Upstream has released version 2.0.8 on November 16: https://www.wireshark.org/news/20161116.html Updated package uploaded for Mageia 5. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.8, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9376 https://www.wireshark.org/security/wnpa-sec-2016-59.html https://www.wireshark.org/security/wnpa-sec-2016-60.html https://www.wireshark.org/security/wnpa-sec-2016-61.html https://www.wireshark.org/security/wnpa-sec-2016-62.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.8.html https://www.wireshark.org/news/20161116.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.8-1.mga5 libwireshark7-2.0.8-1.mga5 libwiretap5-2.0.8-1.mga5 libwsutil7-2.0.8-1.mga5 libwireshark-devel-2.0.8-1.mga5 wireshark-tools-2.0.8-1.mga5 tshark-2.0.8-1.mga5 rawshark-2.0.8-1.mga5 dumpcap-2.0.8-1.mga5 from wireshark-2.0.8-1.mga5.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Whiteboard: (none) => has_procedure
In VirtualBox, M5, KDE, 32-bit Capture data from cnn.com & bbc.com to this Vbox client. Package(s) under test: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.7-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.7-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.7-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.7-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.7-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works [wilcal@localhost Documents]$ tshark >> test01.txt Capturing on 'enp0s3' 12534 ^Z [1]+ Stopped tshark >> test01.txt Filter: ip.src == 192.168.1.143 works ( this system ) install: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.8-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.8-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.8-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.8-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.8-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 5472 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.143 works ( this system )
CC: (none) => wilcal.int
In VirtualBox, M5, KDE, 64-bit Capture data from cnn.com & bbc.com to this Vbox client. Package(s) under test: wireshark lib64wireshark6 lib64wiretap5 lib64wsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of: wireshark lib64wireshark6 lib64wiretap5 lib64wsutil6 wireshark-tools tshark [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.7-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark6 Package lib64wireshark6-2.0.5-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.7-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.7-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.7-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.7-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works [wilcal@localhost Documents]$ tshark >> test01.txt Capturing on 'enp0s3' 12534 ^Z [1]+ Stopped tshark >> test01.txt Filter: ip.src == 192.168.1.141 works ( this system ) install: wireshark lib64wireshark6 lib64wiretap5 lib64wsutil6 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.8-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark6 Package lib64wireshark6-2.0.5-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.8-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.8-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.8-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.8-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 5472 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.141 works ( this system )
Whiteboard: has_procedure => has_procedure MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0391.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/706848/