Bug 26463 - wireshark new release 3.0.10 fixes security issue
Summary: wireshark new release 3.0.10 fixes security issue
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7-64-OK
Keywords: advisory, has_procedure, validated_update
Depends on:
Blocks:
 
Reported: 2020-04-09 19:32 CEST by David Walser
Modified: 2020-04-15 12:13 CEST (History)
4 users (show)

See Also:
Source RPM: wireshark-3.0.9-1.mga7.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2020-04-09 19:32:32 CEST
Upstream has released new versions on April 8:
https://www.wireshark.org/news/20200408.html

Updated package uploaded for Mageia 7.

Advisory:
========================

Updated wireshark packages fix security vulnerability:

The BACapp dissector could crash (CVE-2020-11647).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11647
https://www.wireshark.org/security/wnpa-sec-2020-07
https://www.wireshark.org/docs/relnotes/wireshark-3.0.10.html
https://www.wireshark.org/news/20200408.html
========================

Updated packages in core/updates_testing:
========================
wireshark-3.0.10-1.mga7
libwireshark12-3.0.10-1.mga7
libwiretap9-3.0.10-1.mga7
libwscodecs2-3.0.10-1.mga7
libwsutil10-3.0.10-1.mga7
libwireshark-devel-3.0.10-1.mga7
wireshark-tools-3.0.10-1.mga7
tshark-3.0.10-1.mga7
rawshark-3.0.10-1.mga7
dumpcap-3.0.10-1.mga7

from wireshark-3.0.10-1.mga7.src.rpm
Comment 1 David Walser 2020-04-09 19:32:49 CEST
Testing procedure:
https://wiki.mageia.org/en/QA_procedure:Wireshark

Keywords: (none) => has_procedure

Comment 2 Herman Viaene 2020-04-10 11:26:42 CEST
MGA7-64 Plasma on Lenovo B50
No installation issues.
Ref to bug 25436 Comment 1. Repeated all tests therein (refering to the QA procedure which is a bit  outdated), with the same results.
So OK for me

Whiteboard: (none) => MGA7-64-OK
CC: (none) => herman.viaene

Comment 3 Thomas Andrews 2020-04-10 17:16:55 CEST
Sounds like someone in the know should revise the QA procedure.

Validating. Advisory in Comment 0.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Thomas Backlund 2020-04-15 11:04:19 CEST

CC: (none) => tmb
Keywords: (none) => advisory

Comment 4 Mageia Robot 2020-04-15 12:13:58 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0172.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.