Upstream has released new versions on May 22: https://www.wireshark.org/news/20180522.html https://www.wireshark.org/docs/relnotes/wireshark-2.2.15.html I'll take care of this later unless someone beats me to it.
I'm handling it for mga6.
CC: (none) => shlomif
Updated package uploaded for Mageia 6 by Shlomi. No CVEs, so generic advisory for now. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The wireshark package has been updated to version 2.2.15, which fixes a few security issues where a malformed packet trace could cause it to crash, and fixes several other bugs as well. See the release notes for details. References: https://www.wireshark.org/security/wnpa-sec-2018-25.html https://www.wireshark.org/security/wnpa-sec-2018-28.html https://www.wireshark.org/security/wnpa-sec-2018-29.html https://www.wireshark.org/security/wnpa-sec-2018-30.html https://www.wireshark.org/security/wnpa-sec-2018-31.html https://www.wireshark.org/security/wnpa-sec-2018-33.html https://www.wireshark.org/docs/relnotes/wireshark-2.2.15.html https://www.wireshark.org/news/20180522.html ======================== Updated packages in core/updates_testing: ======================== wireshark-2.2.15-1.mga6 libwireshark8-2.2.15-1.mga6 libwiretap6-2.2.15-1.mga6 libwscodecs1-2.2.15-1.mga6 libwsutil7-2.2.15-1.mga6 libwireshark-devel-2.2.15-1.mga6 wireshark-tools-2.2.15-1.mga6 tshark-2.2.15-1.mga6 rawshark-2.2.15-1.mga6 dumpcap-2.2.15-1.mga6 from wireshark-2.2.15-1.mga6.src.rpm
Assignee: luigiwalser => qa-bugs
Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The DNS dissector could crash (CVE-2018-11356). Multiple dissectors could consume excessive memory (CVE-2018-11357). The Q.931 dissector could crash (CVE-2018-11358). Multiple dissectors could crash (CVE-2018-11359). The GSM A DTAP dissector could crash (CVE-2018-11360). The LDSS dissector could crash (CVE-2018-11362). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11356 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11357 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11359 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11362 https://www.wireshark.org/security/wnpa-sec-2018-25.html https://www.wireshark.org/security/wnpa-sec-2018-28.html https://www.wireshark.org/security/wnpa-sec-2018-29.html https://www.wireshark.org/security/wnpa-sec-2018-30.html https://www.wireshark.org/security/wnpa-sec-2018-31.html https://www.wireshark.org/security/wnpa-sec-2018-33.html https://www.wireshark.org/docs/relnotes/wireshark-2.2.15.html https://www.wireshark.org/news/20180522.html
Installed and tested without issues. System: Mageia 6, x86_64, Plasma DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver. Tests included loading the pcap files provides in the following bug reports to check for crashes. No crashes seen. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14615 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14678 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14681 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14688 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14703 Also tested by doing wire captures and checking the captured packets (e.g. SOAP, websocket, HTTP). $ uname -a Linux marte 4.14.44-desktop-2.mga6 #1 SMP Mon May 28 22:35:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ lspcidrake | grep NETWORK r8169 : Realtek Semiconductor Co., Ltd.|RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [NETWORK_ETHERNET] (rev: 02) $ rpm -qa | egrep 'wireshark|wiretap|wscodecs|wsutil|tshark|rawshark|dumpcap' | sort dumpcap-2.2.15-1.mga6 lib64wireshark8-2.2.15-1.mga6 lib64wiretap6-2.2.15-1.mga6 lib64wscodecs1-2.2.15-1.mga6 lib64wsutil7-2.2.15-1.mga6 wireshark-2.2.15-1.mga6
Whiteboard: (none) => MGA6-64-OKCC: (none) => mageia
In VirtualBox, M6, MATE, 32-bit Package(s) under test: wireshark libwireshark8 libwiretap6 libwsutil7 wireshark-tools tshark The following 16 packages are going to be installed: - dumpcap-2.2.14-1.mga6.i586 - geoip-database-1.6.9-2.mga6.noarch - libgeoip1-1.6.9-2.mga6.i586 - libnl-route3_200-3.3.0-1.mga6.i586 - libqt5multimedia5-5.9.4-1.mga6.i586 - libqt5printsupport5-5.9.4-1.1.mga6.i586 - libsmi-mibs-std-0.5.0-2.mga6.i586 - libsmi2-0.5.0-2.mga6.i586 - libwireshark8-2.2.14-1.mga6.i586 - libwiretap6-2.2.14-1.mga6.i586 - libwscodecs1-2.2.14-1.mga6.i586 - libwsutil7-2.2.14-1.mga6.i586 - smi-tools-0.5.0-2.mga6.i586 - tshark-2.2.14-1.mga6.i586 - wireshark-2.2.14-1.mga6.i586 - wireshark-tools-2.2.14-1.mga6.i586 Assign wilcal to the wireshark group, restart wilcal. default install of : [root@localhost wilcal]# urpmi wireshark Package wireshark-2.2.14-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwireshark8 Package libwireshark8-2.2.14-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwiretap6 Package libwiretap6-2.2.14-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwsutil7 Package libwsutil7-2.2.14-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.2.14-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.2.14-1.mga6.i586 is already installed Running wireshark I can capture and save to a file (test01.pcapng) the traffic on enp0s3. Close wireshark. I can reopen test01.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test02.txt works Capturing on 'enp0s3' 4392 ^Z ( captured lines ) [1]+ Stopped tshark >> test02.txt Set a filter: ip.src == 192.168.0.10 ( this system ) ip.addr == 192.168.0.13 ( Yamaha receiver, barks a lot ) Set filter to: not ip.addr == 192.168.0.10 and not ip.src == 192.168.0.13 Filter works. install wireshark libwireshark8 libwiretap6 libwsutil7 wireshark-tools tshark from updates_testing The following 7 packages are going to be installed: - libwireshark8-2.2.15-1.mga6.i586 - libwiretap6-2.2.15-1.mga6.i586 - libwsutil7-2.2.15-1.mga6.i586 - meta-task-6-2.1.mga6.noarch - tshark-2.2.15-1.mga6.i586 - wireshark-2.2.15-1.mga6.i586 - wireshark-tools-2.2.15-1.mga6.i586 [root@localhost wilcal]# urpmi wireshark Package wireshark-2.2.15-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwireshark8 Package libwireshark8-2.2.15-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwiretap6 Package libwiretap6-2.2.15-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwsutil7 Package libwsutil7-2.2.15-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi wireshark-tools Package wireshark-tools-2.2.15-1.mga6.i586 is already installed [root@localhost wilcal]# urpmi tshark Package tshark-2.2.15-1.mga6.i586 is already installed Running wireshark I can capture and save to a file (test03.pcapng) the traffic on enp0s3. Close wireshark. I can reopen test03.pcapng with wireshark and review the data. wireshark tools like tshark work: tshark >> test04.txt works Capturing on 'enp0s3' 1655 ^Z ( captured lines ) [1]+ Stopped tshark >> test02.txt Set a filter: Set filter to: not ip.addr == 192.168.0.10 and not ip.src == 192.168.0.13 Filter works.
CC: (none) => wilcal.int
Whiteboard: MGA6-64-OK => MGA6-32-OK MGA6-64-OK
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0266.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED