Hello community,
here is the log from the commit of package wireshark.3016 for openSUSE:12.3:Update checked in at 2014-09-29 09:20:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.3:Update/wireshark.3016 (Old)
and /work/SRC/openSUSE:12.3:Update/.wireshark.3016.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark.3016"
Changes:
--------
New Changes file:
--- /dev/null 2014-09-26 12:09:11.568032006 +0200
+++ /work/SRC/openSUSE:12.3:Update/.wireshark.3016.new/wireshark.changes 2014-09-29 09:20:24.000000000 +0200
@@ -0,0 +1,2601 @@
+-------------------------------------------------------------------
+Sat Sep 20 18:43:38 UTC 2014 - andreas.stieger@gmx.de
+
+- update to 1.10.10 [bnc#897055]
+ Package upgraded to 1.10.x from 1.8.x as it was discontinued.
+ This update fixes vulnerabilities in Wireshark that could allow
+ an attacker to crash Wireshark or make it become unresponsive by
+ sending specific packages onto the network or have it loaded via
+ a capture file while the dissectors are running. It also contains
+ a number of other bug fixes.
+ * RTP dissector crash
+ wnpa-sec-2014-12 CVE-2014-6421 CVE-2014-6422
+ * MEGACO dissector infinite loop
+ wnpa-sec-2014-13 CVE-2014-6423
+ * Netflow dissector crash
+ wnpa-sec-2014-14 CVE-2014-6424
+ * RTSP dissector crash
+ wnpa-sec-2014-17 CVE-2014-6427
+ * SES dissector crash
+ wnpa-sec-2014-18 CVE-2014-6428
+ * Sniffer file parser crash
+ wnpa-sec-2014-19 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431
+ CVE-2014-6432
+- Further bug fixes as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html
+- includes changes from 1.10.9:
+ fixes several crashes triggered by malformed protocol packages
+- vulnerabilities fixed:
+ * The Catapult DCT2000 and IrDA dissectors could underrun a buffer
+ wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162 (bnc#889901)
+ * The GSM Management dissector could crash
+ wnpa-sec-2014-09 CVE-2014-5163 (bnc#889906)
+ * The RLC dissector could crash
+ wnpa-sec-2014-10 CVE-2014-5164 (bnc#889900)
+ * The ASN.1 BER dissector could crash
+ wnpa-sec-2014-11 CVE-2014-5165 (bnc#889899)
+- Further bug fixes as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html
+
+-------------------------------------------------------------------
+Fri Jun 13 22:47:21 UTC 2014 - andreas.stieger@gmx.de
+
+- update to 1.8.15 [bnc#882731]
+ + bugs fixed:
+ * Tshark with "-F libpcap" still generates a pcapng file.
+ * IPv6 Next Header 0x3d recognized as SHIM6.
+ * Pcap-ng PB/EPB with caplen > len shouldn’t be treated as an
+ error.
+ * TCAP: set a fence on info column after calling sub dissector
+ * Wireshark PEEKREMOTE incorrectly decoding QoS data packets
+ from Cisco Sniffer APs.
+ * IEEE 802.11: fix dissection of HT Capabilities
+ + Further updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.15.html
+
+-------------------------------------------------------------------
+Wed Apr 23 19:59:56 UTC 2014 - andreas.stieger@gmx.de
+
+- update to 1.8.14 [bnc#874692]
+ + bugs fixed:
+ * Lua: Trying to get/access a Preference before its registered
+ causes a segfault
+ * Some value_string strings contain newlines
+ * Tighten the NO_MORE_DATA_CHECK macros
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.14.html
+
+-------------------------------------------------------------------
+Sat Mar 8 10:29:19 UTC 2014 - andreas.stieger@gmx.de
+
+- update to 1.8.13 [bnc#867485]
+ + vulnerabilities fixed:
+ * The NFS dissector could crash
+ wnpa-sec-2014-01 CVE-2014-2281
+ * The RLC dissector could crash
+ wnpa-sec-2014-03 CVE-2014-2283
+ * The MPEG file parser could overflow a buffer
+ wnpa-sec-2014-04 CVE-2014-2299
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.13.html
+
+-------------------------------------------------------------------
+Tue Dec 17 23:10:51 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.8.12 [bnc#855980]
+ + vulnerabilities fixed:
+ * The SIP dissector could go into an infinite loop.
+ wnpa-sec-2013-66 CVE-2013-7112
+ * The NTLMSSP v2 dissector could crash. Discovered by Garming Sam.
+ wnpa-sec-2013-68 CVE-2013-7114
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html
+
+-------------------------------------------------------------------
+Fri Nov 1 22:42:39 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.8.11 [bnc#848738]
+ + vulnerabilities fixed:
+ * The IEEE 802.15.4 dissector could crash
+ wnpa-sec-2013-61 CVE-2013-6336
+ * The NBAP dissector could crash
+ wnpa-sec-2013-62 CVE-2013-6337
+ * The SIP dissector could crash
+ wnpa-sec-2013-63 CVE-2013-6338
+ * The OpenWire dissector could go into a large loop
+ wnpa-sec-2013-64 CVE-2013-6339
+ * The TCP dissector could crash
+ wnpa-sec-2013-65 CVE-2013-6340
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.11.html
+
+-------------------------------------------------------------------
+Wed Sep 11 20:54:02 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.8.10 [bnc#839607]
+ + vulnerabilities fixed:
+ * The NBAP dissector could crash.
+ wnpa-sec-2013-55 CVE-2013-5718
+ * The ASSA R3 dissector could go into an infinite loop.
+ wnpa-sec-2013-56 CVE-2013-5719
+ * The RTPS dissector could overflow a buffer.
+ wnpa-sec-2013-57 CVE-2013-5720
+ * The MQ dissector could crash.
+ wnpa-sec-2013-58 CVE-2013-5721
+ * The LDAP dissector could crash.
+ wnpa-sec-2013-59 CVE-2013-5722
+ * The Netmon file parser could crash.
+ wnpa-sec-2013-60
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.10.html
+
+-------------------------------------------------------------------
+Fri Jul 26 23:47:04 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.8.9 [bnc#831718]
+ + vulnerabilities fixed:
+ * The Bluetooth SDP dissector could go into a large loop
+ CVE-2013-4927 wnpa-sec-2013-45
+ * The DIS dissector could go into a large loop
+ CVE-2013-4929 wnpa-sec-2013-47
+ * The DVB-CI dissector could crash
+ CVE-2013-4930 wnpa-sec-2013-48
+ * The GSM RR dissector (and possibly others) could go into a large loop
+ CVE-2013-4931 wnpa-sec-2013-49
+ * The GSM A Common dissector could crash
+ CVE-2013-4932 wnpa-sec-2013-50
+ * The Netmon file parser could crash
+ CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-51
+ * The ASN.1 PER dissector could crash
+ CVE-2013-4935 wnpa-sec-2013-52
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html
+
+-------------------------------------------------------------------
+Fri Jun 7 20:20:29 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.8.8 [bnc#823932]
+ + vulnerabilities fixed:
+ * The CAPWAP dissector could crash.
+ wnpa-sec-2013-32
+ * The GMR-1 BCCH dissector could crash.
+ wnpa-sec-2013-33
+ * The PPP dissector could crash.
+ wnpa-sec-2013-34
+ * The NBAP dissector could crash.
+ wnpa-sec-2013-35
+ * The RDP dissector could crash.
+ wnpa-sec-2013-36
+ * The GSM CBCH dissector could crash.
+ wnpa-sec-2013-37
+ * The Assa Abloy R3 dissector could consume excessive memory
+ and CPU.
+ wnpa-sec-2013-38
+ * The HTTP dissector could overrun the stack.
+ wnpa-sec-2013-39
+ * The Ixia IxVeriWave file parser could overflow the heap.
+ wnpa-sec-2013-40
+ * The DCP ETSI dissector could crash.
+ wnpa-sec-2013-41
+ + Further bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
+
+-------------------------------------------------------------------
+Sat May 18 06:03:18 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.8.7 [bnc#820566]
+ + vulnerabilities fixed:
+ * The RELOAD dissector could go into an infinite loop.
+ wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487
+ * The GTPv2 dissector could crash.
+ wnpa-sec-2013-24 CVE-2013-3555
+ * The ASN.1 BER dissector could crash.
