packages/wireshark
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to 3.6.11

Browse Source 
(cherry picked from commit 9b4fc945ccae6b2e1dbb46b7ed1fde7ece14c4d8)
This commit is contained in:
liyuxiang 2023-02-14 01:24:58 +08:00 committed by openeuler-sync-bot
parent 51d53ec568
commit cf6192377b
6 changed files with 5 additions and 249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
CVE-2022-3190.patch
View File

@ -1,143 +0,0 @@
From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001
From: Jason Cohen <kryojenik2@gmail.com>
Date: Wed, 31 Aug 2022 11:10:17 -0500
Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic
Remove a chance for an infinate loop in the disection heuristic.
---
epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++-------------
1 file changed, 56 insertions(+), 52 deletions(-)
diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c
index b2ba8f899d..915348ea83 100644
--- a/epan/dissectors/packet-f5ethtrailer.c
+++ b/epan/dissectors/packet-f5ethtrailer.c
@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d
static gint
dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
- proto_tree *type_tree = NULL;
- proto_item *ti = NULL;
guint offset = 0;
- guint processed = 0;
- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
- guint8 type;
- guint8 len;
- guint8 ver;
/* While we still have data in the trailer. For old format trailers, this needs
* type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes).
* All old format trailers are at least 4 bytes long, so just check for length of magic.
*/
- while (tvb_reported_length_remaining(tvb, offset)) {
- type = tvb_get_guint8(tvb, offset);
- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
-
- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW
- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE
- && ver <= F5TRAILER_VER_MAX) {
- /* Parse out the specified trailer. */
- switch (type) {
- case F5TYPE_LOW:
- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
-
- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_low = 1;
- }
- break;
- case F5TYPE_MED:
- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
-
- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_med = 1;
- }
- break;
- case F5TYPE_HIGH:
- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
-
- processed =
- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_high = 1;
- }
- break;
+ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) {
+ /* length field does not include the type and length bytes. Add them back in */
+ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
+ if (len > tvb_reported_length_remaining(tvb, offset)
+ || len < F5_MIN_SANE || len > F5_MAX_SANE) {
+ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */
+ return offset;
+ }
+ guint8 type = tvb_get_guint8(tvb, offset);
+ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
+
+ /* Parse out the specified trailer. */
+ proto_tree *type_tree = NULL;
+ proto_item *ti = NULL;
+ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
+ guint processed = 0;
+
+ switch (type) {
+ case F5TYPE_LOW:
+ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
+
+ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_low = 1;
}
- if (processed == 0) {
- proto_item_set_len(ti, 1);
- return offset;
+ break;
+ case F5TYPE_MED:
+ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
+
+ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_med = 1;
+ }
+ break;
+ case F5TYPE_HIGH:
+ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
+
+ processed =
+ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_high = 1;
}
+ break;
+ default:
+ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/
+ return offset;
+ }
+ if (processed == 0) {
+ /* couldn't process trailer - bali out */
+ proto_item_set_len(ti, 1);
+ return offset;
}
offset += processed;
}
-return offset;
+ return offset;
} /* dissect_old_trailer() */
/*---------------------------------------------------------------------------*/
--
GitLab

32
CVE-2022-3725.patch
View File

@ -1,32 +0,0 @@
From 5db46d3a7c0f6481361a4a007de125ab92bfb674 Mon Sep 17 00:00:00 2001
From: John Thacker <johnthacker@gmail.com>
Date: Mon, 26 Sep 2022 19:55:59 -0400
Subject: [PATCH] opus: Don't overflow a signed 16-bit integer
The internal sample rate of 48KHz overflows a signed 16-bit
integer, and causes incorrect calculations. Use an unsigned integer.
Fix #18378
(cherry picked from commit 749a8d091200b43175268689996471b59fa34266)
---
epan/dissectors/packet-opus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/dissectors/packet-opus.c b/epan/dissectors/packet-opus.c
index 9451fed0a1..54a83a007e 100644
--- a/epan/dissectors/packet-opus.c
+++ b/epan/dissectors/packet-opus.c
@@ -128,7 +128,7 @@ parse_size_field(const unsigned char *ch, int32_t cn, int16_t *size)
}
static int16_t
-opus_packet_get_samples_per_frame(const unsigned char *data, int16_t Fs)
+opus_packet_get_samples_per_frame(const unsigned char *data, uint16_t Fs)
{
int audiosize;
if (data[0] & 0x80) {
--
GitLab

BIN
SIGNATURES-3.6.11.txt Normal file
View File

Binary file not shown.

