffbdfe72276cf41be0f39d68be9687 -SHA1(Wireshark-win64-2.4.3.msi)=e41d08ef2cebdc19833abd0b3cee9788f82c5e6b - -WiresharkPortable_2.4.3.paf.exe: 45325376 bytes -SHA256(WiresharkPortable_2.4.3.paf.exe)=50530cb69572b7891c05f1830c72f831336fd96c550ba5b8202da2b907e68f57 -RIPEMD160(WiresharkPortable_2.4.3.paf.exe)=57db4ebb9ba6aac54322545d0b4ecf99d1bee3b1 -SHA1(WiresharkPortable_2.4.3.paf.exe)=7bb2fbd347485b7e2a974dfa2814f84f8addd833 - -Wireshark 2.4.3 Intel 64.dmg: 35234122 bytes -SHA256(Wireshark 2.4.3 Intel 64.dmg)=61f500c923b729be56b4bf453c2fca865cd921b8cc153da8a79d45a3f932bdd3 -RIPEMD160(Wireshark 2.4.3 Intel 64.dmg)=e90cc219073785384f6137fbd74e86972fe1e30e -SHA1(Wireshark 2.4.3 Intel 64.dmg)=711b9a11cced0e4d7b9284598c012217e3555f2d - -You can validate these hashes using the following commands (among others): - - Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 - Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz - macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" - Other: openssl sha256 wireshark-x.y.z.tar.xz ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlog0R4ACgkQgiRKeOb+ -ruqtHA/7B/+EgBKG6HFGqz9I2E25adozILjnsOrnFaqnh1j7c5gaLhstsw9LY2Xz -rogCUA9i5BGT0RqEvGBtxFWZPBKcSkKmfOhW/VZoxePvnilL6pyqPzGB/rww8MTw -oh1U63A9n6gmgxJMfFGkVg5dyufaOKVywJ/DPAkLmIQR7lZfxCvHddlKx/10hq6k -YbAaupqo/ZA8I05SV2Ovrj8LAeqxwv9C7vrHmp2lBTslTPxCO6+byBgKaw8zuAO/ -6yjrplQy6fji+lcOKrNVhELo5D9L9vlPRx0Drvpktb4jd+lt+Rz2oLrIa5auOrlD -SzKH05HdSkzjdStHlzOwRy2mCOusY0EIGZ6eFQRZz4w+KRWWIlU87SXifuzczMwt -gnJRWT2owFrmeN1ihqK8iiH+4/zcWDxElNWw3L0INKmWXaWchRkJ1M7TP86Sr60F -s15RhkkljFEFHBo8DHDs2XJ81N0eDskHliZzjV87wbMEDp3mXAiyOKjyiFflOH9e -DsSxsnt+PfthkmwsFnF8kVEeylKMeihrNMTQHMJ6o1srwowRZa0mP6Pl/TrdyGZr -+6ER/kxkltmZjZBwOCszMZxZdNoyteANwZzGu/y/I1IpRGVI6WGxYIhLRiOJTljZ -90N+3nRv9Qff6CJvn9peAZS7/Rz2dldRiggHu2NFozCQExAlG3k= -=yV+r ------END PGP SIGNATURE----- diff --git a/SIGNATURES-2.4.4.txt b/SIGNATURES-2.4.4.txt new file mode 100644 index 0000000..8f16578 --- /dev/null +++ b/SIGNATURES-2.4.4.txt @@ -0,0 +1,60 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +wireshark-2.4.4.tar.xz: 28818372 bytes +SHA256(wireshark-2.4.4.tar.xz)=049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58 +RIPEMD160(wireshark-2.4.4.tar.xz)=ee062bc380db3efce21640774bf6cb5c327b8b27 +SHA1(wireshark-2.4.4.tar.xz)=cefc8e6666ee2f73d7f96f2708d582c57abb486f + +Wireshark-win32-2.4.4.exe: 52697912 bytes +SHA256(Wireshark-win32-2.4.4.exe)=1f93c1df271aeaa60161d67abd9e17f48f07f1a7cfc84c3c09076be23b2a845e +RIPEMD160(Wireshark-win32-2.4.4.exe)=93ce703dc83c6cc0c23ade12a59bcbaa6088b8ba +SHA1(Wireshark-win32-2.4.4.exe)=1d14fb39f382909587ac9ce65477f1702570cb3a + +Wireshark-win64-2.4.4.exe: 57913704 bytes +SHA256(Wireshark-win64-2.4.4.exe)=f532b664921a317c151ef0fb2b4e7badcdb9ecd5a969d38bd54568a6a0a18c68 +RIPEMD160(Wireshark-win64-2.4.4.exe)=137f4225a15183bacc9c4c51522a99b624095c39 +SHA1(Wireshark-win64-2.4.4.exe)=e7890e6445118a9238cab51cf89407c6fdd2235d + +Wireshark-win64-2.4.4.msi: 47095808 bytes +SHA256(Wireshark-win64-2.4.4.msi)=38293816156d0aa51302e09fa2901a24913eb8e1b8cebee9bb90b318d85343f5 +RIPEMD160(Wireshark-win64-2.4.4.msi)=5b50bc5d30dad6f5e9eac8539da57c373f5c291d +SHA1(Wireshark-win64-2.4.4.msi)=70c0be5ff3d5d61428e7b07885a979d12e82ea6b + +Wireshark-win32-2.4.4.msi: 41943040 bytes +SHA256(Wireshark-win32-2.4.4.msi)=0407314ae45c391ca6cccddf428b8f452e6dbbfee13143d4cb178f643e8a5a8b +RIPEMD160(Wireshark-win32-2.4.4.msi)=22b168509f5bf9e8df2013aed781686ad89959b8 +SHA1(Wireshark-win32-2.4.4.msi)=003c2d7c3670b19b4397fc9855683e65ea12ea56 + +WiresharkPortable_2.4.4.paf.exe: 45378496 bytes +SHA256(WiresharkPortable_2.4.4.paf.exe)=4c6c0481ed216e797351fc38ba63754e37ac4cb2686595204f9be00d3b5dd4bb +RIPEMD160(WiresharkPortable_2.4.4.paf.exe)=773aa2c4fc2cd4126fd3da06da3066c27e45cd79 +SHA1(WiresharkPortable_2.4.4.paf.exe)=f484dd8d2bba9ccaefe187c0e50f30c231141bce + +Wireshark 2.4.4 Intel 64.dmg: 35240389 bytes +SHA256(Wireshark 2.4.4 Intel 64.dmg)=eb6d9a304b2697a90f267bd8734926a9fe37939aab8394a550cd4c272dd15e11 +RIPEMD160(Wireshark 2.4.4 Intel 64.dmg)=9cdf3614de288ae38170fae1d540bb3b874f997b +SHA1(Wireshark 2.4.4 Intel 64.dmg)=c1e169fbf3797a082b638cd8415d20f63d476131 + +You can validate these hashes using the following commands (among others): + + Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 + Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz + macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" + Other: openssl sha256 wireshark-x.y.z.tar.xz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlpXv64ACgkQgiRKeOb+ +ruqbgxAA3QnAr+1jKvBZUCApOSPxe/Hfz3MUoVBdnhj/bCDyAjACRLfRf91ODXPL +KGIt6d33W9N/FyK4M+6woYNHNdBiRW1UUuCsby1Z/0vdZ/LAtwJz6IeqNFS+g3Co +jVMVYBGLivSfwi0ZJWEiP1VILe2vKlUmAfgU5CTgtHrAHMTtrdvZIuzjnMLPNNqZ +1CYA7130Rda2pRWXbZWtgNf10VyRorpcMJ1y6ADZzm66GOJUQ585k0JCYgmLARPJ +1gy/VROrISMkVXETJnw6mR5pnSoqSoUrzz7QJoaDBDHXQugWhdLBDjKAcYTxQDZK +jcpDzPzXVeMF2l6LG+B0zDNzfPhAZHA5E9RRNew1Gth+bhC5UYV4+KW59Ovu3i/e +PfYWjUUmctzsOmibk3icf1PY5b6VqBNC9LMfnhmn/wg/uFDRwBWVe8pyvZCl7TVy +W+Y/YF6buB1L2aacKMmCyM8Gxptd+Tp3gnYrEInUVof+SsLulLrEM83dBEjvT3zr +Bxuv/47ZLSFmKv51/jj/3zNQ7NX3IYJbLTwWdGUsQE8ue2VBKE7mgLmvbtaRpAEh +5z18cPVMzdba7ufYGVt4ZuXR4sWrWBjVsaXWyjhGZxVygR/l0feVm8kcCufVJb4C +jNsdTLruH0Z6P9AuVPFf/ebgbARBytPfQI1zSBwM2NyCDKAwMno= +=uhIZ +-----END PGP SIGNATURE----- diff --git a/wireshark-2.4.3.tar.xz b/wireshark-2.4.3.tar.xz deleted file mode 100644 index 99bd040..0000000 --- a/wireshark-2.4.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e -size 28807920 diff --git a/wireshark-2.4.4.tar.xz b/wireshark-2.4.4.tar.xz new file mode 100644 index 0000000..41733f5 --- /dev/null +++ b/wireshark-2.4.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58 +size 28818372 diff --git a/wireshark.changes b/wireshark.changes index 0c4f078..5f6261f 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Fri Jan 12 19:38:34 UTC 2018 - astieger@suse.com + +- Wireshark 2.4.4: + * fixes for dissector crashes: + + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) + + CVE-2018-5335: WCP dissector could crash (bsc#1075738) + + CVE-2018-5336: Multiple dissector crashes (bsc#1075739) + * No longer enable the Linux kernel BPF JIT compiler via the + net.core.bpf_jit_enable sysctl, as this would make systems + more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753) + * Further bug fixes and updated protocol support as listed in: + ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html + ------------------------------------------------------------------- Fri Dec 1 13:02:14 UTC 2017 - astieger@suse.com diff --git a/wireshark.spec b/wireshark.spec index 2be8b05..2f30bff 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,7 +1,7 @@ # # spec file for package wireshark # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -36,7 +36,7 @@ %bcond_with geoip %endif Name: wireshark -Version: 2.4.3 +Version: 2.4.4 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ AND GPL-3.0+