From bf9f73340cdc5951585252bc34f7c88898d43b6d2f6c1c137d150c62b61536c7 Mon Sep 17 00:00:00 2001 From: Robert Frohl Date: Thu, 10 Jan 2019 14:25:52 +0000 Subject: [PATCH] Accepting request 664391 from home:rfrohl:branches:network:utilities - Wireshark 2.6.6 * CVE-2019-5716: The 6LoWPAN dissector could crash (bsc#1121231) * CVE-2019-5717: The P_MUL dissector could crash (bsc#1121232) * CVE-2019-5718: The RTSE dissector and other dissectors could crash (bsc#1121233) * CVE-2019-5719: The ISAKMP dissector could crash (bsc#1121234) - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.6.html OBS-URL: https://build.opensuse.org/request/show/664391 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=267 --- SIGNATURES-2.6.5.txt | 60 ------------------------------------------ SIGNATURES-2.6.6.txt | 60 ++++++++++++++++++++++++++++++++++++++++++ wireshark-2.6.5.tar.xz | 3 --- wireshark-2.6.6.tar.xz | 3 +++ wireshark.changes | 11 ++++++++ wireshark.spec | 6 ++--- 6 files changed, 77 insertions(+), 66 deletions(-) delete mode 100644 SIGNATURES-2.6.5.txt create mode 100644 SIGNATURES-2.6.6.txt delete mode 100644 wireshark-2.6.5.tar.xz create mode 100644 wireshark-2.6.6.tar.xz diff --git a/SIGNATURES-2.6.5.txt b/SIGNATURES-2.6.5.txt deleted file mode 100644 index c4d95c7..0000000 --- a/SIGNATURES-2.6.5.txt +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -wireshark-2.6.5.tar.xz: 28390292 bytes -SHA256(wireshark-2.6.5.tar.xz)=93155b798544b2f07693920f4ac1b531c952965ee4eb1d98419961240177438a -RIPEMD160(wireshark-2.6.5.tar.xz)=0f840f0ef8747ba808ac17660bb54f3ff9dfdc4b -SHA1(wireshark-2.6.5.tar.xz)=556a8e084230e6359c86daf578d25c6f443458bb - -Wireshark-win32-2.6.5.exe: 53798712 bytes -SHA256(Wireshark-win32-2.6.5.exe)=9c9a459cec8866b82f68e35d6376d6d121123f3551bd83a17b36193e32828d2f -RIPEMD160(Wireshark-win32-2.6.5.exe)=7e7a667c9169075f23bf28b4b39604396a89b529 -SHA1(Wireshark-win32-2.6.5.exe)=333556211a0e48eff4778404b809d3fb49414b8b - -Wireshark-win64-2.6.5.exe: 59537312 bytes -SHA256(Wireshark-win64-2.6.5.exe)=1ee5afdc18efda2781a88da6a360a28ae88feaaecdc7c3246fb98767abcc7654 -RIPEMD160(Wireshark-win64-2.6.5.exe)=65e9962f4c52af124a657e157fb91ee303affa2e -SHA1(Wireshark-win64-2.6.5.exe)=126b32d7e11bfb42b86c87920ea231e213defc5c - -Wireshark-win32-2.6.5.msi: 43286528 bytes -SHA256(Wireshark-win32-2.6.5.msi)=a63cbb2da79ef80ae8855ef4cfbd92285de9655833e2dd1897d84cdb83246141 -RIPEMD160(Wireshark-win32-2.6.5.msi)=8ebabf8958167bd68a69a754cc36a0f008a1b354 -SHA1(Wireshark-win32-2.6.5.msi)=1b74d74a9c9d54d7507be198c891ab00905931f6 - -Wireshark-win64-2.6.5.msi: 48926720 bytes -SHA256(Wireshark-win64-2.6.5.msi)=3882cabc355ee298e4a8e6940cc67c286c349b85e76dfc63fe532f0555cba004 -RIPEMD160(Wireshark-win64-2.6.5.msi)=d49c115e92373529049e7689ba693e8101dad9de -SHA1(Wireshark-win64-2.6.5.msi)=0433bbf10eef0b0d8949a6145c4ebcfdfbf49e6a - -WiresharkPortable_2.6.5.paf.exe: 37034016 bytes -SHA256(WiresharkPortable_2.6.5.paf.exe)=2c6e3831da69c840f7904deb05542984c03f0de9d3979487ef7a557308c3b1a6 -RIPEMD160(WiresharkPortable_2.6.5.paf.exe)=214876b0f4b7a8f7fac79591b777fad243c6e5c6 -SHA1(WiresharkPortable_2.6.5.paf.exe)=f52d430442028a2d1da33c0fad98e353128f8f10 - -Wireshark 2.6.5 Intel 64.dmg: 168574656 bytes -SHA256(Wireshark 