packages/wireshark
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to 3.6.3

Browse Source
This commit is contained in:
wk333 2022-10-26 14:24:38 +08:00
parent 706b274f5e
commit f71c77ddc3
5 changed files with 225 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
CVE-2022-3190.patch Normal file
View File

@ -0,0 +1,143 @@
From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001
From: Jason Cohen <kryojenik2@gmail.com>
Date: Wed, 31 Aug 2022 11:10:17 -0500
Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic
Remove a chance for an infinate loop in the disection heuristic.
---
epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++-------------
1 file changed, 56 insertions(+), 52 deletions(-)
diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c
index b2ba8f899d..915348ea83 100644
--- a/epan/dissectors/packet-f5ethtrailer.c
+++ b/epan/dissectors/packet-f5ethtrailer.c
@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d
static gint
dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
- proto_tree *type_tree = NULL;
- proto_item *ti = NULL;
guint offset = 0;
- guint processed = 0;
- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
- guint8 type;
- guint8 len;
- guint8 ver;
/* While we still have data in the trailer. For old format trailers, this needs
* type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes).
* All old format trailers are at least 4 bytes long, so just check for length of magic.
*/
- while (tvb_reported_length_remaining(tvb, offset)) {
- type = tvb_get_guint8(tvb, offset);
- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
-
- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW
- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE
- && ver <= F5TRAILER_VER_MAX) {
- /* Parse out the specified trailer. */
- switch (type) {
- case F5TYPE_LOW:
- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
-
- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_low = 1;
- }
- break;
- case F5TYPE_MED:
- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
-
- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_med = 1;
- }
- break;
- case F5TYPE_HIGH:
- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
-
- processed =
- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
- if (processed > 0) {
- tdata->trailer_len += processed;
- tdata->noise_high = 1;
- }
- break;
+ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) {
+ /* length field does not include the type and length bytes. Add them back in */
+ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
+ if (len > tvb_reported_length_remaining(tvb, offset)
+ || len < F5_MIN_SANE || len > F5_MAX_SANE) {
+ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */
+ return offset;
+ }
+ guint8 type = tvb_get_guint8(tvb, offset);
+ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
+
+ /* Parse out the specified trailer. */
+ proto_tree *type_tree = NULL;
+ proto_item *ti = NULL;
+ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
+ guint processed = 0;
+
+ switch (type) {
+ case F5TYPE_LOW:
+ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
+
+ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_low = 1;
}
- if (processed == 0) {
- proto_item_set_len(ti, 1);
- return offset;
+ break;
+ case F5TYPE_MED:
+ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
+
+ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_med = 1;
+ }
+ break;
+ case F5TYPE_HIGH:
+ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
+
+ processed =
+ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
+ if (processed > 0) {
+ tdata->trailer_len += processed;
+ tdata->noise_high = 1;
}
+ break;
+ default:
+ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/
+ return offset;
+ }
+ if (processed == 0) {
+ /* couldn't process trailer - bali out */
+ proto_item_set_len(ti, 1);
+ return offset;
}
offset += processed;
}
-return offset;
+ return offset;
} /* dissect_old_trailer() */
/*---------------------------------------------------------------------------*/
--
GitLab

