Upstream has released version 2.0.10 on January 23: https://www.wireshark.org/news/20170123.html Updated package uploaded for Mageia 5. The security issues fixed don't appear to have CVEs yet. They also aren't listed right now on the 2.0.10 release notes, but they are listed on the 2.2.4 release notes. Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.10, which fixes two security issues where a malformed packet trace could cause it to go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: https://www.wireshark.org/security/wnpa-sec-2017-01.html https://www.wireshark.org/security/wnpa-sec-2017-02.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.10.html https://www.wireshark.org/news/20170123.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.10-1.mga5 libwireshark7-2.0.10-1.mga5 libwiretap5-2.0.10-1.mga5 libwsutil7-2.0.10-1.mga5 libwireshark-devel-2.0.10-1.mga5 wireshark-tools-2.0.10-1.mga5 tshark-2.0.10-1.mga5 rawshark-2.0.10-1.mga5 dumpcap-2.0.10-1.mga5 from wireshark-2.0.10-1.mga5.src.rpm
Whiteboard: (none) => has_procedure
@David Are you sure about this version?? In the repos I find for the "production" version 2.2.3-1.
CC: (none) => herman.viaene
@David My fault, I was on an M6, hence the differences.
MGA5-32 on AsusA6000VM Xfce No installation issues I can capture on wifi interface (cable is not connected), so that is OK. But I fail to understand the testcase In "wireshark -n wiresharktest" as I can read the manpage, wiresharktest is an input file, and there is nothing in it???? Subsequent editcap thus just creates another empty wiresharktest50 file, and so on. AFAICS this update is OK, but I wonder about the testWiki.
In VirtualBox, M5, KDE, 32-bit Package(s) under test: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark: [root@localhost Documents]# urpmi wireshark Package wireshark-2.0.9-1.mga5.i586 is already installed [root@localhost Documents]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost Documents]# urpmi libwiretap5 Package libwiretap5-2.0.9-1.mga5.i586 is already installed [root@localhost Documents]# urpmi libwsutil6 Package libwsutil6-2.0.9-1.mga5.i586 is already installed [root@localhost Documents]# urpmi wireshark-tools Package wireshark-tools-2.0.9-1.mga5.i586 is already installed [root@localhost Documents]# urpmi tshark Package tshark-2.0.9-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 9436 ^Z Filter: ip.src == 192.168.1.143 works ( this system ) install wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools & tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.10-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 12532 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.143 works ( this system )
CC: (none) => wilcal.int
Whiteboard: has_procedure => has_procedure MGA5-32-OK
In VirtualBox, M5, KDE, 64-bit Package(s) under test: wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark: [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.9-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark7 Package lib64wireshark7-2.0.9-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.9-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.9-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.9-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.9-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 4823 ^Z Filter: ip.src == 192.168.1.141 works ( this system ) install wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools & tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark7 Package lib64wireshark7-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.10-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 3529 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.141 works ( this system )
Whiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
Thanks Bill for your testing. Advisory uploaded from Comment 0; but it has no CVEs.
Whiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisoryCC: (none) => lewyssmith
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0034.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => https://lwn.net/Vulnerabilities/713425/
CVE-2017-5596 and CVE-2017-5597 correspond to this, according to openSUSE: https://lists.opensuse.org/opensuse-updates/2017-02/msg00010.html