| Message ID | 20230319192526.915856-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/wireshark: security bump to version 4.0.4 | expand |
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > Fix CVE-2023-1161: ISO 15765 and ISO 10681 dissector crash in Wireshark > 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet > injection or crafted capture file > https://www.wireshark.org/security/wnpa-sec-2023-08.html > https://www.wireshark.org/news/20230302.html > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed, thanks.
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > Fix CVE-2023-1161: ISO 15765 and ISO 10681 dissector crash in Wireshark > 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet > injection or crafted capture file > https://www.wireshark.org/security/wnpa-sec-2023-08.html > https://www.wireshark.org/news/20230302.html > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed to 2023.02.x, thanks.
diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash index 7128b560ae..d89caa5de8 100644 --- a/package/wireshark/wireshark.hash +++ b/package/wireshark/wireshark.hash @@ -1,6 +1,6 @@ -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.3.txt -sha1 243b0057cfe6d447662e81b5646110aaf8b63c81 wireshark-4.0.3.tar.xz -sha256 6c51e15bcc0afb93734e686dbff354ffd159f570bd2904bcbbad6f3feb7e9511 wireshark-4.0.3.tar.xz +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.4.txt +sha1 ae3c28d6966c420ee3a8d058ea212a1b6adab50f wireshark-4.0.4.tar.xz +sha256 a4a09f6564f00639036ffe5064ac4dc2176adfa3e484c539c9c73f835436e74b wireshark-4.0.4.tar.xz # Locally calculated sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk index 12c36575df..f5a8e1f070 100644 --- a/package/wireshark/wireshark.mk +++ b/package/wireshark/wireshark.mk @@ -4,7 +4,7 @@ # ################################################################################ -WIRESHARK_VERSION = 4.0.3 +WIRESHARK_VERSION = 4.0.4 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions WIRESHARK_LICENSE = wireshark license
Fix CVE-2023-1161: ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file https://www.wireshark.org/security/wnpa-sec-2023-08.html https://www.wireshark.org/news/20230302.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- package/wireshark/wireshark.hash | 6 +++--- package/wireshark/wireshark.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-)