From patchwork Mon Nov  6 20:53:21 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Andr=C3=A9_Zwing?= <nerv@dawncrow.de>
X-Patchwork-Id: 834922
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.137; helo=fraxinus.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=dawncrow.de header.i=@dawncrow.de
	header.b="c3RB+R/b"; dkim-atps=neutral
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3yW4XZ4DRtz9s72
	for <incoming@patchwork.ozlabs.org>;
	Tue,  7 Nov 2017 07:53:34 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 02883885D7;
	Mon,  6 Nov 2017 20:53:32 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id k5H8Dk41snPb; Mon,  6 Nov 2017 20:53:31 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 269268857F;
	Mon,  6 Nov 2017 20:53:31 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
	by ash.osuosl.org (Postfix) with ESMTP id 1E93F1BFEBD
	for <buildroot@lists.busybox.net>;
	Mon,  6 Nov 2017 20:53:30 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 16EBE8857F
	for <buildroot@lists.busybox.net>;
	Mon,  6 Nov 2017 20:53:30 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id D5kTrV7CvDJ1 for <buildroot@lists.busybox.net>;
	Mon,  6 Nov 2017 20:53:28 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mo4-p00-ob.smtp.rzone.de (mo4-p00-ob.smtp.rzone.de
	[81.169.146.220])
	by fraxinus.osuosl.org (Postfix) with ESMTPS id CE18488346
	for <buildroot@buildroot.org>; Mon,  6 Nov 2017 20:53:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1510001605;
	s=domk; d=dawncrow.de;
	h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:Subject:To:
	From; bh=sL/YJQAb1OjOmYlQqdy0sSAIhoubrtoh6jkwhVgSZYc=;
	b=c3RB+R/buPRwnwLuH0uGt7D4J/kk8bYUR5g5iWnUyxWTzDM41AbaLM360fioeQK9M3
	Czx4xC5cgP4+s8kMxr2VpfK+wJg41rsA/5cSIVvH387zaqymFGJ+OtQSmIi8C+oDXTiw
	FXCP5i8/oC0bnSmM1JXBB9WMuoD+aMSavAg50=
X-RZG-AUTH: 
 :ImkWY2CseuihIZy6ZWWciR6unPhpN+aXzZmAjYK0yNZLTB/MvFIxHCMtY9Cz0MN6dAjZYg==
X-RZG-CLASS-ID: mo00
Received: from tesla.fritz.box ([93.113.209.81])
	by smtp.strato.de (RZmta 42.8 AUTH) with ESMTPSA id x07bcatA6KrPkSX
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (curve secp521r1 with
	521 ECDH
	bits, eq. 15360 bits RSA)) (Client did not present a certificate)
	for <buildroot@buildroot.org>; Mon, 6 Nov 2017 21:53:25 +0100 (CET)
From: =?utf-8?q?Andr=C3=A9_Hentschel?= <nerv@dawncrow.de>
To: buildroot@buildroot.org
Date: Mon,  6 Nov 2017 21:53:21 +0100
Message-Id: <1510001601-29419-1-git-send-email-nerv@dawncrow.de>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] wireshark: bump version to 2.2.10 (security)
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Security fixes since 2.2.7:

- wnpa-sec-2017-22
  Bazaar dissector infinite loop (Bug 13599) CVE-2017-9352
- wnpa-sec-2017-23
  DOF dissector read overflow (Bug 13608) CVE-2017-9348
- wnpa-sec-2017-24
  DHCP dissector read overflow (Bug 13609, Bug 13628) CVE-2017-9351
- wnpa-sec-2017-25
  SoulSeek dissector infinite loop (Bug 13631) CVE-2017-9346
- wnpa-sec-2017-26
  DNS dissector infinite loop (Bug 13633) CVE-2017-9345
- wnpa-sec-2017-27
  DICOM dissector infinite loop (Bug 13685) CVE-2017-9349
- wnpa-sec-2017-28
  openSAFETY dissector memory exhaustion (Bug 13649) CVE-2017-9350
- wnpa-sec-2017-29
  BT L2CAP dissector divide by zero (Bug 13701) CVE-2017-9344
- wnpa-sec-2017-30
  MSNIP dissector crash (Bug 13725) CVE-2017-9343
- wnpa-sec-2017-31
  ROS dissector crash (Bug 13637) CVE-2017-9347
- wnpa-sec-2017-32
  RGMP dissector crash (Bug 13646) CVE-2017-9354
- wnpa-sec-2017-33
  IPv6 dissector crash (Bug 13675) CVE-2017-9353
- wnpa-sec-2017-13
  WBMXL dissector infinite loop (Bug 13477, Bug 13796) CVE-2017-7702, CVE-2017-11410
  Note: This is an update for a fix in Wireshark 2.2.6 and 2.0.12.
- wnpa-sec-2017-28
  openSAFETY dissector memory exhaustion (Bug 13649, Bug 13755) CVE-2017-9350, CVE-2017-11411
  Note: This is an update for a fix in Wireshark 2.2.7.
- wnpa-sec-2017-34
  AMQP dissector crash. (Bug 13780) CVE-2017-11408
- wnpa-sec-2017-35
  MQ dissector crash. (Bug 13792) CVE-2017-11407
- wnpa-sec-2017-36
  DOCSIS infinite loop. (Bug 13797) CVE-2017-11406
- wnpa-sec-2017-38
  MSDP dissector infinite loop (Bug 13933)
- wnpa-sec-2017-39
  Profinet I/O buffer overrun (Bug 13847)
- wnpa-sec-2017-41
  IrCOMM dissector buffer overrun (Bug 13929)

Full release notes:

  https://www.wireshark.org/docs/relnotes/wireshark-2.2.10.html

Signed-off-by: André Hentschel <nerv@dawncrow.de>
---
 package/wireshark/wireshark.hash | 4 ++--
 package/wireshark/wireshark.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash
index c61c520..3494f2e 100644
--- a/package/wireshark/wireshark.hash
+++ b/package/wireshark/wireshark.hash
@@ -1,2 +1,2 @@
-# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.7.txt
-sha256 689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5  wireshark-2.2.7.tar.bz2
+# From: https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.2.10.txt
+sha256 8574a5e1fdec7affae640924bd46c1aed1bd866e02632fa5625e1450e4a50707  wireshark-2.2.10.tar.bz2
diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk
index 58292f7..34ee563 100644
--- a/package/wireshark/wireshark.mk
+++ b/package/wireshark/wireshark.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-WIRESHARK_VERSION = 2.2.7
+WIRESHARK_VERSION = 2.2.10
 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.bz2
 WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
 WIRESHARK_LICENSE = wireshark license