Hello community, here is the log from the commit of package wireshark for openSUSE:Factory checked in at 2020-07-06 16:15:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wireshark (Old) and /work/SRC/openSUSE:Factory/.wireshark.new.3060 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark" Mon Jul 6 16:15:20 2020 rev:160 rq:818270 version:3.2.5 Changes: -------- --- /work/SRC/openSUSE:Factory/wireshark/wireshark.changes 2020-06-11 10:01:24.398524522 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new.3060/wireshark.changes 2020-07-06 16:17:03.296905915 +0200 @@ -1,0 +2,11 @@ +Wed Jul 1 22:22:24 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de> + +- Wireshark 3.2.5: + * CVE-2020-15466: GVCP dissector infinite loop (boo#1173606) + * Further features, bug fixes and updated protocol support as + listed in: + https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html +- make verification of package source signatures compatible with + source_validator + +------------------------------------------------------------------- Old: ---- SIGNATURES-3.2.4.txt wireshark-3.2.4.tar.xz New: ---- wireshark-3.2.5.tar.xz wireshark-3.2.5.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wireshark.spec ++++++ --- /var/tmp/diff_new_pack.cjRtZm/_old 2020-07-06 16:17:07.288918180 +0200 +++ /var/tmp/diff_new_pack.cjRtZm/_new 2020-07-06 16:17:07.292918192 +0200 @@ -27,14 +27,14 @@ %bcond_with lz4 %endif Name: wireshark -Version: 3.2.4 +Version: 3.2.5 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0-or-later AND GPL-3.0-or-later Group: Productivity/Networking/Diagnostic URL: https://www.wireshark.org/ Source: https://www.wireshark.org/download/src/%{name}-%{version}.tar.xz -Source2: https://www.wireshark.org/download/SIGNATURES-%{version}.txt +Source2: https://www.wireshark.org/download/SIGNATURES-%{version}.txt#/%{name}-%{version}.tar.xz.asc Source3: https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshark.keyring BuildRequires: bison BuildRequires: flex ++++++ wireshark-3.2.4.tar.xz -> wireshark-3.2.5.tar.xz ++++++ /work/SRC/openSUSE:Factory/wireshark/wireshark-3.2.4.tar.xz /work/SRC/openSUSE:Factory/.wireshark.new.3060/wireshark-3.2.5.tar.xz differ: char 15, line 1 ++++++ wireshark-3.2.5.tar.xz.asc ++++++ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 wireshark-3.2.5.tar.xz: 31626148 bytes SHA256(wireshark-3.2.5.tar.xz)=bd89052a5766cce08b1090df49628567e48cdd24bbaa47667c851bac6aaac940 RIPEMD160(wireshark-3.2.5.tar.xz)=940abd3d33418559b207bd9f23826626b3edd311 SHA1(wireshark-3.2.5.tar.xz)=468c547ad13df805322e0979b348dcc602904017 Wireshark-win64-3.2.5.exe: 60082856 bytes SHA256(Wireshark-win64-3.2.5.exe)=b9626086253e00fbaf35c7d91c768aa4895d0d2e59b4e48b01331dce7cfeb510 RIPEMD160(Wireshark-win64-3.2.5.exe)=eeec26f1442e387255e3243a324bb7388f055011 SHA1(Wireshark-win64-3.2.5.exe)=97fd437ded33ef1d260fe6dc2a8e2e53707fe12e Wireshark-win32-3.2.5.exe: 54936520 bytes SHA256(Wireshark-win32-3.2.5.exe)=728d51ba8e1d551ff29b2432933923112bc5d43100ee4b327085dbdda739dcd1 RIPEMD160(Wireshark-win32-3.2.5.exe)=523866234f16f94e621f0de59702c2f4063aff3f SHA1(Wireshark-win32-3.2.5.exe)=040ce6010c874242356177d82e9550c84b092267 Wireshark-win32-3.2.5.msi: 43114496 bytes SHA256(Wireshark-win32-3.2.5.msi)=f9a7739e40193f387cfcaab5f8e7f3a8705a49096b7853d48ddf87eb7c0916a0 RIPEMD160(Wireshark-win32-3.2.5.msi)=8feed2651be7b1ed2ad2ab2c02f8db4533064361 SHA1(Wireshark-win32-3.2.5.msi)=cc1487b37d5bbfad7e0a01d9334e95e7f72c9a96 Wireshark-win64-3.2.5.msi: 48381952 bytes SHA256(Wireshark-win64-3.2.5.msi)=f8b0b963ac7bf87f851389a396d5a39dae733ec7ad8b259c097cd3d1f61990d8 RIPEMD160(Wireshark-win64-3.2.5.msi)=a94a1a86e60b7d2fe78ae7256dac6645f80c496b SHA1(Wireshark-win64-3.2.5.msi)=e8b887f473899cc3fb169c3ca71027cbe5724218 WiresharkPortable_3.2.5.paf.exe: 36672608 bytes SHA256(WiresharkPortable_3.2.5.paf.exe)=a8601a7b0232d1a17acb969ee658952a794d8da06588d7039a48b35653169670 RIPEMD160(WiresharkPortable_3.2.5.paf.exe)=6d8fa89a6b9f153a3dca521d8fd59144760557cd SHA1(WiresharkPortable_3.2.5.paf.exe)=4cd2344eeda2f3a8b1b361bcb123da6038ea2c78 Wireshark 3.2.5 Intel 64.dmg: 97687693 bytes SHA256(Wireshark 3.2.5 Intel 64.dmg)=c95277ecc61c22b900591d07dae94ef659fe1d80d584479ddc46855b4e3a3745 RIPEMD160(Wireshark 3.2.5 Intel 64.dmg)=81a2f9e3e51bcd8182ddb3ffe226481f3d1e3be2 SHA1(Wireshark 3.2.5 Intel 64.dmg)=d0abf53b543f256201628f4880e32b8b104ce6bb You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAl788ugACgkQgiRKeOb+ ruqcdhAA7qkQvKl/CRw5/phaHYV4M8ICakK9znqVffudNs49o78z7cFTi+yww+92 LAjFsmeeX15FaWx5TAixn88UGoI+B15FRmkFdpH0zZHa82DsmMTizbQ+c0ofGUPZ FdwGgl4yLhbZQQUXE+4Ucarn9DoOc7GMeS/KW2F5+bNtmRVEeawB8Yu25lytA0ry tRs4y8p+KqnvNLaXLCrNcUzhwtNpUnnrnL1HPQ4VwE3Dtq5gifkI7jAXCkmcqtV/ 4RxIDNVtmFyqxd7GDcCENjiGjgbGyxAc+vrQK3pnElaMnPICjMwnof/3g9+yebJe 4iTgzqOxATSWB41bzbNAN8D5/HCBMbUWY3jQ4rbE354TmnhTTY05kMV5jZNZgELT B+5BHBcY5S5Vq3UTRQIaRHKtuaAfnteW5zAvcZSIgrG8fd+ca06fU/TPrqvmq7bQ ZdrDO2tXyYUcUeBwZoq2m89v/DJPaMaQWpOo1aWTtGoc/JE13UcR/g88lWt4ze+7 iUhSDtkPQgdsvuGGhfz3GLVrmVfb/+TbDLZtwP4dyA+uJUfwZLzLnjsCXbK2R7uc NjCSMpM1zvsv3newz2JXNjltFOFIBqhP9aZ64rvcm6M9AGiqeQ65nOY3GvL7Q49S 2lQ029OUcK4xTsLSLRepF2lg6lqVpVU/rnMqHMSaWkTekJffTJ4= =onva -----END PGP SIGNATURE-----