X-Original-To: alpine-aports@lists.alpinelinux.org
Received: from mail-lf0-f68.google.com (mail-lf0-f68.google.com [209.85.215.68])
	by lists.alpinelinux.org (Postfix) with ESMTP id E0D515C44C2
	for <alpine-aports@lists.alpinelinux.org>; Fri, 17 Mar 2017 14:49:32 +0000 (GMT)
Received: by mail-lf0-f68.google.com with SMTP id y193so5697284lfd.1
        for <alpine-aports@lists.alpinelinux.org>; Fri, 17 Mar 2017 07:49:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id;
        bh=FyBWp84NXTWTRDDX+r+VBG/ogQmYDs8c0tZx0HF9umQ=;
        b=sd607hRJNIOHUwdTIzBeL1OlNKr+SoRghC1+nVuSyQuVQuHmM3lxr88U9k04MHu1J/
         RGL8p6sABbcKlQXAOvxDPL2q2iu43qCDz7EpmCFYhfpewG0vMkOUfozSCM0gOdJGzVZM
         KjxZ5wBOoACSF8lxEx8MYQ9iBmBnIvl/ZEtB+G3CtWHZ7KOupU2NyDHgst6LbjAIsGiA
         YpazMW5hwxGieoJAIqvhJAvQ+WPx0S1v3FG1G/lV8uL8CJ68XfMWr080LWBT74TGuwqX
         46bgGh1tSgR7h247Xy1o3QVWNJ9Jn1gW9gmJP3ePQNPjvilUleMdn29X+sw9HivSTAMK
         7ZjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=FyBWp84NXTWTRDDX+r+VBG/ogQmYDs8c0tZx0HF9umQ=;
        b=a6K56zc3N218a0v8dd1Zek9pws26Ytw/lwvJngO6PQBCFAeHJ5q0FEp6yqGWlrVu63
         uZuuc+lD05jbnlGzzss3L7mOY1LBxzc9FoKKJuJelASNm3xqzZyaAGd8eS/ljuzWlUpP
         Oyq2zkhYcvR1e7/N0PdIGPcnWeS4OYh4dfXPwYDohL+Z/MijF8re9f0bVG7wca2PGTks
         EggT4WKhQFcDqJHXdNUoRylKYi2KtZn4nhJLDYXi9p8ELizwAzZQEcOzN/3Atbdt+wgA
         sDC0ct8fV9gcT71/BiSnl9NUMuVv2b4/z6mIp6a7z3qE1WXWUQNnOB2GwQXYm7RX0OAJ
         543A==
X-Gm-Message-State: AFeK/H1q6D0zvZ795ijoyj8ru5Zy/D6GbG1NUwIMy1mzxMAIg/QyksxKvrju9y7pAkrruQ==
X-Received: by 10.46.77.72 with SMTP id a69mr5218712ljb.104.1489762171717;
        Fri, 17 Mar 2017 07:49:31 -0700 (PDT)
Received: from edge.util.wtbts.net ([83.145.235.199])
        by smtp.gmail.com with ESMTPSA id b16sm1508224lfe.30.2017.03.17.07.49.30
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 17 Mar 2017 07:49:30 -0700 (PDT)
From: Sergei Lukin <sergej.lukin@gmail.com>
To: alpine-aports@lists.alpinelinux.org
Cc: Sergei Lukin <sergej.lukin@gmail.com>
Subject: [alpine-aports] [PATCH edge] main/wireshark: security upgrade to 2.2.5 - fixes #7026
Date: Fri, 17 Mar 2017 14:49:20 +0000
Message-Id: <20170317144920.12784-1-sergej.lukin@gmail.com>
X-Mailer: git-send-email 2.11.1
X-Mailinglist: alpine-aports
Precedence: list
List-Id: Alpine Development <alpine-aports.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-aports+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-aports@lists.alpinelinux.org>
List-Help: <mailto:alpine-aports+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-aports+subscribe@lists.alpinelinux.org?subject=subscribe>

CVE-2017-6467: NetScaler file parser infinite loop
CVE-2017-6468: NetScaler file parser crash
CVE-2017-6469: LDSS dissector crash
CVE-2017-6470: IAX2 infinite loop
CVE-2017-6471: WSP infinite loop
CVE-2017-6472: RTMPT dissector infinite loop
CVE-2017-6473: K12 file parser crash
CVE-2017-6474: NetScaler file parser infinite loop
wnpa-sec-2017-06: STANAG 4607 file parser infinite loop
---
CVE-2017-6014.patch was removed because 2.2.5 contains fix for it
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857119

 main/wireshark/APKBUILD            | 19 ++++++++----
 main/wireshark/CVE-2017-6014.patch | 61 --------------------------------------
 2 files changed, 13 insertions(+), 67 deletions(-)
 delete mode 100644 main/wireshark/CVE-2017-6014.patch

diff --git a/main/wireshark/APKBUILD b/main/wireshark/APKBUILD
index a3a6399f06..68bbc05c52 100644
--- a/main/wireshark/APKBUILD
+++ b/main/wireshark/APKBUILD
@@ -3,8 +3,8 @@
 # Contributor: Jeremy Thomerson <jeremy@thomersonfamily.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=wireshark
-pkgver=2.2.4
-pkgrel=1
+pkgver=2.2.5
+pkgrel=0
 pkgdesc="A network protocol analyzer - GTK version"
 url="http://www.wireshark.org"
 arch="all"
@@ -17,12 +17,20 @@ install=""
 subpackages="$pkgname-dev $pkgname-doc $pkgname-gtk $pkgname-common tshark"
 source="http://www.wireshark.org/download/src/$pkgname-$pkgver.tar.bz2
         fix-androiddump.patch
-        CVE-2017-6014.patch
         "
 
