From df812ace329b2ba78df11b42be33f618dc61f5c8 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 3 Dec 2023 23:23:56 +0100 Subject: [PATCH] package/wireshark: security bump to version 4.0.11 Fix CVE-2023-6174: SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file https://www.wireshark.org/security/wnpa-sec-2023-28 https://www.wireshark.org/security/wnpa-sec-2023-29 https://www.wireshark.org/docs/relnotes/wireshark-4.0.11.html Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard --- package/wireshark/wireshark.hash | 6 +++--- package/wireshark/wireshark.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/wireshark/wireshark.hash b/package/wireshark/wireshark.hash index c9b693c9cb61..a6ef69b1af82 100644 --- a/package/wireshark/wireshark.hash +++ b/package/wireshark/wireshark.hash @@ -1,6 +1,6 @@ -# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.10.txt -sha1 830ba7ff602da90323bbc5ec15941c0878d9ee4a wireshark-4.0.10.tar.xz -sha256 b2e3ff03fa2be9058a9ffbedd12b0a670433bd16c8cc6c432ab48dabc2df1898 wireshark-4.0.10.tar.xz +# From https://www.wireshark.org/download/src/all-versions/SIGNATURES-4.0.11.txt +sha1 4af3140d69f9d41e1c4e161fad66304a6920ddce wireshark-4.0.11.tar.xz +sha256 4c341cc33a6c512d983f4126e6f3e5c249f604e14ab7f337d38b1cbe58199e3d wireshark-4.0.11.tar.xz # Locally calculated sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/wireshark/wireshark.mk b/package/wireshark/wireshark.mk index 2f563950b2c8..6fb4b60f2b92 100644 --- a/package/wireshark/wireshark.mk +++ b/package/wireshark/wireshark.mk @@ -4,7 +4,7 @@ # ################################################################################ -WIRESHARK_VERSION = 4.0.10 +WIRESHARK_VERSION = 4.0.11 WIRESHARK_SOURCE = wireshark-$(WIRESHARK_VERSION).tar.xz WIRESHARK_SITE = https://www.wireshark.org/download/src/all-versions WIRESHARK_LICENSE = wireshark license