folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update Wireshark 3.4.14 to fix CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186 CVE-2021-4190 CVE-2021-22207 CVE-2021-22222 CVE-2021-22235 CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39923 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586 (#3151) 

* Updated wireshark spec file for consistency with original upstream spec file

* Formatting changes and misc fixes per code review comments

* Additional cleanups.  Fix the build.  Fix the cgmanifest

* Fix uncapitalized 'r'
This commit is contained in:
jslobodzian 2022-06-14 23:11:53 -07:00 committed by GitHub
parent 2d0dfa2124
commit fbaa34dda0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 93 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
SPECS-EXTENDED/wireshark/SIGNATURES-3.4.4.txt
View File

@ -1,60 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.4.4.tar.xz: 32290424 bytes
SHA256(wireshark-3.4.4.tar.xz)=729cd11e9715c600e5ad74ca472bacf8af32c20902192d5f2b271268511d4d29
RIPEMD160(wireshark-3.4.4.tar.xz)=677c151b94af472ae3ae390e51781ec0cc371ddd
SHA1(wireshark-3.4.4.tar.xz)=fa5c553596dcc6a59735f96a9a0845e3c40abab2
Wireshark-win64-3.4.4.exe: 61473376 bytes
SHA256(Wireshark-win64-3.4.4.exe)=568d5b3f7dcca301d4f4069b72fd458cd6fb9562c4f06227ccb2a1804b260b26
RIPEMD160(Wireshark-win64-3.4.4.exe)=6b96ee9476eb489c73c0492a9f4280d89b816f78
SHA1(Wireshark-win64-3.4.4.exe)=6a9d141fdb5f7ca20542b30ab6292cc3122ff051
Wireshark-win32-3.4.4.exe: 56510344 bytes
SHA256(Wireshark-win32-3.4.4.exe)=673b677da839d3fe2840e5b0cf3fc243550c9c927d1ae2a933357da2c915e215
RIPEMD160(Wireshark-win32-3.4.4.exe)=cea7826baf220ccd8c3bcd512372560fed32e982
SHA1(Wireshark-win32-3.4.4.exe)=b36eb29de4ad7e5c220b2cc86482946e504ea7c5
Wireshark-win64-3.4.4.msi: 49799168 bytes
SHA256(Wireshark-win64-3.4.4.msi)=1e8829be797e3668b17db8407e93dd045095034b520d0d4f0178c7bda159fba5
RIPEMD160(Wireshark-win64-3.4.4.msi)=52dae81fc928431bd3b40adb9daf4d1038b6397e
SHA1(Wireshark-win64-3.4.4.msi)=6ce20d8985bc7c91a4b1ae11794f17d3f2fbfd69
Wireshark-win32-3.4.4.msi: 44765184 bytes
SHA256(Wireshark-win32-3.4.4.msi)=dc4f5d8f07e866ff5bfb2dd963daaaf8556d8e8ba768cf45839c7a9f955bfb07
RIPEMD160(Wireshark-win32-3.4.4.msi)=125999a47e7505f3ac7dc5cb68ec599265b3f6f7
SHA1(Wireshark-win32-3.4.4.msi)=c38bc9105e2badf609865b140ad3a366dc96a796
WiresharkPortable_3.4.4.paf.exe: 38391936 bytes
SHA256(WiresharkPortable_3.4.4.paf.exe)=494567df57b8cce9f66d1c2167b86fa8e29d4509eef2a938ece22ad6e82b0ce5
RIPEMD160(WiresharkPortable_3.4.4.paf.exe)=5a2429471f8e533a7cabe97fa6967f5318fe4ec0
SHA1(WiresharkPortable_3.4.4.paf.exe)=39bddbade8230e4cc21f0be9c4ffd0194a497047
Wireshark 3.4.4 Intel 64.dmg: 130951404 bytes
SHA256(Wireshark 3.4.4 Intel 64.dmg)=23cee0b900ef2d421ae190c8226bea2a5ac834e02925778202e3ed4c75e9da6f
RIPEMD160(Wireshark 3.4.4 Intel 64.dmg)=9f167b7c3063f616dd522f8f7f70e17d8b75997d
SHA1(Wireshark 3.4.4 Intel 64.dmg)=2b538e068a1d0e8ef37cdae0c2d45ba3ef1b63b7
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmBJH8sACgkQgiRKeOb+
rupySA//fac78zQqP48trG/MF3Xz53/TAPjTJH1tcrXRQqIlMyLm/cT5oMEUEfm3
lc7Jzn9wNkrxRTRNJ6jwn2JjKqnIT3XI4cdkZPq/99hI0ob/nK1MjaeJ51XiYJ2E
8y0eU+Rcig9eOX6S5M+O0wQiN/rXpD5JuY3OZsh55C1R+cxiDkNL5AknuwByxaCr
WTw8nTBOvMG5RiKVPyPQYEX6vCmulFzIx97zO20FBUbncKec6BA/h5t93tf55N6e
NmV7cQm/lu41r+t0dBWa4fe/7+XI2NHTbPcgYpIWlviNVzUpY85smXIB2fGoLnmd
kR/TLDDLj5fXjz09P0psRxvNPbSv9St5CAIlPNgESwL8H7us/FOkoiSkcYEySG7p
E4nQ9Q0zCfw0OkNdRvyyuJaiFYWt3BktfpWRgqAZKOHIJl7WR/nY3+Ut4BG3XtC8
IznUHo9M4dXBYYWd+BYCScpD1+yEHFnATf2y52MHUAackdg/+piNrFnBiJ69KrvE
3jET1MpKqIvfe6/QOSJs4Fyd89x/gRhzxWxtxXXieeEhTuqSRvktecq0P9raGlbZ
QcKJ+7D/uu4C70iHPl/57AzOrAKFKcbhrGed4MUSzuwmTiGy8IiazcHiSVbf3PXQ
ogPHN9sA5uva9z9VqJH/OjHKn7WXmxov5/x65LeIbr6GAKgXW+g=
=Rswq
-----END PGP SIGNATURE-----

