Upstream has released new versions on April 21: https://www.wireshark.org/news/20210421.html Updated package uploaded for Mageia 8. Advisory: ======================== Updated wireshark packages fix security vulnerability: The MS-WSP dissector could consume excessive amounts of memory (CVE-2021-22207). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22207 https://www.wireshark.org/security/wnpa-sec-2021-04 https://www.wireshark.org/docs/relnotes/wireshark-3.4.5.html https://www.wireshark.org/news/20210421.html ======================== Updated packages in core/updates_testing: ======================== wireshark-3.4.5-1.mga8 libwireshark-devel-3.4.5-1.mga8 wireshark-tools-3.4.5-1.mga8 libwiretap11-3.4.5-1.mga8 tshark-3.4.5-1.mga8 dumpcap-3.4.5-1.mga8 rawshark-3.4.5-1.mga8 libwsutil12-3.4.5-1.mga8 libwireshark14-3.4.5-1.mga8 from wireshark-3.4.5-1.mga8.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Keywords: (none) => has_procedure
Adding possible already reported issue in Bug 28852.
CC: (none) => ouaurelienBlocks: (none) => 28852
That's INVALID and has nothing to do with this update.
Blocks: 28852 => (none)
The following 14 packages are going to be installed: - dumpcap-3.4.5-1.mga8.x86_64 - lib64bcg729_0-1.1.1-1.mga8.x86_64 - lib64nl-route3_200-3.5.0-2.mga8.x86_64 - lib64qt5multimedia5-5.15.2-1.mga8.x86_64 - lib64qt5printsupport5-5.15.2-4.2.mga8.x86_64 - lib64smi2-0.5.0-4.mga8.x86_64 - lib64snappy1-1.1.8-2.mga8.x86_64 - lib64wireshark14-3.4.5-1.mga8.x86_64 - lib64wiretap11-3.4.5-1.mga8.x86_64 - lib64wsutil12-3.4.5-1.mga8.x86_64 - libsmi-mibs-std-0.5.0-4.mga8.x86_64 - smi-tools-0.5.0-4.mga8.x86_64 - wireshark-3.4.5-1.mga8.x86_64 - wireshark-tools-3.4.5-1.mga8.x86_64 # uname -a Linux localhost 5.10.37-desktop-2.mga8 #1 SMP Mon May 17 16:35:04 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux # wireshark collected capture. opened captures, filters works. Can confirm wireshark appears to be working as designed.
Whiteboard: (none) => MGA8-64-OKCC: (none) => brtians1
Validating. Advisory in Comment 0.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCVE: (none) => CVE-2021-22207
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0222.html
Status: NEW => RESOLVEDResolution: (none) => FIXED