+ wnpa-sec-2013-25 CVE-2013-3556 CVE-2013-3557
+ * The PPP CCP dissector could crash.
+ wnpa-sec-2013-26 CVE-2013-3558
+ * The DCP ETSI dissector could crash.
+ wnpa-sec-2013-27 CVE-2013-3559
++++ 2404 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.3:Update/.wireshark.3016.new/wireshark.changes
New:
----
SIGNATURES-1.10.10.txt
wireshark-1.10.0-authors-pod2man.patch
wireshark-1.10.0-enable_lua.patch
wireshark-1.10.10.tar.bz2
wireshark-1.2.0-disable-warning-dialog.patch
wireshark-1.2.0-geoip.patch
wireshark.changes
wireshark.keyring
wireshark.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ wireshark.spec ++++++
#
# spec file for package wireshark
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# disable caps for now
%define use_caps 0
Name: wireshark
Version: 1.10.10
Release: 0
Summary: A Network Traffic Analyser
License: GPL-2.0+ and GPL-3.0+
Group: Productivity/Networking/Diagnostic
Url: https://www.wireshark.org/
Source: https://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2
Source2: https://www.wireshark.org/download/SIGNATURES-%{version}.txt
Source3: https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshar...
# PATCH-FIX-OPENSUSE wireshark-1.6.3-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
Patch1: wireshark-1.2.0-disable-warning-dialog.patch
# PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
Patch2: wireshark-1.2.0-geoip.patch
Patch4: wireshark-1.10.0-enable_lua.patch
Patch5: wireshark-1.10.0-authors-pod2man.patch
BuildRequires: bison
BuildRequires: cairo-devel
BuildRequires: flex
%if 0%{?suse_version} <= 1140
BuildRequires: gtk2-devel
%else
BuildRequires: gtk3-devel
%endif
BuildRequires: krb5-devel
BuildRequires: libcap-devel
BuildRequires: libcares-devel
BuildRequires: libgcrypt-devel
BuildRequires: libgnutls-devel
BuildRequires: libpcap-devel
BuildRequires: libsmi-devel
# required for Lua support in openSUSE 12.2 and later [bnc#780669]
%if 0%{?suse_version} >= 1220
BuildRequires: lua51-devel
%else
BuildRequires: lua-devel
%endif
BuildRequires: net-snmp-devel
BuildRequires: openssl-devel
BuildRequires: pcre-devel
BuildRequires: portaudio-devel
BuildRequires: python-devel
BuildRequires: tcpd-devel
BuildRequires: xdg-utils
%if 0%{?suse_version} > 1220
BuildRequires: zlib-devel
%endif
Requires: xdg-utils
Provides: ethereal = %{version}
Obsoletes: ethereal < %{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version}
BuildRequires: libGeoIP-devel
BuildRequires: update-desktop-files
Recommends: GeoIP
%endif
%if 0%{?suse_version} >= 1230
BuildRequires: gpg-offline
%endif
%description
Wireshark is a free network protocol analyzer for Unix and Windows. It
allows you to examine data from a live network or from a capture file
on disk. You can interactively browse the capture data, viewing summary
and detail information for each packet. Wireshark has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
%package devel
Summary: A Network Traffic Analyser
Group: Development/Libraries/C and C++
Requires: %{name} = %{version}
Requires: glib2-devel
Requires: glibc-devel
Provides: ethereal-devel = %{version}
Obsoletes: ethereal-devel < %{version}
%description devel
Wireshark is a free network protocol analyzer for Unix and Windows. It
allows you to examine data from a live network or from a capture file
on disk. You can interactively browse the capture data, viewing summary
and detail information for each packet. Wireshark has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
