From f8e39e79bf25d6c3fb3f333e58f27165cc959781 Mon Sep 17 00:00:00 2001 From: Michal Ruprich Date: Tue, 16 Feb 2021 14:12:39 +0100 Subject: [PATCH] New version 3.4.3 Fix for CVE-2021-22173, CVE-2021-22174 --- sources | 4 +- wireshark-0008-move-glib.patch | 312 +++++++++++++++++++++++++++++++++ wireshark.spec | 7 +- 3 files changed, 320 insertions(+), 3 deletions(-) create mode 100644 wireshark-0008-move-glib.patch diff --git a/sources b/sources index 6f1169d..33837ca 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (wireshark-3.4.2.tar.xz) = 38dc62d306dafe1a25db16ca28e1f4181a83673700a0b4c6dd98c8cb27df51ad0c6414db0370c443250aeb2521eceefb183178fe7d23a11b697cbf3f5b06f53a -SHA512 (SIGNATURES-3.4.2.txt) = b9d6bba7ef06dcd3ab954fc413e17230fa7570913daa30b89fba71015a09250241a35712a5a72a7fdb859fd231bc4d1d4455953b1cc8d77fa673648e2f0f196f +SHA512 (wireshark-3.4.3.tar.xz) = 6cfea9432cd6fcecbfc551e059ca60a0c38084074bf130b4cc5378aac2221c1233e2ddafa1ffd6bc6b76297c2303b931dadf6ec518f35595caf5229af4d93859 +SHA512 (SIGNATURES-3.4.3.txt) = 30b2e61e6168503794f437a4e3ca6c3a85cd50759e5edb1968f03d4f5692783474126741bda12646b13647ece53a883c00a69903e83253a06dea6e64525321f3 diff --git a/wireshark-0008-move-glib.patch b/wireshark-0008-move-glib.patch new file mode 100644 index 0000000..5c9567a --- /dev/null +++ b/wireshark-0008-move-glib.patch @@ -0,0 +1,312 @@ +diff --git a/caputils/capture_ifinfo.h b/caputils/capture_ifinfo.h +index e063134b74..9965703538 100644 +--- a/caputils/capture_ifinfo.h ++++ b/caputils/capture_ifinfo.h +@@ -11,12 +11,12 @@ + #ifndef __CAPTURE_IFINFO_H__ + #define __CAPTURE_IFINFO_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include +- + /* + * Explicitly set the interface_type enum values as these values are exposed + * in the preferences gui.interfaces_hidden_types string. +diff --git a/epan/dissectors/dissectors.h b/epan/dissectors/dissectors.h +index b9f4c6b0ff..6f83b01b7c 100644 +--- a/epan/dissectors/dissectors.h ++++ b/epan/dissectors/dissectors.h +@@ -11,12 +11,12 @@ + #ifndef __DISSECTOR_REGISTER_H__ + #define __DISSECTOR_REGISTER_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include +- + typedef struct _dissector_reg { + const char *cb_name; + void (*cb_func)(void); +diff --git a/epan/epan.h b/epan/epan.h +index 1f6a52fa27..f646c1fc95 100644 +--- a/epan/epan.h ++++ b/epan/epan.h +@@ -10,11 +10,12 @@ + #ifndef __EPAN_H__ + #define __EPAN_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include + #include + #include + #include +diff --git a/epan/prefs.h b/epan/prefs.h +index 1fc560ccdc..1814f53a80 100644 +--- a/epan/prefs.h ++++ b/epan/prefs.h +@@ -11,12 +11,12 @@ + #ifndef __PREFS_H__ + #define __PREFS_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include +- + #include + #include + +diff --git a/epan/value_string.h b/epan/value_string.h +index 03551e31f4..548ec6a7ae 100644 +--- a/epan/value_string.h ++++ b/epan/value_string.h +@@ -11,11 +11,12 @@ + #ifndef __VALUE_STRING_H__ + #define __VALUE_STRING_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include + #include "ws_symbol_export.h" + #include "wmem/wmem.h" + +diff --git a/epan/wmem/wmem_user_cb_int.h b/epan/wmem/wmem_user_cb_int.h +index 3045d943ab..7232241c81 100644 +--- a/epan/wmem/wmem_user_cb_int.h ++++ b/epan/wmem/wmem_user_cb_int.h +@@ -12,11 +12,12 @@ + #ifndef __WMEM_USER_CB_INT_H__ + #define __WMEM_USER_CB_INT_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include + #include "wmem_user_cb.h" + + WS_DLL_LOCAL +diff --git a/ui/packet_range.h b/ui/packet_range.h +index 6e7d34d118..2e5dad62af 100644 +--- a/ui/packet_range.h ++++ b/ui/packet_range.h +@@ -14,12 +14,12 @@ + #ifndef __PACKET_RANGE_H__ + #define __PACKET_RANGE_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include +- + #include + #include + +diff --git a/ui/recent.h b/ui/recent.h +index 3d6d1c9cdb..5ae5852bb4 100644 +--- a/ui/recent.h ++++ b/ui/recent.h +@@ -12,11 +12,12 @@ + #ifndef __RECENT_H__ + #define __RECENT_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include + #include + #include "epan/timestamp.h" + #include "ui/ws_ui_util.h" +diff --git a/ui/rtp_media.h b/ui/rtp_media.h +index 04290f6aee..e144ac571e 100644 +--- a/ui/rtp_media.h ++++ b/ui/rtp_media.h +@@ -15,6 +15,8 @@ + #ifndef __RTP_MEDIA_H__ + #define __RTP_MEDIA_H__ + ++#include ++ + /** @file + * "RTP Player" dialog box common routines. + * @ingroup main_ui_group +@@ -24,8 +26,6 @@ + extern "C" { + #endif /* __cplusplus */ + +-#include +- + /****************************************************************************/ + /* INTERFACE */ + /****************************************************************************/ +diff --git a/ui/rtp_stream.h b/ui/rtp_stream.h +index e368a792bf..b683f16ba7 100644 +--- a/ui/rtp_stream.h ++++ b/ui/rtp_stream.h +@@ -14,6 +14,8 @@ + #ifndef __RTP_STREAM_H__ + #define __RTP_STREAM_H__ + ++#include ++ + /** @file + * "RTP Streams" dialog box common routines. + * @ingroup main_ui_group +@@ -24,7 +26,6 @@ extern "C" { + #endif /* __cplusplus */ + + #include "tap-rtp-analysis.h" +-#include + #include + + #include "cfile.h" +diff --git a/ui/voip_calls.h b/ui/voip_calls.h +index 0fc71f180f..cfd791d6f8 100644 +--- a/ui/voip_calls.h ++++ b/ui/voip_calls.h +@@ -22,6 +22,8 @@ + #ifndef __VOIP_CALLS_H__ + #define __VOIP_CALLS_H__ + ++#include ++ + /** @file + * "VoIP Calls" dialog box common routines. + * @ingroup main_ui_group +@@ -31,7 +33,6 @@ + extern "C" { + #endif /* __cplusplus */ + +-#include + #include + + #include "epan/address.h" +diff --git a/wsutil/file_util.h b/wsutil/file_util.h +index 565b9d46e3..e9942f3c5b 100644 +--- a/wsutil/file_util.h ++++ b/wsutil/file_util.h +@@ -11,6 +11,8 @@ + #ifndef __FILE_UTIL_H__ + #define __FILE_UTIL_H__ + ++#include ++ + #include "config.h" + + #include "ws_symbol_export.h" +@@ -19,8 +21,6 @@ + extern "C" { + #endif /* __cplusplus */ + +-#include +- + #ifdef _WIN32 + #include /* for _read(), _write(), etc. */ + #include +diff --git a/wsutil/plugins.h b/wsutil/plugins.h +index 49c221ef5e..9eaa0e41ea 100644 +--- a/wsutil/plugins.h ++++ b/wsutil/plugins.h +@@ -11,13 +11,13 @@ + #ifndef __PLUGINS_H__ + #define __PLUGINS_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include + #include +- + #include "ws_symbol_export.h" + + typedef void (*plugin_register_func)(void); +diff --git a/ui/taps.h b/ui/taps.h +index 4078e6d..d083519 100644 +--- a/ui/taps.h ++++ b/ui/taps.h +@@ -11,12 +11,12 @@ + #ifndef __TAP_REGISTER_H__ + #define __TAP_REGISTER_H__ + ++#include ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include +- + typedef struct _tap_reg { + const char *cb_name; + void (*cb_func)(void); +diff --git a/epan/epan_dissect.h b/epan/epan_dissect.h +index f288682..6bce465 100644 +--- a/epan/epan_dissect.h ++++ b/epan/epan_dissect.h +@@ -10,11 +10,12 @@ + #ifndef EPAN_DISSECT_H + #define EPAN_DISSECT_H + ++#include "epan.h" ++ + #ifdef __cplusplus + extern "C" { + #endif /* __cplusplus */ + +-#include "epan.h" + #include "tvbuff.h" + #include "proto.h" + #include "packet_info.h" +diff --git a/epan/conversation.h b/epan/conversation.h +index 2da42db..9457336 100644 +--- a/epan/conversation.h ++++ b/epan/conversation.h +@@ -12,6 +12,7 @@ + #define __CONVERSATION_H__ + + #include "ws_symbol_export.h" ++#include "packet.h" /* for conversation dissector type */ + + #ifdef __cplusplus + extern "C" { +@@ -46,8 +47,6 @@ extern "C" { + /* Flags to handle endpoints */ + #define USE_LAST_ENDPOINT 0x08 /* Use last endpoint created, regardless of type */ + +-#include "packet.h" /* for conversation dissector type */ +- + /* Types of port numbers Wireshark knows about. */ + typedef enum { + ENDPOINT_NONE, /* no endpoint */ diff --git a/wireshark.spec b/wireshark.spec index aff6273..d519d6e 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -7,7 +7,7 @@ Summary: Network traffic analyzer Name: wireshark -Version: 3.4.2 +Version: 3.4.3 Release: 1%{?dist} Epoch: 1 License: GPL+ @@ -28,6 +28,7 @@ Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch # Fedora-specific Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch Patch7: wireshark-0007-cmakelists.patch +Patch8: wireshark-0008-move-glib.patch #install tshark together with wireshark GUI Requires: %{name}-cli = %{epoch}:%{version}-%{release} @@ -273,6 +274,10 @@ fi %{_libdir}/pkgconfig/%{name}.pc %changelog +* Tue Feb 16 2021 Michal Ruprich - 1:3.4.3-1 +- New version 3.4.3 +- Fix for CVE-2021-22173, CVE-2021-22174 + * Fri Jan 29 2021 Michal Ruprich - 1:3.4.2-1 - New version 3.4.2 - Fix for CVE-2020-26418, CVE-2020-26419, CVE-2020-26420, CVE-2020-26421