70
SIGNATURES-3.6.3.txt
View File

@ -1,70 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.6.3.tar.xz: 39935892 bytes
SHA256(wireshark-3.6.3.tar.xz)=b60364a4c0068a10811ab3fd075ca6c1eb0e75d44600271b88a20ed93a2ef631
RIPEMD160(wireshark-3.6.3.tar.xz)=e34360909c9e4822595f6c96666171e1caef66b1
SHA1(wireshark-3.6.3.tar.xz)=72226ea907b660309f0d356fc967f75974a16047
Wireshark-win64-3.6.3.exe: 77475048 bytes
SHA256(Wireshark-win64-3.6.3.exe)=b87ee22f981c033e6a075193c2a9a4cf699ec1a5bde7ec4851b9344a27b73eb7
RIPEMD160(Wireshark-win64-3.6.3.exe)=4b9f661d85007ed6ecaaec8e5990dc12ea0b48d0
SHA1(Wireshark-win64-3.6.3.exe)=c6127feaf0b250ca52b6baa170a974a796db79e8
Wireshark-win32-3.6.3.exe: 61329928 bytes
SHA256(Wireshark-win32-3.6.3.exe)=8f7d298c06505948999a557cefda084015ca010a6b2812b36ec18726a5f65bfb
RIPEMD160(Wireshark-win32-3.6.3.exe)=641e074c3800e00d76a80b47aa0bd26a1c5a929f
SHA1(Wireshark-win32-3.6.3.exe)=1259590a55bb65eaa9f5186da42e80b0dadb824b
Wireshark-win32-3.6.3.msi: 45518848 bytes
SHA256(Wireshark-win32-3.6.3.msi)=d373d252723ffd357114b40e8e4292c4d447995c00b937cf3394f7c9a1ede185
RIPEMD160(Wireshark-win32-3.6.3.msi)=7cd384a11e113ceafea0e828e584f3d7f596f471
SHA1(Wireshark-win32-3.6.3.msi)=ebd6ea81ebf96df51cee5480a2938a25f1a4021b
Wireshark-win64-3.6.3.msi: 50798592 bytes
SHA256(Wireshark-win64-3.6.3.msi)=8ac14d26320751c938c70ba81fab3febb1a95c79588316c68757ec442fc92e1f
RIPEMD160(Wireshark-win64-3.6.3.msi)=19ceda5370f3177fcbc20144521e880f272fe0f6
SHA1(Wireshark-win64-3.6.3.msi)=93a38c6d688f3aecf126ed1b9efcf53fc6c7cd8f
WiresharkPortable32_3.6.3.paf.exe: 39538752 bytes
SHA256(WiresharkPortable32_3.6.3.paf.exe)=f2c1e026df966cdcbbb07fe215b42e63575e87d0e61728e917bab30aa1a6aed4
RIPEMD160(WiresharkPortable32_3.6.3.paf.exe)=950a4943a290b5c35b44cd57cb704a63a0a4dd52
SHA1(WiresharkPortable32_3.6.3.paf.exe)=f281e610da157f745d4dc7922d8cc0d7e64ebaa4
WiresharkPortable64_3.6.3.paf.exe: 44293192 bytes
SHA256(WiresharkPortable64_3.6.3.paf.exe)=169e1b389bc97f28e12d93643be6fc31ebcedce75f9e466645f5843ae4356075
RIPEMD160(WiresharkPortable64_3.6.3.paf.exe)=cc1bbd18d55e4447eafc079bb99c97c8cbf3d97a
SHA1(WiresharkPortable64_3.6.3.paf.exe)=6fde24cd7c98e4a79214a9fd820ca6d4392e6799
Wireshark 3.6.3 Arm 64.dmg: 137199813 bytes
SHA256(Wireshark 3.6.3 Arm 64.dmg)=d991168cc82683650ad171ae9e90a0f76a0aae17082e234bcd2ddf887b10c63f
RIPEMD160(Wireshark 3.6.3 Arm 64.dmg)=9842b95c269e442025ac411bf8c369c3ac04a3c1
SHA1(Wireshark 3.6.3 Arm 64.dmg)=106a200ec8af1e0f993f60a229ccc8ec875d9d2d
Wireshark 3.6.3 Intel 64.dmg: 138797493 bytes
SHA256(Wireshark 3.6.3 Intel 64.dmg)=7e46df85d4a2fcbbe774ce56ebe69988bc60a4d498feb13951778f7178b94981
RIPEMD160(Wireshark 3.6.3 Intel 64.dmg)=ae92e11c9b69ed8fd814e539d13beeda0bc828cd
SHA1(Wireshark 3.6.3 Intel 64.dmg)=58c56c6240e4fdd649d44727b5e7aad7a5870635
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmI7X+YACgkQgiRKeOb+
ruoHSw//VwkbZmsEHRpQV61cJmnUlPAqMj2VHMZmi1kN0YmhEtVQ+GfYmE/U4egq
XJkUfwvErmA8LWRe+i4p3NCqSfIyIZrqknRaBXpUfMvoAi7PuInmznI7S3B2WZHP
RPl/JGxSPE9Uz3zxNPYx7hsV4JUtSU//xOjgbkXmFbP50jYQ/CavqUE3nqMcdJhn
Q/tM/DppxAQFGzZj2YhvsmxB6Zhoripw4KjZZW3u+RSxz7ZFEdQHMB2oa5x15O1w
FXB1kty9Q7SS+K3e1J0y40xNYQBHyBPpaW+heF4jFXJIcL1xVdIms/q6AeXTnPJo
61Yjd7kBfsP8R7Awqi7jGc/axJngFhThTiotgDSyC+ToFhajKCmbfNIdnm0fqzSF
CvMWknM12K50EmvPw9lsrxCFyaqvslMKgerOUsQTXxD48mFubf72g07y85ENHIgZ
U5HOE6uZUMVhR7EljWFp+IatN9ycC2NZesM9lvvSjPoRqzTaxCQuzKKAcqBpmp5d
1/AqWR4daz13Jq9N5NI+8GVMhyLhRRiQ450WVQDqFUdmEbk3C37qwZqP0FG/duPY
n71cb82I8cfffgou+J1SZf4jNL7s9m4JxeRcUqXbVaWuA+L/br2dPkjJ7lSvlBYi
2eA8BB0Krul3CSTpaJHkxbOLZJ5jiA4i66kXwd8u/mTQEwvnBwA=
=WGYm
-----END PGP SIGNATURE-----

