Upstream has released version 2.0.11 on March 3: https://www.wireshark.org/news/20170303.html Updated package uploaded for Mageia 5. Currently, only wnpa-sec-2017-06 has a CVE: https://lwn.net/Vulnerabilities/715035/ So, a generic advisry for now. Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.11, which fixes two security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6014 https://www.wireshark.org/security/wnpa-sec-2017-03.html https://www.wireshark.org/security/wnpa-sec-2017-04.html https://www.wireshark.org/security/wnpa-sec-2017-05.html https://www.wireshark.org/security/wnpa-sec-2017-06.html https://www.wireshark.org/security/wnpa-sec-2017-07.html https://www.wireshark.org/security/wnpa-sec-2017-08.html https://www.wireshark.org/security/wnpa-sec-2017-09.html https://www.wireshark.org/security/wnpa-sec-2017-10.html https://www.wireshark.org/security/wnpa-sec-2017-11.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.11.html https://www.wireshark.org/news/20170303.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.11-1.mga5 libwireshark7-2.0.11-1.mga5 libwiretap5-2.0.11-1.mga5 libwsutil7-2.0.11-1.mga5 libwireshark-devel-2.0.11-1.mga5 wireshark-tools-2.0.11-1.mga5 tshark-2.0.11-1.mga5 rawshark-2.0.11-1.mga5 dumpcap-2.0.11-1.mga5 from wireshark-2.0.11-1.mga5.src.rpm
Whiteboard: (none) => has_procedure
In VirtualBox, M5, KDE, 32-bit Package(s) under test: wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of : [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.10-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.10-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 9436 ^Z Filter: ip.src == 192.168.1.143 works ( this system ) install wireshark libwireshark6 libwiretap5 libwsutil6 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark6 Package libwireshark6-2.0.5-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.11-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 12532 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.143 works ( this system )
CC: (none) => wilcal.int
Whiteboard: has_procedure => has_procedure MGA5-32-OK
In VirtualBox, M5, KDE, 64-bit Package(s) under test: wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark: [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark7 Package lib64wireshark7-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.10-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.10-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 4823 ^Z Filter: ip.src == 192.168.1.75 works ( this system ) install wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools & tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark7 Package lib64wireshark7-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.11-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 3529 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.75 works ( this system )
Whiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0076.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Debian has issued an advisory for this on March 18: https://www.debian.org/security/2017/dsa-3811 They have more CVEs: CVE-2017-5596 CVE-2017-5597 CVE-2017-6467 CVE-2017-6468 CVE-2017-6469 CVE-2017-6470 CVE-2017-6471 CVE-2017-6472 CVE-2017-6473 CVE-2017-6474