From b932e31a25c5532b49fe76d7cebe8932de08e41f Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sat, 1 Jan 2022 08:45:23 -0800 Subject: wireshark: update to latest stable 3.4.11 For more infromation, see: https://www.wireshark.org/docs/relnotes/wireshark-3.4.11.html refresh 0004-lemon-Remove-line-directives.patch Includes CVEs: 3.4.11: wnpa-sec-2021-16 Gryphon dissector crash. Issue 17737. CVE-2021-4186. wnpa-sec-2021-17 RTMPT dissector infinite loop. Issue 17745. CVE-2021-4185. wnpa-sec-2021-18 BitTorrent DHT dissector infinite loop. Issue 17754. CVE-2021-4184. wnpa-sec-2021-20 RFC 7468 file parser infinite loop. Issue 17801. CVE-2021-4182. wnpa-sec-2021-21 Sysdig Event dissector crash. CVE-2021-4181. 3.4.10: wnpa-sec-2021-07 Bluetooth DHT dissector crash. Issue 17651. CVE-2021-39929. wnpa-sec-2021-08 Bluetooth HCI_ISO dissector crash. Issue 17649. CVE-2021-39926. wnpa-sec-2021-09 Bluetooth SDP dissector crash. Issue 17635. CVE-2021-39925. wnpa-sec-2021-10 Bluetooth DHT dissector large loop. Issue 17677. CVE-2021-39924. wnpa-sec-2021-11 PNRP dissector large loop. Issue 17684. wnpa-sec-2021-12 C12.22 dissector crash. Issue 17636. CVE-2021-39922. wnpa-sec-2021-13 IEEE 802.11 dissector crash. Issue 17704. CVE-2021-39928. wnpa-sec-2021-14 Modbus dissector crash. Issue 17703. CVE-2021-39921. wnpa-sec-2021-15 IPPUSB dissector crash. Issue 17705. CVE-2021-39920. Signed-off-by: Armin Kuster (cherry picked from commit 89bf10d0cb8af495de02ba7a02c487a8b5592cc6) Signed-off-by: Armin Kuster --- .../files/0004-lemon-Remove-line-directives.patch | 15 ++-- .../recipes-support/wireshark/wireshark_3.4.11.bb | 87 ++++++++++++++++++++++ .../recipes-support/wireshark/wireshark_3.4.8.bb | 87 ---------------------- 3 files changed, 93 insertions(+), 96 deletions(-) create mode 100644 meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb delete mode 100644 meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb diff --git a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch index c1a528f90d..134633f668 100644 --- a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch +++ b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch @@ -12,11 +12,11 @@ Signed-off-by: Oleksiy Obitotskyy cmake/modules/UseLemon.cmake | 49 +++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 15 deletions(-) -diff --git a/cmake/modules/UseLemon.cmake b/cmake/modules/UseLemon.cmake -index 849ffc1..ca38ab7 100644 ---- a/cmake/modules/UseLemon.cmake -+++ b/cmake/modules/UseLemon.cmake -@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated) +Index: wireshark-3.4.11/cmake/modules/UseLemon.cmake +=================================================================== +--- wireshark-3.4.11.orig/cmake/modules/UseLemon.cmake ++++ wireshark-3.4.11/cmake/modules/UseLemon.cmake +@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated SET(_out ${CMAKE_CURRENT_BINARY_DIR}/${_basename}) @@ -26,7 +26,7 @@ index 849ffc1..ca38ab7 100644 - # These files are generated as side-effect - ${_out}.h - ${_out}.out -- COMMAND lemon +- COMMAND $ - -T${_lemonpardir}/lempar.c - -d. - ${_in} @@ -72,6 +72,3 @@ index 849ffc1..ca38ab7 100644 LIST(APPEND ${_source} ${_in}) LIST(APPEND ${_generated} ${_out}.c) --- -2.26.2.Cisco - diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb new file mode 100644 index 0000000000..df1fb89f0a --- /dev/null +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb @@ -0,0 +1,87 @@ +DESCRIPTION = "wireshark - a popular network protocol analyzer" +HOMEPAGE = "http://www.wireshark.org" +SECTION = "net" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77" + +DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error libxml2 bison-native c-ares" + +DEPENDS_append_class-target = " wireshark-native chrpath-replacement-native " + +SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz" + +SRC_URI += " \ + file://0001-wireshark-src-improve-reproducibility.patch \ + file://0002-flex-Remove-line-directives.patch \ + file://0003-bison-Remove-line-directives.patch \ + file://0004-lemon-Remove-line-directives.patch \ +" + +UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" + +SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279" + +PE = "1" + +inherit cmake pkgconfig python3native perlnative upstream-version-is-even mime mime-xdg + +PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc" + +PACKAGECONFIG_class-native = "libpcap gnutls ssl libssh" + +PACKAGECONFIG[libcap] = "-DENABLE_CAP=ON,-DENABLE_CAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON, libcap" +PACKAGECONFIG[libpcap] = "-DENABLE_PCAP=ON,-DENABLE_PCAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON , libpcap" +PACKAGECONFIG[libsmi] = "-DENABLE_SMI=ON,-DENABLE_SMI=OFF,libsmi" +PACKAGECONFIG[libnl] = ",,libnl" +PACKAGECONFIG[portaudio] = "-DENABLE_PORTAUDIO=ON,-DENABLE_PORTAUDIO=OFF, portaudio-v19" +PACKAGECONFIG[gnutls] = "-DENABLE_GNUTLS=ON,-DENABLE_GNUTLS=OFF, gnutls" +PACKAGECONFIG[ssl] = ",,openssl" +PACKAGECONFIG[krb5] = "-DENABLE_KRB5=ON,-DENABLE_KRB5=OFF, krb5" +PACKAGECONFIG[lua] = "-DENABLE_LUA=ON,-DENABLE_LUA=OFF, lua" +PACKAGECONFIG[zlib] = "-DENABLE_ZLIB=ON,-DENABLE_ZLIB=OFF, zlib" +PACKAGECONFIG[geoip] = ",, geoip" +PACKAGECONFIG[plugins] = "-DENABLE_PLUGINS=ON,-DENABLE_PLUGINS=OFF" +PACKAGECONFIG[sbc] = "-DENABLE_SBC=ON,-DENABLE_SBC=OFF, sbc" +PACKAGECONFIG[libssh] = ",,libssh2" +PACKAGECONFIG[lz4] = "-DENABLE_LZ4=ON,-DENABLE_LZ4=OFF, lz4" + +# these next two options require addional layers +PACKAGECONFIG[c-ares] = "-DENABLE_CARES=ON,-DENABLE_CARES=OFF, c-ares" +PACKAGECONFIG[qt5] = "-DENABLE_QT5=ON -DBUILD_wireshark=ON, -DENABLE_QT5=OFF -DBUILD_wireshark=OFF, qttools-native qtmultimedia qtsvg" + +inherit ${@bb.utils.contains('PACKAGECONFIG', 'qt5', 'cmake_qt5', '', d)} + +EXTRA_OECMAKE += "-DENABLE_NETLINK=ON \ + -DBUILD_mmdbresolve=OFF \ + -DBUILD_randpktdump=OFF \ + -DBUILD_androiddump=OFF \ + -DBUILD_dcerpcidl2wrs=OFF \ + -DM_INCLUDE_DIR=${includedir} \ + -DM_LIBRARY=${libdir} \ + " +CFLAGS_append = " -lm" + +do_install_append_class-native() { + install -d ${D}${bindir} + for f in lemon + do + install -m 0755 ${B}/run/$f ${D}${bindir} + done +} + +do_install_append_class-target() { + for f in `find ${D}${libdir} ${D}${bindir} -type f -executable` + do + chrpath --delete $f + done +} + +PACKAGE_BEFORE_PN += "tshark" + +FILES_tshark = "${bindir}/tshark ${mandir}/man1/tshark.