From 5516f72a9a274fac5f0f1edabd226e8c55c472c6 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 09 2023 05:23:27 +0000 Subject: import wireshark-3.4.10-4.el9 --- diff --git a/SOURCES/wireshark-0010-fips-ripemd160.patch b/SOURCES/wireshark-0010-fips-ripemd160.patch new file mode 100644 index 0000000..cf7f134 --- /dev/null +++ b/SOURCES/wireshark-0010-fips-ripemd160.patch @@ -0,0 +1,56 @@ +diff --git a/capinfos.c b/capinfos.c +index 5536766..12b141e 100644 +--- a/capinfos.c ++++ b/capinfos.c +@@ -739,7 +739,8 @@ print_stats(const gchar *filename, capture_info *cf_info) + } + if (cap_file_hashes) { + printf ("SHA256: %s\n", file_sha256); +- printf ("RIPEMD160: %s\n", file_rmd160); ++ if(!gcry_fips_mode_active()) ++ printf ("RIPEMD160: %s\n", file_rmd160); + printf ("SHA1: %s\n", file_sha1); + } + if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order)); +@@ -851,7 +852,8 @@ print_stats_table_header(void) + if (cap_packet_rate) print_stats_table_header_label("Average packet rate (packets/sec)"); + if (cap_file_hashes) { + print_stats_table_header_label("SHA256"); +- print_stats_table_header_label("RIPEMD160"); ++ if(!gcry_fips_mode_active()) ++ print_stats_table_header_label("RIPEMD160"); + print_stats_table_header_label("SHA1"); + } + if (cap_order) print_stats_table_header_label("Strict time order"); +@@ -1447,7 +1449,10 @@ print_usage(FILE *output) + fprintf(output, " -E display the capture file encapsulation\n"); + fprintf(output, " -I display the capture file interface information\n"); + fprintf(output, " -F display additional capture file information\n"); +- fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n"); ++ if(!gcry_fips_mode_active()) ++ fprintf(output, " -H display the SHA256 and SHA1 hashes of the file\n"); ++ else ++ fprintf(output, " -H display the SHA256, RMD160, and SHA1 hashes of the file\n"); + fprintf(output, " -k display the capture comment\n"); + fprintf(output, "\n"); + fprintf(output, "Size infos:\n"); +@@ -1795,7 +1800,8 @@ main(int argc, char *argv[]) + gcry_check_version(NULL); + gcry_md_open(&hd, GCRY_MD_SHA256, 0); + if (hd) { +- gcry_md_enable(hd, GCRY_MD_RMD160); ++ if(!gcry_fips_mode_active()) ++ gcry_md_enable(hd, GCRY_MD_RMD160); + gcry_md_enable(hd, GCRY_MD_SHA1); + } + hash_buf = (char *)g_malloc(HASH_BUF_SIZE); +@@ -1817,7 +1823,8 @@ main(int argc, char *argv[]) + } + gcry_md_final(hd); + hash_to_str(gcry_md_read(hd, GCRY_MD_SHA256), HASH_SIZE_SHA256, file_sha256); +- hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160); ++ if(!gcry_fips_mode_active()) ++ hash_to_str(gcry_md_read(hd, GCRY_MD_RMD160), HASH_SIZE_RMD160, file_rmd160); + hash_to_str(gcry_md_read(hd, GCRY_MD_SHA1), HASH_SIZE_SHA1, file_sha1); + } + if (fh) fclose(fh); diff --git a/SOURCES/wireshark-0011-cve-2022-3190.patch b/SOURCES/wireshark-0011-cve-2022-3190.patch new file mode 100644 index 0000000..851c47e --- /dev/null +++ b/SOURCES/wireshark-0011-cve-2022-3190.patch @@ -0,0 +1,142 @@ +From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001 +From: Jason Cohen +Date: Wed, 31 Aug 2022 11:10:17 -0500 +Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic + +Remove a chance for an infinate loop in the disection heuristic. +--- + epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++------------- + 1 file changed, 56 insertions(+), 52 deletions(-) + +diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c +index b2ba8f899d..915348ea83 100644 +--- a/epan/dissectors/packet-f5ethtrailer.c ++++ b/epan/dissectors/packet-f5ethtrailer.c +@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d + static gint + dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) + { +- proto_tree *type_tree = NULL; +- proto_item *ti = NULL; + guint offset = 0; +- guint processed = 0; +- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; +- guint8 type; +- guint8 len; +- guint8 ver; + + /* While we still have data in the trailer. For old format trailers, this needs + * type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes). + * All old format trailers are at least 4 bytes long, so just check for length of magic. + */ +- while (tvb_reported_length_remaining(tvb, offset)) { +- type = tvb_get_guint8(tvb, offset); +- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; +- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); +- +- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW +- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE +- && ver <= F5TRAILER_VER_MAX) { +- /* Parse out the specified trailer. */ +- switch (type) { +- case F5TYPE_LOW: +- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); +- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); +- +- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); +- if (processed > 0) { +- tdata->trailer_len += processed; +- tdata->noise_low = 1; +- } +- break; +- case F5TYPE_MED: +- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); +- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); +- +- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); +- if (processed > 0) { +- tdata->trailer_len += processed; +- tdata->noise_med = 1; +- } +- break; +- case F5TYPE_HIGH: +- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); +- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); +- +- processed = +- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); +- if (processed > 0) { +- tdata->trailer_len += processed; +- tdata->noise_high = 1; +- } +- break; ++ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) { ++ /* length field does not include the type and length bytes. Add them back in */ ++ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; ++ if (len > tvb_reported_length_remaining(tvb, offset) ++ || len < F5_MIN_SANE || len > F5_MAX_SANE) { ++ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */ ++ return offset; ++ } ++ guint8 type = tvb_get_guint8(tvb, offset); ++ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); ++ ++ /* Parse out the specified trailer. */ ++ proto_tree *type_tree = NULL; ++ proto_item *ti = NULL; ++ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; ++ guint processed = 0; ++ ++ switch (type) { ++ case F5TYPE_LOW: ++ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); ++ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); ++ ++ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); ++ if (processed > 0) { ++ tdata->trailer_len += processed; ++ tdata->noise_low = 1; + } +- if (processed == 0) { +- proto_item_set_len(ti, 1); +- return offset; ++ break; ++ case F5TYPE_MED: ++ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); ++ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); ++ ++ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); ++ if (processed > 0) { ++ tdata->trailer_len += processed; ++ tdata->noise_med = 1; ++ } ++ break; ++ case F5TYPE_HIGH: ++ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); ++ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); ++ ++ processed = ++ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); ++ if (processed > 0) { ++ tdata->trailer_len += processed; ++ tdata->noise_high = 1; + } ++ break; ++ default: ++ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/ ++ return offset; ++ } ++ if (processed == 0) { ++ /* couldn't process trailer - bali out */ ++ proto_item_set_len(ti, 1); ++ return offset; + } + offset += processed; + } +-return offset; ++ return offset; + } /* dissect_old_trailer() */ + + /*---------------------------------------------------------------------------*/ +-- +GitLab diff --git a/SPECS/wireshark.spec b/SPECS/wireshark.spec index 8959424..2324913 100644 --- a/SPECS/wireshark.spec +++ b/SPECS/wireshark.spec @@ -6,7 +6,7 @@ Summary: Network traffic analyzer Name: wireshark Version: 3.4.10 -Release: 1%{?dist} +Release: 4%{?dist} Epoch: 1 License: GPL+ Url: http://www.wireshark.org/ @@ -16,18 +16,20 @@ Source1: https://www.wireshark.org/download/src/all-versions/SIGNATURES-% Source2: 90-wireshark-usbmon.rules # Fedora-specific -Patch2: wireshark-0002-Customize-permission-denied-error.patch +Patch0002: wireshark-0002-Customize-permission-denied-error.patch # Will be proposed upstream -Patch3: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch +Patch0003: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch # Fedora-specific -Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch +Patch0004: wireshark-0004-Restore-Fedora-specific-groups.patch # Fedora-specific -Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch +Patch0005: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch # Fedora-specific -Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch -Patch7: wireshark-0007-cmakelists.patch -#Patch8: wireshark-0008-move-glib.patch -Patch9: wireshark-0009-smc-support.patch +Patch0006: wireshark-0006-Move-tmp-to-var-tmp.patch +Patch0007: wireshark-0007-cmakelists.patch +#Patch0008: wireshark-0008-move-glib.patch +Patch0009: wireshark-0009-smc-support.patch +Patch0010: wireshark-0010-fips-ripemd160.patch +Patch0011: wireshark-0011-cve-2022-3190.patch #install tshark together with wireshark GUI Requires: %{name}-cli = %{epoch}:%{version}-%{release} @@ -104,7 +106,11 @@ Wireshark. %package devel Summary: Development headers and libraries for wireshark -Requires: %{name} = %{epoch}:%{version}-%{release} glibc-devel glib2-devel +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: %{name}-cli = %{epoch}:%{version}-%{release} +Requires: glibc-devel +Requires: glib2-devel + %description devel The wireshark-devel package contains the header files, developer @@ -271,6 +277,15 @@ fi %{_libdir}/pkgconfig/%{name}.pc %changelog +* Fri Jan 20 2023 Michal Ruprich - 1:3.4.10-4 +- Resolves: #2152064 - CVE-2022-3190 wireshark: f5ethtrailer Infinite loop in legacy style dissector + +* Thu Jan 19 2023 Michal Ruprich - 1:3.4.10-3 +- Resolves: #2083581 - capinfos aborts in FIPS + +* Thu Jan 19 2023 Michal Ruprich - 1:3.4.10-2 +- Resolves: #2160648 - Enhanced TMT testing for centos-stream + * Thu Dec 16 2021 Michal Ruprich - 1:3.4.10-1 - Resolves: #2032966 - Rebase wireshark to fix multiple CVEs