projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dabb518) | patch
package/wireshark: security bump to v3.2.2
authorTitouan Christophe <titouan.christophe@railnova.eu>
Mon, 2 Mar 2020 10:34:17 +0000 (11:34 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 2 Mar 2020 21:49:45 +0000 (22:49 +0100)
commit2d4a99d56e10bb7b159658dd050a7519e9d98968
treee675eec749318c212f604e48777678e344e0fdfetree
parentdabb5181ad2873e87935b778d1f6772ec361fa16commit | diff
package/wireshark: security bump to v3.2.2

This fixes the following CVEs:
 - CVE-2020-9428:
   In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
   the EAP dissector could crash. This was addressed in
   epan/dissectors/packet-eap.c by using more careful sscanf parsing.

 - CVE-2020-9429:
   In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash.
   This was addressed in epan/dissectors/packet-wireguard.c by
   handling the situation where a certain data structure intentionally
   has a NULL value.

 - CVE-2020-9430:
   In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
   the WiMax DLMAP dissector could crash.
   This was addressed in plugins/epan/wimax/msg_dlmap.c by validating
   a length field.

 - CVE-2020-9431:
   In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
   the LTE RRC dissector could leak memory. This was addressed in
   epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/wireshark/wireshark.hash diff | blob | history
package/wireshark/wireshark.mk diff | blob | history