{"id":2221922,"url":"http://patchwork.ozlabs.org/api/patches/2221922/?format=json","web_url":"http://patchwork.ozlabs.org/project/buildroot/patch/20260410125648.2980692-1-giulio.benetti@benettiengineering.com/","project":{"id":27,"url":"http://patchwork.ozlabs.org/api/projects/27/?format=json","name":"Buildroot development","link_name":"buildroot","list_id":"buildroot.buildroot.org","list_email":"buildroot@buildroot.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260410125648.2980692-1-giulio.benetti@benettiengineering.com>","list_archive_url":null,"date":"2026-04-10T12:56:48","name":"package/wireshark: security bump to v4.4.14","commit_ref":null,"pull_url":null,"state":"accepted","archived":false,"hash":"c23f991253cf6dd043ac595f2dea87e278d10565","submitter":{"id":77479,"url":"http://patchwork.ozlabs.org/api/people/77479/?format=json","name":"Giulio Benetti","email":"giulio.benetti@benettiengineering.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/buildroot/patch/20260410125648.2980692-1-giulio.benetti@benettiengineering.com/mbox/","series":[{"id":499456,"url":"http://patchwork.ozlabs.org/api/series/499456/?format=json","web_url":"http://patchwork.ozlabs.org/project/buildroot/list/?series=499456","date":"2026-04-10T12:56:48","name":"package/wireshark: security bump to v4.4.14","version":1,"mbox":"http://patchwork.ozlabs.org/series/499456/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2221922/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2221922/checks/","tags":{},"related":[],"headers":{"Return-Path":"<buildroot-bounces@buildroot.org>","X-Original-To":["incoming-buildroot@patchwork.ozlabs.org","buildroot@buildroot.org"],"Delivered-To":["patchwork-incoming-buildroot@legolas.ozlabs.org","buildroot@buildroot.org"],"Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=buildroot.org header.i=@buildroot.org\n header.a=rsa-sha256 header.s=default header.b=LPuWWdWU;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org\n (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org;\n envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)"],"Received":["from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fscJX6MM2z1yGS\n\tfor <incoming-buildroot@patchwork.ozlabs.org>;\n Fri, 10 Apr 2026 22:57:00 +1000 (AEST)","from localhost (localhost [127.0.0.1])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id 1F1AC82C8F;\n\tFri, 10 Apr 2026 12:56:59 +0000 (UTC)","from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id nKEr7Xwf7doR; Fri, 10 Apr 2026 12:56:58 +0000 (UTC)","from lists1.osuosl.org (lists1.osuosl.org [140.211.166.142])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id 1B0E881276;\n\tFri, 10 Apr 2026 12:56:58 +0000 (UTC)","from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])\n by lists1.osuosl.org (Postfix) with ESMTP id 148DB194\n for <buildroot@buildroot.org>; Fri, 10 Apr 2026 12:56:56 +0000 (UTC)","from localhost (localhost [127.0.0.1])\n by smtp4.osuosl.org (Postfix) with ESMTP id E661D40DD5\n for <buildroot@buildroot.org>; Fri, 10 Apr 2026 12:56:55 +0000 (UTC)","from