70
SIGNATURES-3.6.2.txt
View File

@ -1,70 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.6.2.tar.xz: 39654296 bytes
SHA256(wireshark-3.6.2.tar.xz)=5d901a5572aef953f04adc253ed2a0699d4c62779d3249021e1e8541a024c30e
RIPEMD160(wireshark-3.6.2.tar.xz)=da465f279204f8913b9dcb76043b8162b60ed40d
SHA1(wireshark-3.6.2.tar.xz)=d4cf3da54021a763e0bf5f28b4f0bf5c0912d344
Wireshark-win64-3.6.2.exe: 77465592 bytes
SHA256(Wireshark-win64-3.6.2.exe)=8b02c49d60e1e5261fe95ad27e5f5f3ae81990332dd2621959daad7ba84e5388
RIPEMD160(Wireshark-win64-3.6.2.exe)=18355d12b844ebc5cdee1a6b84aff237483d8387
SHA1(Wireshark-win64-3.6.2.exe)=7343c59e1d70f77a370155873b83208ae1908bc6
Wireshark-win32-3.6.2.exe: 61320568 bytes
SHA256(Wireshark-win32-3.6.2.exe)=8b0f9f2bad9e9fe30a78c9221eb81bda7da94bf65b1994bb28ebe2586a9e8408
RIPEMD160(Wireshark-win32-3.6.2.exe)=8685fa838b0506dbb320ae26455ece427abd1ee0
SHA1(Wireshark-win32-3.6.2.exe)=8e509a6df3e12b702d363c3d634445c25e6767f5
Wireshark-win32-3.6.2.msi: 45486080 bytes
SHA256(Wireshark-win32-3.6.2.msi)=dd23322a8767482f6b7c37cf27d3c977abdca80362e1ba8e4454c1c0f279967d
RIPEMD160(Wireshark-win32-3.6.2.msi)=9385476553c225bb8782ec5bc446ba0cd20f8f67
SHA1(Wireshark-win32-3.6.2.msi)=787d590c2ddcefad3e4acd33948461609e103122
Wireshark-win64-3.6.2.msi: 50790400 bytes
SHA256(Wireshark-win64-3.6.2.msi)=62f1e4540b1dce852d83030c4ca28c7566facce2811f970d5bd77be858d253e2
RIPEMD160(Wireshark-win64-3.6.2.msi)=238d5854f2c438b514d189bd95cfaa3c94a9666a
SHA1(Wireshark-win64-3.6.2.msi)=0bcd2a4b47762a5d6ecc532bcba60d3bc714dbac
WiresharkPortable64_3.6.2.paf.exe: 44287624 bytes
SHA256(WiresharkPortable64_3.6.2.paf.exe)=7d82830495f3e44adae80bab9e31546d1db2b20f1a15eff8114734c8bb5138f8
RIPEMD160(WiresharkPortable64_3.6.2.paf.exe)=b552499b4cc52b8af4fb9e71d9d68bfd37c3eaf8
SHA1(WiresharkPortable64_3.6.2.paf.exe)=b9d5c55c236db415d623772dfe10ac4576c58302
WiresharkPortable32_3.6.2.paf.exe: 39538544 bytes
SHA256(WiresharkPortable32_3.6.2.paf.exe)=7d173ef36556a820649e37ff4783c8fdfaa57efe01dd77a9f71481db9c4ff092
RIPEMD160(WiresharkPortable32_3.6.2.paf.exe)=7a7da1b6fa647ce8927c6913bda90e50ab9bfc94
SHA1(WiresharkPortable32_3.6.2.paf.exe)=16ed9196cfc0ec3b6a98adbea958516bd458b9ad
Wireshark 3.6.2 Arm 64.dmg: 139809400 bytes
SHA256(Wireshark 3.6.2 Arm 64.dmg)=3835b6942192675ed3173c4f5fa2bf144c5f6792b3624b140ab9525ca362b17e
RIPEMD160(Wireshark 3.6.2 Arm 64.dmg)=edae2e33a5875a084f784a25bc4def35b20e9452
SHA1(Wireshark 3.6.2 Arm 64.dmg)=ff59c2bf0825a072d9ec7057db1dd0851994eb0e
Wireshark 3.6.2 Intel 64.dmg: 138770043 bytes
SHA256(Wireshark 3.6.2 Intel 64.dmg)=7d434803ca73a4282b1e52b77510d176063b609eda98dfa3ddb30c963cf616e3
RIPEMD160(Wireshark 3.6.2 Intel 64.dmg)=858d58b33c154dcecc3433038bf02266546bdd74
SHA1(Wireshark 3.6.2 Intel 64.dmg)=a36c317cc927a2d596b3d1efe59632300de8704b
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmIFbEAACgkQgiRKeOb+
ruqfwhAA6D/6kuP4iUd+fxQ3YJl6kTOYMTGuO5TY56+XYbIO2Rrjgk8eldDzhJfo
bCc1Rdmw67cfn6O4EPMJJ4X/NCKILqzjcNGqMD4Y07fXv8t2UbnzYofTbPyzmKN1
T2i2gpqMPq21GFcVE4sZonqxWR8JsBA3XNbwjeBnZ/A0Yvpf6c/Jq7IBOfHlO/s3
td4Pxft5iesW0SadqBkidu3v+ptNGChrsOd1lIa1YpOFfkvDJlKK7VknIyOoi4hU
cxUAJgn3yxawvd9/rOz+Gl3N6KCguPlssej5cdqh3beWJl7hbCDoayd7alHctNuR
yqKCTQZDQN8V6aHAkknDHu40du0UU79XIlivaNWisUTJGi0Gkiv7R8hZhq2YFs+9
1n6gRdGeofwpD3ZoKGloy6P7KY1qpdpDq05CWH/UJ+F1JwRHT/Qvk7+K/Zr+Fv3Q
DS/YL2QUImDM4T29rpA8txl+FBcu751VQ+RRr/dm5u1NnfCOyzRyueoFMKG80HJF
wEiqcIaz4TgyZHCp6mfHeZw5BPl4EbHD5l88Nx/70npXX2kOI5JdFAVBOv9fynz/
zj45Q1wP/T2h3PuWbHIz1br4KMSONJJ9DaNMdDBnJyiT2S7U5FqG1HpHYNhTZ4ie
yQxfBENY/9I+kVHOKtUyxjuJvjiOS8TdaXYgnTVQvgPm4f8Dzk0=
=rfe2
-----END PGP SIGNATURE-----