2.6.5 Intel 64.dmg)=b4e2cb6c9ddb0f700ef8eaba9f19248f92069a27622620646f46640e294c678f -RIPEMD160(Wireshark 2.6.5 Intel 64.dmg)=93e33202129eb42165324451e6065b62560c76ab -SHA1(Wireshark 2.6.5 Intel 64.dmg)=0b0cef24d1b1d5aaf13f6b918c24e187aac6a8b9 - -You can validate these hashes using the following commands (among others): - - Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 - Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz - macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" - Other: openssl sha256 wireshark-x.y.z.tar.xz ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlv+974ACgkQgiRKeOb+ -rup3rA/9F4oW6OTxwHwA8iatbBpz2+1qZX5aV/qAXdbsMvMoW09IQQA3Zc7AkGKG -YR/23nrcvNv0qW3fe+NldLL2W/gdWFebtZNTGrIgtj2aphQV7XrzTwpubbspZK1r -Cl3CzGlnVjF4a5v1dw6IhiCO0vh/zaqr97OlwHg3qPMeQUmXRQr1CWR1p9xOtx2E -d2lQ4ACW7cbfy1uQ13SF5qBkucB/v09NDum2DQSxqUXt7Kjo78MY81fV/JrPU5hD -mL/GPAORXlXg7ybhX9MT37Vfjgk97blZryvZ8Y78cLnTl9zqQcLGN/EWgA2FDnPO -1SdL3N3WXsTrZliqaIOGZuajkUoSgI7QruJhiMVCUMLUv3ALNHlMYiiPoZ2pV97F -Z6IuRRoIBvCJKsLQZKJISSV7xd+hZnhGKOdfeZ3FrjaU61MxCXQXrZuzycINwm0L -By1ePIPFz0vJSBw/kc3WRb2Xvik47iPHBgI49cAjBa0OjVn7AztlwaTpDF1NVuUt -iMxPCReOHQxxlS8llm87jrHaFtePaPFGpi1TCghUfxNaXU64X39kkffPnCuUEO/U -Tw+kT9MzmzB25J5aafKJ3VQe8GZqNrqWtssyu5L2CkYaqPtyRCrgIWaxbF950xbv -JrsaCoSODO91q7LONqiNeRjkATJS97s9QXBLHnE3C3G0rGlhcmc= -=cW8J ------END PGP SIGNATURE----- diff --git a/SIGNATURES-2.6.6.txt b/SIGNATURES-2.6.6.txt new file mode 100644 index 0000000..2e45bf2 --- /dev/null +++ b/SIGNATURES-2.6.6.txt @@ -0,0 +1,60 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +wireshark-2.6.6.tar.xz: 28407404 bytes +SHA256(wireshark-2.6.6.tar.xz)=487933ea075bdbb25d8df06017d9c4f49fc20eb7f6ec80af086718ed5550e863 +RIPEMD160(wireshark-2.6.6.tar.xz)=5c5750e277e647a58916229f19d883a99e31046a +SHA1(wireshark-2.6.6.tar.xz)=d3d2f45a85e6f43a69c745b5c733e70dbc8cc535 + +Wireshark-win64-2.6.6.exe: 60015792 bytes +SHA256(Wireshark-win64-2.6.6.exe)=e440a059fba3572000b5695ca89438d5765b9d73d830556344d7e8cdad071617 +RIPEMD160(Wireshark-win64-2.6.6.exe)=74c33427b0527fc05c4e97a94177f6895ad72beb +SHA1(Wireshark-win64-2.6.6.exe)=597a32ada9c2c51dae6b6c1e881ca50f74081136 + +Wireshark-win32-2.6.6.exe: 54286272 bytes +SHA256(Wireshark-win32-2.6.6.exe)=a76e70694b1914c3bf2c5267c234d44db58a605b88c274473368cb57b4262c1f +RIPEMD160(Wireshark-win32-2.6.6.exe)=a5df535decec4304088c4f9b6c219e212ab0ba9a +SHA1(Wireshark-win32-2.6.6.exe)=0826853320be66fc8afbc5f9d2520de5a96e92d3 + +Wireshark-win64-2.6.6.msi: 49385472 bytes +SHA256(Wireshark-win64-2.6.6.msi)=9ca2a067f33f551da479a2b760a943f340e6996db155832ba1c486e3c3afe272 +RIPEMD160(Wireshark-win64-2.6.6.msi)=e93c8fa321d521517b12bb0704e4c27df566243e +SHA1(Wireshark-win64-2.6.6.msi)=d9b5558c052c6db9caa5bd294ff61965e0a79dce + +Wireshark-win32-2.6.6.msi: 43753472 bytes +SHA256(Wireshark-win32-2.6.6.msi)=a700512870239f5b17311eab223eaf319e17c8d66d1676aa5327c2c5688b17c6 +RIPEMD160(Wireshark-win32-2.6.6.msi)=285f2f2d8417e3730df84fcef556b77c993159e4 +SHA1(Wireshark-win32-2.6.6.msi)=e7008b63cd6c7223a8456234dc49517ca7f40810 + +WiresharkPortable_2.6.6.paf.exe: 37492944 bytes +SHA256(WiresharkPortable_2.6.6.paf.exe)=8003dd25e6971cc97350df4c715ad56be873930f08328dbeee253349808cc0ae +RIPEMD160(WiresharkPortable_2.6.6.paf.exe)=58013de0b67d5c5cad6ae6d779aacfb53ce4b532 +SHA1(WiresharkPortable_2.6.6.paf.exe)=624aa86801388b715db2cebfcd21376a6d75cbca + +Wireshark 2.6.6 Intel 64.dmg: 108149698 bytes +SHA256(Wireshark 2.6.6 Intel 64.dmg)=71920bf98e2867703759b0c98395480f88dee1c332efd3f2bc6a91eaec75b0a3 +RIPEMD160(Wireshark 2.6.6 Intel 64.dmg)=42a33054c01bbdd1834c93970b26967954053d42 +SHA1(Wireshark 2.6.6 Intel 64.dmg)=45d4d188b151caf11724435640344c02f9746f9b + +You can validate these hashes using the following commands (among others): + + Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 + Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz + macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" + Other: openssl sha256 wireshark-x.y.z.tar.xz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlw1EHkACgkQgiRKeOb+ +rupgmxAAuZqKAZK+/yDUNB0CgnKNzAp/i3WAIg/HgeqdRbuRUqx0uVO6WUVPqe5n +wMEsIZ9w+j10FM5Hd0Huf50bjxUpG02tdJN67u54zpKyvIDAj/qF1UWLBCzi2TFo +NOAbFhW+SiWFM1ui5h3mKhQu7TrTzoB/UPFQPIikNHYA4xONBvmnHK2rVZnnLvZ6 +Dy2eHT2sqH7UFL7lisAhFlnr6co3PktF1EvIEFCp5YzrZZ7oTU6SlFrnWVgwD7yA +SHscrxJXH42fPlOZn2+huuFjN/cGYRzVQJckD5CCKMqV6qTnxPcUtwk4LTmGlbtM +0y0m22NMunc6czky60xl9qklwi/ODUbEDz/doUW6sZQu23/iSh/O9ja+WzSUVBnM +JeN2scpbobIOwmoKaKa/XUIgRAzIxcMVukN/9l1KEsiaqA97Oo8c2Li6+p9OZL76 +bUg4l0rpvzP+vsdjfWPiyqZNakkTFAr1HiiNVnUGrtcsYv3q8E9g2fpcmJ4rdcBV +VcT4ZoxKYPfmmb3WTfVetzCQ6NXgYb6ZFywLfDdoz1R5eC005ImAD0/fYqzbKqFw +UR1oJ/qm5BIBsPHTAspnC9omRX+b5nlF7HVdDC8aOz1aEe/5WqjCIgqKbhUULF26 +6w1GScqZvh7YQU5lUShX62z61kiSwj+5KZtgLM+ln9sXuojglYA= +=7zRw +-----END PGP SIGNATURE----- diff --git a/wireshark-2.6.5.tar.xz b/wireshark-2.6.5.tar.xz deleted file mode 100644 index c4c2302..0000000 --- a/wireshark-2.6.5.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:93155b798544b2f07693920f4ac1b531c952965ee4eb1d98419961240177438a -size 28390292 diff --git a/wireshark-2.6.6.tar.xz b/wireshark-2.6.6.tar.xz new file mode 100644 index 0000000..2ea82f9 --- /dev/null +++ b/wireshark-2.6.6.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:487933ea075bdbb25d8df06017d9c4f49fc20eb7f6ec80af086718ed5550e863 +size 28407404 diff --git a/wireshark.changes b/wireshark.changes index fd0af73..3f97e63 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Wed Jan 9 15:04:35 UTC 2019 - Robert Frohl + +- Wireshark 2.6.6 + * CVE-2019-5716: The 6LoWPAN dissector could crash (bsc#1121231) + * CVE-2019-5717: The P_MUL dissector could crash (bsc#1121232) + * CVE-2019-5718: The RTSE dissector and other dissectors could crash (bsc#1121233) + * CVE-2019-5719: The ISAKMP dissector could crash (bsc#1121234) +- Further bug fixes and updated protocol support as listed in: + https://www.wireshark.org/docs/relnotes/wireshark-2.6.6.html + ------------------------------------------------------------------- Thu Nov 29 08:58:27 UTC 2018 - astieger@suse.com diff --git a/wireshark.spec b/wireshark.spec index a5b652f..e70a7ca 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,7 +1,7 @@ # # spec file for package wireshark # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -37,7 +37,7 @@ %bcond_with lz4 %endif Name: wireshark -Version: 2.6.5 +Version: 2.6.6 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0-or-later AND GPL-3.0-or-later