3
SPECS-EXTENDED/wireshark/wireshark.signatures.json
View File

@ -1,7 +1,6 @@
{ {
"Signatures": { "Signatures": {
"90-wireshark-usbmon.rules": "31310c5e45835563ee9daba99bc09849cc004e8d9c712d0860211d5fa5563bcb", "90-wireshark-usbmon.rules": "31310c5e45835563ee9daba99bc09849cc004e8d9c712d0860211d5fa5563bcb",
"SIGNATURES-3.4.4.txt": "31cff87a96e012c113d2e5eec307bd4d9dc861aea5adfab5aa3a53f9a780e85c", "wireshark-3.4.14.tar.xz": "32b0d0772e942d2d66cb3757bfb5027e53a6ddfbc908b65be5f3048f7a082dee"
"wireshark-3.4.4.tar.xz": "729cd11e9715c600e5ad74ca472bacf8af32c20902192d5f2b271268511d4d29"
} }
} }

120
SPECS-EXTENDED/wireshark/wireshark.spec
View File

@ -1,20 +1,17 @@
Vendor: Microsoft Corporation
Distribution: Mariner
%global with_lua 1 %global with_lua 1
%global with_maxminddb 1 %global with_maxminddb 1
%global plugins_version 3.4 %global plugins_version 3.4
%global with_gui 0
Summary: Network traffic analyzer Summary: Network traffic analyzer
Name: wireshark Name: wireshark
Version: 3.4.4 Vendor: Microsoft Corporation
Release: 5%{?dist} Distribution: Mariner
Version: 3.4.14
Release: 1%{?dist}
License: BSD and GPLv2 License: BSD and GPLv2
Url: http://www.wireshark.org/ Url: https://www.wireshark.org/
Source0: https://2.na.dl.wireshark.org/src/all-versions/%{name}-%{version}.tar.xz
Source0: https://wireshark.org/download/src/all-versions/%{name}-%{version}.tar.xz Source1: 90-wireshark-usbmon.rules
Source1: https://www.wireshark.org/download/src/all-versions/SIGNATURES-%{version}.txt
Source2: 90-wireshark-usbmon.rules
# Fedora-specific # Fedora-specific
Patch2: wireshark-0002-Customize-permission-denied-error.patch Patch2: wireshark-0002-Customize-permission-denied-error.patch
@ -29,62 +26,43 @@ Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch
Patch7: wireshark-0007-cmakelists.patch Patch7: wireshark-0007-cmakelists.patch
#install tshark together with wireshark GUI #install tshark together with wireshark GUI
Requires: %{name}-cli = %{version}-%{release}
Requires: xdg-utils
Requires: hicolor-icon-theme
%if %{with_maxminddb} && 0%{?fedora}
Requires: libmaxminddb
%endif
BuildRequires: bzip2-devel BuildRequires: bzip2-devel
BuildRequires: perl(English) BuildRequires: bison
BuildRequires: c-ares-devel BuildRequires: c-ares-devel
Buildrequires: cmake
BuildRequires: elfutils-devel BuildRequires: elfutils-devel
BuildRequires: flex
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: git
BuildRequires: glib2-devel BuildRequires: glib2-devel
BuildRequires: gnutls-devel BuildRequires: gnutls-devel
BuildRequires: krb5-devel BuildRequires: krb5-devel
BuildRequires: libcap-devel BuildRequires: libcap-devel
BuildRequires: libgcrypt-devel BuildRequires: libgcrypt-devel
BuildRequires: libnl3-devel BuildRequires: libnl3-devel
BuildRequires: libnghttp2-devel
BuildRequires: libpcap-devel >= 0.9 BuildRequires: libpcap-devel >= 0.9
BuildRequires: libselinux-devel BuildRequires: libselinux-devel
BuildRequires: libsmi-devel BuildRequires: libsmi-devel
