diff --git a/wireshark-1.2.1-CVE-2009-3241.patch b/wireshark-1.2.1-CVE-2009-3241.patch deleted file mode 100644 index bf75459..0000000 --- a/wireshark-1.2.1-CVE-2009-3241.patch +++ /dev/null @@ -1,293 +0,0 @@ -Index: plugins/opcua/opcua_simpletypes.c -=================================================================== ---- plugins/opcua/opcua_simpletypes.c (revision 29812) -+++ plugins/opcua/opcua_simpletypes.c (revision 29813) -@@ -34,9 +34,6 @@ - #include - #include - --/* string buffer */ --#define MAX_BUFFER 256 -- - #define DIAGNOSTICINFO_ENCODINGMASK_SYMBOLICID_FLAG 0x01 - #define DIAGNOSTICINFO_ENCODINGMASK_NAMESPACE_FLAG 0x02 - #define DIAGNOSTICINFO_ENCODINGMASK_LOCALIZEDTEXT_FLAG 0x04 -@@ -56,6 +53,9 @@ - #define EXTOBJ_ENCODINGMASK_BINBODY_FLAG 0x01 - #define EXTOBJ_ENCODINGMASK_XMLBODY_FLAG 0x02 - -+/* Chosen arbitrarily */ -+#define MAX_ARRAY_LEN 10000 -+ - static int hf_opcua_diag_mask_symbolicflag = -1; - static int hf_opcua_diag_mask_namespaceflag = -1; - static int hf_opcua_diag_mask_localizedtextflag = -1; -@@ -338,35 +338,28 @@ - - void parseString(proto_tree *tree, tvbuff_t *tvb, gint *pOffset, int hfIndex) - { -- char *szValue = ep_alloc(MAX_BUFFER); -+ char *szValue; - gint iOffset = *pOffset; - gint32 iLen = tvb_get_letohl(tvb, *pOffset); - iOffset+=4; - -- if (szValue) -+ if (iLen == -1) - { -- if (iLen == -1) -- { -- g_snprintf(szValue, MAX_BUFFER, "[OpcUa Null String]"); -- } -- else if (iLen >= 0) -- { -- int iStrLen = iLen; -- if (iStrLen > (MAX_BUFFER-1)) iStrLen = MAX_BUFFER - 1; -- /* copy non null terminated string of length iStrlen */ -- strncpy(szValue, (char*)&tvb->real_data[iOffset], iStrLen); -- /* set null terminator */ -- szValue[iStrLen] = 0; -- iOffset += iLen; /* eat the whole string */ -- } -- else -- { -- g_snprintf(szValue, MAX_BUFFER, "[Invalid String] Ups, something is wrong with this message."); -- } -- -+ proto_tree_add_string(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), -+ "[OpcUa Null String]"); -+ } -+ else if (iLen >= 0) -+ { -+ iOffset += iLen; /* eat the whole string */ -+ proto_tree_add_item(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), TRUE); -+ } -+ else -+ { -+ szValue = ep_strdup_printf("[Invalid String] Invalid length: %d", iLen); - proto_tree_add_string(tree, hfIndex, tvb, *pOffset, (iOffset - *pOffset), szValue); -- *pOffset = iOffset; - } -+ -+ *pOffset = iOffset; - } - - void parseStatusCode(proto_tree *tree, tvbuff_t *tvb, gint *pOffset, int hfIndex) -@@ -644,10 +637,18 @@ - proto_tree *subtree = proto_item_add_subtree(ti, ett_opcua_array); - int i; - -- for (i=0; i MAX_ARRAY_LEN) -+ { -+ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); -+ return; -+ } -+ -+ *pOffset += 4; - for (i=0; i MAX_ARRAY_LEN) -+ { -+ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); -+ return; -+ } -+ -+ *pOffset += 4; - for (i=0; i MAX_ARRAY_LEN) -+ { -+ PROTO_ITEM_SET_GENERATED(proto_tree_add_text(tree, tvb, *pOffset, 4, "Array length %d too large to process", iLen)); -+ return; -+ } -+ -+ *pOffset += 4; - for (i=0; icinfo, COL_PROTOCOL, "OpcUa"); - - /* parse message type */ -- if (tvb->real_data[0] == 'H' && tvb->real_data[1] == 'E' && tvb->real_data[2] == 'L') -+ if (tvb_memeql(tvb, 0, "HEL", 3)) - { - msgtype = MSG_HELLO; - pfctParse = parseHello; - } -- else if (tvb->real_data[0] == 'A' && tvb->real_data[1] == 'C' && tvb->real_data[2] == 'K') -+ else if (tvb_memeql(tvb, 0, "ACK", 3)) - { - msgtype = MSG_ACKNOWLEDGE; - pfctParse = parseAcknowledge; - } -- else if (tvb->real_data[0] == 'E' && tvb->real_data[1] == 'R' && tvb->real_data[2] == 'R') -+ else if (tvb_memeql(tvb, 0, "ERR", 3)) - { - msgtype = MSG_ERROR; - pfctParse = parseError; - } -- else if (tvb->real_data[0] == 'M' && tvb->real_data[1] == 'S' && tvb->real_data[2] == 'G') -+ else if (tvb_memeql(tvb, 0, "MSG", 