70
SIGNATURES-3.6.3.txt Normal file
View File

@ -0,0 +1,70 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.6.3.tar.xz: 39935892 bytes
SHA256(wireshark-3.6.3.tar.xz)=b60364a4c0068a10811ab3fd075ca6c1eb0e75d44600271b88a20ed93a2ef631
RIPEMD160(wireshark-3.6.3.tar.xz)=e34360909c9e4822595f6c96666171e1caef66b1
SHA1(wireshark-3.6.3.tar.xz)=72226ea907b660309f0d356fc967f75974a16047
Wireshark-win64-3.6.3.exe: 77475048 bytes
SHA256(Wireshark-win64-3.6.3.exe)=b87ee22f981c033e6a075193c2a9a4cf699ec1a5bde7ec4851b9344a27b73eb7
RIPEMD160(Wireshark-win64-3.6.3.exe)=4b9f661d85007ed6ecaaec8e5990dc12ea0b48d0
SHA1(Wireshark-win64-3.6.3.exe)=c6127feaf0b250ca52b6baa170a974a796db79e8
Wireshark-win32-3.6.3.exe: 61329928 bytes
SHA256(Wireshark-win32-3.6.3.exe)=8f7d298c06505948999a557cefda084015ca010a6b2812b36ec18726a5f65bfb
RIPEMD160(Wireshark-win32-3.6.3.exe)=641e074c3800e00d76a80b47aa0bd26a1c5a929f
SHA1(Wireshark-win32-3.6.3.exe)=1259590a55bb65eaa9f5186da42e80b0dadb824b
Wireshark-win32-3.6.3.msi: 45518848 bytes
SHA256(Wireshark-win32-3.6.3.msi)=d373d252723ffd357114b40e8e4292c4d447995c00b937cf3394f7c9a1ede185
RIPEMD160(Wireshark-win32-3.6.3.msi)=7cd384a11e113ceafea0e828e584f3d7f596f471
SHA1(Wireshark-win32-3.6.3.msi)=ebd6ea81ebf96df51cee5480a2938a25f1a4021b
Wireshark-win64-3.6.3.msi: 50798592 bytes
SHA256(Wireshark-win64-3.6.3.msi)=8ac14d26320751c938c70ba81fab3febb1a95c79588316c68757ec442fc92e1f
RIPEMD160(Wireshark-win64-3.6.3.msi)=19ceda5370f3177fcbc20144521e880f272fe0f6
SHA1(Wireshark-win64-3.6.3.msi)=93a38c6d688f3aecf126ed1b9efcf53fc6c7cd8f
WiresharkPortable32_3.6.3.paf.exe: 39538752 bytes
SHA256(WiresharkPortable32_3.6.3.paf.exe)=f2c1e026df966cdcbbb07fe215b42e63575e87d0e61728e917bab30aa1a6aed4
RIPEMD160(WiresharkPortable32_3.6.3.paf.exe)=950a4943a290b5c35b44cd57cb704a63a0a4dd52
SHA1(WiresharkPortable32_3.6.3.paf.exe)=f281e610da157f745d4dc7922d8cc0d7e64ebaa4
WiresharkPortable64_3.6.3.paf.exe: 44293192 bytes
SHA256(WiresharkPortable64_3.6.3.paf.exe)=169e1b389bc97f28e12d93643be6fc31ebcedce75f9e466645f5843ae4356075
RIPEMD160(WiresharkPortable64_3.6.3.paf.exe)=cc1bbd18d55e4447eafc079bb99c97c8cbf3d97a
SHA1(WiresharkPortable64_3.6.3.paf.exe)=6fde24cd7c98e4a79214a9fd820ca6d4392e6799
