Bug 26264

Summary: wireshark new release 3.0.9 fixes security issue
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, herman.viaene, sysadmin-bugs, tmb
Version: 7Keywords: advisory, has_procedure, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7-64-OK
Source RPM: wireshark-3.0.8-1.mga7.src.rpm CVE:
Status comment:

Description David Walser 2020-02-27 03:25:22 CET 
Upstream has released new versions today (February 26):
https://www.wireshark.org/news/20200226.html

Updated package uploaded for Mageia 7.

Advisory:
========================

Updated wireshark packages fix security vulnerabilities:

LTE RRC dissector memory leak.

WiMax DLMAP dissector crash.

EAP dissector crash.

References:
https://www.wireshark.org/security/wnpa-sec-2020-03
https://www.wireshark.org/security/wnpa-sec-2020-04
https://www.wireshark.org/security/wnpa-sec-2020-05
https://www.wireshark.org/docs/relnotes/wireshark-3.0.9.html
https://www.wireshark.org/news/20200226.html
========================

Updated packages in core/updates_testing:
========================
wireshark-3.0.9-1.mga7
libwireshark12-3.0.9-1.mga7
libwiretap9-3.0.9-1.mga7
libwscodecs2-3.0.9-1.mga7
libwsutil10-3.0.9-1.mga7
libwireshark-devel-3.0.9-1.mga7
wireshark-tools-3.0.9-1.mga7
tshark-3.0.9-1.mga7
rawshark-3.0.9-1.mga7
dumpcap-3.0.9-1.mga7

from wireshark-3.0.9-1.mga7.src.rpm
Comment 1 David Walser 2020-02-27 03:25:39 CET 
Testing procedure:
https://wiki.mageia.org/en/QA_procedure:Wireshark

Keywords: (none) => has_procedure

Comment 2 Herman Viaene 2020-02-27 16:34:43 CET 
MGA7-64 Plasma on Lenovo B50
No installation issues.
Followed testprocedure successfully with one exception:
$ dftest ip
bash: dftest: command not found
which is the same as in bug 25436, so no reason to withhold OK

Whiteboard: (none) => MGA7-64-OK
CC: (none) => herman.viaene

Comment 3 Thomas Andrews 2020-02-28 01:13:43 CET 
Validating. Advisory in Comment 0.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Thomas Backlund 2020-02-29 14:04:04 CET

Keywords: (none) => advisory
CC: (none) => tmb

Comment 4 Mageia Robot 2020-02-29 14:43:56 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0111.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED