Bug 23080 - wireshark new release 2.2.15 fixes security issues
Summary: wireshark new release 2.2.15 fixes security issues
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA6-32-OK MGA6-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2018-05-23 15:43 CEST by David Walser
Modified: 2018-06-03 13:03 CEST (History)
5 users (show)

See Also:
Source RPM: wireshark-2.2.14-1.mga6.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2018-05-23 15:43:56 CEST
Upstream has released new versions on May 22:
https://www.wireshark.org/news/20180522.html
https://www.wireshark.org/docs/relnotes/wireshark-2.2.15.html

I'll take care of this later unless someone beats me to it.
Comment 1 Shlomi Fish 2018-05-23 16:55:10 CEST
I'm handling it for mga6.

CC: (none) => shlomif

Comment 2 David Walser 2018-05-23 22:53:06 CEST
Updated package uploaded for Mageia 6 by Shlomi.

No CVEs, so generic advisory for now.

Advisory:
========================

Updated wireshark packages fix security vulnerabilities:

The wireshark package has been updated to version 2.2.15, which fixes a few
security issues where a malformed packet trace could cause it to crash, and
fixes several other bugs as well.  See the release notes for details.

References:
https://www.wireshark.org/security/wnpa-sec-2018-25.html
https://www.wireshark.org/security/wnpa-sec-2018-28.html
https://www.wireshark.org/security/wnpa-sec-2018-29.html
https://www.wireshark.org/security/wnpa-sec-2018-30.html
https://www.wireshark.org/security/wnpa-sec-2018-31.html
https://www.wireshark.org/security/wnpa-sec-2018-33.html
https://www.wireshark.org/docs/relnotes/wireshark-2.2.15.html
https://www.wireshark.org/news/20180522.html
========================

Updated packages in core/updates_testing:
========================
wireshark-2.2.15-1.mga6
libwireshark8-2.2.15-1.mga6
libwiretap6-2.2.15-1.mga6
libwscodecs1-2.2.15-1.mga6
libwsutil7-2.2.15-1.mga6
libwireshark-devel-2.2.15-1.mga6
wireshark-tools-2.2.15-1.mga6
tshark-2.2.15-1.mga6
rawshark-2.2.15-1.mga6
dumpcap-2.2.15-1.mga6

from wireshark-2.2.15-1.mga6.src.rpm

Assignee: luigiwalser => qa-bugs

Comment 4 PC LX 2018-05-30 12:51:00 CEST
Installed and tested without issues.

System: Mageia 6, x86_64, Plasma DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver.

Tests included loading the pcap files provides in the following bug reports to check for crashes. No crashes seen.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14615
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14678
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14681
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14688
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14703

Also tested by doing wire captures and checking the captured packets (e.g. SOAP, websocket, HTTP).

$ uname -a
Linux marte 4.14.44-desktop-2.mga6 #1 SMP Mon May 28 22:35:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ lspcidrake | grep NETWORK
r8169           : Realtek Semiconductor Co., Ltd.|RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [NETWORK_ETHERNET] (rev: 02)
$ rpm -qa | egrep 'wireshark|wiretap|wscodecs|wsutil|tshark|rawshark|dumpcap' | sort
dumpcap-2.2.15-1.mga6
lib64wireshark8-2.2.15-1.mga6
lib64wiretap6-2.2.15-1.mga6
lib64wscodecs1-2.2.15-1.mga6
lib64wsutil7-2.2.15-1.mga6
wireshark-2.2.15-1.mga6

Whiteboard: (none) => MGA6-64-OK
CC: (none) => mageia

Comment 5 William Kenney 2018-06-01 04:52:11 CEST
In VirtualBox, M6, MATE, 32-bit

Package(s) under test:
wireshark libwireshark8 libwiretap6 libwsutil7 wireshark-tools tshark

The following 16 packages are going to be installed:

- dumpcap-2.2.14-1.mga6.i586
- geoip-database-1.6.9-2.mga6.noarch
- libgeoip1-1.6.9-2.mga6.i586
- libnl-route3_200-3.3.0-1.mga6.i586
- libqt5multimedia5-5.9.4-1.mga6.i586
- libqt5printsupport5-5.9.4-1.1.mga6.i586
- libsmi-mibs-std-0.5.0-2.mga6.i586
- libsmi2-0.5.0-2.mga6.i586
- libwireshark8-2.2.14-1.mga6.i586
- libwiretap6-2.2.14-1.mga6.i586
- libwscodecs1-2.2.14-1.mga6.i586
- libwsutil7-2.2.14-1.mga6.i586
- smi-tools-0.5.0-2.mga6.i586
- tshark-2.2.14-1.mga6.i586
- wireshark-2.2.14-1.mga6.i586
- wireshark-tools-2.2.14-1.mga6.i586

Assign wilcal to the wireshark group, restart wilcal.

default install of :

[root@localhost wilcal]# urpmi wireshark
Package wireshark-2.2.14-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwireshark8
Package libwireshark8-2.2.14-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwiretap6
Package libwiretap6-2.2.14-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwsutil7
Package libwsutil7-2.2.14-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi wireshark-tools
Package wireshark-tools-2.2.14-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi tshark
Package tshark-2.2.14-1.mga6.i586 is already installed

Running wireshark I can capture and save to a file
(test01.pcapng) the traffic on enp0s3. Close wireshark.
I can reopen test01.pcapng with wireshark and review the data.
wireshark tools like tshark work:
tshark >> test02.txt works
Capturing on 'enp0s3'
4392 ^Z ( captured lines )
[1]+  Stopped                 tshark >> test02.txt

Set a filter:
ip.src == 192.168.0.10          ( this system )
ip.addr == 192.168.0.13         ( Yamaha receiver, barks a lot )
Set filter to: not ip.addr == 192.168.0.10 and not ip.src == 192.168.0.13
Filter works.

install wireshark libwireshark8 libwiretap6 libwsutil7 wireshark-tools
tshark from updates_testing

The following 7 packages are going to be installed:

- libwireshark8-2.2.15-1.mga6.i586
- libwiretap6-2.2.15-1.mga6.i586
- libwsutil7-2.2.15-1.mga6.i586
- meta-task-6-2.1.mga6.noarch
- tshark-2.2.15-1.mga6.i586
- wireshark-2.2.15-1.mga6.i586
- wireshark-tools-2.2.15-1.mga6.i586

[root@localhost wilcal]# urpmi wireshark
Package wireshark-2.2.15-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwireshark8
Package libwireshark8-2.2.15-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwiretap6
Package libwiretap6-2.2.15-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwsutil7
Package libwsutil7-2.2.15-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi wireshark-tools
Package wireshark-tools-2.2.15-1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi tshark
Package tshark-2.2.15-1.mga6.i586 is already installed

Running wireshark I can capture and save to a file
(test03.pcapng) the traffic on enp0s3. Close wireshark.
I can reopen test03.pcapng with wireshark and review the data.
wireshark tools like tshark work:
tshark >> test04.txt works
Capturing on 'enp0s3'
1655 ^Z ( captured lines )
[1]+  Stopped                 tshark >> test02.txt

Set a filter:
Set filter to: not ip.addr == 192.168.0.10 and not ip.src == 192.168.0.13
Filter works.

CC: (none) => wilcal.int

William Kenney 2018-06-01 04:53:17 CEST

Whiteboard: MGA6-64-OK => MGA6-32-OK MGA6-64-OK

William Kenney 2018-06-01 04:53:36 CEST

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Thomas Backlund 2018-06-03 12:30:26 CEST

CC: (none) => tmb
Keywords: (none) => advisory

Comment 6 Mageia Robot 2018-06-03 13:03:21 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0266.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.