From 7cd6eeaf362ce78e5ca1b8ba477ff7e4b10480b7d5dfc9e84de168b455687ec0 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Wed, 16 Dec 2020 13:20:47 +0000 Subject: [PATCH] Accepting request 854916 from home:AndreasStieger:branches:network:utilities - Wireshark 3.4.1: * CVE-2020-26418: Kafka dissector memory leak (wnpa-sec-2020-16, boo#1179930) * CVE-2020-26419: Multiple dissector memory leaks (wnpa-sec-2020-19, boo#1179931) * CVE-2020-26420: RTPS dissector memory leak (wnpa-sec-2020-18, boo#1179932) * CVE-2020-26421: USB HID dissector crash (wnpa-sec-2020-17, boo#1179933) OBS-URL: https://build.opensuse.org/request/show/854916 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=324 --- wireshark-3.4.0.tar.xz | 3 -- wireshark-3.4.0.tar.xz.asc | 60 -------------------------------------- wireshark-3.4.1.tar.xz | 3 ++ wireshark-3.4.1.tar.xz.asc | 60 ++++++++++++++++++++++++++++++++++++++ wireshark.changes | 11 +++++++ wireshark.spec | 2 +- 6 files changed, 75 insertions(+), 64 deletions(-) delete mode 100644 wireshark-3.4.0.tar.xz delete mode 100644 wireshark-3.4.0.tar.xz.asc create mode 100644 wireshark-3.4.1.tar.xz create mode 100644 wireshark-3.4.1.tar.xz.asc diff --git a/wireshark-3.4.0.tar.xz b/wireshark-3.4.0.tar.xz deleted file mode 100644 index c7ca047..0000000 --- a/wireshark-3.4.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:67e4ebbd9153fc589fd67dc21b93176674c73adc3d5a43934c3ac69d8594a8ae -size 32502760 diff --git a/wireshark-3.4.0.tar.xz.asc b/wireshark-3.4.0.tar.xz.asc deleted file mode 100644 index 34090f5..0000000 --- a/wireshark-3.4.0.tar.xz.asc +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -wireshark-3.4.0.tar.xz: 32502760 bytes -SHA256(wireshark-3.4.0.tar.xz)=67e4ebbd9153fc589fd67dc21b93176674c73adc3d5a43934c3ac69d8594a8ae -RIPEMD160(wireshark-3.4.0.tar.xz)=cd79a56fdc433109b104ffacd43ba2825999c864 -SHA1(wireshark-3.4.0.tar.xz)=6fdf4f394c287f1e21b48c5293ec1a6e6b627996 - -Wireshark-win64-3.4.0.exe: 61372520 bytes -SHA256(Wireshark-win64-3.4.0.exe)=32113e083409de888468e0bfe74ba98e6d618f9685a56a06f15b0506fdf4e462 -RIPEMD160(Wireshark-win64-3.4.0.exe)=d5bc42e6cda6c0b48d01b1f67cfbed991abf4a35 -SHA1(Wireshark-win64-3.4.0.exe)=e2dd1f2364d58f93fd44f7330a3068d5bed00154 - -Wireshark-win32-3.4.0.exe: 56426880 bytes -SHA256(Wireshark-win32-3.4.0.exe)=638d59e9bebe7289ebee6e493051304ccc5bc22f8f4d9800ff8bdb9966c52ed8 -RIPEMD160(Wireshark-win32-3.4.0.exe)=1eff0cf458742f6e5fd9913c57e62203b492ce95 -SHA1(Wireshark-win32-3.4.0.exe)=1cca54b2066e93416497cafea308c454853fe555 - -Wireshark-win64-3.4.0.msi: 49704960 bytes -SHA256(Wireshark-win64-3.4.0.msi)=a3ab64f0fe2c8d5579ad227b70425bfe55002fca115cd9ae85f4f3962a12e46d -RIPEMD160(Wireshark-win64-3.4.0.msi)=e587a670c7b33dedb8274347d6203170971b30d2 -SHA1(Wireshark-win64-3.4.0.msi)=e7d6b5405a71e4e6e9db30934b4acbff37180409 - -Wireshark-win32-3.4.0.msi: 44670976 bytes -SHA256(Wireshark-win32-3.4.0.msi)=285b4b4062e01ad0ce44d7754b0d8edd344ee5a9afcfc39f56df1be5e04c47e9 -RIPEMD160(Wireshark-win32-3.4.0.msi)=59c67a3fa6dc9548aebf3eb8960cb9b9af6e78d0 -SHA1(Wireshark-win32-3.4.0.msi)=dec5938b8360f9e188bc4165809526cc147a4d08 - -WiresharkPortable_3.4.0.paf.exe: 114903832 bytes -SHA256(WiresharkPortable_3.4.0.paf.exe)=f63dcbc719e5b02eb57f8ca6abec1daa6ffb476dacf5a09a2c705a8e55b55129 -RIPEMD160(WiresharkPortable_3.4.0.paf.exe)=a6f59c40f9117cf4904003fd8f7fe0bfcb48f47c -SHA1(WiresharkPortable_3.4.0.paf.exe)=75898c92549e361e728fa7a6874fc3d90c19f388 - -Wireshark 3.4.0 Intel 64.dmg: 127581931 bytes -SHA256(Wireshark 3.4.0 Intel 64.dmg)=b0a09d499de618de8f17a0456047dd3839b78c3a57e64b6caf5a55ae5c398d8a -RIPEMD160(Wireshark 3.4.0 Intel 64.dmg)=28e3f9ff139bb92949dabd069916fe6485d9ff47 -SHA1(Wireshark 3.4.0 Intel 64.dmg)=5bd85ca4f1ba191378e018e25a608958955f9924 - -You can validate these hashes using the following commands (among others): - - Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 - Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz - macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" - Other: openssl sha256 wireshark-x.y.z.tar.xz ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAl+bJ6AACgkQgiRKeOb+ -rupKzg//cwNUaK4Bj2aJ2A1WR97T3JKha5c5GFSh+3/P8Z443TJK6Ese7sk1iVv/ -GWxr+7j8FfoTDUshn5pJKdLrqa3bxDpO9Ndbc8Q320iRgG20bdWfcNpl6TRRduSN -qHWnAbWBMji3/xVjF1A2rpvf5oSqM846pty0ixfxQefdTvDFKAJof8uEdFMopiUd -YxEj54dbVyzvtzgFO8aRVYgTyAZfSRGDoPoIXUJfLFI9IYwbj2dbnm+LflTz/Omc -Sj5T9M8ppeAIh+IBu0LKSsixDSgL9ZwU8z6Nq+8KMiAt0VE1DRNy0cQ8IQlmcYsV -/LOHfaB0AOmc2piTx4hD5oNfqyoXIuiGFQ0YlUD3HaLLCGrBEeMabhL+SKK/gErU -m2Nbkg5aB3gTmH6QaUpjRf/DVywUFIDhnjHOTjH2nkqvi2ViM4yLctexvFI84jYX -ETZ8slpeV791ZeHiDJBKiaP/n28lbQmgQ6xj4M8EEdpryCcr/SdHTo3trq6TdYgn -uFB7WBu2aU+nKvpGL9q42UhbM7W4a7YaIPXT1yb558PRs88Icc0++i2O7S9UxBnC -rAiwlGKe8caDszAovU17L4UrFjM/5Z320edFJv1B0d3gZN5/jz5JTH7uHA+7Hc81 -qIet5M3eeyegWUudpwT61bZxZq7Hh3kzzHeQFVsjjFm3J+sitf4= -=iLLE ------END PGP SIGNATURE----- diff --git a/wireshark-3.4.1.tar.xz b/wireshark-3.4.1.tar.xz new file mode 100644 index 0000000..df41789 --- /dev/null +++ b/wireshark-3.4.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f8165211f5b4a4f6708df73ef9be51df917927f2da78348b32d3a6eb5fc458a3 +size 32470004 diff --git a/wireshark-3.4.1.tar.xz.asc b/wireshark-3.4.1.tar.xz.asc new file mode 100644 index 0000000..6cd2175 --- /dev/null +++ b/wireshark-3.4.1.tar.xz.asc @@ -0,0 +1,60 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +wireshark-3.4.1.tar.xz: 32470004 bytes +SHA256(wireshark-3.4.1.tar.xz)=f8165211f5b4a4f6708df73ef9be51df917927f2da78348b32d3a6eb5fc458a3 +RIPEMD160(wireshark-3.4.1.tar.xz)=1b5e1fee340c149b70dbe8e8cf935518b06656e8 +SHA1(wireshark-3.4.1.tar.xz)=3c9a24b8954d712a189f997131e283fbd0b606bc + +Wireshark-win32-3.4.1.exe: 56544496 bytes +SHA256(Wireshark-win32-3.4.1.exe)=7fb41f10b7b55fe7208504a1b3ba54346995592f223d85073fafb721b7ae43e8 +RIPEMD160(Wireshark-win32-3.4.1.exe)=5d333fb127c12c4bf9ca1a497e3b44bd8398e8a2 +SHA1(Wireshark-win32-3.4.1.exe)=82a043157828565e10534791874341914563784a + +Wireshark-win64-3.4.1.exe: 61466856 bytes +SHA256(Wireshark-win64-3.4.1.exe)=a078a0d97ed271a97fad294654b581b16db9926e80fd66c916b079d8fece1d45 +RIPEMD160(Wireshark-win64-3.4.1.exe)=34eba5e05371fdbab9a43a5490fc0641923f8483 +SHA1(Wireshark-win64-3.4.1.exe)=8d44d796c5b40a2fbbc93a553d932724669b681c + +Wireshark-win32-3.4.1.msi: 44761088 bytes +SHA256(Wireshark-win32-3.4.1.msi)=384d36b8d0a96e785ef79ba83ed35c9628571471a22faad3f88d3f16c5dd5ead +RIPEMD160(Wireshark-win32-3.4.1.msi)=c200f5a7f7d358198e753e79dc884c8baef0a9aa +SHA1(Wireshark-win32-3.4.1.msi)=2df5374db72f65b7a13f34252e995bbc98de9836 + +Wireshark-win64-3.4.1.msi: 49778688 bytes +SHA256(Wireshark-win64-3.4.1.msi)=fec6cc2f9df755e7b3d5aa04e6483cdaf3acb06a6aaa7ec84568f13d374a2df2 +RIPEMD160(Wireshark-win64-3.4.1.msi)=8e8b9d09c3fd0b58cc4a9c34cd24fd251b8efe3f +SHA1(Wireshark-win64-3.4.1.msi)=0c05bd26fbf877b450c90997cfc3fe2cf1592c55 + +WiresharkPortable_3.4.1.paf.exe: 114716632 bytes +SHA256(WiresharkPortable_3.4.1.paf.exe)=3b1ef47fd88aa17e586be57f096213c3ee1a0ae5eace46eba4abfb8a8450219b +RIPEMD160(WiresharkPortable_3.4.1.paf.exe)=56f45264fb188ba799659f501a4006b5062b3540 +SHA1(WiresharkPortable_3.4.1.paf.exe)=f726b13570150bc2d4441ca8ff3cff97aa773325 + +Wireshark 3.4.1 Intel 64.dmg: 127368038 bytes +SHA256(Wireshark 3.4.1 Intel 64.dmg)=a5bb21db6410c3151f48afc39e0d0e4a270bb87b8102e8b9348df3e3455bb241 +RIPEMD160(Wireshark 3.4.1 Intel 64.dmg)=93e87bd6ab58d4ddc727e5d52f6f94ddc29e354f +SHA1(Wireshark 3.4.1 Intel 64.dmg)=33f6b2b6d11d9efaea14916645803327ada1de41 + +You can validate these hashes using the following commands (among others): + + Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 + Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz + macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" + Other: openssl sha256 wireshark-x.y.z.tar.xz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAl/RfjwACgkQgiRKeOb+ +ruoTDhAA0HpsQJCbCM4dhzQNE9BnGLde6uAXCgwvKzi1Qo+0i5WgUi6ilQADyEKB +eHdpBw3s5YT42pH6o5H/VYAbVMuL8rOoWiPeyZxUpXRHl5jmrE3jxDbLFZ3UTkZh +zn71y51G601IGWdCoDXOaGYVKSbgZC4BvESngcXC+TGovvim5lGWENK4buU8UgZT +7IxI01xynUCRYxpP9dgrei9AR0GjGZz2VPI+d2dm7ggvOHSIhOlpVaJLlMfd09jl +E+E+sIkDdlLLNd7xHNBKVv6cuxNc65ebeHaSjHlFsqX3WOAQQ/iKKvYEqTv7/fTH +UKG3jq8CPJhgQNM0L40dyF5Ld4iF8HiVHmIh01Yx8IzPMqPtnNEhqYT6GxekZxZT +xEepfYaxGUznwQa2wCOZX5fy9yVyv5mASW8vyDy5di1EbQKd4qu0mPNBn9nj3RRW +9VNGvGQorAOneNKfK54PcRyQZMqAkCysey7jtNI6QpDCgonVYa3N6h4cx2NE5wky +5ZKX7lIrBKlROy31e0OsYoFPp3NPXqUry1do86JXUw3PHyvxpna7qijFdBOhVpz/ +JVMQPptdJUF0MWU7Sa0fpdICpufvB1kggSDkEmmpK134WulKxy3VdYBwFd4Tl1rG +9grkyx0qZEAeGOM3erN2hO7tdXkacpPVnNw/l6VtUFKj66HIXOI= +=TDyj +-----END PGP SIGNATURE----- diff --git a/wireshark.changes b/wireshark.changes index 26218c0..194ea6c 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Fri Dec 11 14:44:07 UTC 2020 - Andreas Stieger + +- Wireshark 3.4.1: + * CVE-2020-26418: Kafka dissector memory leak (wnpa-sec-2020-16, boo#1179930) + * CVE-2020-26419: Multiple dissector memory leaks (wnpa-sec-2020-19, boo#1179931) + * CVE-2020-26420: RTPS dissector memory leak (wnpa-sec-2020-18, boo#1179932) + * CVE-2020-26421: USB HID dissector crash (wnpa-sec-2020-17, boo#1179933) + * Fix IETF QUIC TLS decryption errors + * Fix failures or crashes in various dissectors + ------------------------------------------------------------------- Fri Oct 30 20:40:13 UTC 2020 - Andreas Stieger diff --git a/wireshark.spec b/wireshark.spec index 71bb13b..0893f7f 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -27,7 +27,7 @@ %bcond_with lz4 %endif Name: wireshark -Version: 3.4.0 +Version: 3.4.1 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0-or-later AND GPL-3.0-or-later