Wireshark 2.6.1 bsc#1094301 boo#1094301

OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=251
2018-05-23 12:20:24 +00:00 · 2018-05-23 12:20:24 +00:00 · d83bdb3f10
commit d83bdb3f10
parent 3ea9a01813
7 changed files with 146 additions and 64 deletions
--- a/SIGNATURES-2.6.0.txt
+++ b/SIGNATURES-2.6.0.txt
@ -1,60 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-wireshark-2.6.0.tar.xz: 28314868 bytes
-SHA256(wireshark-2.6.0.tar.xz)=711c7f01d27a8817d58277a5487cef3e3c7bab1c8caaf8f4c92aa21015b9117f
-RIPEMD160(wireshark-2.6.0.tar.xz)=4eb1a446dabff8f452737ea22bfc341a3be89a3f
-SHA1(wireshark-2.6.0.tar.xz)=d1f53751c5b24d6b1695117fb396a6b202e88451
-
-Wireshark-win64-2.6.0.exe: 59943760 bytes
-SHA256(Wireshark-win64-2.6.0.exe)=a5c276cd3b2b3023b597debdf292cccb7f7f64400cd40d2ef5dd139d18424936
-RIPEMD160(Wireshark-win64-2.6.0.exe)=0b5bd8f1ccd332cce5fe84da4a738015a223d597
-SHA1(Wireshark-win64-2.6.0.exe)=c40d1d86fe64a5a25d80b60d51bdb3bcc8bda0e5
-
-Wireshark-win32-2.6.0.exe: 54218808 bytes
-SHA256(Wireshark-win32-2.6.0.exe)=d96e76ab9d5d94cb70cd7686ff0302d482a5be79ae8fc95934902de79b9be94b
-RIPEMD160(Wireshark-win32-2.6.0.exe)=c8c84d84afa90199f1a54374e31c53a860182c76
-SHA1(Wireshark-win32-2.6.0.exe)=3f9444afff971703f0a8c1913ce688cf6a28f205
-
-Wireshark-win64-2.6.0.msi: 49328128 bytes
-SHA256(Wireshark-win64-2.6.0.msi)=aa8765c8b398f177ef960e2a936bdb20f21f0df7327fec65098c80f975a601ec
-RIPEMD160(Wireshark-win64-2.6.0.msi)=6fde01e3ad151fbdc0c5cbb42e4fc2a4b71a0798
-SHA1(Wireshark-win64-2.6.0.msi)=7f1c374bcb54888deaee420335413bea0e0e8f92
-
-Wireshark-win32-2.6.0.msi: 43687936 bytes
-SHA256(Wireshark-win32-2.6.0.msi)=e44de9f328657bc68fba991fb1edae905cad579e6d153acc032597acd081c523
-RIPEMD160(Wireshark-win32-2.6.0.msi)=51de3c000f9b28907f9ecfb01d6f5fb98be76ab8
-SHA1(Wireshark-win32-2.6.0.msi)=4b1ee29fec281170975c05388e1eb2d4ecae0cf9
-
-WiresharkPortable_2.6.0.paf.exe: 37448928 bytes
-SHA256(WiresharkPortable_2.6.0.paf.exe)=59a0e2708988222032a5b0dfd30a5e64b11d2c947f70b0d77fd0a1f4890a3c53
-RIPEMD160(WiresharkPortable_2.6.0.paf.exe)=e9f627ae37b861f09a80fe4bf88762a118824698
-SHA1(WiresharkPortable_2.6.0.paf.exe)=c88b195266620a1a6dee64e11ec4dc9501d5fcba
-
-Wireshark 2.6.0 Intel 64.dmg: 168876995 bytes
-SHA256(Wireshark 2.6.0 Intel 64.dmg)=0d20a6075a7c92ed37cefa19ba9ae128d53ed06038c633043b43dd3f0091cd83
-RIPEMD160(Wireshark 2.6.0 Intel 64.dmg)=1faa9631276f34de78b3b690751165d5b408faee
-SHA1(Wireshark 2.6.0 Intel 64.dmg)=fefc72db0abab71fedd5f1efda3f0e4f11a0a4b1
-
-You can validate these hashes using the following commands (among others):
-
-    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
-    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
-    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
-    Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlrfd7YACgkQgiRKeOb+
-ruqTLA//b47ghEriokmSRL8IfLgRuloDuOkEvb87vqUhzI5RzPUyqkqrnElI9Uj4
