From 9d39b2aed23dc822cfa56e6cc54fe605e0fd99d2 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 19 Mar 2023 20:25:26 +0100 Subject: [PATCH] package/wireshark: security bump to version 4.0.4 Fix CVE-2023-1161: ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file https://www.wireshark.org/security/wnpa-sec-2023-08.html https://www.wireshark.org/news/20230302.html Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard --- package/wireshark/wireshark.hash | 6 +++--- package/wireshark/wireshark.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash index 7128b560ae..d89caa5de8 100644 --- a/package/wireshark/wireshark.hash +++ b/package/wireshark/wireshark.hash @@ -1,6 +1,6 @@ -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.3.txt -sha1 243b0057cfe6d447662e81b5646110aaf8b63c81 wireshark-4.0.3.tar.xz -sha256 6c51e15bcc0afb93734e686dbff354ffd159f570bd2904bcbbad6f3feb7e9511 wireshark-4.0.3.tar.xz +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.4.txt +sha1 ae3c28d6966c420ee3a8d058ea212a1b6adab50f wireshark-4.0.4.tar.xz +sha256 a4a09f6564f00639036ffe5064ac4dc2176adfa3e484c539c9c73f835436e74b wireshark-4.0.4.tar.xz # Locally calculated sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk index 12c36575df..f5a8e1f070 100644 --- a/package/wireshark/wireshark.mk +++ b/package/wireshark/wireshark.mk @@ -4,7 +4,7 @@ # ################################################################################ -WIRESHARK_VERSION = 4.0.3 +WIRESHARK_VERSION = 4.0.4 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions WIRESHARK_LICENSE = wireshark license