* [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13
@ 2026-02-25 9:10 Thomas Perale via buildroot
2026-02-25 20:44 ` Julien Olivain via buildroot
2026-03-06 19:53 ` Thomas Perale via buildroot
0 siblings, 2 replies; 5+ messages in thread
From: Thomas Perale via buildroot @ 2026-02-25 9:10 UTC (permalink / raw)
To: buildroot
For more information on the version bump, see:
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.12.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.11.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.10.html
Fixes the following vulnerabilities:
- CVE-2025-11626:
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to
4.2.13 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2025-11626
- CVE-2025-13499:
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows
denial of service
https://www.cve.org/CVERecord?id=CVE-2025-13499
- CVE-2025-13946:
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0
to 4.4.11 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2025-13946
- CVE-2026-0959:
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
4.4.0 to 4.4.12 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0959
- CVE-2026-0960:
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2
allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0960
- CVE-2026-0961:
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12
allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0961
- CVE-2026-0962:
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
4.4.0 to 4.4.12 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0962
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
package/wireshark/wireshark.hash | 6 +++---
package/wireshark/wireshark.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
index 88eb7ef494..87d5781eed 100644
--- a/package/wireshark/wireshark.hash
+++ b/package/wireshark/wireshark.hash
@@ -1,6 +1,6 @@
-# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.9.txt
-sha1 dc91c68b03b389645fa6dade92960863d74bca1d wireshark-4.4.9.tar.xz
-sha256 60551dc787f41e87aeaa1e9c33304f9008037e3baf9fa11aef9c2d584cc0b54b wireshark-4.4.9.tar.xz
+# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.13.txt
+sha1 2e85bc1231775283d3e1593ce700566e0dc4efb9 wireshark-4.4.13.tar.xz
+sha256 cdaaf455954b45990651ba334ddcc691ee446fcfb332e78d27b0a8451f22dc0f wireshark-4.4.13.tar.xz
# Locally calculated
sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYING
diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
index 9ccd8f9a9e..196ac63271 100644
--- a/package/wireshark/wireshark.mk
+++ b/package/wireshark/wireshark.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WIRESHARK_VERSION = 4.4.9
+WIRESHARK_VERSION = 4.4.13
WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz
WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
WIRESHARK_LICENSE = wireshark license
--
2.53.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13
2026-02-25 9:48 [Buildroot] [PATCH 1/1] package/containerd: security bump to v2.0.7 Thomas Perale via buildroot
@ 2026-02-25 9:48 ` Thomas Perale via buildroot
2026-02-25 9:57 ` Thomas Perale via buildroot
0 siblings, 1 reply; 5+ messages in thread
From: Thomas Perale via buildroot @ 2026-02-25 9:48 UTC (permalink / raw)
To: buildroot; +Cc: Christian Stewart
For more information on the version bump, see:
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.12.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.11.html
- https://www.wireshark.org/docs/relnotes/wireshark-4.4.10.html
Fixes the following vulnerabilities:
- CVE-2025-11626:
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to
4.2.13 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2025-11626
- CVE-2025-13499:
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows
denial of service
https://www.cve.org/CVERecord?id=CVE-2025-13499
- CVE-2025-13946:
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0
to 4.4.11 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2025-13946
- CVE-2026-0959:
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
4.4.0 to 4.4.12 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0959
- CVE-2026-0960:
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2
allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0960
- CVE-2026-0961:
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12
allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0961
- CVE-2026-0962:
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
4.4.0 to 4.4.12 allows denial of service
https://www.cve.org/CVERecord?id=CVE-2026-0962
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
package/wireshark/wireshark.hash | 6 +++---
package/wireshark/wireshark.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
index 88eb7ef494..87d5781eed 100644
--- a/package/wireshark/wireshark.hash
+++ b/package/wireshark/wireshark.hash
@@ -1,6 +1,6 @@
-# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.9.txt
-sha1 dc91c68b03b389645fa6dade92960863d74bca1d wireshark-4.4.9.tar.xz
-sha256 60551dc787f41e87aeaa1e9c33304f9008037e3baf9fa11aef9c2d584cc0b54b wireshark-4.4.9.tar.xz
+# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.13.txt
+sha1 2e85bc1231775283d3e1593ce700566e0dc4efb9 wireshark-4.4.13.tar.xz
+sha256 cdaaf455954b45990651ba334ddcc691ee446fcfb332e78d27b0a8451f22dc0f wireshark-4.4.13.tar.xz
# Locally calculated
sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYING
diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
index 9ccd8f9a9e..196ac63271 100644
--- a/package/wireshark/wireshark.mk
+++ b/package/wireshark/wireshark.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WIRESHARK_VERSION = 4.4.9
+WIRESHARK_VERSION = 4.4.13
WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz
WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
WIRESHARK_LICENSE = wireshark license
--
2.53.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13
2026-02-25 9:48 ` [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
@ 2026-02-25 9:57 ` Thomas Perale via buildroot
0 siblings, 0 replies; 5+ messages in thread
From: Thomas Perale via buildroot @ 2026-02-25 9:57 UTC (permalink / raw)
To: Thomas Perale; +Cc: buildroot, Christian Stewart
The wireshark bump is a resend by mistake nothing has changed from the previous
iteration. It has been removed from patchwork.