-CbwMwpTUAbzoGreNGlRntQonLlw3p/hPl9/9CdRnkhw1l1SLA9d1ya02luRHmWkN
-+gHOq12V0CGYx5W7mh49BjDHHSCEfDxTakHdYU7rSdoC39I4iSaDctVDc6+GgLC6
-iWNvIk2LtQ7BWbB8YXR+AlYgUBR2KNE3vC3qwM8J1pBVCyiihvjdoV4BkxQGZ6OC
-sxAZ0tFLSZ3mQVocYxUyVm2rMlXYIJTjSLVkvgJs3y/jwROHsV8jkSm/CK+eXgdw
-XwaJeRbJP4ItpmwP2HsTYvnjdTe+oJ2E73DJ0NtpYjSlA1+gvbVznGLXiXlIDwWm
-/ZtrKcmi25fsPKjmwJjaUrhGtiu0SARvoWF0J4SIqopPAPtUXTyYcjp3GFkMIBmj
-lwiYPAm8+FXtPE0Tj/Ko0dfL10wjZfliZuz5/AaazeTnrZ7V8hX+foBHaa+mH9sR
-J3BZDhXArPKuWyORrHnFsc+qGNvRPl9UUfYVuZ59TZca0zzir4j5SFaWI9lqh0pT
-jxIWoZ6UIZT8Zk2dwC+YLH7JEuolcwHi0JyRvWnymqoQXtGvjZzy69WbIwd7Lny5
-ljSbUI5zbsRPTzRKYzIopUjx9qrR0EYMDpGPvfUJ3tu1Z1VoenQ=
-=AIK8
-----END PGP SIGNATURE-----
--- a/SIGNATURES-2.6.1.txt
+++ b/SIGNATURES-2.6.1.txt
@ -0,0 +1,60 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+wireshark-2.6.1.tar.xz: 28386244 bytes
+SHA256(wireshark-2.6.1.tar.xz)=ab6e5bbc3464c956347b8671ce8397950ad5daff3bf9964c967d495f4ddbcd88
+RIPEMD160(wireshark-2.6.1.tar.xz)=a7f187de0c44b801b51e8b72df41681bbc1835f8
+SHA1(wireshark-2.6.1.tar.xz)=a0cf45d99ab9a42e087af150cbdec08650b9977a
+
+Wireshark-win64-2.6.1.exe: 59945592 bytes
+SHA256(Wireshark-win64-2.6.1.exe)=7fea0e6edf6e6a10d277a354fc9982c6d15c2f2aa05ec13c714e077b8c8760a9
+RIPEMD160(Wireshark-win64-2.6.1.exe)=8dd17fbbd6a149aa17a264bd32c5cc39e6d5211c
+SHA1(Wireshark-win64-2.6.1.exe)=af58ff12b234d4c811eb2828a174a10780d23817
+
+Wireshark-win32-2.6.1.exe: 54228352 bytes
+SHA256(Wireshark-win32-2.6.1.exe)=f1e2a07e696338217671b58076073ad3a8ae165ece7fcb71866b6dcc750e1bf8
+RIPEMD160(Wireshark-win32-2.6.1.exe)=9c389d37d93cc70d04c73b0a537766b0c163108b
+SHA1(Wireshark-win32-2.6.1.exe)=ca6030711d0d1cec2c93c7daace448f7f70ed6f4
+
+Wireshark-win32-2.6.1.msi: 43700224 bytes
+SHA256(Wireshark-win32-2.6.1.msi)=fe77af67c5816899b42decde78e6561aa6f03c5ad8adf7dc58225864afae2a09
+RIPEMD160(Wireshark-win32-2.6.1.msi)=9e460ca8927220f31280376663a9093ecb3cd5e6
+SHA1(Wireshark-win32-2.6.1.msi)=ac0271ec30a8548ac1207689f81443bb6262037f
+
+Wireshark-win64-2.6.1.msi: 49356800 bytes
+SHA256(Wireshark-win64-2.6.1.msi)=1796964f494a869719bb47075f9bc16d505d6f67b6f423df865ab5191b6b0c02
+RIPEMD160(Wireshark-win64-2.6.1.msi)=2d45528c02e56078b00f3a36c61ce3e02832b98d
+SHA1(Wireshark-win64-2.6.1.msi)=27d5e6075d1b9c5ae680df622bcd77da0cb33048
+
+WiresharkPortable_2.6.1.paf.exe: 37458264 bytes
+SHA256(WiresharkPortable_2.6.1.paf.exe)=b2bc490dd42aae080543728d9787bff650996e965f6cac0d700fa3ac79bf9981
+RIPEMD160(WiresharkPortable_2.6.1.paf.exe)=ebec0ef8612cead98f37898f0a16e8f2de451b4a
+SHA1(WiresharkPortable_2.6.1.paf.exe)=7350f3f51eae5a2be9b6d4566ad8e42d16cb0968
+
+Wireshark 2.6.1 Intel 64.dmg: 168940751 bytes
+SHA256(Wireshark 2.6.1 Intel 64.dmg)=bf5f9a0e810a7cfb360ea69b1b587126432adffe5fa65db902fa761842b55a6a
+RIPEMD160(Wireshark 2.6.1 Intel 64.dmg)=540f43bf5d541e7441db61a565d0504a5615ef3c
