Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] wireshark: security bump to version 2.2.15
@ 2018-06-03 21:31 Peter Korsgaard
  2018-06-04 19:59 ` Thomas Petazzoni
  0 siblings, 1 reply; 4+ messages in thread
From: Peter Korsgaard @ 2018-06-03 21:31 UTC (permalink / raw)
  To: buildroot

Fixes the following security issues:

CVE-2018-11362: LDSS dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-25.html

CVE-2018-11357: Multiple dissectors could consume excessive memory
https://www.wireshark.org/security/wnpa-sec-2018-28.html

CVE-2018-11356: DNS dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-29.html

CVE-2018-11360: GSM A DTAP dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-30.html

CVE-2018-11358: Q.931 dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-31.html

CVE-2018-11359: Multiple dissectors could crash
https://www.wireshark.org/security/wnpa-sec-2018-33.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/wireshark/wireshark.hash | 4 ++--
 package/wireshark/wireshark.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
index 2b44cc0757..4b9c646fa9 100644
--- a/package/wireshark/wireshark.hash
+++ b/package/wireshark/wireshark.hash
@@ -1,4 +1,4 @@
-# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.14.txt
-sha256 e7a3d4f9bbde20ea5ee09103f9f6dba38e3666dfe1d6a6a1c004602b5fac378b  wireshark-2.2.14.tar.bz2
+# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.15.txt
+sha256 d73583e9282d47c42b69fc3a1ac9cafb6047d1305f5027d4cf18e95922d11844  wireshark-2.2.15.tar.bz2
 # Locally calculated
 sha256 7cdbed2b697efaa45576a033f1ac0e73cd045644a91c79bbf41d4a7d81dac7bf  COPYING
diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
index ad475803b7..c9a4ef202d 100644
--- a/package/wireshark/wireshark.mk
+++ b/package/wireshark/wireshark.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-WIRESHARK_VERSION = 2.2.14
+WIRESHARK_VERSION = 2.2.15
 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.bz2
 WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
 WIRESHARK_LICENSE = wireshark license
-- 
2.11.0

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] wireshark: security bump to version 2.2.15
  2018-06-03 21:31 [Buildroot] [PATCH] wireshark: security bump to version 2.2.15 Peter Korsgaard
@ 2018-06-04 19:59 ` Thomas Petazzoni
  2018-06-17 15:49   ` Peter Korsgaard
  2018-07-17  7:31   ` Peter Korsgaard
  0 siblings, 2 replies; 4+ messages in thread
From: Thomas Petazzoni @ 2018-06-04 19:59 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun,  3 Jun 2018 23:31:00 +0200, Peter Korsgaard wrote:
> Fixes the following security issues:
> 
> CVE-2018-11362: LDSS dissector crash
> https://www.wireshark.org/security/wnpa-sec-2018-25.html
> 
> CVE-2018-11357: Multiple dissectors could consume excessive memory
> https://www.wireshark.org/security/wnpa-sec-2018-28.html
> 
> CVE-2018-11356: DNS dissector crash
> https://www.wireshark.org/security/wnpa-sec-2018-29.html
> 
> CVE-2018-11360: GSM A DTAP dissector crash
> https://www.wireshark.org/security/wnpa-sec-2018-30.html
> 
> CVE-2018-11358: Q.931 dissector crash
> https://www.wireshark.org/security/wnpa-sec-2018-31.html
> 
> CVE-2018-11359: Multiple dissectors could crash
> https://www.wireshark.org/security/wnpa-sec-2018-33.html
> 
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ---
>  package/wireshark/wireshark.hash | 4 ++--
>  package/wireshark/wireshark.mk   | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] wireshark: security bump to version 2.2.15
  2018-06-04 19:59 ` Thomas Petazzoni
@ 2018-06-17 15:49   ` Peter Korsgaard
  2018-07-17  7:31   ` Peter Korsgaard
  1 sibling, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2018-06-17 15:49 UTC (permalink / raw)
  To: buildroot

>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:

 > Hello,
 > On Sun,  3 Jun 2018 23:31:00 +0200, Peter Korsgaard wrote:
 >> Fixes the following security issues:
 >> 
 >> CVE-2018-11362: LDSS dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-25.html
 >> 
 >> CVE-2018-11357: Multiple dissectors could consume excessive memory
 >> https://www.wireshark.org/security/wnpa-sec-2018-28.html
 >> 
 >> CVE-2018-11356: DNS dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-29.html
 >> 
 >> CVE-2018-11360: GSM A DTAP dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-30.html
 >> 
 >> CVE-2018-11358: Q.931 dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-31.html
 >> 
 >> CVE-2018-11359: Multiple dissectors could crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-33.html
 >> 
 >> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 >> ---
 >> package/wireshark/wireshark.hash | 4 ++--
 >> package/wireshark/wireshark.mk   | 2 +-
 >> 2 files changed, 3 insertions(+), 3 deletions(-)

Committed to 2018.02.x, thanks.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] wireshark: security bump to version 2.2.15
  2018-06-04 19:59 ` Thomas Petazzoni
  2018-06-17 15:49   ` Peter Korsgaard
@ 2018-07-17  7:31   ` Peter Korsgaard
  1 sibling, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2018-07-17  7:31 UTC (permalink / raw)
  To: buildroot

>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:

 > Hello,
 > On Sun,  3 Jun 2018 23:31:00 +0200, Peter Korsgaard wrote:
 >> Fixes the following security issues:
 >> 
 >> CVE-2018-11362: LDSS dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-25.html
 >> 
 >> CVE-2018-11357: Multiple dissectors could consume excessive memory
 >> https://www.wireshark.org/security/wnpa-sec-2018-28.html
 >> 
 >> CVE-2018-11356: DNS dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-29.html
 >> 
 >> CVE-2018-11360: GSM A DTAP dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-30.html
 >> 
 >> CVE-2018-11358: Q.931 dissector crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-31.html
 >> 
 >> CVE-2018-11359: Multiple dissectors could crash
 >> https://www.wireshark.org/security/wnpa-sec-2018-33.html
 >> 
 >> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 >> ---
 >> package/wireshark/wireshark.hash | 4 ++--
 >> package/wireshark/wireshark.mk   | 2 +-
 >> 2 files changed, 3 insertions(+), 3 deletions(-)

Committed to 2018.05.x, thanks.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-07-17  7:31 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-06-03 21:31 [Buildroot] [PATCH] wireshark: security bump to version 2.2.15 Peter Korsgaard
2018-06-04 19:59 ` Thomas Petazzoni
2018-06-17 15:49   ` Peter Korsgaard
2018-07-17  7:31   ` Peter Korsgaard

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox