From 6a137f17c2edda0abe95eacf3eea0d140f506c86 Mon Sep 17 00:00:00 2001 From: spz Date: Wed, 2 Mar 2011 15:21:06 +0000 Subject: Pullup ticket 3371 - requested by tron security update Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.60 - pkgsrc/net/wireshark/distinfo by patch Files deleted: pkgsrc/net/wireshark/patches/patch-af pkgsrc/net/wireshark/patches/patch-ag ----------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Wed Mar 2 00:09:15 UTC 2011 Modified Files: pkgsrc/net/wireshark: Makefile distinfo Removed Files: pkgsrc/net/wireshark/patches: patch-af patch-ag Log Message: Update "wireshark" package to version 1.4.4. Changes since 1.4.3: - Bug Fixes The following vulnerabilities have been fixed. See the security advisory for details and a workaround. o Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that Wireshark could free an uninitialized pointer while reading a malformed pcap-ng file. (Bug 5652) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. CVE-2011-0538 o Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a large packet length in a pcap-ng file could crash Wireshark. (Bug 5661) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. o Wireshark could overflow a buffer while reading a Nokia DCT3 trace file. (Bug 5661) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. CVE-2011-0713 o Paul Makowski working for SEI/CERT discovered that Wireshark on 32 bit systems could crash while reading a malformed 6LoWPAN packet. (Bug 5661) Versions affected: 1.4.0 to 1.4.3. o joernchen of Phenoelit discovered that the LDAP and SMB dissectors could overflow the stack. (Bug 5717) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior versions including 1.0.x are also affected.) o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP Filter strings can consume excessive amounts of memory. (Bug 5732) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior versions including 1.0.x are also affected.) The following bugs have been fixed: o A TCP stream would not always be recognized as the same stream. (Bug 2907) o Wireshark Crashing by pressing 2 Buttons. (Bug 4645) o A crash can occur in the NTLMSSP dissector. (Bug 5157) o The column texts from a Lua dissector could be mangled. (Bug 5326) (Bug 5630) o Corrections to ANSI MAP ASN.1 specifications. (Bug 5584) o When searching in packet bytes, the field and bytes are not immediately shown. (Bug 5585) o Malformed Packet: ULP reported when dissecting ULP SessionID PDU. (Bug 5593) o Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598) o Display filter does not work for expressions of type BASE_DEC, BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606) o NTLMSSP dissector may fail to compile due to space embedded in C comment delimiters. (Bug 5614) o Allow for name resolution of link-scope and multicast IPv6 addresses from local host file. (Bug 5615) o DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627) o Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639) o Various fixes to the HIP packet dissector. (Bug 5646) o Display "Day of Year" for January 1 as 1, not 0. (Bug 5653) o Accommodate the CMake build on Ubuntu 10.10. (Bug 5665) o E.212 MCC 260 Poland update according to local national regulatory. (Bug 5668) o IPP on ports other than 631 not recognized. (Bug 5677) o Potential access violation when writing to LANalyzer files. (Bug 5698) o IEEE 802.15.4 Superframe Specification - Final CAP Slot always 0. (Bug 5700) o Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702) o dumpcap: -q option behavior doesn't match documentation. (Bug 5716) - Updated Protocol Support ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP - New and Updated Capture File Support LANalyzer, Nokia DCT3, Pcap-ng To generate a diff of this commit: cvs rdiff -u -r1.59 -r1.60 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.1 -r0 pkgsrc/net/wireshark/patches/patch-af \ pkgsrc/net/wireshark/patches/patch-ag --- net/wireshark/Makefile | 5 ++--- net/wireshark/distinfo | 10 ++++------ net/wireshark/patches/patch-af | 13 ------------- net/wireshark/patches/patch-ag | 44 ------------------------------------------ 4 files changed, 6 insertions(+), 66 deletions(-) delete mode 100644 net/wireshark/patches/patch-af delete mode 100644 net/wireshark/patches/patch-ag diff --git a/net/wireshark/Makefile b/net/wireshark/Makefile index dff4e4f00b9..8adfdafb3f1 100644 --- a/net/wireshark/Makefile +++ b/net/wireshark/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.56.2.2 2011/02/11 05:40:44 sbd Exp $ +# $NetBSD: Makefile,v 1.56.2.3 2011/03/02 15:21:06 spz Exp $ -DISTNAME= wireshark-1.4.3 -PKGREVISION= 2 +DISTNAME= wireshark-1.4.4 CATEGORIES= net MASTER_SITES= http://www.wireshark.org/download/src/ \ ${MASTER_SITE_SOURCEFORGE:=wireshark/} diff --git a/net/wireshark/distinfo b/net/wireshark/distinfo index 68e1e4f1f00..10078985a70 100644 --- a/net/wireshark/distinfo +++ b/net/wireshark/distinfo @@ -1,14 +1,12 @@ -$NetBSD: distinfo,v 1.38.2.2 2011/02/11 05:40:44 sbd Exp $ +$NetBSD: distinfo,v 1.38.2.3 2011/03/02 15:21:06 spz Exp $ -SHA1 (wireshark-1.4.3.tar.bz2) = 776c757e6a6a085232ac843ec28b026bf4ca9c8d -RMD160 (wireshark-1.4.3.tar.bz2) = 6a63023f165b2e875296340f6a57595427a13fe7 -Size (wireshark-1.4.3.tar.bz2) = 20469021 bytes +SHA1 (wireshark-1.4.4.tar.bz2) = 4d1d7e7bf07683723b661eb7b7124b2e90106087 +RMD160 (wireshark-1.4.4.tar.bz2) = 47f9274cd6933684339b4c7c0b7c723d8c9b1512 +Size (wireshark-1.4.4.tar.bz2) = 20479081 bytes SHA1 (patch-aa) = d0744f069ac2d3a8a43b810e1f958360d99200a9 SHA1 (patch-ab) = 5ae79916603f04c2d362c764d39f0c99728e716c SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840 SHA1 (patch-ad) = a09b5ac9e836ef01fbd6ba103de00d08c0af2800 -SHA1 (patch-af) = 908f2050cbf0db6156f8802e93e3f193a87ef916 -SHA1 (patch-ag) = 28c2c23355090f5737f01d2c7740c430ca2b607b SHA1 (patch-ba) = 49825d82605a665f54a5cdb6ccb364e55c0e0ffa SHA1 (patch-bb) = 1e16337d1894f196f61b233423d729246dea33b5 SHA1 (patch-bc) = 052ede4ba58502117fe7b355e22a906ff65b773e diff --git a/net/wireshark/patches/patch-af b/net/wireshark/patches/patch-af deleted file mode 100644 index d3c484faf85..00000000000 --- a/net/wireshark/patches/patch-af +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-af,v 1.1.2.2 2011/02/11 05:40:44 sbd Exp $ - ---- tshark.c.orig 2011-01-11 19:24:25.000000000 +0000 -+++ tshark.c -@@ -2523,7 +2523,7 @@ load_cap_file(capture_file *cf, char *sa - int snapshot_length; - wtap_dumper *pdh; - int err; -- gchar *err_info; -+ gchar *err_info = NULL; - gint64 data_offset; - char *save_file_string = NULL; - gboolean filtering_tap_listeners; diff --git a/net/wireshark/patches/patch-ag b/net/wireshark/patches/patch-ag deleted file mode 100644 index c9a03efe593..00000000000 --- a/net/wireshark/patches/patch-ag +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-ag,v 1.1.2.2 2011/02/11 05:40:44 sbd Exp $ - ---- wiretap/pcapng.c.orig 2011-01-11 19:24:22.000000000 +0000 -+++ wiretap/pcapng.c -@@ -806,18 +806,26 @@ pcapng_read_packet_block(FILE_T fh, pcap - pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than packet_len %u.", - wblock->data.packet.cap_len, wblock->data.packet.packet_len); - *err = WTAP_ERR_BAD_RECORD; -+ *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than packet_len"); - return 0; - } - if (wblock->data.packet.cap_len > WTAP_MAX_PACKET_SIZE) { - pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than WTAP_MAX_PACKET_SIZE %u.", - wblock->data.packet.cap_len, WTAP_MAX_PACKET_SIZE); - *err = WTAP_ERR_BAD_RECORD; -+ *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than WTAP_MAX_PACKET_SIZE"); - return 0; - } - pcapng_debug3("pcapng_read_packet_block: packet data: packet_len %u captured_len %u interface_id %u", - wblock->data.packet.packet_len, - wblock->data.packet.cap_len, - wblock->data.packet.interface_id); -+ if (wblock->data.packet.packet_len > WTAP_MAX_PACKET_SIZE) { -+ *err = WTAP_ERR_BAD_RECORD; -+ *err_info = g_strdup_printf("pcapng_read_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.", -+ wblock->data.packet.packet_len, WTAP_MAX_PACKET_SIZE); -+ return 0; -+ } - - wtap_encap = pcapng_get_encap(wblock->data.packet.interface_id, pn); - pcapng_debug3("pcapng_read_packet_block: encapsulation = %d (%s), pseudo header size = %d.", -@@ -980,6 +988,12 @@ pcapng_read_simple_packet_block(FILE_T f - } - pcapng_debug1("pcapng_read_simple_packet_block: packet data: packet_len %u", - wblock->data.simple_packet.packet_len); -+ if (wblock->data.simple_packet.packet_len > WTAP_MAX_PACKET_SIZE) { -+ *err = WTAP_ERR_BAD_RECORD; -+ *err_info = g_strdup_printf("pcapng_read_simple_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.", -+ wblock->data.simple_packet.packet_len, WTAP_MAX_PACKET_SIZE); -+ return 0; -+ } - - encap = pcapng_get_encap(0, pn); - pcapng_debug1("pcapng_read_simple_packet_block: Need to read pseudo header of size %d", -- cgit v1.2.3