+SHA1(Wireshark 2.6.1 Intel 64.dmg)=56025bb522b9cd35c82c05901227301a4de40acb
+
+You can validate these hashes using the following commands (among others):
+
+    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
+    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
+    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
+    Other: openssl sha256 wireshark-x.y.z.tar.xz
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlsEbwsACgkQgiRKeOb+
+ruq2rRAAzStj1b2s+7FKvsRkTCuGjh5mniVMI5u9jKEey/X1FxMCS/MkzYQgijbb
+iWwDRL6P56laMlwHbFsCq0YtUcfXDaXqxhF4Ow/Y9kclxSpLcllR5VfW3iu/kJay
+8woI+J5FsOgpLfida5srVH8q2VIPySK7bbs5vTQ/l7VXtnRz1lc9vyNndDW/5ogU
+6I8SZUaZUAr1Aw2MeTBvEHVDneLrgLTkU8T2/+LemXk3ey3PKLycSF1blEFhY1VQ
+nQQ3XqxHTZPRuUGvC+grKFkB7bQJnlCrj8JGB0YFAqXHsv1W6O5iIJQpD+Yuo6Xg
+1b3Mxc3YzNRAB8aTo4478GJB0hYLe5EMlTi72V96fuJKSsQWM3/TuGXSqr/OFJbp
+2AR6Y1tr7HHuV0J479kZPPiMR7H2WwoOAAFd2/lQxYqAS4yRItw6K17Wl9qNsVVY
+30+BnqkyZyPhrUuN/tQ56FUUAZAFADSCmhqwcyN0B5NUYt+eU5uXZ4Uk1h3Vb5jc
+bBpWQD41Jo9N4wlhxaOwGnZcxsim4Kv/iuuCh0N37/tsTVOPSNNkXQe0pYIwBOge
+GgSOpc2+fxRu2z1a32H3c9D+Fp3Blw9bcXXAEhnH4vhWkL8QaHze8t6XMY+byOTm
+dkXOQr9Ra4ek9gGCLpqZGztneKUuuB2O9kyxi20et4TTliTZjJ8=
+=wahv
+-----END PGP SIGNATURE-----
--- a/wireshark-2.6.0.tar.xz
+++ b/wireshark-2.6.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:711c7f01d27a8817d58277a5487cef3e3c7bab1c8caaf8f4c92aa21015b9117f
-size 28314868
--- a/wireshark-2.6.1-fix-Qt-5.11.patch
+++ b/wireshark-2.6.1-fix-Qt-5.11.patch
@ -0,0 +1,58 @@
+From b8e8aa87f43c12ad564426b3359f593305cd45a1 Mon Sep 17 00:00:00 2001
+From: Roland Knall <rknall@gmail.com>
+Date: Wed, 25 Apr 2018 10:28:30 +0200
+Subject: [PATCH] Qt: Fix various missing header includes
+References: https://bugzilla.opensuse.org/show_bug.cgi?id=1093733
+
+Qt 5.11 seems to have changed the include dependencies, so adding those, that are missing
+
+Change-Id: I2b0482f7554467d6981be65bfd3fea1a3e118976
+Reviewed-on: https://code.wireshark.org/review/27145
+Petri-Dish: Roland Knall <rknall@gmail.com>
+Tested-by: Petri Dish Buildbot
+Reviewed-by: Roland Knall <rknall@gmail.com>
+---
+ ui/qt/packet_format_group_box.cpp | 1 +
+ ui/qt/time_shift_dialog.cpp       | 1 +
+ ui/qt/wireless_frame.cpp          | 1 +
+ 3 files changed, 3 insertions(+)
+
+diff --git a/ui/qt/packet_format_group_box.cpp b/ui/qt/packet_format_group_box.cpp
+index a80a71aaad..3c0fff28aa 100644
+--- a/ui/qt/packet_format_group_box.cpp
+++ b/ui/qt/packet_format_group_box.cpp
+@@ -10,6 +10,7 @@
+ #include <ui_packet_format_group_box.h>
+ 
+ #include <QStyle>
+#include <QStyleOption>
+ 
+ PacketFormatGroupBox::PacketFormatGroupBox(QWidget *parent) :
+     QGroupBox(parent),
+diff --git a/ui/qt/time_shift_dialog.cpp b/ui/qt/time_shift_dialog.cpp
+index 93882c09a3..8460db2e96 100644
+--- a/ui/qt/time_shift_dialog.cpp
+++ b/ui/qt/time_shift_dialog.cpp
+@@ -14,6 +14,7 @@
+ #include <ui/time_shift.h>