BuildRequires: libssh-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: desktop-file-utils
BuildRequires: xdg-utils
BuildRequires: bison
BuildRequires: flex
BuildRequires: pcre-devel BuildRequires: pcre-devel
BuildRequires: perl(English)
BuildRequires: perl(Pod::Html) BuildRequires: perl(Pod::Html)
BuildRequires: perl(Pod::Man) BuildRequires: perl(Pod::Man)
BuildRequires: perl(open) BuildRequires: perl(open)
Buildrequires: libssh-devel BuildRequires: python3
BuildRequires: qt5-linguist
BuildRequires: qt5-qtbase-devel
%if %{with_gui}
BuildRequires: qt5-qtmultimedia-devel
%endif
BuildRequires: qt5-qtsvg-devel
BuildRequires: zlib-devel
%if %{with_maxminddb} && 0%{?fedora}
BuildRequires: libmaxminddb-devel
%endif
%if %{with_lua} && 0%{?fedora}
BuildRequires: compat-lua-devel
%endif
Buildrequires: git
%if 0%{?fedora}
Buildrequires: python3-devel Buildrequires: python3-devel
%endif
Buildrequires: cmake
#needed for sdjournal external capture interface
BuildRequires: systemd-devel BuildRequires: systemd-devel
BuildRequires: libnghttp2-devel BuildRequires: xdg-utils
BuildRequires: zlib-devel
Obsoletes: wireshark-qt, wireshark-gtk Requires: c-ares
Requires: glib2
Requires: systemd-libs
Requires: zlib
Requires: %{name}-cli = %{version}-%{release}
%description %description
Wireshark allows you to examine protocol data stored in files or as it is Wireshark allows you to examine protocol data stored in files or as it is
@ -121,29 +99,20 @@ and plugins.
%build %build
%cmake -G "Unix Makefiles" \ %cmake -G "Unix Makefiles" \
-DCMAKE_INSTALL_PREFIX="%{_prefix}" \
-DDISABLE_WERROR=ON \ -DDISABLE_WERROR=ON \
%if %{with_gui}
-DBUILD_wireshark=ON \
%else
-DBUILD_wireshark=OFF \
%endif
%if %{with_lua} && 0%{?fedora}
-DENABLE_LUA=ON \
%else
-DENABLE_LUA=OFF \ -DENABLE_LUA=OFF \
%endif -DENABLE_LIBXML2=ON \
%if %{with_maxminddb} && 0%{?fedora}
-DBUILD_mmdbresolve=ON \
%else
-DBUILD_mmdbresolve=OFF \
%endif
-DBUILD_randpktdump=OFF \
-DBUILD_androiddump=ON \
-DENABLE_SMI=ON \
-DENABLE_PLUGINS=ON \
-DENABLE_NETLINK=ON \ -DENABLE_NETLINK=ON \
-DENABLE_NGHTTP2=ON \
-DENABLE_PLUGINS=ON \
-DENABLE_SMI=ON \
-DBUILD_androiddump=OFF \
-DBUILD_dcerpcidl2wrs=OFF \ -DBUILD_dcerpcidl2wrs=OFF \
-DBUILD_mmdbresolve=OFF \
-DBUILD_randpktdump=OFF \
-DBUILD_sdjournal=ON \ -DBUILD_sdjournal=ON \
-DBUILD_wireshark=OFF \
. .
make %{?_smp_mflags} make %{?_smp_mflags}
@ -151,9 +120,6 @@ make %{?_smp_mflags}
%install %install
make DESTDIR=%{buildroot} install make DESTDIR=%{buildroot} install
%if %{with_gui}
desktop-file-validate %{buildroot}%{_datadir}/applications/wireshark.desktop
%endif
#install devel files (inspired by debian/wireshark-dev.header-files) #install devel files (inspired by debian/wireshark-dev.header-files)
install -d -m 0755 %{buildroot}%{_includedir}/wireshark install -d -m 0755 %{buildroot}%{_includedir}/wireshark
@ -179,7 +145,8 @@ install -m 644 epan/wmem/*.h "${IDIR}/epan/wmem"
install -m 644 wiretap/*.h "${IDIR}/wiretap" install -m 644 wiretap/*.h "${IDIR}/wiretap"
install -m 644 wsutil/*.h "${IDIR}/wsutil" install -m 644 wsutil/*.h "${IDIR}/wsutil"
