From 8500035adcb8da870baa486aba05495fbc038649 Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Thu, 3 Dec 2020 16:45:23 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/wireshark.git#a2ed06751fd12097c70900a3ebf72752e999f0e4
---
 .fmf/version                             |  1 +
 ci.fmf                                   | 13 ++++
 sources                                  |  4 +-
 wireshark-0006-Move-tmp-to-var-tmp.patch | 76 +++++++++++++-----------
 wireshark.spec                           | 13 ++--
 5 files changed, 67 insertions(+), 40 deletions(-)
 create mode 100644 .fmf/version
 create mode 100644 ci.fmf

diff --git a/.fmf/version b/.fmf/version
new file mode 100644
index 0000000..d00491f
--- /dev/null
+++ b/.fmf/version
@@ -0,0 +1 @@
+1
diff --git a/ci.fmf b/ci.fmf
new file mode 100644
index 0000000..0df4c06
--- /dev/null
+++ b/ci.fmf
@@ -0,0 +1,13 @@
+/test:
+    summary:
+        CI plan, picks Tier1 tests, runs in beakerlib.
+    description:
+        This special plan has to be named ci.fmf to run in CI.
+        It selects test which have 'tier 1' in their main.fmf file
+    discover:
+      - name: tier1
+        how: fmf
+        filter: 'tier: 1'
+        repository: "https://src.fedoraproject.org/tests/wireshark.git"
+    execute:
+        how: beakerlib
diff --git a/sources b/sources
index 2f57427..5544c0d 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (wireshark-3.2.7.tar.xz) = c17913fe6c193ccc6b0dbf86932d625a1f3b670aef805296e5db2639118218e06d513910ad50ab3926204f94a0010425b0d498176f987516d64fdd6a52d2517b
-SHA512 (SIGNATURES-3.2.7.txt) = c29a1f5772aff17efb7e4d3a7d88d717e788cc31915614b9d8b3b4588e40c33aeeb8183ae94eb7be51401f73557a0267a83f05b73097a793ebb8283f57c21644
+SHA512 (wireshark-3.4.0.tar.xz) = 02070db23c64e1efe42b83cdcd7b52fb9b247e653da0aa12dc21a4283272fea0a135f4b0c5641197840bef88e52785d64a860c9fcfe1bcbaceb016c5258c9649
+SHA512 (SIGNATURES-3.4.0.txt) = 0a91d82381d5874b85346e2b34f17e791b2c9b5e705b53f34b46215b366f4db4a84831d589ab58288578f501c4ec8a7600e271b44ef43355c948fbbd79535b2d
diff --git a/wireshark-0006-Move-tmp-to-var-tmp.patch b/wireshark-0006-Move-tmp-to-var-tmp.patch
index 6a4ece9..dbc1d70 100644
--- a/wireshark-0006-Move-tmp-to-var-tmp.patch
+++ b/wireshark-0006-Move-tmp-to-var-tmp.patch
@@ -111,43 +111,50 @@ index fde66c8..b9531d2 100644
      tempfile_->open();
  
 diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c
-index 8e1f8dc..dcf2f78 100644
+index 5082452..f751a7c 100644
 --- a/wsutil/tempfile.c
 +++ b/wsutil/tempfile.c
-@@ -36,6 +36,7 @@
- 
+@@ -12,10 +12,12 @@
+
+ #include <glib.h>
  #include "tempfile.h"
- #include <wsutil/file_util.h>
++#include <wsutil/file_util.h>
 +#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
- 
- #ifndef __set_errno
- #define __set_errno(x) errno=(x)
-@@ -83,13 +83,14 @@ mkstemps(char *path_template, int suffixlen)
-  */
- char *get_tempfile_path(const char *filename)
- {
--  return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", g_get_tmp_dir(), filename);
-+  return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", get_tmp_dir(), filename);
- }
- 
- #define MAX_TEMPFILES   3
- 
- /**
-- * Create a tempfile with the given prefix (e.g. "wireshark").
-+ * Create a tempfile with the given prefix (e.g. "wireshark"). The path
-+ * is created using get_tmp_dir and mkdtemp
+
+  /**
+  * Create a tempfile with the given prefix (e.g. "wireshark"). The path
+- * is created using g_file_open_tmp.
++ * is created using get_tmp_dir.
   *
-  * @param namebuf If not NULL, receives the full path of the temp file.
-  *                Should NOT be freed.
-@@ -199,7 +200,7 @@ create_tempfile(char **namebuf, const char *pfx, const char *sfx)
-     tf[idx].path = (char *)g_malloc(tf[idx].len);
-   }
- 
--  tmp_dir = g_get_tmp_dir();
+  * @param namebuf [in,out] If not NULL, receives the full path of the temp file.
+  *                Must be freed.
+@@ -30,6 +31,9 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
+ {
+   int fd;
+   gchar *safe_pfx = NULL;
++  gchar *tmp_file;
++  const char *tmp_dir;
++  int old_mask;
+
+   if (pfx) {
+     /* The characters in "delimiters" come from:
+@@ -49,7 +53,15 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
+   gchar* filetmpl = g_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : "");
+   g_free(safe_pfx);
+
+-  fd = g_file_open_tmp(filetmpl, namebuf, err);
 +  tmp_dir = get_tmp_dir();
- 
- #ifdef _WIN32
-   _tzset();
++  tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL);
++
++  if (namebuf)
++    *namebuf = tmp_file;
++
++  old_mask = ws_umask(0077);
++  fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0);
++  ws_umask(old_mask);
+
+   g_free(filetmpl);
+   return fd;
 diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h
 index 1dca2df..bb3160c 100644
 --- a/wsutil/tempfile.h
@@ -156,17 +163,17 @@ index 1dca2df..bb3160c 100644
  
  /**
   * Create a tempfile with the given prefix (e.g. "wireshark"). The path
-- * is created using g_get_tmp_dir and mkstemp.
+- * is created using g_file_open_tmp.
 + * is created using get_tmp_dir and mkstemp.
   *
   * @param namebuf [in,out] If not NULL, receives the full path of the temp file.
-  *                Must NOT be freed.
+  *                Must be freed.
 diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c
 new file mode 100644
 index 0000000..d8b733b
 --- /dev/null
 +++ b/wsutil/wstmpdir.c
-@@ -0,0 +1,70 @@
+@@ -0,0 +1,71 @@
 +/* wstmpdir.c
 + *
 + * Copyright (C) 2013 Red Hat, Inc. All right reserved.
@@ -224,6 +231,7 @@ index 0000000..d8b733b
 +            k = strlen(tmp);
 +            if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1]))
 +                tmp[k - 1] = '\0';
++            fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir);
 +        }
 +#endif /* P_tmpdir */
 +
diff --git a/wireshark.spec b/wireshark.spec
index 5fd887c..982604f 100644
--- a/wireshark.spec
+++ b/wireshark.spec
@@ -1,14 +1,14 @@
 %undefine __cmake_in_source_build
 %global with_lua 1
 %global with_maxminddb 1
-%global plugins_version 3.2
+%global plugins_version 3.4
 # added temporarily due to errors in libqt5core
 %define _lto_cflags %{nil}
 
 Summary:	Network traffic analyzer
 Name:		wireshark
-Version:	3.2.7
-Release:	2%{?dist}
+Version:	3.4.0
+Release:	1%{?dist}
 Epoch:		1
 License:	GPL+
 Url:		http://www.wireshark.org/
@@ -60,7 +60,8 @@ BuildRequires:	flex
 BuildRequires:	pcre-devel
 BuildRequires:	perl(Pod::Html)
 BuildRequires:	perl(Pod::Man)
-Buildrequires:  libssh-devel
+BuildRequires:	perl(open)
+Buildrequires:	libssh-devel
 BuildRequires:	qt5-linguist
 BuildRequires:	qt5-qtbase-devel
 BuildRequires:	qt5-qtmultimedia-devel
@@ -268,6 +269,10 @@ getent group usbmon >/dev/null || groupadd -r usbmon
 %{_libdir}/pkgconfig/%{name}.pc
 
 %changelog
+* Wed Dec 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.4.0-1
+- New version 3.4.0
+- Fix for CVE-2020-26575, CVE-2020-28030
+
 * Fri Oct 09 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.7-1
 - New version 3.2.7
 - Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866