Hello community, here is the log from the commit of package wireshark for openSUSE:Factory checked in at 2018-01-16 09:38:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wireshark (Old) and /work/SRC/openSUSE:Factory/.wireshark.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark" Tue Jan 16 09:38:23 2018 rev:132 rq:563936 version:2.4.4 Changes: -------- --- /work/SRC/openSUSE:Factory/wireshark/wireshark.changes 2017-12-06 08:56:13.978159949 +0100 +++ /work/SRC/openSUSE:Factory/.wireshark.new/wireshark.changes 2018-01-16 09:38:58.415229487 +0100 @@ -1,0 +2,14 @@ +Fri Jan 12 19:38:34 UTC 2018 - [email protected] + +- Wireshark 2.4.4: + * fixes for dissector crashes: + + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) + + CVE-2018-5335: WCP dissector could crash (bsc#1075738) + + CVE-2018-5336: Multiple dissector crashes (bsc#1075739) + * No longer enable the Linux kernel BPF JIT compiler via the + net.core.bpf_jit_enable sysctl, as this would make systems + more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753) + * Further bug fixes and updated protocol support as listed in: + https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html + +------------------------------------------------------------------- Old: ---- SIGNATURES-2.4.3.txt wireshark-2.4.3.tar.xz New: ---- SIGNATURES-2.4.4.txt wireshark-2.4.4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wireshark.spec ++++++ --- /var/tmp/diff_new_pack.FxuuYy/_old 2018-01-16 09:39:00.879114158 +0100 +++ /var/tmp/diff_new_pack.FxuuYy/_new 2018-01-16 09:39:00.883113970 +0100 @@ -1,7 +1,7 @@ # # spec file for package wireshark # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ # define libraries %define libutil libwsutil8 -%define libwire libwireshark10 +%define libwire libwireshark9 %define libtap libwiretap7 %define libcodecs libwscodecs1 # disable caps @@ -36,7 +36,7 @@ %bcond_with geoip %endif Name: wireshark -Version: 2.4.3 +Version: 2.4.4 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ AND GPL-3.0+ ++++++ SIGNATURES-2.4.3.txt -> SIGNATURES-2.4.4.txt ++++++ --- /work/SRC/openSUSE:Factory/wireshark/SIGNATURES-2.4.3.txt 2017-12-06 08:56:06.366438584 +0100 +++ /work/SRC/openSUSE:Factory/.wireshark.new/SIGNATURES-2.4.4.txt 2018-01-16 09:38:25.476771276 +0100 @@ -1,40 +1,40 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -wireshark-2.4.3.tar.xz: 28807920 bytes -SHA256(wireshark-2.4.3.tar.xz)=189495996b68940626cb53b31c8902fa1bb5a96b61217cea42734c13925ff12e -RIPEMD160(wireshark-2.4.3.tar.xz)=549b19ff84378536a4d2598ad92ac10db7a76244 -SHA1(wireshark-2.4.3.tar.xz)=1c52b5d03d0dd9fe33c6c225233e89ed6d1d6d28 - -Wireshark-win32-2.4.3.exe: 52674464 bytes -SHA256(Wireshark-win32-2.4.3.exe)=7e5288224c0efc666fd15852e49ed7864e0a70971b5c09181ccfe5f71fd27d6e -RIPEMD160(Wireshark-win32-2.4.3.exe)=b9f488d384716404f25076eaa0dde81705982d5d -SHA1(Wireshark-win32-2.4.3.exe)=8a17cd5eae1e373442b0ed154e56009fdaace790 - -Wireshark-win64-2.4.3.exe: 57888152 bytes -SHA256(Wireshark-win64-2.4.3.exe)=fbe322534581feba53564d99a342f8a75aaa178af8efbaa9fe9e9298233af41d -RIPEMD160(Wireshark-win64-2.4.3.exe)=41fffe5f4f686921d5911365913fd3871f5e1d4d -SHA1(Wireshark-win64-2.4.3.exe)=07f593d04185d79232dc839f8e8df65e46420098 - -Wireshark-win32-2.4.3.msi: 41930752 bytes -SHA256(Wireshark-win32-2.4.3.msi)=13114b733a2c2cdc1e6976d974bb89b6ab5bcaaf0eaac114e66e83e2a12bec78 -RIPEMD160(Wireshark-win32-2.4.3.msi)=866fd277727fab8aa0a56870491ae5e9c1c64f99 -SHA1(Wireshark-win32-2.4.3.msi)=b3ab06e999a3e8c81ec677287a46e1a0d044b35e - -Wireshark-win64-2.4.3.msi: 47005696 bytes -SHA256(Wireshark-win64-2.4.3.msi)=a5aa656e7c6a894635e669d1927d2b71307f7f3b2069ba8c5d7a21048ded19d3 -RIPEMD160(Wireshark-win64-2.4.3.msi)=a9b8d4b073ffbdfe72276cf41be0f39d68be9687 -SHA1(Wireshark-win64-2.4.3.msi)=e41d08ef2cebdc19833abd0b3cee9788f82c5e6b - -WiresharkPortable_2.4.3.paf.exe: 45325376 bytes -SHA256(WiresharkPortable_2.4.3.paf.exe)=50530cb69572b7891c05f1830c72f831336fd96c550ba5b8202da2b907e68f57 -RIPEMD160(WiresharkPortable_2.4.3.paf.exe)=57db4ebb9ba6aac54322545d0b4ecf99d1bee3b1 -SHA1(WiresharkPortable_2.4.3.paf.exe)=7bb2fbd347485b7e2a974dfa2814f84f8addd833 - -Wireshark 2.4.3 Intel 64.dmg: 35234122 bytes -SHA256(Wireshark 2.4.3 Intel 64.dmg)=61f500c923b729be56b4bf453c2fca865cd921b8cc153da8a79d45a3f932bdd3 -RIPEMD160(Wireshark 2.4.3 Intel 64.dmg)=e90cc219073785384f6137fbd74e86972fe1e30e -SHA1(Wireshark 2.4.3 Intel 64.dmg)=711b9a11cced0e4d7b9284598c012217e3555f2d +wireshark-2.4.4.tar.xz: 28818372 bytes +SHA256(wireshark-2.4.4.tar.xz)=049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58 +RIPEMD160(wireshark-2.4.4.tar.xz)=ee062bc380db3efce21640774bf6cb5c327b8b27 +SHA1(wireshark-2.4.4.tar.xz)=cefc8e6666ee2f73d7f96f2708d582c57abb486f + +Wireshark-win32-2.4.4.exe: 52697912 bytes +SHA256(Wireshark-win32-2.4.4.exe)=1f93c1df271aeaa60161d67abd9e17f48f07f1a7cfc84c3c09076be23b2a845e +RIPEMD160(Wireshark-win32-2.4.4.exe)=93ce703dc83c6cc0c23ade12a59bcbaa6088b8ba +SHA1(Wireshark-win32-2.4.4.exe)=1d14fb39f382909587ac9ce65477f1702570cb3a + +Wireshark-win64-2.4.4.exe: 57913704 bytes +SHA256(Wireshark-win64-2.4.4.exe)=f532b664921a317c151ef0fb2b4e7badcdb9ecd5a969d38bd54568a6a0a18c68 +RIPEMD160(Wireshark-win64-2.4.4.exe)=137f4225a15183bacc9c4c51522a99b624095c39 +SHA1(Wireshark-win64-2.4.4.exe)=e7890e6445118a9238cab51cf89407c6fdd2235d + +Wireshark-win64-2.4.4.msi: 47095808 bytes +SHA256(Wireshark-win64-2.4.4.msi)=38293816156d0aa51302e09fa2901a24913eb8e1b8cebee9bb90b318d85343f5 +RIPEMD160(Wireshark-win64-2.4.4.msi)=5b50bc5d30dad6f5e9eac8539da57c373f5c291d +SHA1(Wireshark-win64-2.4.4.msi)=70c0be5ff3d5d61428e7b07885a979d12e82ea6b + +Wireshark-win32-2.4.4.msi: 41943040 bytes +SHA256(Wireshark-win32-2.4.4.msi)=0407314ae45c391ca6cccddf428b8f452e6dbbfee13143d4cb178f643e8a5a8b +RIPEMD160(Wireshark-win32-2.4.4.msi)=22b168509f5bf9e8df2013aed781686ad89959b8 +SHA1(Wireshark-win32-2.4.4.msi)=003c2d7c3670b19b4397fc9855683e65ea12ea56 + +WiresharkPortable_2.4.4.paf.exe: 45378496 bytes +SHA256(WiresharkPortable_2.4.4.paf.exe)=4c6c0481ed216e797351fc38ba63754e37ac4cb2686595204f9be00d3b5dd4bb +RIPEMD160(WiresharkPortable_2.4.4.paf.exe)=773aa2c4fc2cd4126fd3da06da3066c27e45cd79 +SHA1(WiresharkPortable_2.4.4.paf.exe)=f484dd8d2bba9ccaefe187c0e50f30c231141bce + +Wireshark 2.4.4 Intel 64.dmg: 35240389 bytes +SHA256(Wireshark 2.4.4 Intel 64.dmg)=eb6d9a304b2697a90f267bd8734926a9fe37939aab8394a550cd4c272dd15e11 +RIPEMD160(Wireshark 2.4.4 Intel 64.dmg)=9cdf3614de288ae38170fae1d540bb3b874f997b +SHA1(Wireshark 2.4.4 Intel 64.dmg)=c1e169fbf3797a082b638cd8415d20f63d476131 You can validate these hashes using the following commands (among others): @@ -44,17 +44,17 @@ Other: openssl sha256 wireshark-x.y.z.tar.xz -----BEGIN PGP SIGNATURE----- -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlog0R4ACgkQgiRKeOb+ -ruqtHA/7B/+EgBKG6HFGqz9I2E25adozILjnsOrnFaqnh1j7c5gaLhstsw9LY2Xz -rogCUA9i5BGT0RqEvGBtxFWZPBKcSkKmfOhW/VZoxePvnilL6pyqPzGB/rww8MTw -oh1U63A9n6gmgxJMfFGkVg5dyufaOKVywJ/DPAkLmIQR7lZfxCvHddlKx/10hq6k -YbAaupqo/ZA8I05SV2Ovrj8LAeqxwv9C7vrHmp2lBTslTPxCO6+byBgKaw8zuAO/ -6yjrplQy6fji+lcOKrNVhELo5D9L9vlPRx0Drvpktb4jd+lt+Rz2oLrIa5auOrlD -SzKH05HdSkzjdStHlzOwRy2mCOusY0EIGZ6eFQRZz4w+KRWWIlU87SXifuzczMwt -gnJRWT2owFrmeN1ihqK8iiH+4/zcWDxElNWw3L0INKmWXaWchRkJ1M7TP86Sr60F -s15RhkkljFEFHBo8DHDs2XJ81N0eDskHliZzjV87wbMEDp3mXAiyOKjyiFflOH9e -DsSxsnt+PfthkmwsFnF8kVEeylKMeihrNMTQHMJ6o1srwowRZa0mP6Pl/TrdyGZr -+6ER/kxkltmZjZBwOCszMZxZdNoyteANwZzGu/y/I1IpRGVI6WGxYIhLRiOJTljZ -90N+3nRv9Qff6CJvn9peAZS7/Rz2dldRiggHu2NFozCQExAlG3k= -=yV+r +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlpXv64ACgkQgiRKeOb+ +ruqbgxAA3QnAr+1jKvBZUCApOSPxe/Hfz3MUoVBdnhj/bCDyAjACRLfRf91ODXPL +KGIt6d33W9N/FyK4M+6woYNHNdBiRW1UUuCsby1Z/0vdZ/LAtwJz6IeqNFS+g3Co +jVMVYBGLivSfwi0ZJWEiP1VILe2vKlUmAfgU5CTgtHrAHMTtrdvZIuzjnMLPNNqZ +1CYA7130Rda2pRWXbZWtgNf10VyRorpcMJ1y6ADZzm66GOJUQ585k0JCYgmLARPJ +1gy/VROrISMkVXETJnw6mR5pnSoqSoUrzz7QJoaDBDHXQugWhdLBDjKAcYTxQDZK +jcpDzPzXVeMF2l6LG+B0zDNzfPhAZHA5E9RRNew1Gth+bhC5UYV4+KW59Ovu3i/e +PfYWjUUmctzsOmibk3icf1PY5b6VqBNC9LMfnhmn/wg/uFDRwBWVe8pyvZCl7TVy +W+Y/YF6buB1L2aacKMmCyM8Gxptd+Tp3gnYrEInUVof+SsLulLrEM83dBEjvT3zr +Bxuv/47ZLSFmKv51/jj/3zNQ7NX3IYJbLTwWdGUsQE8ue2VBKE7mgLmvbtaRpAEh +5z18cPVMzdba7ufYGVt4ZuXR4sWrWBjVsaXWyjhGZxVygR/l0feVm8kcCufVJb4C +jNsdTLruH0Z6P9AuVPFf/ebgbARBytPfQI1zSBwM2NyCDKAwMno= +=uhIZ -----END PGP SIGNATURE----- ++++++ wireshark-2.4.3.tar.xz -> wireshark-2.4.4.tar.xz ++++++ /work/SRC/openSUSE:Factory/wireshark/wireshark-2.4.3.tar.xz /work/SRC/openSUSE:Factory/.wireshark.new/wireshark-2.4.4.tar.xz differ: char 27, line 1
