Upstream has released new versions on July 27: https://www.wireshark.org/news/20160727.html CVE request: http://openwall.com/lists/oss-security/2016/07/28/3 Updates checked into Mageia 5 and Cauldron SVN; freeze push requested. Preliminary advisory for the pending update below. Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.5, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: https://www.wireshark.org/security/wnpa-sec-2016-39.html https://www.wireshark.org/security/wnpa-sec-2016-41.html https://www.wireshark.org/security/wnpa-sec-2016-42.html https://www.wireshark.org/security/wnpa-sec-2016-44.html https://www.wireshark.org/security/wnpa-sec-2016-45.html https://www.wireshark.org/security/wnpa-sec-2016-46.html https://www.wireshark.org/security/wnpa-sec-2016-47.html https://www.wireshark.org/security/wnpa-sec-2016-48.html https://www.wireshark.org/security/wnpa-sec-2016-49.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.5.html https://www.wireshark.org/news/20160727.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.5-1.mga5 libwireshark6-2.0.5-1.mga5 libwiretap5-2.0.5-1.mga5 libwsutil6-2.0.5-1.mga5 libwireshark-devel-2.0.5-1.mga5 wireshark-tools-2.0.5-1.mga5 tshark-2.0.5-1.mga5 rawshark-2.0.5-1.mga5 dumpcap-2.0.5-1.mga5 from wireshark-2.0.5-1.mga5.src.rpm
Updated packages uploaded for Mageia 5 and Cauldron. Package list and preliminary advisory in Comment 0 (will be updated if/when CVEs are assigned).
Assignee: bugsquad => qa-bugs
In VirtualBox, M5, KDE, 32-bit Package(s) under test: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark: [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.4-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.4-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.4-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.4-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.4-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.4-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Filter: ip.src == 192.168.1.143 works ( this system ) install wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools & tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.5-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 14567 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.143 works ( this system )
CC: (none) => wilcal.int
Whiteboard: (none) => MGA5-32-OK
In VirtualBox, M5, KDE, 64-bit Package(s) under test: wireshark lib64wireshark6 lib64wiretap5 lib64wsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark lib64wireshark6 lib64wiretap5 lib64wsutil6 wireshark-tools tshark: [root@localhost Documents]# urpmi wireshark Package wireshark-2.0.4-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi lib64wireshark6 Package lib64wireshark6-2.0.4-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.4-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.4-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi wireshark-tools Package wireshark-tools-2.0.4-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi tshark Package tshark-2.0.4-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works [wilcal@localhost Documents]$ tshark >> test01.txt Capturing on 'enp0s3' 12534 ^Z [1]+ Stopped tshark >> test01.txt Filter: ip.src == 192.168.1.141 works ( this system ) install wireshark lib64wireshark6 lib64wiretap5 lib64wsutil6 wireshark-tools & tshark from updates_testing [root@localhost Documents]# urpmi wireshark Package wireshark-2.0.5-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi lib64wireshark6 Package lib64wireshark6-2.0.5-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.5-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.5-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi wireshark-tools Package wireshark-tools-2.0.5-1.mga5.x86_64 is already installed [root@localhost Documents]# urpmi tshark Package tshark-2.0.5-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 5472 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.141 works ( this system )
Looks good. Anything else?
Whiteboard: MGA5-32-OK => MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CC: (none) => davidwhodginsWhiteboard: MGA5-32-OK MGA5-64-OK => MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0275.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
CVE-2016-6503 CVE-2016-6505 CVE-2016-6506 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2016-6512 CVE-2016-6513 were assigned for this update: http://www.openwall.com/lists/oss-security/2016/08/01/4 If someone could please just add those CVEs in the CVE section in the SVN advisory, I think that will suffice.
URL: (none) => http://lwn.net/Vulnerabilities/696220/
LWN reference with some of the CVEs: http://lwn.net/Vulnerabilities/696077/
LWN reference for CVE-2016-6512 and CVE-2016-6513: http://lwn.net/Vulnerabilities/696829/ Apparently CVE-2016-6503 only affects Windows.
URL: http://lwn.net/Vulnerabilities/696220/ => http://lwn.net/Vulnerabilities/696077/