%prep
%{?gpg_verify: %gpg_verify %{S:2}}
# The publisher doesn't sign the source tarball, but a signatures file containing multiple hashes.
# Verify hashes in that file against source tarball.
echo "`grep %{name}-%{version}.tar.bz2 %{S:2} | grep MD5 | head -n1 | cut -d= -f2` %{S:0}" | md5sum -c
echo "`grep %{name}-%{version}.tar.bz2 %{S:2} | grep SHA1 | head -n1 | cut -d= -f2` %{S:0}" | sha1sum -c
%setup -q
%patch2
%patch4 -p1
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark.desktop
# run as root on 11.3 and older - bnc#349782
%if ! %{use_caps}
%patch1
sed -i 's!^Exec=wireshark!Exec=/usr/bin/xdg-su -c /usr/bin/wireshark!' wireshark.desktop
%endif
%patch5 -p1
%build
# zlib-1.2.5 does not work well with wireshark, so disable it on pre-12.2
%configure \
%if 0%{?suse_version} < 1220
--without-zlib \
%endif
%if 0%{?suse_version} > 1140
--with-gtk3 \
%endif
--with-ssl \
--with-gnutls=yes \
--with-gcrypt=yes \
--with-python \
--with-plugins=%{_libdir}/%{name}/plugins/%{version}
make %{?_smp_mflags}
%install
make DESTDIR=%{buildroot} install
find %{buildroot} -name "*.la" -delete -print
ln -fs wireshark %{buildroot}%{_bindir}/ethereal
ln -fs tshark %{buildroot}%{_bindir}/tethereal
install -d -m 0755 %{buildroot}%{_sysconfdir}
install -d -m 0755 %{buildroot}%{_mandir}/man1/
# install -m 0644 *.1 %%{buildroot}%%{_mandir}/man1/
# -devel
install -d -m 0755 %{buildroot}%{_includedir}/wireshark
IDIR="${RPM_BUILD_ROOT}%{_includedir}/wireshark"
mkdir -p "${IDIR}/epan"
mkdir -p "${IDIR}/epan/crypt"
mkdir -p "${IDIR}/epan/ftypes"
mkdir -p "${IDIR}/epan/dfilter"
mkdir -p "${IDIR}/epan/dissectors"
mkdir -p "${IDIR}/wiretap"
mkdir -p "${IDIR}/wsutil"
install -m 644 color.h config.h register.h "${IDIR}/"
install -m 644 cfile.h file.h "${IDIR}/"
install -m 644 frame_data_sequence.h "${IDIR}/"
install -m 644 packet-range.h print.h "${IDIR}/"
install -m 644 epan/*.h "${IDIR}/epan/"
install -m 644 epan/crypt/*.h "${IDIR}/epan/crypt"
install -m 644 epan/ftypes/*.h "${IDIR}/epan/ftypes"
install -m 644 epan/dfilter/*.h "${IDIR}/epan/dfilter"
install -m 644 epan/dissectors/*.h "${IDIR}/epan/dissectors"
install -m 644 wiretap/*.h "${IDIR}/wiretap"
install -m 644 wsutil/*.h "${IDIR}/wsutil"
install -m 644 ws_symbol_export.h "${IDIR}/"
install -D -m 0644 image/wsicon48.png %{buildroot}%{_datadir}/pixmaps/wireshark.png
install -D -m 0644 wireshark.desktop %{buildroot}%{_datadir}/applications/wireshark.desktop
%if 0%{?suse_version}
%suse_update_desktop_file %{name}
%endif
%clean
rm -rf %{buildroot}
%if %{use_caps}
%pre
getent group wireshark >/dev/null || groupadd wireshark
%endif
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root)
%doc AUTHORS COPYING NEWS README README.linux README.vmware
%doc %{_mandir}/man1/[^i]*
%doc %{_mandir}/man4/*
%{_datadir}/applications/wireshark.desktop
%{_datadir}/pixmaps/wireshark.png
%{_bindir}/ethereal
%{_bindir}/tethereal
%{_bindir}/wireshark
%{_bindir}/editcap
%{_bindir}/tshark
%{_bindir}/mergecap