+ #include <ui/qt/utils/tango_colors.h>
+ 
+#include <QStyleOption>
+ 
+ TimeShiftDialog::TimeShiftDialog(QWidget *parent, capture_file *cf) :
+     QDialog(parent),
+diff --git a/ui/qt/wireless_frame.cpp b/ui/qt/wireless_frame.cpp
+index bd9076abcf..46fb2dd2f3 100644
+--- a/ui/qt/wireless_frame.cpp
+++ b/ui/qt/wireless_frame.cpp
+@@ -23,6 +23,7 @@
+ #include <wsutil/frequency-utils.h>
+ 
+ #include <QProcess>
+#include <QAbstractItemView>
+ 
+ // To do:
+ // - Disable or hide invalid channel types.
+-- 
+2.17.0
+
--- a/wireshark-2.6.1.tar.xz
+++ b/wireshark-2.6.1.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ab6e5bbc3464c956347b8671ce8397950ad5daff3bf9964c967d495f4ddbcd88
+size 28386244
--- a/wireshark.changes
+++ b/wireshark.changes
@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Wed May 23 12:13:00 UTC 2018 - astieger@suse.com
+
+- update to 2.6.1:
+  This release fixes minor vulnerabilities that could be used to
+  trigger dissector crashes or cause dissectors to go into large
+  infinite loops by making Wireshark read specially crafted
+  packages from the network or capture files (bsc#1094301):
+  * CVE-2018-11354: IEEE 1905.1a dissector crash 
+  * CVE-2018-11355: RTCP dissector crash 
+  * CVE-2018-11356: DNS dissector crash 
+  * CVE-2018-11357: Multiple dissectors could consume excessive memory 
+  * CVE-2018-11358: Q.931 dissector crash
+  * CVE-2018-11359: The RRC dissector and other dissectors could crash
+  * CVE-2018-11360: GSM A DTAP dissector crash 
+  * CVE-2018-11361: IEEE 802.11 dissector crash
+  * CVE-2018-11362: LDSS dissector crash 
+- Further bug fixes and updated protocol support as listed in:
+  https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html
+- Fix build with Qt 5.11 (boo#1094301)
+  add wireshark-2.6.1-fix-Qt-5.11.patch
+
 -------------------------------------------------------------------
 Mon May  7 20:43:35 UTC 2018 - astieger@suse.com

--- a/wireshark.spec
+++ b/wireshark.spec
@ -37,7 +37,7 @@
 %bcond_with lz4
 %endif
 Name:           wireshark
-Version:        2.6.0
+Version:        2.6.1
 Release:        0
 Summary:        A Network Traffic Analyser
 License:        GPL-2.0-or-later AND GPL-3.0-or-later
@ -47,6 +47,7 @@ Source:         https://www.wireshark.org/download/src/%{name}-%{version}.tar.xz
 Source2:        https://www.wireshark.org/download/SIGNATURES-%{version}.txt
 Source3:        https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshark.keyring
 Patch4:         wireshark-1.10.0-enable_lua.patch
+Patch5:         wireshark-2.6.1-fix-Qt-5.11.patch
 BuildRequires:  bison
 BuildRequires:  flex
 BuildRequires:  glib2-devel
@ -194,6 +195,7 @@ echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep SHA256 | head -n1 | cut

 %setup -q
 %patch4 -p1
+%patch5 -p1
 sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark*.desktop

 %build