Bug 26091

Summary: wireshark new release 3.0.8 fixes security issue
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: herman.viaene, sysadmin-bugs, tmb
Version: 7Keywords: advisory, has_procedure, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7-64-OK
Source RPM: wireshark-3.0.7-1.mga7.src.rpm CVE:
Status comment:

Description David Walser 2020-01-16 14:28:30 CET 
Upstream has released new versions on January 15:
https://www.wireshark.org/news/20200115.html

Updated package uploaded for Mageia 7.

Advisory:
========================

Updated wireshark packages fix security vulnerability:

BT ATT dissector crash (CVE-2020-7045).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7045
https://www.wireshark.org/security/wnpa-sec-2020-02
https://www.wireshark.org/docs/relnotes/wireshark-3.0.8.html
https://www.wireshark.org/news/20200115.html
========================

Updated packages in core/updates_testing:
========================
wireshark-3.0.8-1.mga7
libwireshark12-3.0.8-1.mga7
libwiretap9-3.0.8-1.mga7
libwscodecs2-3.0.8-1.mga7
libwsutil10-3.0.8-1.mga7
libwireshark-devel-3.0.8-1.mga7
wireshark-tools-3.0.8-1.mga7
tshark-3.0.8-1.mga7
rawshark-3.0.8-1.mga7
dumpcap-3.0.8-1.mga7

from wireshark-3.0.8-1.mga7.src.rpm
Comment 1 David Walser 2020-01-16 14:29:08 CET 
Testing procedure:
https://wiki.mageia.org/en/QA_procedure:Wireshark

Keywords: (none) => has_procedure
Version: Cauldron => 7

Comment 2 Herman Viaene 2020-01-17 14:36:39 CET 
MGA7-64 Plasma on Lenovo B50
No installation issues.
Followed testprocedure successfully with one exception:
$ dftest ip
bash: dftest: command not found
which is the same as in bug 25436, so no reason to withhold OK

Whiteboard: (none) => MGA7-64-OK
CC: (none) => herman.viaene

Thomas Backlund 2020-01-19 09:58:22 CET

Keywords: (none) => advisory
CC: (none) => tmb

Thomas Backlund 2020-01-19 09:58:45 CET

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 3 Mageia Robot 2020-01-19 11:12:16 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0044.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED