Hello community, here is the log from the commit of package wireshark for openSUSE:Factory checked in at 2018-07-23 17:57:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wireshark (Old) and /work/SRC/openSUSE:Factory/.wireshark.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark" Mon Jul 23 17:57:04 2018 rev:137 rq:624233 version:2.6.2 Changes: -------- --- /work/SRC/openSUSE:Factory/wireshark/wireshark.changes 2018-05-25 21:35:15.796423212 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new/wireshark.changes 2018-07-23 17:57:08.905218992 +0200 @@ -1,0 +2,18 @@ +Fri Jul 20 09:32:42 UTC 2018 - astie...@suse.com + +- update to 2.6.2: + * CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, boo#1101777) + * CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, boo#1101788) + * CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, boo#1101804) + * CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, boo#11101786) + * CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, boo#11101810) + * CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, boo#11101776) + * CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, boo#11101794) + * CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, boo#11101800) + * CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, boo#11101791) + * CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, boo#1101802) +- Further bug fixes and updated protocol support as listed in: + https://www.wireshark.org/docs/relnotes/wireshark-2.6.2.html +- drop wireshark-2.6.1-fix-Qt-5.11.patch, upstream + +------------------------------------------------------------------- Old: ---- SIGNATURES-2.6.1.txt wireshark-2.6.1-fix-Qt-5.11.patch wireshark-2.6.1.tar.xz New: ---- SIGNATURES-2.6.2.txt wireshark-2.6.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wireshark.spec ++++++ --- /var/tmp/diff_new_pack.eG2mVn/_old 2018-07-23 17:57:10.249217312 +0200 +++ /var/tmp/diff_new_pack.eG2mVn/_new 2018-07-23 17:57:10.253217307 +0200 @@ -18,9 +18,9 @@ # define libraries %define libutil libwsutil9 -%define libwire libwireshark11 +%define libwire libwireshark10 %define libtap libwiretap8 -%define libcodecs libwscodecs0 +%define libcodecs libwscodecs2 # Enable new Qt gui on new releases and build old GTK2 gui on old releases %if 0%{?suse_version} > 1140 %bcond_without gnutls @@ -37,17 +37,16 @@ %bcond_with lz4 %endif Name: wireshark -Version: 2.6.1 +Version: 2.6.2 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0-or-later AND GPL-3.0-or-later Group: Productivity/Networking/Diagnostic -Url: https://www.wireshark.org/ +URL: https://www.wireshark.org/ Source: https://www.wireshark.org/download/src/%{name}-%{version}.tar.xz Source2: https://www.wireshark.org/download/SIGNATURES-%{version}.txt Source3: https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshark.keyring Patch4: wireshark-1.10.0-enable_lua.patch -Patch5: wireshark-2.6.1-fix-Qt-5.11.patch BuildRequires: bison BuildRequires: flex BuildRequires: glib2-devel @@ -195,7 +194,6 @@ %setup -q %patch4 -p1 -%patch5 -p1 sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark*.desktop %build ++++++ SIGNATURES-2.6.1.txt -> SIGNATURES-2.6.2.txt ++++++ --- /work/SRC/openSUSE:Factory/wireshark/SIGNATURES-2.6.1.txt 2018-05-25 21:35:14.308477063 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new/SIGNATURES-2.6.2.txt 2018-07-23 17:57:07.333220957 +0200 @@ -1,40 +1,40 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -wireshark-2.6.1.tar.xz: 28386244 bytes -SHA256(wireshark-2.6.1.tar.xz)=ab6e5bbc3464c956347b8671ce8397950ad5daff3bf9964c967d495f4ddbcd88 -RIPEMD160(wireshark-2.6.1.tar.xz)=a7f187de0c44b801b51e8b72df41681bbc1835f8 -SHA1(wireshark-2.6.1.tar.xz)=a0cf45d99ab9a42e087af150cbdec08650b9977a - -Wireshark-win64-2.6.1.exe: 59945592 bytes -SHA256(Wireshark-win64-2.6.1.exe)=7fea0e6edf6e6a10d277a354fc9982c6d15c2f2aa05ec13c714e077b8c8760a9 -RIPEMD160(Wireshark-win64-2.6.1.exe)=8dd17fbbd6a149aa17a264bd32c5cc39e6d5211c -SHA1(Wireshark-win64-2.6.1.exe)=af58ff12b234d4c811eb2828a174a10780d23817 - -Wireshark-win32-2.6.1.exe: 54228352 bytes -SHA256(Wireshark-win32-2.6.1.exe)=f1e2a07e696338217671b58076073ad3a8ae165ece7fcb71866b6dcc750e1bf8 -RIPEMD160(Wireshark-win32-2.6.1.exe)=9c389d37d93cc70d04c73b0a537766b0c163108b -SHA1(Wireshark-win32-2.6.1.exe)=ca6030711d0d1cec2c93c7daace448f7f70ed6f4 - -Wireshark-win32-2.6.1.msi: 43700224 bytes -SHA256(Wireshark-win32-2.6.1.msi)=fe77af67c5816899b42decde78e6561aa6f03c5ad8adf7dc58225864afae2a09 -RIPEMD160(Wireshark-win32-2.6.1.msi)=9e460ca8927220f31280376663a9093ecb3cd5e6 -SHA1(Wireshark-win32-2.6.1.msi)=ac0271ec30a8548ac1207689f81443bb6262037f - -Wireshark-win64-2.6.1.msi: 49356800 bytes -SHA256(Wireshark-win64-2.6.1.msi)=1796964f494a869719bb47075f9bc16d505d6f67b6f423df865ab5191b6b0c02 -RIPEMD160(Wireshark-win64-2.6.1.msi)=2d45528c02e56078b00f3a36c61ce3e02832b98d -SHA1(Wireshark-win64-2.6.1.msi)=27d5e6075d1b9c5ae680df622bcd77da0cb33048 - -WiresharkPortable_2.6.1.paf.exe: 37458264 bytes -SHA256(WiresharkPortable_2.6.1.paf.exe)=b2bc490dd42aae080543728d9787bff650996e965f6cac0d700fa3ac79bf9981 -RIPEMD160(WiresharkPortable_2.6.1.paf.exe)=ebec0ef8612cead98f37898f0a16e8f2de451b4a -SHA1(WiresharkPortable_2.6.1.paf.exe)=7350f3f51eae5a2be9b6d4566ad8e42d16cb0968 - -Wireshark 2.6.1 Intel 64.dmg: 168940751 bytes -SHA256(Wireshark 2.6.1 Intel 64.dmg)=bf5f9a0e810a7cfb360ea69b1b587126432adffe5fa65db902fa761842b55a6a -RIPEMD160(Wireshark 2.6.1 Intel 64.dmg)=540f43bf5d541e7441db61a565d0504a5615ef3c -SHA1(Wireshark 2.6.1 Intel 64.dmg)=56025bb522b9cd35c82c05901227301a4de40acb +wireshark-2.6.2.tar.xz: 28392140 bytes +SHA256(wireshark-2.6.2.tar.xz)=49b2895ee3ba17ef9ef0aebfdc4d32a778e0f36ccadde184516557d5f3357094 +RIPEMD160(wireshark-2.6.2.tar.xz)=e9b782d49d9a063ba556320e9f2c08dea079967d +SHA1(wireshark-2.6.2.tar.xz)=52517c30926211b0b718815b51a3f06a18d8f5da + +Wireshark-win64-2.6.2.exe: 59963968 bytes +SHA256(Wireshark-win64-2.6.2.exe)=88aa2ca018090fc73ffb273aa1ba9f690ec06deb77d1ec7ff9b39fe646ca2877 +RIPEMD160(Wireshark-win64-2.6.2.exe)=3b947ada3e64bfb1c1b16a470926d94ed9db391b +SHA1(Wireshark-win64-2.6.2.exe)=90217eb0ed020a53a9ae80682c0881d347d11b4a + +Wireshark-win32-2.6.2.exe: 54249888 bytes +SHA256(Wireshark-win32-2.6.2.exe)=3d886e435570b7326f53d00996040ef65b9e2a5bffe48645ce29ea5a23930801 +RIPEMD160(Wireshark-win32-2.6.2.exe)=c2c5afa101559976439f36401ea1cc4564fa624e +SHA1(Wireshark-win32-2.6.2.exe)=eb7c50e80d6e7ec834599c1facfd6a3fd66aebf8 + +Wireshark-win32-2.6.2.msi: 43728896 bytes +SHA256(Wireshark-win32-2.6.2.msi)=99d5d94345a20e177736533840ff59859a76e864247a8146a73fca227f004043 +RIPEMD160(Wireshark-win32-2.6.2.msi)=7f21412e4d335f6e797356b968fbef14afb03b8c +SHA1(Wireshark-win32-2.6.2.msi)=05f1f9c4b9bed8c4447e5e31f907c578f52cf067 + +Wireshark-win64-2.6.2.msi: 49364992 bytes +SHA256(Wireshark-win64-2.6.2.msi)=381076d09c757038072f761f7eee9d5aa45fa8423b771ba34ddbd8b56f2c429c +RIPEMD160(Wireshark-win64-2.6.2.msi)=a080eec0f8bd089f493d0c76837d7fe03c1fa0dd +SHA1(Wireshark-win64-2.6.2.msi)=2c6b5bf555729d1e5ee3a1dda8d2b14d3bb01759 + +WiresharkPortable_2.6.2.paf.exe: 37482552 bytes +SHA256(WiresharkPortable_2.6.2.paf.exe)=d36727bdb8cc3a72bfb80084d3c634c3bfa4661f4de68d644b43ef5d41c52b69 +RIPEMD160(WiresharkPortable_2.6.2.paf.exe)=a98756bf5a67e47e1ca9ecd8836f2e6913a56f27 +SHA1(WiresharkPortable_2.6.2.paf.exe)=dd11e62f34212be77abee9d2227a2fd3b613b0a5 + +Wireshark 2.6.2 Intel 64.dmg: 169012317 bytes +SHA256(Wireshark 2.6.2 Intel 64.dmg)=ef54b04a73df4069e29e77bc1940f3b767ee498c4e28f739eabda78ef71ab4a9 +RIPEMD160(Wireshark 2.6.2 Intel 64.dmg)=f93d2cc4057337ca76d1aa435b0039a60927bebb +SHA1(Wireshark 2.6.2 Intel 64.dmg)=3a46de720848b286e7c115c75c7b00bcd08155aa You can validate these hashes using the following commands (among others): @@ -44,17 +44,17 @@ Other: openssl sha256 wireshark-x.y.z.tar.xz -----BEGIN PGP SIGNATURE----- -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlsEbwsACgkQgiRKeOb+ -ruq2rRAAzStj1b2s+7FKvsRkTCuGjh5mniVMI5u9jKEey/X1FxMCS/MkzYQgijbb -iWwDRL6P56laMlwHbFsCq0YtUcfXDaXqxhF4Ow/Y9kclxSpLcllR5VfW3iu/kJay -8woI+J5FsOgpLfida5srVH8q2VIPySK7bbs5vTQ/l7VXtnRz1lc9vyNndDW/5ogU -6I8SZUaZUAr1Aw2MeTBvEHVDneLrgLTkU8T2/+LemXk3ey3PKLycSF1blEFhY1VQ -nQQ3XqxHTZPRuUGvC+grKFkB7bQJnlCrj8JGB0YFAqXHsv1W6O5iIJQpD+Yuo6Xg -1b3Mxc3YzNRAB8aTo4478GJB0hYLe5EMlTi72V96fuJKSsQWM3/TuGXSqr/OFJbp -2AR6Y1tr7HHuV0J479kZPPiMR7H2WwoOAAFd2/lQxYqAS4yRItw6K17Wl9qNsVVY -30+BnqkyZyPhrUuN/tQ56FUUAZAFADSCmhqwcyN0B5NUYt+eU5uXZ4Uk1h3Vb5jc -bBpWQD41Jo9N4wlhxaOwGnZcxsim4Kv/iuuCh0N37/tsTVOPSNNkXQe0pYIwBOge -GgSOpc2+fxRu2z1a32H3c9D+Fp3Blw9bcXXAEhnH4vhWkL8QaHze8t6XMY+byOTm -dkXOQr9Ra4ek9gGCLpqZGztneKUuuB2O9kyxi20et4TTliTZjJ8= -=wahv +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAltPqKQACgkQgiRKeOb+ +rurNbg//dw5903/0W2vw1a6u8F9JVvXfctb9/t1IOD2yT2omPXFTfqEkcwcY5c8W +FoSsflHM6g4rf8jqpqyipSPb6lYRJjm1fZGDzTilVPe+pcAV/HZ2QSdwOgw9FiAs +sV2eZdqPMVqdeLgDGtC4aHHabwsytFNaWtZLVyKr4ojdUfJNIBa40iUrItxXfgxA +GDCnVpdapuygk4rMeDpi3qZtvEKmgZ9Yj5aseX+wBYIT21EShP/gHSKNSA8x3gGz +xnpvOrz2qyJmWB6sBmIQndEXrYdazKr14Fzhmc2ajFMOJLwTGIZg5wl+UDnmPikW +6R1gRzSwkjEtgTKlZ9Gcel8eg6fNjW9HC9d4VjZzG4N693YrYwlpu0FIvaK+QGxE +yEJKPJnlaCi37Q6GBiKIpC5NUkTnt38Gb5DJ4/N3tk4P2LGlSyyMxLc5U096Zd8V +KCE/OVUuZs/4NsgIYaTYWDyTeNjjN2ZXnyx0N3x8yzWHcB6gYVPJc2lKouZe9XqZ +9Gz1Fr0/LEbx+r0iFOEm9pX/W8a5pzZnMn5YYUeTue61ZZp/yBOf7oTqjCVvSPHU +rZhsHMLcZnBNFoYKr03dcvukgSNsndTJPXvAEIX9FVmQUcQAEsdXRFO/csihG7l/ +7KWgNjReI7eoWkBUH8sx7J+4wZVy9leWjHTtkZKTeOo6OO1vJx4= +=OiJq -----END PGP SIGNATURE----- ++++++ wireshark-2.6.1.tar.xz -> wireshark-2.6.2.tar.xz ++++++ /work/SRC/openSUSE:Factory/wireshark/wireshark-2.6.1.tar.xz /work/SRC/openSUSE:Factory/.wireshark.new/wireshark-2.6.2.tar.xz differ: char 25, line 1