Upstream has released version 2.0.12 on April 12: https://www.wireshark.org/news/20170412.html Updated package uploaded for Mageia 5. Half of the WNPA's have CVEs at this time. Advisory to come later. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7700 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7705 https://www.wireshark.org/security/wnpa-sec-2017-04.html https://www.wireshark.org/security/wnpa-sec-2017-12.html https://www.wireshark.org/security/wnpa-sec-2017-13.html https://www.wireshark.org/security/wnpa-sec-2017-14.html https://www.wireshark.org/security/wnpa-sec-2017-15.html https://www.wireshark.org/security/wnpa-sec-2017-16.html https://www.wireshark.org/security/wnpa-sec-2017-18.html https://www.wireshark.org/security/wnpa-sec-2017-19.html https://www.wireshark.org/security/wnpa-sec-2017-20.html https://www.wireshark.org/security/wnpa-sec-2017-21.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.12.html https://www.wireshark.org/news/20170412.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.12-1.mga5 libwireshark7-2.0.12-1.mga5 libwiretap5-2.0.12-1.mga5 libwsutil7-2.0.12-1.mga5 libwireshark-devel-2.0.12-1.mga5 wireshark-tools-2.0.12-1.mga5 tshark-2.0.12-1.mga5 rawshark-2.0.12-1.mga5 dumpcap-2.0.12-1.mga5 from wireshark-2.0.12-1.mga5.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Whiteboard: (none) => has_procedure
In VirtualBox, M5, KDE, 32-bit Package(s) under test: wireshark libwireshark7 libwiretap5 libwsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of : [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark7 Package libwireshark7-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.11-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.11-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 7834 ^Z Filter: ip.src == 192.168.1.137 works ( this system ) install wireshark libwireshark7 libwiretap5 libwsutil6 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.12-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwireshark7 Package libwireshark7-2.0.12-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwiretap5 Package libwiretap5-2.0.12-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwsutil6 Package libwsutil6-2.0.12-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.12-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.12-1.mga5.i586 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 13285 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.137 works ( this system )
CC: (none) => wilcal.int
In VirtualBox, M5, KDE, 64-bit Package(s) under test: wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark: [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark7 Package lib64wireshark7-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.11-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.11-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) traffic on enp0s3. Close wireshark. Reopen ws1.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 9356 ^Z Filter: ip.src == 192.168.1.138 works ( this system ) install wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark7 Package lib64wireshark7-2.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap5 Package lib64wiretap5-2.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil6 Package lib64wsutil6-2.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.0.12-1.mga5.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: [wilcal@localhost Documents]$ tshark >> test02.txt Capturing on 'enp0s3' 7035 ^Z [1]+ Stopped tshark >> test02.txt Filter: ip.src == 192.168.1.138 works ( this system )
Whiteboard: has_procedure => has_procedure MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
QA Contact: (none) => securityComponent: RPM Packages => Security
Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.12, which fixes multiple security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7700 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7705 https://www.wireshark.org/security/wnpa-sec-2017-04.html https://www.wireshark.org/security/wnpa-sec-2017-12.html https://www.wireshark.org/security/wnpa-sec-2017-13.html https://www.wireshark.org/security/wnpa-sec-2017-14.html https://www.wireshark.org/security/wnpa-sec-2017-15.html https://www.wireshark.org/security/wnpa-sec-2017-16.html https://www.wireshark.org/security/wnpa-sec-2017-18.html https://www.wireshark.org/security/wnpa-sec-2017-19.html https://www.wireshark.org/security/wnpa-sec-2017-20.html https://www.wireshark.org/security/wnpa-sec-2017-21.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.12.html https://www.wireshark.org/news/20170412.html
Thanks David for the advisory.
CC: (none) => lewyssmithWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0113.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6742 should have been: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6472 Fixed in the advisory in SVN. Thanks to Christian Fischer for the report.