Upstream has released new versions on July 14: https://www.wireshark.org/news/20210714.html Updated package uploaded for Mageia 8. Advisory: ======================== Updated wireshark packages fix security vulnerability: The DNP dissector could crash (CVE-2021-22235). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22235 https://www.wireshark.org/security/wnpa-sec-2021-06 https://www.wireshark.org/docs/relnotes/wireshark-3.4.7.html https://www.wireshark.org/news/20210714.html ======================== Updated packages in core/updates_testing: ======================== wireshark-3.4.7-1.mga8 libwireshark-devel-3.4.7-1.mga8 wireshark-tools-3.4.7-1.mga8 libwiretap11-3.4.7-1.mga8 tshark-3.4.7-1.mga8 dumpcap-3.4.7-1.mga8 rawshark-3.4.7-1.mga8 libwsutil12-3.4.7-1.mga8 libwireshark14-3.4.7-1.mga8 from wireshark-3.4.7-1.mga8.src.rpm
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Wireshark
Keywords: (none) => has_procedure
MGA8-64 Plasma on Lenovo B50 No installation issues Followed my previous bug 29088 to avoid the niggles encountered there. $ wireshark -n wiresharktest.pcapng File saved OK [tester8@mach5 wiresh]$ tshark -nr wiresharktest.pcapng | more 1 0.000000000 192.168.2.15 → 224.0.0.1 IGMPv3 50 Membership Query, general 2 1.139987728 192.168.2.5 → 192.168.2.1 DNS 81 Standard query 0x92d2 A i.creativecommons.org 3 1.140043703 192.168.2.5 → 192.168.2.1 DNS 81 Standard query 0x6cdb AAAA i.creativecommons.org 4 1.140122600 192.168.2.5 → 192.168.2.1 DNS 75 Standard query 0x1f28 A wiki.mageia.org 5 1.140172972 192.168.2.5 → 192.168.2.1 DNS 75 Standard query 0xab30 AAAA wiki.mageia.org 6 1.140184052 192.168.2.5 → 192.168.2.1 DNS 74 Standard query 0x86bd A nav.mageia.org 7 1.140215189 192.168.2.5 → 192.168.2.1 DNS 74 Standard query 0x69b2 AAAA nav.mageia.org 8 1.142052702 192.168.2.5 → 192.168.2.1 DNS 75 Standard query 0xbc22 A wiki.mageia.org 9 1.145957906 192.168.2.1 → 192.168.2.5 DNS 234 Standard query response 0x86bd A nav.mageia.org CNAME sucuk.mageia.org A 212.85.158.151 NS ns0.mageia.org NS ns1.mageia.org A 163.172.14 8.228 A 212.85.158.151 AAAA 2001:bc8:4400:2800::4115 AAAA 2a02:2178:2:7::7 etc ....... $ editcap -r wiresharktest.pcapng wiresharktest50 1-50 generated the smaller file OK. $ mergecap -v -w wiresharkmerged wiresharktest.pcapng wiresharktest50 mergecap: wiresharktest.pcapng is type Wireshark/... - pcapng. mergecap: wiresharktest50 is type Wireshark/... - pcapng. mergecap: selected frame_type Ethernet (ether) mergecap: ready to merge records Record: 1 Record: 2 Record: 3 and so on till Record: 7015 mergecap: merging complete $ randpkt -b 500 -t dns wireshark_dns.pcap created the file OK $ wireshark wireshark_dns.pcap displayed the file OK $ capinfos wiresharktest50 File name: wiresharktest50 File type: Wireshark/... - pcapng File encapsulation: Ethernet File timestamp precision: nanoseconds (9) Packet size limit: file hdr: (not set) Number of packets: 50 File size: 5.408 bytes Data size: 3.526 bytes Capture duration: 21,004674879 seconds First packet time: 2021-07-20 16:12:43,553152943 Last packet time: 2021-07-20 16:13:04,557827822 Data byte rate: 167 bytes/s Data bit rate: 1.342 bits/s Average packet size: 70,52 bytes Average packet rate: 2 packets/s SHA256: 6c2bcd7fc698c1c1eb478ae90d1125f9c5893c595fba684d374d1232b4852038 RIPEMD160: ffe33d4454471614fa6fb8bef6913cab7002f3a5 SHA1: 8640cf203c98a1f28eab1dfc733f571132453b8a Strict time order: True Capture hardware: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz (with SSE4.2) Capture oper-sys: Linux 5.10.48-desktop-1.mga8 Capture application: Dumpcap (Wireshark) 3.4.7 (Git commit e42cbf6a415f) Number of interfaces in file: 1 Interface #0 info: Name = wlp9s0 Encapsulation = Ethernet (1 - ether) Capture length = 262144 Time precision = nanoseconds (9) Time ticks per second = 1000000000 Time resolution = 0x09 Operating system = Linux 5.10.48-desktop-1.mga8 Number of stat entries = 0 Number of packets = 50 So all looks OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Validating. Advisory in Comment 0.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCVE: (none) => CVE-2021-22235CC: (none) => ouaurelien
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0364.html
Status: NEW => RESOLVEDResolution: (none) => FIXED