Log message:
Pullup ticket #4276 - requested by tron
net/wireshark: security update
Revisions pulled up:
- net/wireshark/DESCR 1.4
- net/wireshark/Makefile 1.112
- net/wireshark/distinfo 1.71
- net/wireshark/patches/patch-aa 1.13
- net/wireshark/patches/patch-ab 1.4
- net/wireshark/patches/patch-ac 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Dec 18 11:52:26 UTC 2013
Modified Files:
pkgsrc/net/wireshark: DESCR Makefile distinfo
pkgsrc/net/wireshark/patches: patch-aa patch-ab patch-ac
Log message:
Update "wireshark" package to version 1.10.4. Changes since version \
1.10.3:
- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2013-66
The SIP dissector could go into an infinite loop.
Discovered by Alain Botti. (Bug 9388)
Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11
CVE-2013-7112
* wnpa-sec-2013-67
The BSSGP dissector could crash. Discovered by Laurent
Butti. (Bug 9488)
Versions affected: 1.10.0 to 1.10.3
CVE-2013-7113
* wnpa-sec-2013-68
The NTLMSSP v2 dissector could crash. Discovered by Garming
Sam.
Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11
CVE-2013-7114
The following bugs have been fixed:
* "On-the-wire" packet lengths are limited to 65535 bytes.
(Bug 8808, ws-buglink:9390)
* Tx MCS set is not interpreted properly in WLAN beacon
frame. (Bug 8894)
* VoIP Graph Analysis window - some calls are black. (Bug
8966)
* Wireshark fails to decode single-line, multiple Contact:
URIs in SIP responses. (Bug 9031)
* epan/follow.c - Incorrect "bytes missing in capture file"
in "check_fragments" due to an unsigned int wraparound?.
(Bug 9112)
* gsm_map doesn't decode MAPv3 reportSM-DeliveryStatus
result. (Bug 9382)
* Incorrect NFSv4 FATTR4_SECURITY_LABEL value. (Bug 9383)
* Timestamp decoded for Gigamon trailer is not padded
correctly. (Bug 9433)
* SEL Fast Message Bug-fix for Signed 16-bit Integer Fast
Meter Messages. (Bug 9435)
* DNP3 Bug Fix for Analog Data Sign Bit Handling. (Bug
9442)
* GSM SMS User Data header fill bits are wrong when using a 7
bits ASCII / IA5 encoding. (Bug 9478)
* WCDMA RLC dissector cannot assemble PDUs with SNs skipped
and wrap-arounded. (Bug 9505)
* DTLS: fix buffer overflow in mac check. (Bug 9512)
* Correct data length in SCSI_DATA_IN packets (within
iSCSI). (Bug 9521)
* GSM SMS UDH EMS control expects 4 octets instead of 3 with
OPTIONAL 4th. (Bug 9550)
* Fix "decode as ..." for packet-time.c. (Bug 9563)
- Updated Protocol Support
ANSI IS-637-A, BSSGP, DNP3, DVB-BAT, DVB-CI, GSM MAP, GSM SMS,
IEEE 802.11, iSCSI, NFSv4, NTLMSSP v2, RLC, SEL FM, SIP, and Time
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/wireshark/DESCR
cvs rdiff -u -r1.111 -r1.112 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.70 -r1.71 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/wireshark/patches/patch-aa
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/wireshark/patches/patch-ab
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/wireshark/patches/patch-ac
|
Log message:
Pullup ticket #4251 - requested by tron
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.111
- net/wireshark/distinfo 1.70
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Nov 2 10:30:00 UTC 2013
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log message:
Update "wireshark" package to version 1.10.3. Changes since 1.10.2:
- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2013-61
The IEEE 802.15.4 dissector could crash. (Bug 9139)
Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
CVE-2013-6336
* wnpa-sec-2013-62
The NBAP dissector could crash. Discovered by Laurent
Butti. (Bug 9168)
Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
CVE-2013-6337
* wnpa-sec-2013-63
The SIP dissector could crash. (Bug 9228)
Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
CVE-2013-6338
* wnpa-sec-2013-64
The OpenWire dissector could go into a large loop.
Discovered by Murali. (Bug 9248)
Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
CVE-2013-6339
* wnpa-sec-2013-65
The TCP dissector could crash. (Bug 9263)
Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
CVE-2013-6340
- The following bugs have been fixed:
* new_packet_list: EAP-TLS reassemble does not happen when
NEW_PACKET_LIST is toggled. (Bug 5349)
* TLS decryption fails with XMPP start_tls. (Bug 8871)
* Wrong Interpretation of GTS starting slot. (Bug 8946)
* "Follow TCP Stream" shows only the first HTTP req+res.
(Bug 9044)
* The value of SEND_TO_UE in the DIAMETER Gx dictionary for
Packet-Filter-Usage AVP is 0 instead of 1. (Bug 9126)
* Crash then try to delete the same entry (length range)
twice. (Bug 9129)
* Crash if wrong "packet lengths range" entered. (Bug
9130)
* Bssgp =3D> SGSN-INVOKE-TRACE use the wrong function...
(Bug 9157)
* Minor correction to dissection of DLR frames in Ethernet/IP
dissector. (Bug 9186)
* WebSphere MQ V7 Bug Fix 8322 TSHM_EBCDIC. (Bug 9198)
* EDNS0 "Higher bits in extended RCODE" incorrectly decoded
in packet-dns.c. (Bug 9199)
* Files with pcap-ng Simple Packet Blocks can't be read.
(Bug 9200)
* Bug in RTP dissector if RTP extension is present. (Bug
9204)
* Improve "eHRPD Indicator" NVSE dissection in 3GPP2 A11
Registration Request. (Bug 9206)
* "make debian-package" fails, missing wsicon32.xpm. (Bug
9209)
* Fix typo in MODCOD list of DVB-S2 dissector. (Bug 9218)
* Ring buffer crash when tshark gets too far behind dumpcap.
(Bug 9258)
* PTP Dissector Wrongfully Reports Malformed Packet. (Bug
9262)
* Wireshark lua dissector unable to load for
media_type=3Dapplication/octet-stream. (Bug 9296)
* Wireshark crash when dissecting packet with NTLMSSP.
(Bug 9299)
* Padding in uint64 field in DCERPC protocol wrongly
reported. (Bug 9300)
* DCERPC data_blobs are not correctly dissected when NDR64
encoding is used. (Bug 9301)
* Multiple PDUs in the same DCERPC packet are not correctly
decrypted. (Bug 9302)
* The tshark summary line doesn't display the frame number or
displays it sporadically. (Bug 9317)
* Bluetooth: SDP improvements and minor fixes. (Bug 9327)
* Duplicate IRC header field abbreviation breaks filter
(example: irc.response.command). (Bug 9360)
- Updated Protocol Support
3GPP2 A11, Bluetooth SDP, BSSGP, DCERPC, DCERPC NDR, DCERPC NT,
DIAMETER, DNS, DVB-S2, Ethernet, EtherNet/IP, H.225, IEEE
802.15.4, IRC, NBAP, NTLMSSP, OpenWire, PTP, RTP, SIP, TCP,
WiMax, and XMPP
To generate a diff of this commit:
cvs rdiff -u -r1.110 -r1.111 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.69 -r1.70 pkgsrc/net/wireshark/distinfo
|