Upstream has released new versions on August 29: https://www.wireshark.org/news/20170829.html Updated package uploaded for Mageia 6. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.2.9, which fixes a few security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details. References: https://www.wireshark.org/security/wnpa-sec-2017-38.html https://www.wireshark.org/security/wnpa-sec-2017-39.html https://www.wireshark.org/security/wnpa-sec-2017-41.html https://www.wireshark.org/docs/relnotes/wireshark-2.2.9.html https://www.wireshark.org/news/20170829.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.2.9-1.mga6 libwireshark8-2.2.9-1.mga6 libwiretap6-2.2.9-1.mga6 libwscodecs1-2.2.9-1.mga6 libwsutil7-2.2.9-1.mga6 libwireshark-devel-2.2.9-1.mga6 wireshark-tools-2.2.9-1.mga6 tshark-2.2.9-1.mga6 rawshark-2.2.9-1.mga6 dumpcap-2.2.9-1.mga6 from wireshark-2.2.9-1.mga6.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Whiteboard: (none) => has_procedure
In VirtualBox, M6, Plasma, 64-bit Package(s) under test: wireshark lib64wireshark8 lib64wiretap6 lib64wsutil7 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of : [root@localhost wilcal]# urpmi wireshark Package wireshark-2.2.8-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark8 Package lib64wireshark8-2.2.8-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap6 Package lib64wiretap6-2.2.8-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil7 Package lib64wsutil7-2.2.8-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.2.8-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.2.8-1.mga6.x86_64 is already installed Running wireshark I can capture and save to a file (test01.pcapng) the traffic on enp0s3. Close wireshark. I can reopen test01.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 7834 ^Z ( captured lines ) [1]+ Stopped tshark >> test01.txt Set a filter: ip.src == 192.168.1.65 ( this system ) ip.addr == 192.168.1.70 ( Yamaha receiver, barks all the time for some reason ) Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70 Filter works, filters out the barking. install wireshark lib64wireshark8 lib64wiretap6 lib64wsutil7 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.2.9-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wireshark8 Package lib64wireshark8-2.2.9-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wiretap6 Package lib64wiretap6-2.2.9-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wsutil7 Package lib64wsutil7-2.2.9-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.2.9-1.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.2.9-1.mga6.x86_64 is already installed Running wireshark I can capture and save to a file (test02.pcapng) the traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test02.txt works Capturing on 'enp0s3' 4027 ^Z ( captured lines ) [1]+ Stopped tshark >> test02.txt Set a filter: ip.src == 192.168.1.65 ( this system ) ip.addr == 192.168.1.70 ( Yamaha receiver, barks all the time for some reason ) Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70 Filter works, filters out the barking.
CC: (none) => wilcal.int
Whiteboard: has_procedure => has_procedure MGA6-64-OK
In VirtualBox, M6, Plasma, 32-bit Package(s) under test: wireshark libwireshark8 libwiretap6 libwsutil7 wireshark-tools tshark Assign wilcal to the wireshark group, restart wilcal. default install of : [root@localhost wilcal]# urpmi wireshark Package wireshark-2.2.8-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwireshark8 Package libwireshark8-2.2.8-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwiretap6 Package libwiretap6-2.2.8-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwsutil7 Package libwsutil7-2.2.8-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.2.8-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.2.8-1.mga6.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) the traffic on enp0s3. Close wireshark. I can reopen test01.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test01.txt works Capturing on 'enp0s3' 11796 ^Z ( captured lines ) [1]+ Stopped tshark >> test01.txt Set a filter: ip.src == 192.168.1.65 ( this system ) ip.addr == 192.168.1.70 ( Yamaha receiver, barks all the time for some reason ) Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70 Filter works, filters out the barking. install wireshark libwireshark8 libwiretap6 libwsutil7 wireshark-tools tshark from updates_testing [root@localhost wilcal]# urpmi wireshark Package wireshark-2.2.9-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwireshark8 Package libwireshark8-2.2.9-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwiretap6 Package libwiretap6-2.2.9-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwsutil7 Package libwsutil7-2.2.9-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.2.9-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.2.9-1.mga6.i586 is already installed Running wireshark I can capture and save to a file (test02.pcapng) the traffic on enp0s3. Close wireshark. Reopen test01.pcapng & test02.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test02.txt works Capturing on 'enp0s3' 4847 ^Z ( captured lines ) [1]+ Stopped tshark >> test02.txt Set a filter: ip.src == 192.168.1.65 ( this system ) ip.addr == 192.168.1.70 ( Yamaha receiver, barks all the time for some reason ) Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70 Filter works, filters out the barking.
Tinkering with the procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark $ wireshark -n wiresharktest $ tshark -nr wiresharktest For some reason for me both report lots of errors and conflicts. Maybe someone can define how it works.
Whiteboard: has_procedure MGA6-64-OK => has_procedure MGA6-32-OK MGA6-64-OK
@ Bill : Thanks for a super job again! Validating for you.
Keywords: (none) => validated_updateCC: (none) => lewyssmith, sysadmin-bugs
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA6-32-OK MGA6-64-OK => has_procedure MGA6-32-OK MGA6-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0328.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
wnpa-sec-2017-39 is CVE-2017-13766 according to Debian: https://www.debian.org/security/2017/dsa-4060