From 977d0286fe87cfcabcd55917e01aa8518472236209f42e53eacc3fc442d6c0ff Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Wed, 13 May 2015 12:00:57 +0000 Subject: [PATCH] Accepting request 306748 from home:AndreasStieger:branches:network:utilities - Wireshark 1.12.5 [boo#930689] - The following vulnerabilities have been fixed: * The LBMR dissector could go into an infinite loop. CVE-2015-3808 CVE-2015-3809 wnpa-sec-2015-12 * The WebSocket dissector could recurse excessively. CVE-2015-3810 wnpa-sec-2015-13 * The WCP dissector could crash while decompressing data. CVE-2015-3811 wnpa-sec-2015-14 * The X11 dissector could leak memory. CVE-2015-3812 wnpa-sec-2015-15 * The packet reassembly code could leak memory. CVE-2015-3813 wnpa-sec-2015-16 * The IEEE 802.11 dissector could go into an infinite loop. CVE-2015-3814 wnpa-sec-2015-17 * The Android Logcat file parser could crash. CVE-2015-3815 wnpa-sec-2015-18 - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html OBS-URL: https://build.opensuse.org/request/show/306748 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=142 --- SIGNATURES-1.12.4.txt | 44 ---------------------------------------- SIGNATURES-1.12.5.txt | 44 ++++++++++++++++++++++++++++++++++++++++ wireshark-1.12.4.tar.bz2 | 3 --- wireshark-1.12.5.tar.bz2 | 3 +++ wireshark.changes | 22 ++++++++++++++++++++ wireshark.spec | 2 +- 6 files changed, 70 insertions(+), 48 deletions(-) delete mode 100644 SIGNATURES-1.12.4.txt create mode 100644 SIGNATURES-1.12.5.txt delete mode 100644 wireshark-1.12.4.tar.bz2 create mode 100644 wireshark-1.12.5.tar.bz2 diff --git a/SIGNATURES-1.12.4.txt b/SIGNATURES-1.12.4.txt deleted file mode 100644 index 99d035c..0000000 --- a/SIGNATURES-1.12.4.txt +++ /dev/null @@ -1,44 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -wireshark-1.12.4.tar.bz2: 29257016 bytes -MD5(wireshark-1.12.4.tar.bz2)=acfa156fd35cb66c867b1ace992e4b5b -SHA1(wireshark-1.12.4.tar.bz2)=dbbd4090c02fe170f35b26fa26d8aba0b399c659 -RIPEMD160(wireshark-1.12.4.tar.bz2)=54688b20fb8b0a7ebe652fb53425ff259313286e - -Wireshark-win64-1.12.4.exe: 29836080 bytes -MD5(Wireshark-win64-1.12.4.exe)=f0d3d1aa6d245eab052d403127f68bb9 -SHA1(Wireshark-win64-1.12.4.exe)=2787a4d03028eeb7150030351360242cdc4eab52 -RIPEMD160(Wireshark-win64-1.12.4.exe)=4151c88f1413cdd7db3831403dfc282eb80a8e50 - -Wireshark-win32-1.12.4.exe: 23588136 bytes -MD5(Wireshark-win32-1.12.4.exe)=e530f1874d02ba63f695f5c5de86bdcb -SHA1(Wireshark-win32-1.12.4.exe)=23179144338e331037ac9350d2d1e6408f3cf7ba -RIPEMD160(Wireshark-win32-1.12.4.exe)=1f3c7d02cf1467f82d2f2116ef4f242989f54fe4 - -WiresharkPortable-1.12.4.paf.exe: 29880720 bytes -MD5(WiresharkPortable-1.12.4.paf.exe)=3c33042f1c48a5d2bc62a16a85dbc238 -SHA1(WiresharkPortable-1.12.4.paf.exe)=8c96c98d83e44adce7d01907f5173796418af976 -RIPEMD160(WiresharkPortable-1.12.4.paf.exe)=812050cc37dbde54ff498c203bafc5f7f66c468d - -Wireshark 1.12.4 Intel 64.dmg: 26392204 bytes -MD5(Wireshark 1.12.4 Intel 64.dmg)=98d79ce11886f9eb9b954130cafe9c5c -SHA1(Wireshark 1.12.4 Intel 64.dmg)=e57ba60fdf13e7b273a97ae36bd47547cf5a5823 -RIPEMD160(Wireshark 1.12.4 Intel 64.dmg)=bcf7857b3afe34a4fae2b9d6ab338da6e32002df - -Wireshark 1.12.4 Intel 32.dmg: 21822008 bytes -MD5(Wireshark 1.12.4 Intel 32.dmg)=40bfdf78e69dc100796476bd432ec743 -SHA1(Wireshark 1.12.4 Intel 32.dmg)=24868f5930a00cc0c5b86383bc1e71d39d1099b3 -RIPEMD160(Wireshark 1.12.4 Intel 32.dmg)=947a65b6401a3d628382e6a1d1b757632f2d6b23 - -patch-wireshark-1.12.3-to-1.12.4.bz2: 338867 bytes -MD5(patch-wireshark-1.12.3-to-1.12.4.bz2)=9482de275f5aec9c7adbdb7627be43b3 -SHA1(patch-wireshark-1.12.3-to-1.12.4.bz2)=d720a734e49f41e99148e0eb988aca5a4e0b7f5f -RIPEMD160(patch-wireshark-1.12.3-to-1.12.4.bz2)=74605d9b35a616f50303579ba53348f89bde1476 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEARECAAYFAlT3S0IACgkQpw8IXSHylJocTwCgpAKRvaUV7sXUU00JdhbuNZL/ -UKEAmgOhpIYQUa/o/qPwu1wrbzKvjnQT -=JAcA ------END PGP SIGNATURE----- diff --git a/SIGNATURES-1.12.5.txt b/SIGNATURES-1.12.5.txt new file mode 100644 index 0000000..29cdb49 --- /dev/null +++ b/SIGNATURES-1.12.5.txt @@ -0,0 +1,44 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +wireshark-1.12.5.tar.bz2: 29208507 bytes +MD5(wireshark-1.12.5.tar.bz2)=9ee199dde4f36a3d71f7b81dd6764e93 +SHA1(wireshark-1.12.5.tar.bz2)=379686f0b6355ae2e6b3f7055578317a07ce5590 +RIPEMD160(wireshark-1.12.5.tar.bz2)=ba455ae98be0241e219df83496b3b79c92f0497d + +Wireshark-win64-1.12.5.exe: 29840448 bytes +MD5(Wireshark-win64-1.12.5.exe)=cd0e2251104e08fc84428c57d1fd787d +SHA1(Wireshark-win64-1.12.5.exe)=df31921df2ab5fd7986986f38fa14579210f24bc +RIPEMD160(Wireshark-win64-1.12.5.exe)=f0dc3e83eb9f6f32b07c77bfe2180683db9a09dc + +Wireshark-win32-1.12.5.exe: 23597072 bytes +MD5(Wireshark-win32-1.12.5.exe)=66c22b82632d178e1207d54cc3ccc657 +SHA1(Wireshark-win32-1.12.5.exe)=60f9a69d76ce98c790645336d16f0e4ba647af3e +RIPEMD160(Wireshark-win32-1.12.5.exe)=3263508ffa7259fe2e8d5a38acd311719a61aa51 + +WiresharkPortable-1.12.5.paf.exe: 29892320 bytes +MD5(WiresharkPortable-1.12.5.paf.exe)=e714fff8702028fd5c5ef54d6967732a +SHA1(WiresharkPortable-1.12.5.paf.exe)=29aa19cb85e86b6c0567c1708869241e639c846c +RIPEMD160(WiresharkPortable-1.12.5.paf.exe)=89b0e98e9177553f3c46092c70b8fe304a538dc7 + +Wireshark 1.12.5 Intel 32.dmg: 21866339 bytes +MD5(Wireshark 1.12.5 Intel 32.dmg)=9c8769145bbc85350dcc3da4821ee0a7 +SHA1(Wireshark 1.12.5 Intel 32.dmg)=0abac1fccb69641b88403298361dbebcecee84fa +RIPEMD160(Wireshark 1.12.5 Intel 32.dmg)=087d26a9d15e4b4a8fc40a8b37b8496768c3a9c4 + +Wireshark 1.12.5 