smtp4.osuosl.org ([127.0.0.1])\n by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id iS0Dr3AJTlN0 for <buildroot@buildroot.org>;\n Fri, 10 Apr 2026 12:56:54 +0000 (UTC)","from smtpdh18-1.aruba.it (smtpdh18-1.aruba.it [62.149.155.132])\n by smtp4.osuosl.org (Postfix) with ESMTPS id A521C40C92\n for <buildroot@buildroot.org>; Fri, 10 Apr 2026 12:56:52 +0000 (UTC)","from localhost.localdomain ([84.33.84.190])\n by Aruba SMTP with ESMTPSA\n id BBPlwyJUI5SteBBPlwLxgL; Fri, 10 Apr 2026 14:56:49 +0200"],"X-Virus-Scanned":["amavis at osuosl.org","amavis at osuosl.org"],"X-Comment":"SPF check N/A for local connections - client-ip=140.211.166.142;\n helo=lists1.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;\n receiver=<UNKNOWN> ","DKIM-Filter":["OpenDKIM Filter v2.11.0 smtp1.osuosl.org 1B0E881276","OpenDKIM Filter v2.11.0 smtp4.osuosl.org A521C40C92"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=buildroot.org;\n\ts=default; t=1775825818;\n\tbh=U0nYFhAxI/u+PAnH4+vUky5fFlgAyGppifLjQN2DtYY=;\n\th=From:To:Cc:Date:Subject:List-Id:List-Unsubscribe:List-Archive:\n\t List-Post:List-Help:List-Subscribe:From;\n\tb=LPuWWdWUpu7Ac8f8oCcdIz60tCTQBgmbRleNCsQ1FAj5FhuWYizcPPi7fjCIvrBSt\n\t qiOUpzfOeyTlJdpDXWdU6M5sk6z3DsOgshj0Z8H5jeYmFs/7ddJaJUhzNe2ezCRYb7\n\t 7ob3EkNTjltMb5p6EphLCwdXSoKKq4hagx7JZjn2ceGx047TRQyRi3mbDuVypipf03\n\t jRZZ/3TglgDXO5wh+NK36rMpc8+L0ffL0K97EDTKtzZ+R6Rym6Z0hjWFF1ibEIeGhJ\n\t k+vxj7vWM9Kwjme78kutQcs6lTvJl07DISM5WO0n+ayI+ms+dWs2ANhztrYdTbJi5r\n\t QuG+mZ6OsmjXg==","Received-SPF":"Pass (mailfrom) identity=mailfrom; client-ip=62.149.155.132;\n helo=smtpdh18-1.aruba.it;\n envelope-from=giulio.benetti@benettiengineering.com;\n receiver=<UNKNOWN>","DMARC-Filter":"OpenDMARC Filter v1.4.2 smtp4.osuosl.org A521C40C92","From":"Giulio Benetti <giulio.benetti@benettiengineering.com>","To":"buildroot@buildroot.org","Cc":"Giulio Benetti <giulio.benetti@benettiengineering.com>","Date":"Fri, 10 Apr 2026 14:56:48 +0200","Message-ID":"<20260410125648.2980692-1-giulio.benetti@benettiengineering.com>","X-Mailer":"git-send-email 2.47.3","MIME-Version":"1.0","X-CMAE-Envelope":"\n MS4xfJF6P4HLNytQyq/pomgHlyFdqILdoev4zmbP7Qn7iSY4DuzQhNdBLC6U5w1EoEscnB4Yti4My3/fymZh66EeOFyqYD0kIQvtrnp9f3bPZQDfoVZhi4t1\n x+Xa+w64YdTqZ679nmc2beuK/Gyv4v0pczajB/NSn1JlIqlJiZUWL7dopZvO45xTm3gdR0+Ld9xKo5gWt+7hF2bv5V8pIiQnhVasa6X6hvyIgZarnHrKoLHp\n F9Dg2g3m/TC8sG11xt7lTiLvn6BtccUbyhsCbljgrjQ=","X-Mailman-Original-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple;\n d=aruba.it; s=a1;\n t=1775825809; bh=uMy4FIp2VDRRaOJFdzapY3SCy4KPk9ga/f8fz/iYQ40=;\n h=From:To:Subject:Date:MIME-Version;\n b=OCGn3/3my/V+zmdRDU4nS+R40F9i8o0wVJwqVr2sjCOWmj8Gap3A9e5dGYPUWm4X5\n waUAXj212T/ZHgxMigiN1uVGgFzvxKV1Mqw1Z//+ifOcQf+/jnPpPMpQaBHUAl+mKQ\n B3tiX8MrTaXYENCs7tvmwaW0hmxwWv/NsR+kv5e9XQZ+9PntNDeSDzzkpnwpZ+qdbX\n oAs3MPSQJqZ9mntEyiu6zxZ7Uz34QIptSfv0ecKhkQt96Xn1BrSUblX/utGL5q24fV\n obf0lSnkD+brh4G5t8GMVykPjY/mYSuHjqEr5Obco7XwRNgDKB4vn9fZjrDn9yA/nz\n kC/y9aEiG035w==","X-Mailman-Original-Authentication-Results":["smtp4.osuosl.org;\n dmarc=pass (p=none dis=none)\n header.from=benettiengineering.com","smtp4.osuosl.org;\n dkim=pass (2048-bit key,\n unprotected) header.d=aruba.it header.i=@aruba.it header.a=rsa-sha256\n header.s=a1 header.b=OCGn3/3m"],"Subject":"[Buildroot] [PATCH] package/wireshark: security bump to v4.4.14","X-BeenThere":"buildroot@buildroot.org","X-Mailman-Version":"2.1.30","Precedence":"list","List-Id":"Discussion and development of buildroot <buildroot.buildroot.org>","List-Unsubscribe":"<https://lists.buildroot.org/mailman/options/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=unsubscribe>","List-Archive":"<http://lists.buildroot.org/pipermail/buildroot/>","List-Post":"<mailto:buildroot@buildroot.org>","List-Help":"<mailto:buildroot-request@buildroot.org?subject=help>","List-Subscribe":"<https://lists.buildroot.org/mailman/listinfo/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=subscribe>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"buildroot-bounces@buildroot.org","Sender":"\"buildroot\" <buildroot-bounces@buildroot.org>"},"content":"For more information on the version bump, see:\n  - https://www.wireshark.org/docs/relnotes/wireshark-4.4.14.html\n\nFixes the following vulnerabilities:\n\n- CVE-2026-3201:\n    USB HID dissector memory exhaustion in Wireshark 4.4.0 to 4.4.13 and 4.6.0 to\n    4.6.3 allows denial of service\n\n    https://www.cve.org/CVERecord?id=CVE-2026-3201\n\n- CVE-2026-3203:\n    RF4CE Profile dissector crash in Wireshark 4.4.0 to 4.4.13 and 4.6.0 to\n    4.6.3 allows denial of service\n\n    https://www.cve.org/CVERecord?id=CVE-2026-3203\n\nSigned-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>\n---\n package/wireshark/wireshark.hash | 6 +++---\n package/wireshark/wireshark.mk   | 2 +-\n 2 files changed, 4 insertions(+), 4 deletions(-)","diff":"diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash\nindex 87d5781eed..7572ea8b52 100644\n--- a/package/wireshark/wireshark.hash\n+++ b/package/wireshark/wireshark.hash\n@@ -1,6 +1,6 @@\n-# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.13.txt\n-sha1  2e85bc1231775283d3e1593ce700566e0dc4efb9  wireshark-4.4.13.tar.xz\n-sha256  cdaaf455954b45990651ba334ddcc691ee446fcfb332e78d27b0a8451f22dc0f  wireshark-4.4.13.tar.xz\n+# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.4.14.txt\n+sha1  41536d8ba1fc977d0832b509af6ea65056c6fe1d  wireshark-4.4.14.tar.xz\n+sha256  c9113130bd2b37919fdcf575f710469ce391960baaff31911e3288469e6a8e8d  wireshark-4.4.14.tar.xz\n \n # Locally calculated\n sha256  edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6  COPYING\ndiff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk\nindex 196ac63271..d58fa7a6c5 100644\n--- a/package/wireshark/wireshark.mk\n+++ b/package/wireshark/wireshark.mk\n@@ -4,7 +4,7 @@\n #\n ################################################################################\n \n-WIRESHARK_VERSION = 4.4.13\n+WIRESHARK_VERSION = 4.4.14\n WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz\n WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions\n WIRESHARK_LICENSE = wireshark license\n","prefixes":[]}