%{_bindir}/reordercap
%{_bindir}/text2pcap
%{_bindir}/dftest
%{_bindir}/capinfos
%{_bindir}/randpkt
%if %{use_caps}
%attr(0750,root,wireshark) %caps(cap_net_raw,cap_net_admin=eip) %{_bindir}/dumpcap
%else
%{_bindir}/dumpcap
%endif
%{_bindir}/rawshark
%{_libdir}/lib*.so.*
%{_libdir}/wireshark/
%{_datadir}/wireshark/
%files devel
%defattr(-,root,root)
%doc doc/README.*
%{_includedir}/wireshark
%{_libdir}/lib*.so
%changelog
++++++ SIGNATURES-1.10.10.txt ++++++
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
wireshark-1.10.10.tar.bz2: 26823919 bytes
MD5(wireshark-1.10.10.tar.bz2)=1458cedf1b67a36db4555e6469a179e1
SHA1(wireshark-1.10.10.tar.bz2)=bcad35318e0a2428caf7e44d6c33a79ec9c1bdd6
RIPEMD160(wireshark-1.10.10.tar.bz2)=f8ace3bad8736246c6342200d199d143bbbcebac
Wireshark-win32-1.10.10.exe: 22177056 bytes
MD5(Wireshark-win32-1.10.10.exe)=cb160b6be686602993b66ca2b1b2b1da
SHA1(Wireshark-win32-1.10.10.exe)=8db0db187186a496ce71127b0c2eeed20ae14423
RIPEMD160(Wireshark-win32-1.10.10.exe)=6ff8c12f8da4ad92542cc83e2d3257f80637b4a0
Wireshark-win64-1.10.10.exe: 28023688 bytes
MD5(Wireshark-win64-1.10.10.exe)=f73c60486b789e7e3c7edede59cc4ecf
SHA1(Wireshark-win64-1.10.10.exe)=83ecf6f426d08b80664a8fa95bf9c681df70e38a
RIPEMD160(Wireshark-win64-1.10.10.exe)=49181a0a9447110bba1229dacd91e18a27fc14ea
Wireshark-1.10.10.u3p: 30662795 bytes
MD5(Wireshark-1.10.10.u3p)=871172cc6ab38da8f2d397198b4dfb19
SHA1(Wireshark-1.10.10.u3p)=1780de9260aeed43e28264716c48558ece5d6f24
RIPEMD160(Wireshark-1.10.10.u3p)=ddeb6193b953dce454c4ffa92469bf38397b1fc5
WiresharkPortable-1.10.10.paf.exe: 23540840 bytes
MD5(WiresharkPortable-1.10.10.paf.exe)=3985cb6904095f125856b665b5b72417
SHA1(WiresharkPortable-1.10.10.paf.exe)=a79f1e508ff3d36c1372dff669e881ccb2508008
RIPEMD160(WiresharkPortable-1.10.10.paf.exe)=18d9f033e6e88876576ddffb2a4a92c5de54fe4b
Wireshark 1.10.10 Intel 32.dmg: 20474898 bytes
MD5(Wireshark 1.10.10 Intel 32.dmg)=24d3b766a25795afe6b68dadd4c7d36b
SHA1(Wireshark 1.10.10 Intel 32.dmg)=6cde849afc8cc15f9b2e25ab62bf9c03a18fcbb8
RIPEMD160(Wireshark 1.10.10 Intel 32.dmg)=91d29372156af5bde64723eaa23ff0614659b499
Wireshark 1.10.10 Intel 64.dmg: 24805922 bytes
MD5(Wireshark 1.10.10 Intel 64.dmg)=6b1d50f0851e4d47a07314bab3879b0c
SHA1(Wireshark 1.10.10 Intel 64.dmg)=ef6e179e004a17ca0c1e2110d3c4fcc6de0cbe28
RIPEMD160(Wireshark 1.10.10 Intel 64.dmg)=db500717cfc36fc892f0dc881433facefaabd204
patch-wireshark-1.10.9-to-1.10.10.bz2: 72244 bytes
MD5(patch-wireshark-1.10.9-to-1.10.10.bz2)=5b9398f27f0f933ef817e267c294aeee
SHA1(patch-wireshark-1.10.9-to-1.10.10.bz2)=1b15c1335d4d62b0dbbaf18218727623058b9ada
RIPEMD160(patch-wireshark-1.10.9-to-1.10.10.bz2)=e30dc55d2e9db6b9e683bbfe5066ef718b34586d
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (Darwin)
iEYEARECAAYFAlQYiQEACgkQpw8IXSHylJrCcgCdGltdOnq3Bgulmv7In4iLo4Zn
rzAAoL5U6FcKZJvMshlCf2vmBJHzOLih
=BgSv
-----END PGP SIGNATURE-----
++++++ wireshark-1.10.0-authors-pod2man.patch ++++++
From: Andreas Stieger