Hello community, here is the log from the commit of package wireshark for openSUSE:Factory checked in at 2017-06-04 02:00:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wireshark (Old) and /work/SRC/openSUSE:Factory/.wireshark.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark" Sun Jun 4 02:00:10 2017 rev:125 rq:500569 version:2.2.7 Changes: -------- --- /work/SRC/openSUSE:Factory/wireshark/wireshark.changes 2017-05-17 17:20:22.459981525 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new/wireshark.changes 2017-06-04 02:00:16.184467771 +0200 @@ -1,0 +2,21 @@ +Fri Jun 2 09:21:15 UTC 2017 - astie...@suse.com + +- Wireshark 2.2.7 (bsc#1042330): + This release fixes minor vulnerabilities that could be used to + trigger dissector crashes, infinite loopsm or cause excessive use + of CPU resources by making Wireshark read specially crafted + packages from the network or a capture file: + * CVE-2017-9352: Bazaar dissector infinite loop (bsc#1042304) + * CVE-2017-9348: DOF dissector read overflow (bsc#1042303) + * CVE-2017-9351: DHCP dissector read overflow (bsc#1042302) + * CVE-2017-9346: SoulSeek dissector infinite loop (bsc#1042301) + * CVE-2017-9345: DNS dissector infinite loop (bsc#1042300) + * CVE-2017-9349: DICOM dissector infinite loop (bsc#1042305) + * CVE-2017-9350: openSAFETY dissector memory exhaustion (bsc#1042299) + * CVE-2017-9344: BT L2CAP dissector divide by zero (bsc#1042298) + * CVE-2017-9343: MSNIP dissector crash (bsc#1042309) + * CVE-2017-9347: ROS dissector crash (bsc#1042308) + * CVE-2017-9354: RGMP dissector crash (bsc#1042307) + * CVE-2017-9353: IPv6 dissector crash (bsc#1042306) + +------------------------------------------------------------------- Old: ---- SIGNATURES-2.2.6.txt wireshark-2.2.6.tar.bz2 New: ---- SIGNATURES-2.2.7.txt wireshark-2.2.7.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wireshark.spec ++++++ --- /var/tmp/diff_new_pack.3Ff4m5/_old 2017-06-04 02:00:19.024066965 +0200 +++ /var/tmp/diff_new_pack.3Ff4m5/_new 2017-06-04 02:00:19.024066965 +0200 @@ -36,7 +36,7 @@ %bcond_with geoip %endif Name: wireshark -Version: 2.2.6 +Version: 2.2.7 Release: 0 Summary: A Network Traffic Analyser License: GPL-2.0+ and GPL-3.0+ ++++++ SIGNATURES-2.2.6.txt -> SIGNATURES-2.2.7.txt ++++++ --- /work/SRC/openSUSE:Factory/wireshark/SIGNATURES-2.2.6.txt 2017-04-20 20:55:20.666680214 +0200 +++ /work/SRC/openSUSE:Factory/.wireshark.new/SIGNATURES-2.2.7.txt 2017-06-04 02:00:12.700959463 +0200 @@ -1,48 +1,48 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -wireshark-2.2.6.tar.bz2: 32317335 bytes -SHA256(wireshark-2.2.6.tar.bz2)=f627d51eda85f5ae5f5c8c9fc1f6539ffc2a270dd7500dc7f67490a8534ca849 -RIPEMD160(wireshark-2.2.6.tar.bz2)=12574c3536c621164215a5a3c1840d87489cc189 -SHA1(wireshark-2.2.6.tar.bz2)=608c0ece0d7c0f9c82f031e69c87c0de57c3f0dd -MD5(wireshark-2.2.6.tar.bz2)=2cd9a35c2df8c32668c1776784f074df - -Wireshark-win32-2.2.6.exe: 44522984 bytes -SHA256(Wireshark-win32-2.2.6.exe)=d43a3194d4cb6899bda39fb24e43bbfd8497d6c2794658f69955b7d6a111a796 -RIPEMD160(Wireshark-win32-2.2.6.exe)=8ac37da27beaaeb6b982459c22c203ec5ad1e5f0 -SHA1(Wireshark-win32-2.2.6.exe)=710a1540fb39b15db7db7c2fa652ab80eeca296c -MD5(Wireshark-win32-2.2.6.exe)=32807564710c35f67b10750f4d570b6a - -Wireshark-win64-2.2.6.exe: 49385272 bytes -SHA256(Wireshark-win64-2.2.6.exe)=faa10fe979440aa231478b8ad35ae5810020f814438e735e6edd57611465c405 -RIPEMD160(Wireshark-win64-2.2.6.exe)=b584223cea4db8f2cabd04e7654732cb3696d26c -SHA1(Wireshark-win64-2.2.6.exe)=cdbb1b95293238dce38c3e1a8940b99daf48fbdc -MD5(Wireshark-win64-2.2.6.exe)=74ce176674b5c7e26874f2a8f3c55153 - -WiresharkPortable_2.2.6.paf.exe: 46147304 bytes -SHA256(WiresharkPortable_2.2.6.paf.exe)=d884196b54e198621d8b2e0315edd54ee7e38efa9acdd1bfe97841f87e63d878 -RIPEMD160(WiresharkPortable_2.2.6.paf.exe)=bce2be0909bfe84d075d0ed852d8663d3fcde5ae -SHA1(WiresharkPortable_2.2.6.paf.exe)=4d25cd67b46b27ab55b6b47b5752b4b9507e008d -MD5(WiresharkPortable_2.2.6.paf.exe)=a019ab377c55dcf9df7692c2aa44fb23 - -Wireshark 2.2.6 Intel 64.dmg: 32858564 bytes -SHA256(Wireshark 2.2.6 Intel 64.dmg)=efe30c1729543ae95ce22ad89d41251fee94e38d3d72a4f7a2a25e86a8bc66fe -RIPEMD160(Wireshark 2.2.6 Intel 64.dmg)=e9cf275b5531905366d27ffc65482dcde4c7e35b -SHA1(Wireshark 2.2.6 Intel 64.dmg)=d38a9b38f4a662da6299fd9301f22d3b877b002e -MD5(Wireshark 2.2.6 Intel 64.dmg)=f52d767768925ebae7b7e70bf86ca974 +wireshark-2.2.7.tar.bz2: 32309420 bytes +SHA256(wireshark-2.2.7.tar.bz2)=689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5 +RIPEMD160(wireshark-2.2.7.tar.bz2)=baf598f495c04f3709cb02c9046b8176f5f5c72e +SHA1(wireshark-2.2.7.tar.bz2)=2bb1cdf56a93fb22a66e8179214b587c71f06c9e +MD5(wireshark-2.2.7.tar.bz2)=a4d880554c7f925dafef60fa313b580d + +Wireshark-win64-2.2.7.exe: 49400720 bytes +SHA256(Wireshark-win64-2.2.7.exe)=cc8e6feff1e72d1baaafb277e33c9137a76a5edeca629fe4c764070a0719df50 +RIPEMD160(Wireshark-win64-2.2.7.exe)=e1b5395752ff672593bb02e02c9d43b969a6d136 +SHA1(Wireshark-win64-2.2.7.exe)=bb9f0c2f8448069e8ef33302e3e8a5182a066788 +MD5(Wireshark-win64-2.2.7.exe)=30570a7b54c17da897cf155e35a2f44a + +Wireshark-win32-2.2.7.exe: 44550128 bytes +SHA256(Wireshark-win32-2.2.7.exe)=6f5ef2ed9aed62f3613f66b960f50663cfb4ec4b59c9fe1fa11ff08137c8a0c0 +RIPEMD160(Wireshark-win32-2.2.7.exe)=14aa5ae001272ac7ce1eea2d166f02b89a1de76c +SHA1(Wireshark-win32-2.2.7.exe)=1c778e2885fbf0668f75567841d0b00c73b9c7d6 +MD5(Wireshark-win32-2.2.7.exe)=ab254d59f70aec9178aeb8a76a24de50 + +WiresharkPortable_2.2.7.paf.exe: 46147736 bytes +SHA256(WiresharkPortable_2.2.7.paf.exe)=3fc82830a4d2b0d620ef37c1fd406d99e5cad7ff2c831b1d284f5e87282ae2c1 +RIPEMD160(WiresharkPortable_2.2.7.paf.exe)=2d699d1fe6d1bd2e30000cff21837d17d069725f +SHA1(WiresharkPortable_2.2.7.paf.exe)=5cc73524dfc49780ce22f8dfe4d74876c2f9eb5a +MD5(WiresharkPortable_2.2.7.paf.exe)=d05d04a6ce82a7253949d45cc5fb6186 + +Wireshark 2.2.7 Intel 64.dmg: 32873230 bytes +SHA256(Wireshark 2.2.7 Intel 64.dmg)=6d46e7270fc6b661ece24c0fcaf56c7e4ce4f65501ef055ea46c6cfdf95c6dcb +RIPEMD160(Wireshark 2.2.7 Intel 64.dmg)=7b1ab739f9dc24c03b9b825a8533e0e891ee822f +SHA1(Wireshark 2.2.7 Intel 64.dmg)=50fa591d6fb0d4f59a5c2c9c12c1f114522f8377 +MD5(Wireshark 2.2.7 Intel 64.dmg)=2814af6a4f0c851e1d44213d96428919 -----BEGIN PGP SIGNATURE----- -iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAljunhAACgkQgiRKeOb+ -rupGxhAAoux2lVYbvQuF/56W+MPJP//XL7AeDb0DLFPsg+2CvnnIG4xRWGD/Xs74 -zzxDd8d/L6YYfn1BB/pGZDwRHtEpb7srBFxU59K7Lndgt58TyumvBddHq2vuTG0i -KolOJnIMnIgS6zRAXLbPiRnEXbVncT7HglV0XPMqldCQ+UeeeLn17BwW06nD8DlD -qCn4ZLL0Ko1nT6BcfDQ6AifrrOdJ5IVCezZZ7+aWb54+xSR3DPzKEaFBO6P7Q0G9 -8u4sIyyc3WUv9j9fCqCwyHwaaWgeWaSVcgU39ta7lUF03wzl8t7ZTKAs2O7c71yr -EN8Lm2IuYzAEwx2vSV164yu4y1l/CsF64QLHwhPFLR5QagydI6qBjCBGgykctzqc -8bHnueguFb+9kF+PdH5rH6bOXArYZAkBSP+fXdHyxfCPwO7GjK7kbGCD7k5uhdjG -R3B7VqxRFzed3LHIAaJ52GcjLZ6gzhqp+zOpZLzCAvJVmryIgq/Eo8/Dsi87/jxp -GuJEKAvBdZfaGdYXTOOzwo6ktTHdCa8w2V2RBMXoulUCqQMT+NYFeZlVsa9Mju7M -hzdevy/DjIDkQgW6nVSjYCdMpCRyRPkbXspSG5SRb4WV/LOP1poWwKBXxT4qai1F -6MyAoqODydWcpypUU6qEU4MGvhyVfylOhFsmmHDLY/Y/sgx51TM= -=cvmE +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlkwdzIACgkQgiRKeOb+ +ruqeLw//XkRVualJQ8H5drJUSDQwxDwGwona4R20Bh1EETMeCW+g+IFEx2Me1qcj +460oEZ7JshsUYI2rGeqJSoK3xPLWLsNwdaMrV3hJOT5WiglJq/OZ6XUUrAsWZ25B ++pzYK95SCl3OWeNOpVvj7BKmI8GljzE6MkItSwHeK4+GC4R144UxGBtOjm6iiQHV +stIbec6+lqGYjAAq9V/I+ukYuOoFomlXZcRIMl1/RBB3L8Y2R+xiu+vEUBSNuNgV +IfgBej3ydzHvZpidOMQMGTpiffZ/BMhh/NRvTwv18MHAn60tuyJ3EoQpUMWVOxTR +AZ5dADVvu7ojtCnx5M5rsOdNRq1eW2gHUClVlYYJWWjJ+FD9yu0tyOjsJXkuJHfa +ayrsDATBYFjX3xVEszeUiNj4uYdKt055wa0W6Ra7uvkKH6YrVViROh3WyYVHKofz +JthcSkoqLFZvqkTq01viDcmk3GvNrkxBB5ziCgT4hzHFPh+JQld6GgD9LbUajydR +BOnmKVJlBaozCSJhKd7dIg+dnJeQG8GBEU2rviWqQsYovRl9YOMGa9vmeZApTa5y +WwTbI7OFitfVAgPuLymWActbEBREJfKx5A3RDV/HSgO1UjXs/FEOzbj2RSOT14T5 ++tliAL+bMbnLzBDdGKzCDb9Aq/6bgzYfzJFjvF4raopGYsLccqk= +=KpEA -----END PGP SIGNATURE----- ++++++ wireshark-2.2.6.tar.bz2 -> wireshark-2.2.7.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/wireshark/wireshark-2.2.6.tar.bz2 /work/SRC/openSUSE:Factory/.wireshark.new/wireshark-2.2.7.tar.bz2 differ: char 11, line 1