 builddir="$srcdir"/$pkgname-$pkgver
 
 # security fixes:
+#   2.2.5-r0:
+#   - CVE-2017-6467
+#   - CVE-2017-6468
+#   - CVE-2017-6469
+#   - CVE-2017-6470
+#   - CVE-2017-6471
+#   - CVE-2017-6472
+#   - CVE-2017-6473
+#   - CVE-2017-6474
 #   2.2.4-r1:
 #   - CVE-2017-6014
 #   2.0.5-r0:
@@ -98,6 +106,5 @@ gtk() {
 	mv "$pkgdir"/usr/bin/wireshark-gtk "$subpkgdir"/usr/bin/
 }
 
-sha512sums="f3ff6979fdd1c7cf6abe386ec476fee12045ae6df3c8162568d521532045d5eb6ad689262c38b1766c75c9fc1068f480fcd64f0aa077b3a0ceea7c16dbdabc65  wireshark-2.2.4.tar.bz2
-d462e3289c1350a9f712a21d2d1973977e5dd7989f7beff4b71498551174458f572a23f267c83552f088466cb9d2721df2b2eb807514db6ad1e0877dbc87fc6d  fix-androiddump.patch
-eb7c47e208d7278c1f80acc9d4b12fe9efb08a19b024cc13e90efac1fb37c700e739e154ba3b361ff1e5fdf28eeeabb2000d875010af70ae80a6c2baaaba8737  CVE-2017-6014.patch"
+sha512sums="c419950683eb399f851e10cc268d541cbd6e75a957f412650fa9564760908864fcd0d5d6c3520e656d93c31cd5f1216a514be154dfa950fcfd2804e66155985e  wireshark-2.2.5.tar.bz2
+d462e3289c1350a9f712a21d2d1973977e5dd7989f7beff4b71498551174458f572a23f267c83552f088466cb9d2721df2b2eb807514db6ad1e0877dbc87fc6d  fix-androiddump.patch"
diff --git a/main/wireshark/CVE-2017-6014.patch b/main/wireshark/CVE-2017-6014.patch
deleted file mode 100644
index 23388a97ea..0000000000
--- a/main/wireshark/CVE-2017-6014.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 38b428a31736cb08563442e3c97564951f7f6601 Mon Sep 17 00:00:00 2001
-From: Guy Harris <guy@alum.mit.edu>
-Date: Thu, 16 Feb 2017 00:18:30 -0800
-Subject: [PATCH] Report an error for too-short packets.
-
-The packet length field gives the length of the *entire* packet, so, by
-definition, it must not be zero.  Make sure it's at least big enough for
-the packet header itself plus one segment header.
-
-Bug: 13416
-Change-Id: I625bd5c0ce75ab1200b3becf12fc1c819fefcd63
-Reviewed-on: https://code.wireshark.org/review/20133
-Reviewed-by: Guy Harris <guy@alum.mit.edu>
-(cherry picked from commit c7042bedbb3b12c5f4e19e59e52da370d4ffe62f)
-Reviewed-on: https://code.wireshark.org/review/20135
----
- wiretap/stanag4607.c |   15 ++++++++++++++-
- 1 file changed, 14 insertions(+), 1 deletion(-)
-
-diff --git a/wiretap/stanag4607.c b/wiretap/stanag4607.c
-index 9aa3105..2572aba 100644
---- a/wiretap/stanag4607.c
-+++ b/wiretap/stanag4607.c
-@@ -36,6 +36,9 @@ typedef struct {
-   time_t base_secs;
- } stanag4607_t;
- 
-+#define PKT_HDR_SIZE  32 /* size of a packet header */
-+#define SEG_HDR_SIZE  5  /* size of a segment header */
-+
- static gboolean is_valid_id(guint16 version_id)
- {
- #define VERSION_21 0x3231
-@@ -53,7 +56,7 @@ static gboolean stanag4607_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *p
-   stanag4607_t *stanag4607 = (stanag4607_t *)wth->priv;
-   guint32 millisecs, secs, nsecs;
-   gint64 offset = 0;
--  guint8 stanag_pkt_hdr[37];
-+  guint8 stanag_pkt_hdr[PKT_HDR_SIZE+SEG_HDR_SIZE];
-   guint32 packet_size;
- 
-   *err = 0;
-@@ -83,6 +86,16 @@ static gboolean stanag4607_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *p
-       "bigger than maximum of %u", packet_size, WTAP_MAX_PACKET_SIZE);
-     return FALSE;
-   }
-+  if (packet_size < PKT_HDR_SIZE+SEG_HDR_SIZE) {
-+    /*
-+     * Probably a corrupt capture file; don't, for example, loop
-+     * infinitely if the size is zero.
-+     */
-+    *err = WTAP_ERR_BAD_FILE;
-+    *err_info = g_strdup_printf("stanag4607: File has %" G_GUINT32_FORMAT "d-byte packet, "
-+      "smaller than minimum of %u", packet_size, PKT_HDR_SIZE+SEG_HDR_SIZE);
-+    return FALSE;
-+  }
-   phdr->caplen = packet_size;
-   phdr->len = packet_size;
- 
--- 
-1.7.9.5
-- 
2.11.1



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---