| Message ID | 20230205142543.285695-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/wireshark: security bump to version 4.0.3 | expand |
Fabrice, All, On 2023-02-05 15:25 +0100, Fabrice Fontaine spake thusly: > Fix CVE-2023-0411, CVE-2023-0412, CVE-2023-0413, CVE-2023-0414, > CVE-2023-0415, CVE-2023-0416 and CVE-2023-0417 > > https://www.wireshark.org/security/wnpa-sec-2023-01 > https://www.wireshark.org/security/wnpa-sec-2023-02 > https://www.wireshark.org/security/wnpa-sec-2023-03 > https://www.wireshark.org/security/wnpa-sec-2023-04 > https://www.wireshark.org/security/wnpa-sec-2023-05 > https://www.wireshark.org/security/wnpa-sec-2023-06 > https://www.wireshark.org/security/wnpa-sec-2023-07 > > https://www.wireshark.org/docs/relnotes/wireshark-4.0.3.html > > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Applied to master, thanks. Regards, Yann E. MORIN. > --- > package/wireshark/wireshark.hash | 6 +++--- > package/wireshark/wireshark.mk | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash > index e9026b8caa..7128b560ae 100644 > --- a/package/wireshark/wireshark.hash > +++ b/package/wireshark/wireshark.hash > @@ -1,6 +1,6 @@ > -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.2.txt > -sha1 0127180ff18515b086fe5603f767f53ddaa64c1a wireshark-4.0.2.tar.xz > -sha256 f35915699f2f9b28ddb211202d40ec8984e5834d3c911483144a4984ba44411d wireshark-4.0.2.tar.xz > +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.3.txt > +sha1 243b0057cfe6d447662e81b5646110aaf8b63c81 wireshark-4.0.3.tar.xz > +sha256 6c51e15bcc0afb93734e686dbff354ffd159f570bd2904bcbbad6f3feb7e9511 wireshark-4.0.3.tar.xz > > # Locally calculated > sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING > diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk > index e2a424ef0f..12c36575df 100644 > --- a/package/wireshark/wireshark.mk > +++ b/package/wireshark/wireshark.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -WIRESHARK_VERSION = 4.0.2 > +WIRESHARK_VERSION = 4.0.3 > WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz > WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions > WIRESHARK_LICENSE = wireshark license > -- > 2.39.0 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > Fix CVE-2023-0411, CVE-2023-0412, CVE-2023-0413, CVE-2023-0414, > CVE-2023-0415, CVE-2023-0416 and CVE-2023-0417 > https://www.wireshark.org/security/wnpa-sec-2023-01 > https://www.wireshark.org/security/wnpa-sec-2023-02 > https://www.wireshark.org/security/wnpa-sec-2023-03 > https://www.wireshark.org/security/wnpa-sec-2023-04 > https://www.wireshark.org/security/wnpa-sec-2023-05 > https://www.wireshark.org/security/wnpa-sec-2023-06 > https://www.wireshark.org/security/wnpa-sec-2023-07 > https://www.wireshark.org/docs/relnotes/wireshark-4.0.3.html It looks like these issues do not affect 3.4.x, so I have NOT backported this.
diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash index e9026b8caa..7128b560ae 100644 --- a/package/wireshark/wireshark.hash +++ b/package/wireshark/wireshark.hash @@ -1,6 +1,6 @@ -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.2.txt -sha1 0127180ff18515b086fe5603f767f53ddaa64c1a wireshark-4.0.2.tar.xz -sha256 f35915699f2f9b28ddb211202d40ec8984e5834d3c911483144a4984ba44411d wireshark-4.0.2.tar.xz +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.3.txt +sha1 243b0057cfe6d447662e81b5646110aaf8b63c81 wireshark-4.0.3.tar.xz +sha256 6c51e15bcc0afb93734e686dbff354ffd159f570bd2904bcbbad6f3feb7e9511 wireshark-4.0.3.tar.xz # Locally calculated sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk index e2a424ef0f..12c36575df 100644 --- a/package/wireshark/wireshark.mk +++ b/package/wireshark/wireshark.mk @@ -4,7 +4,7 @@ # ################################################################################ -WIRESHARK_VERSION = 4.0.2 +WIRESHARK_VERSION = 4.0.3 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions WIRESHARK_LICENSE = wireshark license
Fix CVE-2023-0411, CVE-2023-0412, CVE-2023-0413, CVE-2023-0414, CVE-2023-0415, CVE-2023-0416 and CVE-2023-0417 https://www.wireshark.org/security/wnpa-sec-2023-01 https://www.wireshark.org/security/wnpa-sec-2023-02 https://www.wireshark.org/security/wnpa-sec-2023-03 https://www.wireshark.org/security/wnpa-sec-2023-04 https://www.wireshark.org/security/wnpa-sec-2023-05 https://www.wireshark.org/security/wnpa-sec-2023-06 https://www.wireshark.org/security/wnpa-sec-2023-07 https://www.wireshark.org/docs/relnotes/wireshark-4.0.3.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- package/wireshark/wireshark.hash | 6 +++--- package/wireshark/wireshark.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-)