From patchwork Mon Mar 2 10:34:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Titouan Christophe X-Patchwork-Id: 1247564 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=railnova.eu Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=railnova-eu.20150623.gappssmtp.com header.i=@railnova-eu.20150623.gappssmtp.com header.a=rsa-sha256 header.s=20150623 header.b=ZO74uGUP; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48WGjN1tPbz9sSX for ; Mon, 2 Mar 2020 21:34:31 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 3684185F37; Mon, 2 Mar 2020 10:34:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nvJnLCWN3YWC; Mon, 2 Mar 2020 10:34:28 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 7E41485D4B; Mon, 2 Mar 2020 10:34:28 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 6E9C61BF282 for ; Mon, 2 Mar 2020 10:34:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 6B81E85D4B for ; Mon, 2 Mar 2020 10:34:26 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jJjQte2Q+7Si for ; Mon, 2 Mar 2020 10:34:25 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f65.google.com (mail-wr1-f65.google.com [209.85.221.65]) by whitealder.osuosl.org (Postfix) with ESMTPS id E9FF785692 for ; Mon, 2 Mar 2020 10:34:24 +0000 (UTC) Received: by mail-wr1-f65.google.com with SMTP id j16so11906316wrt.3 for ; Mon, 02 Mar 2020 02:34:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=railnova-eu.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=IG3cogOe6b1hrLpkW5t/gJGTLKwo9x9+oKGlQ3ODZxw=; b=ZO74uGUPwHGHyKY+u+ZbmYoLitlaVyXEYe4iz84WqHDicZIvYl6/xk7xAqGE4lf8y1 djrhZNOk7pEzMNDjFQ6Viu+3R8QIF3Gbus4vxZ/1c0ZmS1IzmO208ffnQEs6rXX2qftw 19PNVjCBYVwL59Q6H4ANO5s/LBx9wCma3UuY4KRntHwzj6i4Qj+pdG7jv1IDb8IBNBQk X3pomqOf3DDV6VeOGdwT/6Gjys8+jxHCBPf9grdc/elgJfbPWZPcFzkMEyG0I1Ims/mr klnE3+Hf5aTiSSjbOmKqjeYVbGvvzrxTjSXbLkzfU2Pmx78uv9iPKHo+58s1bVJFaaLw NfrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=IG3cogOe6b1hrLpkW5t/gJGTLKwo9x9+oKGlQ3ODZxw=; b=cOJQS6+tlyTcScFtd/3FYwcJVPaONhax6y00KmpxkVYzYB+ci6Gwy4SV5BIJ9uIz5N +cizJbA3PdXyYFZE4St+TmXg1eeF/FHsgGzTzsTO1Iofsyk5fqCtFWuKunjJ/qg4kbdC yyUbW9YArcI/2BE/Negr1SdENzGmzLdLvF2lOTeHgfSemO+1rvDtjl+oqgRy5Uxwu0UO 9Pu62lvnBTPRSiOujIlxE89FgrRn9o0qVefu6wiW1bIY/YbF8aNwSP6L5BQKh8wJN183 Gm7I+X8EgKAJnSzrVs1B5++KlPr2oWWnrZql43LPTEypTa9AJ17cG0uTuhYI4YFoXRz5 Be/Q== X-Gm-Message-State: APjAAAWWskPm6EL1NIza+3yL4CEQLoJbk0wY/5j55D7WHDU4EK8iOfYg k4GQ2rvku9UzmDuXbeDsU7SCHmmuSOlaug== X-Google-Smtp-Source: APXvYqxZ/FdjDWy+pz9rtPzd2faXJeo+BEEBMeDp0E4XogroBwlaKJRuFrLm0sMiPRuYPBLt+hw1KQ== X-Received: by 2002:a5d:526c:: with SMTP id l12mr22905740wrc.117.1583145263080; Mon, 02 Mar 2020 02:34:23 -0800 (PST) Received: from localhost.localdomain ([2a02:a03f:63d3:7700:e713:1b50:1139:aa62]) by smtp.gmail.com with ESMTPSA id a5sm15389616wmb.37.2020.03.02.02.34.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 02 Mar 2020 02:34:22 -0800 (PST) From: Titouan Christophe To: buildroot@buildroot.org Date: Mon, 2 Mar 2020 11:34:17 +0100 Message-Id: <20200302103417.204110-1-titouan.christophe@railnova.eu> X-Mailer: git-send-email 2.24.1 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/1] package/wireshark: security bump to v3.2.2 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Titouan Christophe Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" This fixes the following CVEs: - CVE-2020-9428: In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing. - CVE-2020-9429: In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value. - CVE-2020-9430: In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field. - CVE-2020-9431: In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations. Signed-off-by: Titouan Christophe --- package/wireshark/wireshark.hash | 6 +++--- package/wireshark/wireshark.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash index 65406b3001..8b8261840a 100644 --- a/package/wireshark/wireshark.hash +++ b/package/wireshark/wireshark.hash @@ -1,6 +1,6 @@ -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-3.2.1.txt -sha1 d0b8eb3e01264afb98ec151d7114ed14cf174ced wireshark-3.2.1.tar.xz -sha256 589f640058d6408ebbd695a80ebbd6e7bd99d8db64ecda253d27100dfd27e85b wireshark-3.2.1.tar.xz +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-3.2.2.txt +sha1 9cc54a56e9c2ed77e1bc436d9ae2f7bba68d26f8 wireshark-3.2.2.tar.xz +sha256 5f5923ef4c3fee370ed0ca1bb324f37c246015eba4a7e74ab95d9208feeded79 wireshark-3.2.2.tar.xz # Locally calculated sha256 7cdbed2b697efaa45576a033f1ac0e73cd045644a91c79bbf41d4a7d81dac7bf COPYING diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk index 1e71fe755d..ead6b164ed 100644 --- a/package/wireshark/wireshark.mk +++ b/package/wireshark/wireshark.mk @@ -4,7 +4,7 @@ # ################################################################################ -WIRESHARK_VERSION = 3.2.1 +WIRESHARK_VERSION = 3.2.2 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions WIRESHARK_LICENSE = wireshark license