NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/wireshark: security bump to version 4.0.6

Browse Source 
Fixes the following security issues:

- CVE-2023-1992: The RPC over RDMA dissector could crash
  https://www.wireshark.org/security/wnpa-sec-2023-09.html

- CVE-2023-1993: The LISP dissector could go into a large loop
  https://www.wireshark.org/security/wnpa-sec-2023-10.html

- CVE-2023-1994: The GQUIC dissector could crash
  https://www.wireshark.org/security/wnpa-sec-2023-11.html

- CVE-2023-2855: The Candump log file parser could crash
  https://www.wireshark.org/security/wnpa-sec-2023-12.html

- CVE-2023-2857: The BLF file parser could crash
  https://www.wireshark.org/security/wnpa-sec-2023-13.html

- The GDSDB dissector could go into an infinite loop
  https://www.wireshark.org/security/wnpa-sec-2023-14.html

- CVE-2023-2858: The NetScaler file parser could crash
  https://www.wireshark.org/security/wnpa-sec-2023-15.html

- CVE-2023-2856: The VMS TCPIPtrace file parser could crash
  https://www.wireshark.org/security/wnpa-sec-2023-16.html

- CVE-2023-2854: The BLF file parser could crash
  https://www.wireshark.org/security/wnpa-sec-2023-17.html

- CVE-2023-0666: The RTPS dissector could crash
  https://www.wireshark.org/security/wnpa-sec-2023-18.html

- CVE-2023-0668: The IEEE C37.118 Synchrophasor dissector could crash
  https://www.wireshark.org/security/wnpa-sec-2023-19.html

- The XRA dissector could go into an infinite loo
  https://www.wireshark.org/security/wnpa-sec-2023-20.html

[Peter: refer to SIGNATURES files now that it is again fixed]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit af25796d49)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2023-06-26 08:52:31 +02:00
parent 5f07925767
commit e3b6770a7a
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
package/wireshark/wireshark.hash
View File

@ -1,6 +1,6 @@
# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.4.txt
sha1 ae3c28d6966c420ee3a8d058ea212a1b6adab50f wireshark-4.0.4.tar.xz
sha256 a4a09f6564f00639036ffe5064ac4dc2176adfa3e484c539c9c73f835436e74b wireshark-4.0.4.tar.xz
# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.6.txt
sha1 a60b6f8063df2a711932ba869ae86e6476087cf0 wireshark-4.0.6.tar.xz
sha256 0079097a1b17ebc7250a73563f984c13327dac5016b7d53165810fbcca4bd884 wireshark-4.0.6.tar.xz
# Locally calculated
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING

2
package/wireshark/wireshark.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
WIRESHARK_VERSION = 4.0.4
WIRESHARK_VERSION = 4.0.6
WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz
WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions
WIRESHARK_LICENSE = wireshark license