Wireshark 3.6.3 Arm 64.dmg: 137199813 bytes
SHA256(Wireshark 3.6.3 Arm 64.dmg)=d991168cc82683650ad171ae9e90a0f76a0aae17082e234bcd2ddf887b10c63f
RIPEMD160(Wireshark 3.6.3 Arm 64.dmg)=9842b95c269e442025ac411bf8c369c3ac04a3c1
SHA1(Wireshark 3.6.3 Arm 64.dmg)=106a200ec8af1e0f993f60a229ccc8ec875d9d2d
Wireshark 3.6.3 Intel 64.dmg: 138797493 bytes
SHA256(Wireshark 3.6.3 Intel 64.dmg)=7e46df85d4a2fcbbe774ce56ebe69988bc60a4d498feb13951778f7178b94981
RIPEMD160(Wireshark 3.6.3 Intel 64.dmg)=ae92e11c9b69ed8fd814e539d13beeda0bc828cd
SHA1(Wireshark 3.6.3 Intel 64.dmg)=58c56c6240e4fdd649d44727b5e7aad7a5870635
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmI7X+YACgkQgiRKeOb+
ruoHSw//VwkbZmsEHRpQV61cJmnUlPAqMj2VHMZmi1kN0YmhEtVQ+GfYmE/U4egq
XJkUfwvErmA8LWRe+i4p3NCqSfIyIZrqknRaBXpUfMvoAi7PuInmznI7S3B2WZHP
RPl/JGxSPE9Uz3zxNPYx7hsV4JUtSU//xOjgbkXmFbP50jYQ/CavqUE3nqMcdJhn
Q/tM/DppxAQFGzZj2YhvsmxB6Zhoripw4KjZZW3u+RSxz7ZFEdQHMB2oa5x15O1w
FXB1kty9Q7SS+K3e1J0y40xNYQBHyBPpaW+heF4jFXJIcL1xVdIms/q6AeXTnPJo
61Yjd7kBfsP8R7Awqi7jGc/axJngFhThTiotgDSyC+ToFhajKCmbfNIdnm0fqzSF
CvMWknM12K50EmvPw9lsrxCFyaqvslMKgerOUsQTXxD48mFubf72g07y85ENHIgZ
U5HOE6uZUMVhR7EljWFp+IatN9ycC2NZesM9lvvSjPoRqzTaxCQuzKKAcqBpmp5d
1/AqWR4daz13Jq9N5NI+8GVMhyLhRRiQ450WVQDqFUdmEbk3C37qwZqP0FG/duPY
n71cb82I8cfffgou+J1SZf4jNL7s9m4JxeRcUqXbVaWuA+L/br2dPkjJ7lSvlBYi
2eA8BB0Krul3CSTpaJHkxbOLZJ5jiA4i66kXwd8u/mTQEwvnBwA=
=WGYm
-----END PGP SIGNATURE-----

BIN
wireshark-3.6.2.tar.xz → wireshark-3.6.3.tar.xz
View File

Binary file not shown.

6
wireshark.spec
View File

@ -4,7 +4,7 @@
Summary: Network traffic analyzer
Name: wireshark
Version: 3.6.2
Version: 3.6.3
Release: 1
Epoch: 1
License: GPL+
@ -21,6 +21,7 @@ Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch
Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch7: wireshark-0007-cmakelists.patch
Patch8: CVE-2022-3190.patch
Requires: xdg-utils
Requires: hicolor-icon-theme
@ -195,6 +196,9 @@ exit 0
%{_mandir}/man?/*
%changelog
* Wed Oct 26 2022 wangkai <wangkai385@h-partners.com> - 1:3.6.3-1
- Update to 3.6.3
* Wed Mar 09 2022 wangkai <wangkai385@huawei.com> - 3.6.2-1
- Update to 3.6.2 for fix CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586