BIN
wireshark-3.6.3.tar.xz → wireshark-3.6.11.tar.xz
View File

Binary file not shown.

9
wireshark.spec
View File

@ -4,8 +4,8 @@
Summary: Network traffic analyzer Summary: Network traffic analyzer
Name: wireshark Name: wireshark
Version: 3.6.3 Version: 3.6.11
Release: 2 Release: 1
Epoch: 1 Epoch: 1
License: GPL+ License: GPL+
Url: http://www.wireshark.org/ Url: http://www.wireshark.org/
@ -21,8 +21,6 @@ Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch
Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch7: wireshark-0007-cmakelists.patch Patch7: wireshark-0007-cmakelists.patch
Patch8: CVE-2022-3190.patch
Patch9: CVE-2022-3725.patch
Requires: xdg-utils Requires: xdg-utils
Requires: hicolor-icon-theme Requires: hicolor-icon-theme
@ -197,6 +195,9 @@ exit 0
%{_mandir}/man?/* %{_mandir}/man?/*
%changelog %changelog
* Tue Feb 14 2023 liyuxiang<liyuxiang@ncti-gba.cn> - 1:3.6.11-1
- Update to 3.6.11
* Wed Nov 09 2022 liyuxiang<liyuxiang@ncti-gba.cn> - 1:3.6.3-2 * Wed Nov 09 2022 liyuxiang<liyuxiang@ncti-gba.cn> - 1:3.6.3-2
- fix CVE-2022-3725 - fix CVE-2022-3725