3)) - { - msgtype = MSG_MESSAGE; - pfctParse = parseMessage; - } -- else if (tvb->real_data[0] == 'O' && tvb->real_data[1] == 'P' && tvb->real_data[2] == 'N') -+ else if (tvb_memeql(tvb, 0, "OPN", 3)) - { - msgtype = MSG_OPENSECURECHANNEL; - pfctParse = parseOpenSecureChannel; - } -- else if (tvb->real_data[0] == 'C' && tvb->real_data[1] == 'L' && tvb->real_data[2] == 'O') -+ else if (tvb_memeql(tvb, 0, "CLO", 3)) - { - msgtype = MSG_CLOSESECURECHANNEL; - pfctParse = parseCloseSecureChannel; -Index: plugins/opcua/opcua_transport_layer.c -=================================================================== ---- plugins/opcua/opcua_transport_layer.c (revision 29812) -+++ plugins/opcua/opcua_transport_layer.c (revision 29813) -@@ -126,35 +126,11 @@ - proto_register_field_array(proto, hf, array_length(hf)); - } - --/** helper functions for adding strings, -- * that are not zero terminated. -- */ --void addString(proto_tree *tree, -- int hfindex, -- tvbuff_t *tvb, -- gint start, -- gint length, -- const char *value) --{ -- char *szValue = ep_alloc(256); -- -- if (szValue) -- { -- if (length > 255) length = 255; -- /* copy non null terminated string data */ -- strncpy(szValue, value, length); -- /* set null terminator */ -- szValue[length] = 0; -- -- proto_tree_add_string(tree, hfindex, tvb, start, length, szValue); -- } --} -- - /* Transport Layer: message parsers */ - void parseHello(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_ver, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_rbs, tvb, *pOffset, 4, TRUE); *pOffset+=4; -@@ -166,8 +142,8 @@ - - void parseAcknowledge(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_ver, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_rbs, tvb, *pOffset, 4, TRUE); *pOffset+=4; -@@ -178,8 +154,8 @@ - - void parseError(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_error, tvb, *pOffset, 4, TRUE); *pOffset+=4; - parseString(tree, tvb, pOffset, hf_opcua_transport_reason); -@@ -192,8 +168,8 @@ - proto_tree *nodeid_tree; - int ServiceId = 0; - -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; - -@@ -223,8 +199,8 @@ - proto_tree *nodeid_tree; - int ServiceId = 0; - -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; - parseString(tree, tvb, pOffset, hf_opcua_transport_spu); -@@ -247,8 +223,8 @@ - - void parseCloseSecureChannel(proto_tree *tree, tvbuff_t *tvb, gint *pOffset) - { -- addString(tree, hf_opcua_transport_type, tvb, *pOffset, 3, tvb->real_data); *pOffset+=3; -- addString(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, &tvb->real_data[*pOffset]); *pOffset+=1; -+ proto_tree_add_item(tree, hf_opcua_transport_type, tvb, *pOffset, 3, TRUE); *pOffset+=3; -+ proto_tree_add_item(tree, hf_opcua_transport_chunk, tvb, *pOffset, 1, TRUE); *pOffset+=1; - proto_tree_add_item(tree, hf_opcua_transport_size, tvb, *pOffset, 4, TRUE); *pOffset+=4; - proto_tree_add_item(tree, hf_opcua_transport_scid, tvb, *pOffset, 4, TRUE); *pOffset+=4; - } diff --git a/wireshark-1.2.1-CVE-2009-3242.patch b/wireshark-1.2.1-CVE-2009-3242.patch deleted file mode 100644 index 5f5f59e..0000000 --- a/wireshark-1.2.1-CVE-2009-3242.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: epan/dissectors/packet-gsm_a_rr.c -=================================================================== ---- epan/dissectors/packet-gsm_a_rr.c (revision 29402) -+++ epan/dissectors/packet-gsm_a_rr.c (revision 29403) -@@ -10154,6 +10154,7 @@ - void - proto_reg_handoff_gsm_a_rr(void) - { -+ data_handle = find_dissector("data"); - rrc_irat_ho_info_handle = find_dissector("rrc.irat.irat_ho_info"); - rrc_irat_ho_to_utran_cmd_handle = find_dissector("rrc.irat.ho_to_utran_cmd"); - } diff --git a/wireshark-1.2.1-CVE-2009-3243.patch b/wireshark-1.2.1-CVE-2009-3243.patch deleted file mode 100644 index d241844..0000000 --- a/wireshark-1.2.1-CVE-2009-3243.patch +++ /dev/null @@ -1,67 +0,0 @@ -Index: epan/dissectors/packet-ssl-utils.c -=================================================================== ---- epan/dissectors/packet-ssl-utils.c (revision 29905) -+++ epan/dissectors/packet-ssl-utils.c (revision 29906) -@@ -43,6 +43,17 @@ - * Lookup tables - * - */ -+const gchar* ssl_version_short_names[] = { -+ "SSL", -+ "SSLv2", -+ "SSLv3", -+ "TLSv1", -+ "TLSv1.1", -+ "DTLSv1.0", -+ "PCT", -+ "TLSv1.2" -+}; -+ - const value_string ssl_20_msg_types[] = { - { SSL2_HND_ERROR, "Error" }, - { SSL2_HND_CLIENT_HELLO, "Client Hello" }, -Index: epan/dissectors/packet-ssl-utils.h -=================================================================== ---- epan/dissectors/packet-ssl-utils.h (revision 29905) -+++ epan/dissectors/packet-ssl-utils.h (revision 29906) -@@ -150,6 +150,7 @@ - * Lookup tables - * - */ -+extern const gchar* ssl_version_short_names[]; - extern const value_string ssl_20_msg_types[]; - extern const value_string ssl_20_cipher_suites[]; - extern const value_string ssl_20_certificate_type[]; -Index: epan/dissectors/packet-dtls.c -=================================================================== ---- epan/dissectors/packet-dtls.c (revision 29905) -+++ epan/dissectors/packet-dtls.c (revision 29906) -@@ -74,8 +74,6 @@ - #include "inet_v6defs.h" - #include "packet-ssl-utils.h" - --extern const gchar *ssl_version_short_names[]; -- - /* we need to remember the top tree so that subdissectors we call are created - * at the root and not deep down inside the DTLS decode - */ -Index: epan/dissectors/packet-ssl.c -=================================================================== ---- epan/dissectors/packet-ssl.c (revision 29905) -+++ epan/dissectors/packet-ssl.c (revision 29906) -@@ -272,15 +272,6 @@ - static gchar* ssl_debug_file_name = NULL; - #endif - --const gchar* ssl_version_short_names[] = { -- "SSL", -- "SSLv2", -- "SSLv3", -- "TLSv1", -- "TLSv1.1", -- "DTLSv1.0", -- "PCT" --}; - - /* Forward declaration we need below */ - void proto_reg_handoff_ssl(void); diff --git a/wireshark-1.2.1.tar.bz2 b/wireshark-1.2.1.tar.bz2 deleted file mode 100644 index 67bccfd..0000000 --- a/wireshark-1.2.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b3e1f4ec8385747e8aaf7aa33fe971df5e598b5bab6c8d106b90ea802e16b399 -size 15129422 diff --git a/wireshark-1.2.4.tar.bz2 b/wireshark-1.2.4.tar.bz2 new file mode 100644 index 0000000..aef058d --- /dev/null +++ b/wireshark-1.2.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d2eb6902fb8ccdc1dd2c797b6a76e6383aca593f0c6ee16e835d0dcf89d63338 +size 15209570 diff --git a/wireshark.changes b/wireshark.changes index 35bc29f..64f3bf1 100644 --- a/wireshark.changes +++ b/wireshark.changes @@ -1,3 +1,78 @@ +------------------------------------------------------------------- +Mon Nov 23 16:02:25 UTC 2009 - prusnak@suse.cz + +- updated to 1.2.4 + * Bug Fixes + - Can't save RTP stream in both directions. (Bug 4120) + * Updated Protocol Support + - DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC + +------------------------------------------------------------------- +Fri Oct 30 15:47:50 CET 2009 - prusnak@suse.cz + +- updated to 1.2.3 + * Security fixes: + - The Paltalk dissector could crash on alignment-sensitive processors. + - The DCERPC/NT dissector could crash. + - The SMB dissector could crash. + * Bug fixes: + - Wireshark memory leak with each file open and/or display filter change. + - DHCP Dissector displays negative lease time. + - Invalid advertised window line on tcptrace style graph. + - SMB get_dfs_referral referral entry is not dissected correctly. + - Error dissecting eMule sourceOBFU message. + - Typos in Diameter XML files. + - RSL dissector for MS Power IE is broken. + - FIP dissector throws assertion. + - TCAP problem with indefinite length 'components' SEQ OF. + - GSM MAP: an-APDU not decoded. + - Add "Drag and Drop entries..." message on Columns preferences page. + - Editcap -t and -w option parses fractional digits incorrectly. + * Updated Protocol Support + - DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP, + Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS + +- updated to 1.2.2 + * Security fixes: + - The GSM A RR dissector could crash. (Bug 3893) + - The OpcUa dissector could use excessive CPU and memory. (Bug 3986) + - The TLS dissector could crash on some platforms. (Bug 4008) + * Bug fixes: + - The "Capture->Interfaces" window can't be closed. + - tshark-1.0.2 (dumpcap) signal abort core saved. + - Memory leak fixes. + - Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields. + - Wireshark Portable includes wrong WinPcap installer. + - Crash when loading a profile. + - The proto,colinfo tap doesn't work if the INFO column isn't being printed. + - Flow Graph adds too much unnecessary garbage. + - The EAP Diameter dictionary file was missing in the distribution. + - Graph analysis window is behind other window. + - IKEv2 Cert Request payload dissection error. + - DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name. + - Malformed RTCP Packet error while sending Payload specific RTCP feedback packet (as per RFC 4585). + - 802.11n Block Ack packet Bitmap field missing. + - Wireshark doesn't decode WBXML/ActiveSync information correctly. + - Malformed packet when IPv6 packet has Next Header == 59. + - Wireshark could crash while reading an ERF file. + - Minor errors in gsm rr dissectors. + - WPA Decryption Issues. + - GSM A RR sys info dissection problem. + - GSM A RR inverts MEAS-VALID values. + - PDML output leaks ~300 bytes / packet. + - Incorrect station identifier parsing in Kingfisher dissector. + - DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect. + - Wireshark could leak memory while analyzing SSL. + - Wireshark could crash while updating menu items after reading a file in some cases. + * Updated Protocol Support + - DCERPC, DHCPv6, DNS, E.212, GSM A RR, GTPv2, H.248, IEEE 802.11, + IPMI, ISAKMP/IKE, ISUP, Kingfisher, LDAP, OpcUA, RTCP, SCTP, SIP, + SSL, TCP, WBXML, ZRTP + * Updated Capture File Support + - ERF + +- dropped obsoleted 3 CVE patches (see previous entry) + ------------------------------------------------------------------- Fri Oct 2 18:19:09 CEST 2009 - prusnak@suse.cz diff --git a/wireshark.spec b/wireshark.spec index cf21e88..6974fba 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,5 +1,5 @@ # -# spec file for package wireshark (Version 1.2.1) +# spec file for package wireshark (Version 1.2.3) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -22,8 +22,8 @@ Name: wireshark License: GPL v2 or later Group: Productivity/Networking/Diagnostic Summary: A Network Traffic Analyser -Version: 1.2.1 -Release: 2 +Version: 1.2.4 +Release: 1 Url: http://www.wireshark.org/ Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2 Source1: include.filelist @@ -35,12 +35,6 @@ Patch1: %{name}-1.2.0-disable-warning-dialog.patch Patch2: %{name}-1.2.0-asneeded.patch # PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders Patch3: %{name}-1.2.0-geoip.patch -# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3241.patch prusnak@suse.cz - secfix [bnc#541654] -Patch4: %{name}-1.2.1-CVE-2009-3241.patch -# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3242.patch prusnak@suse.cz - secfix [bnc#541659] -Patch5: %{name}-1.2.1-CVE-2009-3242.patch -# PATCH-FIX-UPSTREAM wireshark-1.2.1-CVE-2009-3243.patch prusnak@suse.cz - secfix [bnc#541655] -Patch6: %{name}-1.2.1-CVE-2009-3243.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: xdg-utils Provides: ethereal = %{version} @@ -157,9 +151,6 @@ Authors: %patch1 %patch2 %patch3 -%patch4 -%patch5 -%patch6 %build %configure