install -m 644 ws_diag_control.h "${IDIR}/" install -m 644 ws_diag_control.h "${IDIR}/"
install -m 644 %{SOURCE2} %{buildroot}%{_udevrulesdir} install -m 644 %{SOURCE1} %{buildroot}%{_udevrulesdir}
touch %{buildroot}%{_bindir}/%{name} touch %{buildroot}%{_bindir}/%{name}
@ -201,13 +168,6 @@ fi
%ldconfig_postun cli %ldconfig_postun cli
%files %files
%if %{with_gui}
%{_datadir}/appdata/%{name}.appdata.xml
%{_datadir}/applications/wireshark.desktop
%{_datadir}/icons/hicolor/*/apps/*
%{_datadir}/icons/hicolor/*/mimetypes/*
%{_datadir}/mime/packages/wireshark.xml
%endif
%{_bindir}/wireshark %{_bindir}/wireshark
%{_mandir}/man1/wireshark.* %{_mandir}/man1/wireshark.*
@ -223,9 +183,6 @@ fi
%{_bindir}/sharkd %{_bindir}/sharkd
%{_bindir}/text2pcap %{_bindir}/text2pcap
%{_bindir}/tshark %{_bindir}/tshark
%if %{with_maxminddb} && 0%{?fedora}
%{_bindir}/mmdbresolve
%endif
%attr(0750, root, wireshark) %caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap %attr(0750, root, wireshark) %caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap
%{_bindir}/rawshark %{_bindir}/rawshark
%{_udevrulesdir}/90-wireshark-usbmon.rules %{_udevrulesdir}/90-wireshark-usbmon.rules
@ -238,7 +195,6 @@ fi
%{_libdir}/wireshark/extcap/sshdump %{_libdir}/wireshark/extcap/sshdump
%{_libdir}/wireshark/extcap/sdjournal %{_libdir}/wireshark/extcap/sdjournal
%{_libdir}/wireshark/extcap/dpauxmon %{_libdir}/wireshark/extcap/dpauxmon
%{_libdir}/wireshark/extcap/androiddump
%dir %{_libdir}/wireshark/cmake %dir %{_libdir}/wireshark/cmake
%{_libdir}/wireshark/cmake/*.cmake %{_libdir}/wireshark/cmake/*.cmake
#the version wireshark uses to store plugins is only x.y, not .z #the version wireshark uses to store plugins is only x.y, not .z
@ -269,9 +225,6 @@ fi
%{_mandir}/man1/dpauxmon.* %{_mandir}/man1/dpauxmon.*
%{_mandir}/man1/sdjournal.* %{_mandir}/man1/sdjournal.*
%{_mandir}/man4/extcap.* %{_mandir}/man4/extcap.*
%if %{with_maxminddb} && 0%{?fedora}
%{_mandir}/man1/mmdbresolve.*
%endif
%dir %{_datadir}/wireshark %dir %{_datadir}/wireshark
%{_datadir}/wireshark/* %{_datadir}/wireshark/*
%{_docdir}/wireshark/*.html %{_docdir}/wireshark/*.html
@ -283,6 +236,13 @@ fi
%{_libdir}/pkgconfig/%{name}.pc %{_libdir}/pkgconfig/%{name}.pc
%changelog %changelog
* Fri Jun 10 2022 Jon Slobodzian <joslobo@microsoft.com> - 3.4.14-1
- Update to resolves CVEs
- Disabled Android Dump.
- Removed unused/disabled features.
- Fixed Formatting.
* Wed Feb 16 2022 Pawel Winogrodzki <pawelwi@microsoft.com> - 3.4.4-5 * Wed Feb 16 2022 Pawel Winogrodzki <pawelwi@microsoft.com> - 3.4.4-5
- License verified. - License verified.

4
cgmanifest.json
View File

@ -26337,8 +26337,8 @@
"type": "other", "type": "other",
"other": { "other": {
"name": "wireshark", "name": "wireshark",
"version": "3.4.4", "version": "3.4.14",
"downloadUrl": "https://wireshark.org/download/src/all-versions/wireshark-3.4.4.tar.xz" "downloadUrl": "https://2.na.dl.wireshark.org/src/all-versions/wireshark-3.4.14.tar.xz"
} }
} }
}, },