CVE-2020-26575: In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. Patch at $URL. I don't actually see that commit in any release, so I suspect the CVE description is wrong.
Patch is in 3.4.0rc1 so will modify summary but it's likely not a good stable candidate so will leave at [ebuild].
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa6c736f85d46e3b77b0dca1213025d208517a94 commit fa6c736f85d46e3b77b0dca1213025d208517a94 Author: David Seifert <soap@gentoo.org> AuthorDate: 2020-10-29 22:09:16 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2020-10-29 22:09:16 +0000 net-analyzer/wireshark: Remove old 3.4.0_rc1 Bug: https://bugs.gentoo.org/750692 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: David Seifert <soap@gentoo.org> net-analyzer/wireshark/Manifest | 1 - net-analyzer/wireshark/wireshark-3.4.0_rc1.ebuild | 259 ---------------------- 2 files changed, 260 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e870cc59a011d588b0f932c565bab52021a0b59 commit 7e870cc59a011d588b0f932c565bab52021a0b59 Author: David Seifert <soap@gentoo.org> AuthorDate: 2020-10-29 22:09:13 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2020-10-29 22:09:13 +0000 net-analyzer/wireshark: Version bump to 3.4.0 Bug: https://bugs.gentoo.org/750692 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: David Seifert <soap@gentoo.org> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-3.4.0.ebuild | 259 ++++++++++++++++++++++++++ 2 files changed, 260 insertions(+)
Sanity check failed: > net-analyzer/wireshark-3.4.0 > depend arm64 stable profile default/linux/arm64/17.0 (9 total) > media-libs/bcg729 > rdepend arm64 stable profile default/linux/arm64/17.0 (9 total) > media-libs/bcg729
arm64 done
arm done
amd64 stable
ppc64 stable
x86 done all arches done
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
wnpa-sec-2020-15 Description: The GQUIC protocol dissector could crash. Impact: It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
This issue was resolved and addressed in GLSA 202011-08 at https://security.gentoo.org/glsa/202011-08 by GLSA coordinator Sam James (sam_c).
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cf1f049003feaf74580f26c50ad6a91c35056d8e commit cf1f049003feaf74580f26c50ad6a91c35056d8e Author: Sam James <sam@gentoo.org> AuthorDate: 2020-11-16 06:10:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-16 06:10:41 +0000 net-analyzer/wireshark: security cleanup Bug: https://bugs.gentoo.org/750692 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 1 - .../files/wireshark-2.4-androiddump.patch | 27 --- .../files/wireshark-2.9.0-tfshark-libm.patch | 10 - .../wireshark-99999999-androiddump-wsutil.patch | 19 -- .../wireshark/files/wireshark-99999999-qtsvg.patch | 10 - net-analyzer/wireshark/wireshark-3.2.7-r1.ebuild | 256 --------------------- 6 files changed, 323 deletions(-)
