From: Thomas Perale via buildroot <buildroot@buildroot.org>
To: Thomas Perale <thomas.perale@mind.be>
Cc: buildroot@buildroot.org, Christian Stewart <christian@aperture.us>
Subject: Re: [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13
Date: Wed, 25 Feb 2026 10:57:44 +0100 [thread overview]
Message-ID: <20260225095744.273615-1-thomas.perale@mind.be> (raw)
In-Reply-To: <20260225094824.270893-2-thomas.perale@mind.be>
The wireshark bump is a resend by mistake nothing has changed from the previous
iteration. It has been removed from patchwork.
In reply of:
> For more information on the version bump, see:
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.12.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.11.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.10.html
>
> Fixes the following vulnerabilities:
>
> - CVE-2025-11626:
> MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to
> 4.2.13 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-11626
>
> - CVE-2025-13499:
> Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows
> denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13499
>
> - CVE-2025-13946:
> MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0
> to 4.4.11 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13946
>
> - CVE-2026-0959:
> IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0959
>
> - CVE-2026-0960:
> HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0960
>
> - CVE-2026-0961:
> BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0961
>
> - CVE-2026-0962:
> SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0962
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
> ---
> package/wireshark/wireshark.hash | 6 +++---
> package/wireshark/wireshark.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
> index 88eb7ef494..87d5781eed 100644
> --- a/package/wireshark/wireshark.hash
> +++ b/package/wireshark/wireshark.hash
> @@ -1,6 +1,6 @@
> -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.9.txt
> -sha1 dc91c68b03b389645fa6dade92960863d74bca1d wireshark-4.4.9.tar.xz
> -sha256 60551dc787f41e87aeaa1e9c33304f9008037e3baf9fa11aef9c2d584cc0b54b wireshark-4.4.9.tar.xz
> +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.13.txt
> +sha1 2e85bc1231775283d3e1593ce700566e0dc4efb9 wireshark-4.4.13.tar.xz
> +sha256 cdaaf455954b45990651ba334ddcc691ee446fcfb332e78d27b0a8451f22dc0f wireshark-4.4.13.tar.xz
>
> # Locally calculated
> sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYING
> diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
> index 9ccd8f9a9e..196ac63271 100644
> --- a/package/wireshark/wireshark.mk
> +++ b/package/wireshark/wireshark.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -WIRESHARK_VERSION = 4.4.9
> +WIRESHARK_VERSION = 4.4.13
> WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz
> WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
> WIRESHARK_LICENSE = wireshark license
> --
> 2.53.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2026-02-25 9:57 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-25 9:48 [Buildroot] [PATCH 1/1] package/containerd: security bump to v2.0.7 Thomas Perale via buildroot
2026-02-25 9:48 ` [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
2026-02-25 9:57 ` Thomas Perale via buildroot [this message]
2026-02-25 21:10 ` [Buildroot] [PATCH 1/1] package/containerd: security bump to v2.0.7 Julien Olivain via buildroot
2026-03-06 19:53 ` Thomas Perale via buildroot
-- strict thread matches above, loose matches on Subject: below --
2026-02-25 9:10 [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
2026-02-25 20:44 ` Julien Olivain via buildroot
2026-03-06 19:53 ` Thomas Perale via buildroot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260225095744.273615-1-thomas.perale@mind.be \
--to=buildroot@buildroot.org \
--cc=christian@aperture.us \
--cc=thomas.perale@mind.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox