Upstream has released new versions on April 22: https://www.wireshark.org/news/20160422.html Updated packages uploaded for Mageia 5 and Cauldron. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.3, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: https://www.wireshark.org/security/wnpa-sec-2016-19.html https://www.wireshark.org/security/wnpa-sec-2016-20.html https://www.wireshark.org/security/wnpa-sec-2016-21.html https://www.wireshark.org/security/wnpa-sec-2016-22.html https://www.wireshark.org/security/wnpa-sec-2016-23.html https://www.wireshark.org/security/wnpa-sec-2016-24.html https://www.wireshark.org/security/wnpa-sec-2016-25.html https://www.wireshark.org/security/wnpa-sec-2016-26.html https://www.wireshark.org/security/wnpa-sec-2016-27.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html https://www.wireshark.org/news/20160422.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.3-1.mga5 libwireshark6-2.0.3-1.mga5 libwiretap5-2.0.3-1.mga5 libwsutil6-2.0.3-1.mga5 libwireshark-devel-2.0.3-1.mga5 wireshark-tools-2.0.3-1.mga5 tshark-2.0.3-1.mga5 rawshark-2.0.3-1.mga5 dumpcap-2.0.3-1.mga5 from wireshark-2.0.3-1.mga5.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Whiteboard: (none) => has_procedure
In VirtualBox, M5, KDE, 32-bit Package(s) under test: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark: [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.2-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Captured with ipv4 filter. Reopen est01.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 1758 ^Z [2]+ Stopped tshark >> test02.txt install wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools & tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.3-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Captured with ipv4 filter. Reopen est01.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test03.txt Capturing on 'enp0s3' 1758 ^Z [2]+ Stopped tshark >> test03.txt
CC: (none) => wilcal.intWhiteboard: has_procedure => has_procedure MGA5-32-OK
In VirtualBox, M5, KDE, 64-bit Package(s) under test: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark: [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.2-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.2-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.2-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Captured with ipv4 filter. Reopen est01.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test01.txt Capturing on 'enp0s3' 4298 ^Z [2]+ Stopped tshark >> test01.txt install wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools & tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.3-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.3-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.3-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.3-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Captured with ipv4 filter. Reopen est01.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 17242 ^Z [2]+ Stopped tshark >> test02.txt
Whiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CVEs: http://openwall.com/lists/oss-security/2016/04/25/2 Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The NCP dissector could crash (CVE-2016-4076). TShark could crash due to a packet reassembly bug (CVE-2016-4077). The IEEE 802.11 dissector could crash (CVE-2016-4078). The PKTC dissector could crash (CVE-2016-4079). The PKTC dissector could crash (CVE-2016-4080). The IAX2 dissector could go into an infinite loop (CVE-2016-4081). Wireshark and TShark could exhaust the stack (CVE-2016-4006). The GSM CBCH dissector could crash (CVE-2016-4082). MS-WSP dissector crash (CVE-2016-4083, CVE-2016-4084). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4078 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4006 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4084 https://www.wireshark.org/security/wnpa-sec-2016-19.html https://www.wireshark.org/security/wnpa-sec-2016-20.html https://www.wireshark.org/security/wnpa-sec-2016-21.html https://www.wireshark.org/security/wnpa-sec-2016-22.html https://www.wireshark.org/security/wnpa-sec-2016-23.html https://www.wireshark.org/security/wnpa-sec-2016-24.html https://www.wireshark.org/security/wnpa-sec-2016-25.html https://www.wireshark.org/security/wnpa-sec-2016-26.html https://www.wireshark.org/security/wnpa-sec-2016-27.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html https://www.wireshark.org/news/20160422.html
Advisory from comment 5 uploaded.
Whiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure advisory MGA5-32-OK MGA5-64-OK
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0153.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/685293/