diff options
| author | tron <tron@pkgsrc.org> | 2012-09-04 23:08:38 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2012-09-04 23:08:38 +0000 |
| commit | dbe98ecbfea81f0fa1c2f47e6a3bc368ba616f9c (patch) | |
| tree | cff88253d173e06530ac789a2b90ecc17ccd932c /net/wireshark | |
| parent | 08764053f3008fcde63144859b1241da5e792294 (diff) | |
| download | pkgsrc-dbe98ecbfea81f0fa1c2f47e6a3bc368ba616f9c.tar.gz | |
Add fir for the remote DoS vulnerability reported in CVE-2012-3548 taken
from the Wireshark SVN repository.
Diffstat (limited to 'net/wireshark')
| -rw-r--r-- | net/wireshark/Makefile | 4 | ||||
| -rw-r--r-- | net/wireshark/distinfo | 3 | ||||
| -rw-r--r-- | net/wireshark/patches/patch-CVE-2012-3548 | 28 |
3 files changed, 32 insertions, 3 deletions
diff --git a/net/wireshark/Makefile b/net/wireshark/Makefile index 26a4a23c313..f43d0ca020c 100644 --- a/net/wireshark/Makefile +++ b/net/wireshark/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.83 2012/08/20 12:21:53 tron Exp $ +# $NetBSD: Makefile,v 1.84 2012/09/04 23:08:38 tron Exp $ DISTNAME= wireshark-1.8.2 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= net MASTER_SITES= http://www.wireshark.org/download/src/ \ ${MASTER_SITE_SOURCEFORGE:=wireshark/} diff --git a/net/wireshark/distinfo b/net/wireshark/distinfo index 03b18d41512..cc68675ecfb 100644 --- a/net/wireshark/distinfo +++ b/net/wireshark/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.58 2012/08/20 08:34:44 christos Exp $ +$NetBSD: distinfo,v 1.59 2012/09/04 23:08:38 tron Exp $ SHA1 (wireshark-1.8.2.tar.bz2) = 4737d9745dbf002444ea42615243abf3bb80b943 RMD160 (wireshark-1.8.2.tar.bz2) = 5fece857d5187b146a690fda111a0611e108c2a9 Size (wireshark-1.8.2.tar.bz2) = 24121798 bytes +SHA1 (patch-CVE-2012-3548) = 0d72d0e485ed09e1c28bd85bf1f06aa390be4981 SHA1 (patch-aa) = 78b9c01d7ecc272f1188a3fb8cfb806c8a040f6d SHA1 (patch-ab) = 5ae79916603f04c2d362c764d39f0c99728e716c SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840 diff --git a/net/wireshark/patches/patch-CVE-2012-3548 b/net/wireshark/patches/patch-CVE-2012-3548 new file mode 100644 index 00000000000..3f6a2650679 --- /dev/null +++ b/net/wireshark/patches/patch-CVE-2012-3548 @@ -0,0 +1,28 @@ +$NetBSD: patch-CVE-2012-3548,v 1.1 2012/09/04 23:08:38 tron Exp $ + +Fix for the remote DoS security vulnerability reported in CVE-2012-3548. +The patch was taken from the Wireshark SVN repository: + +http://anonsvn.wireshark.org/viewvc?view=revision&revision=44749 + +--- epan/dissectors/packet-drda.c.orig 2012-06-05 17:33:38.000000000 +0100 ++++ epan/dissectors/packet-drda.c 2012-09-04 21:38:12.000000000 +0100 +@@ -55,6 +55,7 @@ + #include <epan/packet.h> + #include <epan/conversation.h> + #include <epan/prefs.h> ++#include <epan/expert.h> + #include "packet-tcp.h" + + static int proto_drda = -1; +@@ -696,6 +697,10 @@ + { + iCommand = tvb_get_ntohs(tvb, offset + 8); + iLength = tvb_get_ntohs(tvb, offset + 0); ++ if (iLength < 10) { ++ expert_add_info_format(pinfo, NULL, PI_MALFORMED, PI_ERROR, "Invalid length detected (%u): should be at least 10 bytes long", iLength); ++ break; ++ } + /* iCommandEnd is the length of the packet up to the end of the current command */ + iCommandEnd += iLength; + |