*" + +FILES_${PN} += "${datadir}*" + +RDEPENDS_tshark = "wireshark" + +BBCLASSEXTEND = "native" diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb deleted file mode 100644 index 73ccfc5f30..0000000000 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb +++ /dev/null @@ -1,87 +0,0 @@ -DESCRIPTION = "wireshark - a popular network protocol analyzer" -HOMEPAGE = "http://www.wireshark.org" -SECTION = "net" -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77" - -DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error libxml2 bison-native c-ares" - -DEPENDS_append_class-target = " wireshark-native chrpath-replacement-native " - -SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz" - -SRC_URI += " \ - file://0001-wireshark-src-improve-reproducibility.patch \ - file://0002-flex-Remove-line-directives.patch \ - file://0003-bison-Remove-line-directives.patch \ - file://0004-lemon-Remove-line-directives.patch \ -" - -UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" - -SRC_URI[sha256sum] = "58a7fa8dfe2010a8c8b7dcf66438c653e6493d47eb936ba48ef49d4aa4dbd725" - -PE = "1" - -inherit cmake pkgconfig python3native perlnative upstream-version-is-even mime mime-xdg - -PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc" - -PACKAGECONFIG_class-native = "libpcap gnutls ssl libssh" - -PACKAGECONFIG[libcap] = "-DENABLE_CAP=ON,-DENABLE_CAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON, libcap" -PACKAGECONFIG[libpcap] = "-DENABLE_PCAP=ON,-DENABLE_PCAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON , libpcap" -PACKAGECONFIG[libsmi] = "-DENABLE_SMI=ON,-DENABLE_SMI=OFF,libsmi" -PACKAGECONFIG[libnl] = ",,libnl" -PACKAGECONFIG[portaudio] = "-DENABLE_PORTAUDIO=ON,-DENABLE_PORTAUDIO=OFF, portaudio-v19" -PACKAGECONFIG[gnutls] = "-DENABLE_GNUTLS=ON,-DENABLE_GNUTLS=OFF, gnutls" -PACKAGECONFIG[ssl] = ",,openssl" -PACKAGECONFIG[krb5] = "-DENABLE_KRB5=ON,-DENABLE_KRB5=OFF, krb5" -PACKAGECONFIG[lua] = "-DENABLE_LUA=ON,-DENABLE_LUA=OFF, lua" -PACKAGECONFIG[zlib] = "-DENABLE_ZLIB=ON,-DENABLE_ZLIB=OFF, zlib" -PACKAGECONFIG[geoip] = ",, geoip" -PACKAGECONFIG[plugins] = "-DENABLE_PLUGINS=ON,-DENABLE_PLUGINS=OFF" -PACKAGECONFIG[sbc] = "-DENABLE_SBC=ON,-DENABLE_SBC=OFF, sbc" -PACKAGECONFIG[libssh] = ",,libssh2" -PACKAGECONFIG[lz4] = "-DENABLE_LZ4=ON,-DENABLE_LZ4=OFF, lz4" - -# these next two options require addional layers -PACKAGECONFIG[c-ares] = "-DENABLE_CARES=ON,-DENABLE_CARES=OFF, c-ares" -PACKAGECONFIG[qt5] = "-DENABLE_QT5=ON -DBUILD_wireshark=ON, -DENABLE_QT5=OFF -DBUILD_wireshark=OFF, qttools-native qtmultimedia qtsvg" - -inherit ${@bb.utils.contains('PACKAGECONFIG', 'qt5', 'cmake_qt5', '', d)} - -EXTRA_OECMAKE += "-DENABLE_NETLINK=ON \ - -DBUILD_mmdbresolve=OFF \ - -DBUILD_randpktdump=OFF \ - -DBUILD_androiddump=OFF \ - -DBUILD_dcerpcidl2wrs=OFF \ - -DM_INCLUDE_DIR=${includedir} \ - -DM_LIBRARY=${libdir} \ - " -CFLAGS_append = " -lm" - -do_install_append_class-native() { - install -d ${D}${bindir} - for f in lemon - do - install -m 0755 ${B}/run/$f ${D}${bindir} - done -} - -do_install_append_class-target() { - for f in `find ${D}${libdir} ${D}${bindir} -type f -executable` - do - chrpath --delete $f - done -} - -PACKAGE_BEFORE_PN += "tshark" - -FILES_tshark = "${bindir}/tshark ${mandir}/man1/tshark.*" - -FILES_${PN} += "${datadir}*" - -RDEPENDS_tshark = "wireshark" - -BBCLASSEXTEND = "native" -- cgit 1.2.3-korg