In reply of:
> For more information on the version bump, see:
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.12.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.11.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.10.html
>
> Fixes the following vulnerabilities:
>
> - CVE-2025-11626:
> MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to
> 4.2.13 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-11626
>
> - CVE-2025-13499:
> Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows
> denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13499
>
> - CVE-2025-13946:
> MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0
> to 4.4.11 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13946
>
> - CVE-2026-0959:
> IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0959
>
> - CVE-2026-0960:
> HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0960
>
> - CVE-2026-0961:
> BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0961
>
> - CVE-2026-0962:
> SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0962
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
> ---
> package/wireshark/wireshark.hash | 6 +++---
> package/wireshark/wireshark.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
> index 88eb7ef494..87d5781eed 100644
> --- a/package/wireshark/wireshark.hash
> +++ b/package/wireshark/wireshark.hash
> @@ -1,6 +1,6 @@
> -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.9.txt
> -sha1 dc91c68b03b389645fa6dade92960863d74bca1d wireshark-4.4.9.tar.xz
> -sha256 60551dc787f41e87aeaa1e9c33304f9008037e3baf9fa11aef9c2d584cc0b54b wireshark-4.4.9.tar.xz
> +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.13.txt
> +sha1 2e85bc1231775283d3e1593ce700566e0dc4efb9 wireshark-4.4.13.tar.xz
> +sha256 cdaaf455954b45990651ba334ddcc691ee446fcfb332e78d27b0a8451f22dc0f wireshark-4.4.13.tar.xz
>
> # Locally calculated
> sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYING
> diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
> index 9ccd8f9a9e..196ac63271 100644
> --- a/package/wireshark/wireshark.mk
> +++ b/package/wireshark/wireshark.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -WIRESHARK_VERSION = 4.4.9
> +WIRESHARK_VERSION = 4.4.13
> WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz
> WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
> WIRESHARK_LICENSE = wireshark license
> --
> 2.53.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13
2026-02-25 9:10 [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
@ 2026-02-25 20:44 ` Julien Olivain via buildroot
2026-03-06 19:53 ` Thomas Perale via buildroot
1 sibling, 0 replies; 5+ messages in thread
From: Julien Olivain via buildroot @ 2026-02-25 20:44 UTC (permalink / raw)
To: Thomas Perale; +Cc: buildroot
On 25/02/2026 10:10, Thomas Perale via buildroot wrote:
> For more information on the version bump, see:
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.12.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.11.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.10.html
>
> Fixes the following vulnerabilities:
>
> - CVE-2025-11626:
> MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0
> to
> 4.2.13 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-11626
>
> - CVE-2025-13499:
> Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows
> denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13499
>
> - CVE-2025-13946:
> MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and
> 4.4.0
> to 4.4.11 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13946
>
> - CVE-2026-0959:
> IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2
> and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0959
>
> - CVE-2026-0960:
> HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0960
>
> - CVE-2026-0961:
> BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to
> 4.4.12
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0961
>
> - CVE-2026-0962:
> SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0962
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Applied to master, thanks.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13
2026-02-25 9:10 [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
2026-02-25 20:44 ` Julien Olivain via buildroot
@ 2026-03-06 19:53 ` Thomas Perale via buildroot
1 sibling, 0 replies; 5+ messages in thread
From: Thomas Perale via buildroot @ 2026-03-06 19:53 UTC (permalink / raw)
To: Thomas Perale; +Cc: buildroot
In reply of:
> For more information on the version bump, see:
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.13.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.12.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.11.html
> - https://www.wireshark.org/docs/relnotes/wireshark-4.4.10.html
>
> Fixes the following vulnerabilities:
>
> - CVE-2025-11626:
> MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to
> 4.2.13 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-11626
>
> - CVE-2025-13499:
> Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows
> denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13499
>
> - CVE-2025-13946:
> MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0
> to 4.4.11 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2025-13946
>
> - CVE-2026-0959:
> IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0959
>
> - CVE-2026-0960:
> HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0960
>
> - CVE-2026-0961:
> BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12
> allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0961
>
> - CVE-2026-0962:
> SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and
> 4.4.0 to 4.4.12 allows denial of service
>
> https://www.cve.org/CVERecord?id=CVE-2026-0962
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Applied to 2025.11.x. Thanks
> ---
> package/wireshark/wireshark.hash | 6 +++---
> package/wireshark/wireshark.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
> index 88eb7ef494..87d5781eed 100644
> --- a/package/wireshark/wireshark.hash
> +++ b/package/wireshark/wireshark.hash
> @@ -1,6 +1,6 @@
> -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.9.txt
> -sha1 dc91c68b03b389645fa6dade92960863d74bca1d wireshark-4.4.9.tar.xz
> -sha256 60551dc787f41e87aeaa1e9c33304f9008037e3baf9fa11aef9c2d584cc0b54b wireshark-4.4.9.tar.xz
> +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.13.txt
> +sha1 2e85bc1231775283d3e1593ce700566e0dc4efb9 wireshark-4.4.13.tar.xz
> +sha256 cdaaf455954b45990651ba334ddcc691ee446fcfb332e78d27b0a8451f22dc0f wireshark-4.4.13.tar.xz
>
> # Locally calculated
> sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYING
> diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
> index 9ccd8f9a9e..196ac63271 100644
> --- a/package/wireshark/wireshark.mk
> +++ b/package/wireshark/wireshark.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -WIRESHARK_VERSION = 4.4.9
> +WIRESHARK_VERSION = 4.4.13
> WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz
> WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
> WIRESHARK_LICENSE = wireshark license
> --
> 2.53.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2026-03-06 19:54 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-25 9:10 [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
2026-02-25 20:44 ` Julien Olivain via buildroot
2026-03-06 19:53 ` Thomas Perale via buildroot
-- strict thread matches above, loose matches on Subject: below --
2026-02-25 9:48 [Buildroot] [PATCH 1/1] package/containerd: security bump to v2.0.7 Thomas Perale via buildroot
2026-02-25 9:48 ` [Buildroot] [PATCH] package/wireshark: security bump to v4.4.13 Thomas Perale via buildroot
2026-02-25 9:57 ` Thomas Perale via buildroot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox