Hello community, here is the log from the commit of package wireshark for openSUSE:Factory checked in at 2016-06-14 23:07:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wireshark (Old) and /work/SRC/openSUSE:Factory/.wireshark.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark" Changes: -------- --- /work/SRC/openSUSE:Factory/wireshark/wireshark.changes 2016-04-28 17:00:43.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new/wireshark.changes 2016-06-14 23:07:58.000000000 +0200 @@ -1,0 +2,27 @@ +Wed Jun 8 07:44:26 UTC 2016 - [email protected] + +- Wireshark 2.0.4 (boo#983671) + This release fixes a number issues in protocol dissectors that + could have allowed a remote attacker to crash Wireshark or cause + excessive CPU usage through specially crafted packages inserted + into the network or a capture file. + * The SPOOLS dissector could go into an infinite loop + wnpa-sec-2016-29 CVE-2016-5350 + * The IEEE 802.11 dissector could crash + wnpa-sec-2016-30 CVE-2016-5351 + * The IEEE 802.11 dissector could crash + wnpa-sec-2016-31 CVE-2016-5352 + * The UMTS FP dissector could crash + wnpa-sec-2016-32 CVE-2016-5353 + * Some USB dissectors could crash + wnpa-sec-2016-33 CVE-2016-5354 + * The Toshiba file parser could crash + wnpa-sec-2016-34 CVE-2016-5355 + * The CoSine file parser could crash + wnpa-sec-2016-35 CVE-2016-5356 + * The NetScreen file parser could crash + wnpa-sec-2016-36 CVE-2016-5357 + * The Ethernet dissector could crash + wnpa-sec-2016-37 CVE-2016-5358 + +------------------------------------------------------------------- Old: ---- SIGNATURES-2.0.3.txt wireshark-2.0.3.tar.bz2 New: ---- SIGNATURES-2.0.4.txt wireshark-2.0.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wireshark.spec ++++++ --- /var/tmp/diff_new_pack.1dG2uA/_old 2016-06-14 23:08:00.000000000 +0200 +++ /var/tmp/diff_new_pack.1dG2uA/_new 2016-06-14 23:08:00.000000000 +0200 @@ -29,7 +29,7 @@ %define use_gnutls 0%{?suse_version} >= 1310 || 0%{?suse_version} == 1110 Name: wireshark -Version: 2.0.3 +Version: 2.0.4 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ and GPL-3.0+ @@ -177,6 +177,7 @@ # Verify hashes in that file against source tarball. echo "`grep %{name}-%{version}.tar.bz2 %{S:2} | grep MD5 | head -n1 | cut -d= -f2` %{S:0}" | md5sum -c echo "`grep %{name}-%{version}.tar.bz2 %{S:2} | grep SHA1 | head -n1 | cut -d= -f2` %{S:0}" | sha1sum -c +echo "`grep %{name}-%{version}.tar.bz2 %{S:2} | grep SHA256 | head -n1 | cut -d= -f2` %{S:0}" | sha256sum -c %setup -q %patch2 -p1 ++++++ SIGNATURES-2.0.3.txt -> SIGNATURES-2.0.4.txt ++++++ --- /work/SRC/openSUSE:Factory/wireshark/SIGNATURES-2.0.3.txt 2016-04-28 17:00:42.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new/SIGNATURES-2.0.4.txt 2016-06-14 23:07:57.000000000 +0200 @@ -1,55 +1,55 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -wireshark-2.0.3.tar.bz2: 31110988 bytes -SHA256(wireshark-2.0.3.tar.bz2)=e196376e75fe21fdef41b4eaa27ce2e1b2b561e7f7b20328a8e96657cc4465fc -RIPEMD160(wireshark-2.0.3.tar.bz2)=24504bb0acd10fb7c1d93eab0a1de0f49b6b82c4 -SHA1(wireshark-2.0.3.tar.bz2)=9805d62b4fb108cc1e755d8c47f8c1e21eee8b73 -MD5(wireshark-2.0.3.tar.bz2)=62dc20f5a77542feed2e38f18db8ae3b - -Wireshark-win32-2.0.3.exe: 43972168 bytes -SHA256(Wireshark-win32-2.0.3.exe)=5fd3b556d736b5eb9ae63ee6bd9d65775fd84e54303f86c7cba2a9b60298f283 -RIPEMD160(Wireshark-win32-2.0.3.exe)=73e64770cb11df69d5030607bc6aaf6dfc5554e3 -SHA1(Wireshark-win32-2.0.3.exe)=4c014fd4f8f677f9aec43ddc13ef6b962f0fa6d7 -MD5(Wireshark-win32-2.0.3.exe)=3a36fad882fa0e3368606b5cbe80d51e - -Wireshark-win64-2.0.3.exe: 47590392 bytes -SHA256(Wireshark-win64-2.0.3.exe)=ceab943d7be15f8894e2d915dee18c14e55f3bfa74ddc45a14f61d0e645cd226 -RIPEMD160(Wireshark-win64-2.0.3.exe)=4b0003ceb770e894ee58b78901a49c4cee5fc5a5 -SHA1(Wireshark-win64-2.0.3.exe)=169cdb7e25582fa0c35bc04c049bb1d8fd0fecba -MD5(Wireshark-win64-2.0.3.exe)=396528535ad0b3848049c5da374b647c - -WiresharkPortable_2.0.3.paf.exe: 43614856 bytes -SHA256(WiresharkPortable_2.0.3.paf.exe)=17db5264a416901d77223a5aae66735300e480b8ad18f24935b2e9bd441b40a6 -RIPEMD160(WiresharkPortable_2.0.3.paf.exe)=f74eefc594b10627811fd34b21ff8e77115d4945 -SHA1(WiresharkPortable_2.0.3.paf.exe)=15ec105f22dd0f7a1a3dbb03febaaaf42b1e37f9 -MD5(WiresharkPortable_2.0.3.paf.exe)=9fba252210ff53198ebb27113e649433 - -Wireshark 2.0.3 Intel 64.dmg: 31683571 bytes -SHA256(Wireshark 2.0.3 Intel 64.dmg)=a64dc77117a4408b48235297215032017e77822885ce3e19cd1065bfbea0ae57 -RIPEMD160(Wireshark 2.0.3 Intel 64.dmg)=cdd6cdf582578108402ecc90e5b0ee7bedd2e622 -SHA1(Wireshark 2.0.3 Intel 64.dmg)=a0820929ea55790659597bd12d64ed2322825602 -MD5(Wireshark 2.0.3 Intel 64.dmg)=71832fca921ca898b5200b5cf6d83678 - -Wireshark 2.0.3 Intel 32.dmg: 32389579 bytes -SHA256(Wireshark 2.0.3 Intel 32.dmg)=c7d0a2d1cafcc1b4d1347e3abc773cc76c5f6096a702d9169d25e1f92e412848 -RIPEMD160(Wireshark 2.0.3 Intel 32.dmg)=f2d65b4cd7fa5a7b48ba8736b782cf29cf799ada -SHA1(Wireshark 2.0.3 Intel 32.dmg)=73952d46ddee729dc0b23a863e62e95381bbd690 -MD5(Wireshark 2.0.3 Intel 32.dmg)=abc434ab2945d13f20c03406b219a471 +wireshark-2.0.4.tar.bz2: 31121258 bytes +SHA256(wireshark-2.0.4.tar.bz2)=9ea9c82da9942194ebc8fc5c951a02e6d179afa7472cb6d96ca76154510de1a5 +RIPEMD160(wireshark-2.0.4.tar.bz2)=c767f062c421e15cde8f1d83c8fcd7c2c2a138eb +SHA1(wireshark-2.0.4.tar.bz2)=9d76a28ba4f7566bef1aefbb2868e1ddcb93e999 +MD5(wireshark-2.0.4.tar.bz2)=622928dc6cb31c227c672ec3ec697f28 + +Wireshark-win64-2.0.4.exe: 47578216 bytes +SHA256(Wireshark-win64-2.0.4.exe)=3306b9b52e251f0f989eb78a19b298eeced6ebab85e9e167aeaeb1453728bde9 +RIPEMD160(Wireshark-win64-2.0.4.exe)=a52f51b9d84b745635aab2cf885e3f4f3b131628 +SHA1(Wireshark-win64-2.0.4.exe)=13983ad5b244e9db8154888d5f25ad850deb8a6c +MD5(Wireshark-win64-2.0.4.exe)=7b686baf4404271132219a505c936a4a + +Wireshark-win32-2.0.4.exe: 43987120 bytes +SHA256(Wireshark-win32-2.0.4.exe)=9f4b818affdb7cda21128d46774afc85e6bdd82e09597c84940bd1451df3d259 +RIPEMD160(Wireshark-win32-2.0.4.exe)=a385411e6a1caf2acb306cfef5a7bfac6b2e8391 +SHA1(Wireshark-win32-2.0.4.exe)=4cd730a25b58dc2f289a8d1ca5d684d8b81664d9 +MD5(Wireshark-win32-2.0.4.exe)=cf652ea77d3cbf30d8d866f30215052d + +WiresharkPortable_2.0.4.paf.exe: 43671848 bytes +SHA256(WiresharkPortable_2.0.4.paf.exe)=9586b49faf201643115769d3c72fb0c8ee6c7a791797ffa3570adbd5cbf4d6a9 +RIPEMD160(WiresharkPortable_2.0.4.paf.exe)=14645af3d30dd69f2ee946136129f3404a94e22b +SHA1(WiresharkPortable_2.0.4.paf.exe)=046ddbae023c9691f00586cfe89184290e5fcc9e +MD5(WiresharkPortable_2.0.4.paf.exe)=ad5726e4e7450e7ddb3e0d293d32a21d + +Wireshark 2.0.4 Intel 64.dmg: 31689834 bytes +SHA256(Wireshark 2.0.4 Intel 64.dmg)=b78531be77099f4d4b08a1a0fea6dbb777b739ee82255cc83f7de47137ef1627 +RIPEMD160(Wireshark 2.0.4 Intel 64.dmg)=3079f32fcf95a99560b9d26d63d9a9d6ac758645 +SHA1(Wireshark 2.0.4 Intel 64.dmg)=0f48d5dd644f56544a145a1195763e5ca22b9b8b +MD5(Wireshark 2.0.4 Intel 64.dmg)=3671126b80029b798f0270766cb3f687 + +Wireshark 2.0.4 Intel 32.dmg: 32415649 bytes +SHA256(Wireshark 2.0.4 Intel 32.dmg)=52dd39ab2c200d80a3eeeabd8d4c41a109815280f2c51db080c104b3075f4ecd +RIPEMD160(Wireshark 2.0.4 Intel 32.dmg)=db425b89d92ab0759eb4d6f626b8ba948d9565db +SHA1(Wireshark 2.0.4 Intel 32.dmg)=a75793af4e8fb7d0cd6196e5288f05a5eff10861 +MD5(Wireshark 2.0.4 Intel 32.dmg)=880f31ca32bda60cb6459d0d87522275 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 -iQIcBAEBCgAGBQJXGniBAAoJEIIkSnjm/q7q6woP/iw1qZlJoiFhJD9btWHGQO1Z -2ik9BfiX9h07m3wM6lXBN+Xpr3iMYxSbe74mWDXz4dNcdm2Euk7w03RsOWvduV+c -WlCQ9JuX7I2xUeV7ncNSAdHXiv4fJm2sS97Tpf5evqWirPqfobeBQdsId36WNh8O -+a9Gz/y2vYvTJeZrRzexXpk4uFyDkJNqrLMubua4NtFW68UZcel4d+eeURTVjkrf -eZTdBdFxAoT3r3HFU7zx/KHLe3O3s14WTmNV7439T6JN8BGZRP/gUCuNCrRTb0Ep -LCjNOJk7+5DrwvID9487w/HyrOwl5XZUG4anlHuNbjuOm7yOtFCwcs8vO7JOF6yf -Wv7mQWXqM2soFvq2hspCLMmVi5UQCx20z+3xs3VUz66AUz9gLxyI9Xsrw1mhu2/p -AD6LCqPcDUrIAR7St5kp5oeitBau214iI9sJKO14PP18OWfEODL/VhZrMunPitg9 -t4rl9zn9HUqKkTPZYG+Bx+YxnlMGXET3j6cCeohxwBaRqaCnNqGY7s3Ssw2Wo8E6 -7jfDIoKaL9Qvm/a98O1K1q6Oe/I+nyZ4xmJB/hSZW/67lUhbe/gVoQbxl8AR9CET -55b56uzKXAcakia3H5TLdbizv9iHNYvUhutPbhGf/jL226qUfI9UoMRn1AKlnZoL -q5K+WhQc/Dkiez57rQ0a -=0Vt0 +iQIcBAEBCgAGBQJXVzAFAAoJEIIkSnjm/q7qPCsP/ik5dKAzFuWqNaaIcOlDt9nd +Fd3JF1zpcMINDkdBCO0TQidN7fo0FkBxgXYpdV/pjbC61JJoX8/Qgg5d139PrtGB +w36pg5Vu+h++wdmyvIByPD8cPK/1wsMj5X7asAzJLnXzXrev3NdqN7lvwcYCTZIi +KZ6otoiGLYSHxWMG82pkDvfhMeABkvGGP8zJexwHd5Rz7Oh6n6G/iV1VSpRwKpak +UgpZQt+rpTA+ZgJT0Gx3gVp02zM9eDeXnJlZN36ZfcsDE2mO+yrokc8Ov+p8H8Ht +Cxgn23ADPBgcRqPcRQWnK2p8JCUS4VGpNlwAABBaBAzNylQNhgzqdVL4aLOqnOsh +CQs0ba/5K68elb/xsHTEizvgJKLp6UM26GUAWEzLqfxDD1qalqLDoze60QdCr23n +eIzaoeQLK9HJf6olzWlbSZqrDuB06lNVrSZK7BbqS3S1Jfag+bsVKuqRBxhkBn4d +MCtQOT5zbsRnr7r82bB59znY1Hc33Ow/pYJhsTzmPrpv4s5dTMSU00AyyosYmyUw +VUzd3k7wVanAHPwOPDS8IE31XOhooZ+bL9cJq9Tsnq1OAFQ/MzZa4f6dTFKLT2cn +5Zh7O1zrraRlfgW8KLBgveCeBApeqXW5teF5huPSV/oBvmWDC5Atgk9ancXthNMs +kY+PsyLlGXORSJKMD/NQ +=UjJ5 -----END PGP SIGNATURE----- ++++++ wireshark-2.0.3.tar.bz2 -> wireshark-2.0.4.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/wireshark/wireshark-2.0.3.tar.bz2 /work/SRC/openSUSE:Factory/.wireshark.new/wireshark-2.0.4.tar.bz2 differ: char 11, line 1
