Bug 21840 - wireshark new release 2.0.16 fixes security issues
Summary: wireshark new release 2.0.16 fixes security issues
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: has_procedure MGA5-32-OK MGA5-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2017-10-12 13:35 CEST by David Walser
Modified: 2017-10-18 22:20 CEST (History)
3 users (show)

See Also:
Source RPM: wireshark-2.0.15-1.mga5.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2017-10-12 13:35:54 CEST
Upstream has released new versions on October 10:
https://www.wireshark.org/news/20171010.html

Updated package uploaded for Mageia 5.

Advisory:
========================

Updated wireshark packages fix security vulnerabilities:

DMP dissector crash (CVE-2017-15191).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15191
https://www.wireshark.org/security/wnpa-sec-2017-44.html
https://www.wireshark.org/docs/relnotes/wireshark-2.0.16.html
https://www.wireshark.org/news/20171010.html
========================

Updated packages in core/updates_testing:
========================
wireshark-2.0.16-1.mga5
libwireshark7-2.0.16-1.mga5
libwiretap5-2.0.16-1.mga5
libwsutil7-2.0.16-1.mga5
libwireshark-devel-2.0.16-1.mga5
wireshark-tools-2.0.16-1.mga5
tshark-2.0.16-1.mga5
rawshark-2.0.16-1.mga5
dumpcap-2.0.16-1.mga5

from wireshark-2.0.16-1.mga5.src.rpm
Comment 1 David Walser 2017-10-12 13:36:17 CEST
Testing procedure:
https://wiki.mageia.org/en/QA_procedure:Wireshark

Whiteboard: (none) => has_procedure

Comment 2 William Kenney 2017-10-14 00:05:07 CEST
In VirtualBox, M5.1, KDE, 32-bit

Package(s) under test:
wireshark libwireshark7 libwiretap5 libwsutil6 wireshark-tools tshark

Assign wilcal to the wireshark group, restart wilcal.

default install of :

[root@localhost wilcal]# urpmi wireshark
Package wireshark-2.0.15-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwireshark7
Package libwireshark7-2.0.15-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwiretap5
Package libwiretap5-2.0.15-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwsutil6
Package libwsutil6-2.0.15-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi wireshark-tools
Package wireshark-tools-2.0.15-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi tshark
Package tshark-2.0.15-1.mga5.i586 is already installed

Running wireshark I can capture and save to a file
(test01.pcapng) the traffic on enp0s3. Close wireshark.
I can reopen test01.pcapng with wireshark and review the data.
wireshark tools like tshark work:
tshark >> test01.txt works
Capturing on 'enp0s3'
6483 ^Z ( captured lines )
[1]+  Stopped                 tshark >> test01.txt

Set a filter:
ip.src == 192.168.1.65          ( this system )
ip.addr == 192.168.1.70         ( Yamaha receiver )
Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70
Filter works.

install wireshark libwireshark7 libwiretap5 libwsutil6
wireshark-tools tshark from updates_testing

[root@localhost wilcal]# urpmi wireshark
Package wireshark-2.0.16-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwireshark7
Package libwireshark7-2.0.16-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwiretap5
Package libwiretap5-2.0.16-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwsutil6
Package libwsutil6-2.0.16-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwireshark7
Package libwireshark7-2.0.16-1.mga5.i586 is already installed
[root@localhost wilcal]# urpmi tshark
Package tshark-2.0.16-1.mga5.i586 is already installed

Running wireshark I can capture and save to a file
(test02.pcapng) the traffic on enp0s3. Close wireshark.
Reopen test01.pcapng & test02.pcapng with wireshark and review the data.
wireshark tools like tshark work:
tshark >> test02.txt works
Capturing on 'enp0s3'
2778 ^Z ( captured lines )
[1]+  Stopped                 tshark >> test02.txt

Set a filter:
ip.src == 192.168.1.65          ( this system )
ip.addr == 192.168.1.70         ( Yamaha receiver )
Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70
Filter works.

CC: (none) => wilcal.int

William Kenney 2017-10-14 00:05:22 CEST

Whiteboard: has_procedure => has_procedure MGA5-32-OK

Comment 3 William Kenney 2017-10-14 01:27:15 CEST
In VirtualBox, M5.1, KDE, 64-bit

Package(s) under test:
wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6 wireshark-tools tshark

Assign wilcal to the wireshark group, restart wilcal.

default install of :

[root@localhost wilcal]# urpmi wireshark
Package wireshark-2.0.15-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wireshark7
Package lib64wireshark7-2.0.15-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wiretap5
Package lib64wiretap5-2.0.15-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wsutil6
Package lib64wsutil6-2.0.15-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi wireshark-tools
Package wireshark-tools-2.0.15-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi tshark
Package tshark-2.0.15-1.mga5.x86_64 is already installed

Running wireshark I can capture and save to a file
(test01.pcapng) the traffic on enp0s3. Close wireshark.
I can reopen test01.pcapng with wireshark and review the data.
wireshark tools like tshark work:
tshark >> test01.txt works
Capturing on 'enp0s3'
4540 ^Z ( captured lines )
[1]+  Stopped                 tshark >> test01.txt

Set a filter:
ip.src == 192.168.1.65          ( this system )
ip.addr == 192.168.1.70         ( Yamaha receiver )
Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70
Filter works.

install wireshark lib64wireshark7 lib64wiretap5 lib64wsutil6
wireshark-tools tshark from updates_testing

[root@localhost wilcal]# urpmi wireshark
Package wireshark-2.0.16-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wireshark7
Package lib64wireshark7-2.0.16-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wiretap5
Package lib64wiretap5-2.0.16-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wsutil6
Package lib64wsutil6-2.0.16-1.mga5.x86_64 is already installed
urpmi lib64wireshark7[root@localhost wilcal]# urpmi lib64wireshark7
Package lib64wireshark7-2.0.16-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi tshark
Package tshark-2.0.16-1.mga5.x86_64 is already installed

Running wireshark I can capture and save to a file
(test02.pcapng) the traffic on enp0s3. Close wireshark.
Reopen test01.pcapng & test02.pcapng with wireshark and review the data.
wireshark tools like tshark work:
tshark >> test02.txt works
Capturing on 'enp0s3'
5774 ^Z ( captured lines )
[1]+  Stopped                 tshark >> test02.txt

Set a filter:
ip.src == 192.168.1.65          ( this system )
ip.addr == 192.168.1.70         ( Yamaha receiver )
Set filter to: not ip.addr == 192.168.1.65 and not ip.src == 192.168.1.70
Filter works.
Comment 4 William Kenney 2017-10-14 01:27:56 CEST
This update works fine.
Testing complete for MGA6, 32-bit & 64-bit
Validating the update.
Could someone from the sysadmin team push to updates.
Thanks

Whiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK

William Kenney 2017-10-14 01:28:55 CEST

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Dave Hodgins 2017-10-17 03:09:28 CEST

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 5 Mageia Robot 2017-10-18 22:20:34 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0375.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.