Upstream has released version 2.0.13 today (June 1): https://www.wireshark.org/news/20170601.html Updated package uploaded for Mageia 5. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.0.13, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9345 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9346 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9349 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9350 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9354 https://www.wireshark.org/security/wnpa-sec-2017-22.html https://www.wireshark.org/security/wnpa-sec-2017-24.html https://www.wireshark.org/security/wnpa-sec-2017-25.html https://www.wireshark.org/security/wnpa-sec-2017-26.html https://www.wireshark.org/security/wnpa-sec-2017-27.html https://www.wireshark.org/security/wnpa-sec-2017-28.html https://www.wireshark.org/security/wnpa-sec-2017-29.html https://www.wireshark.org/security/wnpa-sec-2017-30.html https://www.wireshark.org/security/wnpa-sec-2017-32.html https://www.wireshark.org/docs/relnotes/wireshark-2.0.13.html https://www.wireshark.org/news/20170601.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.0.13-1.mga5 libwireshark7-2.0.13-1.mga5 libwiretap5-2.0.13-1.mga5 libwsutil7-2.0.13-1.mga5 libwireshark-devel-2.0.13-1.mga5 wireshark-tools-2.0.13-1.mga5 tshark-2.0.13-1.mga5 rawshark-2.0.13-1.mga5 dumpcap-2.0.13-1.mga5 from wireshark-2.0.13-1.mga5.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Whiteboard: (none) => has_procedure
MGA5-32 on Asus A6000VM Xfce No installation issues. Did all tests as per Comment 1 with success.
CC: (none) => herman.viaeneWhiteboard: has_procedure => has_procedure MGA5-32-OK
Testing M5_64 Updated existing wireshark to: dumpcap-2.0.13-1.mga5 lib64wireshark7-2.0.13-1.mga5 lib64wiretap5-2.0.13-1.mga5 lib64wsutil6-2.0.13-1.mga5 *** rawshark-2.0.13-1.mga5 tshark-2.0.13-1.mga5 wireshark-2.0.13-1.mga5 wireshark-tools-2.0.13-1.mga5 NOTE: lib64wsutil6, whereas the package list in Comment 0 cites libwsutil7. Asking for feedback about this before validation. Tried following the indicated tests, but the first command $ wireshark -n wiresharktest baulked because the file 'wiresharktest' did not exist. I could find no option for wireshark to monitor to & analyse a given file; so first did $ dumpcap -w wiresharktest and generated some traffic. After that, the given tests were happy. Should this be in the procedure? $ wireshark -n wiresharktest displays the capture file. $ tshark -nr wiresharktest dumps it to the terminal. $ editcap -r wiresharktest wiresharktest50 1-50 gave *no* terminal output as per the procedure, but created 'wiresharktest50' $ mergecap -v -w wiresharkmerged wiresharktest wiresharktest50 mergecap: wiresharktest is type Wireshark/... - pcapng. mergecap: wiresharktest50 is type Wireshark/... - pcapng. mergecap: selected frame_type Ethernet (ether) mergecap: ready to merge records Record: 1 etc etc to mergecap: merging complete and created 'wiresharkmerged'. $ randpkt -b 500 -t dns wireshark_dns.pcap gave no terminal output, but created the given file. $ wireshark wireshark_dns.pcap displayed the file. $ dftest ip Filter: "ip" Constants: Instructions: 00000 CHECK_EXISTS ip 00001 RETURN $ capinfos wiresharktest50 File name: wiresharktest50 File type: Wireshark/... - pcapng File encapsulation: Ethernet File timestamp precision: nanoseconds (9) Packet size limit: file hdr: (not set) Number of packets: 50 etc etc as per the procedure, to Capture application: Editcap 2.0.13 Number of interfaces in file: 1 Interface #0 info: Name = enp4s0 etc etc to Number of packets = 50 Believing this is all correct, OK. Advisory to follow. Query outstanding re lib[64]wsutil7 or 6.
CC: (none) => lewyssmithWhiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK feedback
Whiteboard: has_procedure MGA5-32-OK MGA5-64-OK feedback => has_procedure MGA5-32-OK MGA5-64-OK feedback advisory
Yes it's a typo, it should be 6.
Whiteboard: has_procedure MGA5-32-OK MGA5-64-OK feedback advisory => has_procedure MGA5-32-OK MGA5-64-OK advisory
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0161.html
Status: NEW => RESOLVEDResolution: (none) => FIXED