Intel 64.dmg: 26415405 bytes +MD5(Wireshark 1.12.5 Intel 64.dmg)=2b330fd3fa6d91757b80856b9b17ab44 +SHA1(Wireshark 1.12.5 Intel 64.dmg)=72ab78277fff15618616746c9104d651654d8bfc +RIPEMD160(Wireshark 1.12.5 Intel 64.dmg)=003c6ec905c5f79c36390a35d341fd3d3f5a349d + +patch-wireshark-1.12.4-to-1.12.5.bz2: 219623 bytes +MD5(patch-wireshark-1.12.4-to-1.12.5.bz2)=0f472eef369fe22104db470a40e9e0c7 +SHA1(patch-wireshark-1.12.4-to-1.12.5.bz2)=aac68a04801d8735e2ae73bbb832576050e2af99 +RIPEMD160(patch-wireshark-1.12.4-to-1.12.5.bz2)=44ed6f63b9e5e80a73ff1fc9bd3158f3c75f2e8b +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEARECAAYFAlVSbO4ACgkQpw8IXSHylJosLACfQupn1OUF94QPaN9eN3Ku1xKV +pjcAn1J8oiHzN0W0P6MFA8XbP86MO6kz +=XUYb +-----END PGP SIGNATURE----- diff --git a/wireshark-1.12.4.tar.bz2 b/wireshark-1.12.4.tar.bz2 deleted file mode 100644 index 40d6599..0000000 --- a/wireshark-1.12.4.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:de804e98e252e4b795d28d6ac2d48d7f5aacd9b046ee44d44266983795ebc312 -size 29257016 diff --git a/wireshark-1.12.5.tar.bz2 b/wireshark-1.12.5.tar.bz2 new file mode 100644 index 0000000..2e8d0f4 --- /dev/null +++ b/wireshark-1.12.5.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d0f177b2ef49e4deae4ff7d3299bdd295ba558a3934ce8ae489b2f13927cbd82 +size 29208507 diff --git a/wireshark.changes b/wireshark.changes index ff9e99f..a48fd4e 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Wed May 13 10:44:58 UTC 2015 - astieger@suse.com + +- Wireshark 1.12.5 [boo#930689] +- The following vulnerabilities have been fixed: + * The LBMR dissector could go into an infinite loop. + CVE-2015-3808 CVE-2015-3809 wnpa-sec-2015-12 + * The WebSocket dissector could recurse excessively. + CVE-2015-3810 wnpa-sec-2015-13 + * The WCP dissector could crash while decompressing data. + CVE-2015-3811 wnpa-sec-2015-14 + * The X11 dissector could leak memory. + CVE-2015-3812 wnpa-sec-2015-15 + * The packet reassembly code could leak memory. + CVE-2015-3813 wnpa-sec-2015-16 + * The IEEE 802.11 dissector could go into an infinite loop. + CVE-2015-3814 wnpa-sec-2015-17 + * The Android Logcat file parser could crash. + CVE-2015-3815 wnpa-sec-2015-18 +- Further bug fixes and updated protocol support as listed in: + https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html + ------------------------------------------------------------------- Tue Apr 28 02:13:25 UTC 2015 - crrodriguez@opensuse.org diff --git a/wireshark.spec b/wireshark.spec index 568f208..be66f3c 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -25,7 +25,7 @@ %define use_gnutls 0%{?suse_version} >= 1310 || 0%{?suse_version} == 1110 Name: wireshark -Version: 1.12.4 +Version: 1.12.5 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ and GPL-3.0+