Fix CVE-2024-0208,CVE-2024-0209
This commit is contained in:
wk333
parent
34e2273e56
commit
5b01a9e156
42
CVE-2024-0208.patch
Normal file
42
CVE-2024-0208.patch
Normal file
@ -0,0 +1,42 @@
|
||||
From 4953fa99e78ce86e98c18d438dac00669956965c Mon Sep 17 00:00:00 2001
|
||||
From: John Thacker <johnthacker@gmail.com>
|
||||
Date: Thu, 23 Nov 2023 13:47:51 -0500
|
||||
Subject: [PATCH] gvcp: Don't try to add a NULL string to a column
|
||||
|
||||
Origin: https://gitlab.com/wireshark/wireshark/-/merge_requests/13417
|
||||
|
||||
This was caught as an invalid argument by g_strlcpy before 4.2,
|
||||
but it was never a good idea.
|
||||
|
||||
Fix #19496
|
||||
|
||||
(backported from commit a8586fde3a6512466afb2a660538ef3fe712076b)
|
||||
---
|
||||
epan/dissectors/packet-gvcp.c | 7 ++-----
|
||||
1 file changed, 2 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/epan/dissectors/packet-gvcp.c b/epan/dissectors/packet-gvcp.c
|
||||
index a7c13684f03..732db590e4a 100644
|
||||
--- a/epan/dissectors/packet-gvcp.c
|
||||
+++ b/epan/dissectors/packet-gvcp.c
|
||||
@@ -2222,15 +2222,12 @@ static void dissect_readreg_ack(proto_tree *gvcp_telegram_tree, tvbuff_t *tvb, p
|
||||
if (addr_list_size > 0)
|
||||
{
|
||||
address_string = get_register_name_from_address(*((guint32*)wmem_array_index(gvcp_trans->addr_list, 0)), gvcp_info, &is_custom_register);
|
||||
+ col_append_str(pinfo->cinfo, COL_INFO, address_string);
|
||||
}
|
||||
|
||||
if (num_registers)
|
||||
{
|
||||
- col_append_fstr(pinfo->cinfo, COL_INFO, "%s Value=0x%08X", address_string, tvb_get_ntohl(tvb, offset));
|
||||
- }
|
||||
- else
|
||||
- {
|
||||
- col_append_str(pinfo->cinfo, COL_INFO, address_string);
|
||||
+ col_append_sep_fstr(pinfo->cinfo, COL_INFO, " ", "Value=0x%08X", tvb_get_ntohl(tvb, offset));
|
||||
}
|
||||
}
|
||||
}
|
||||
--
|
||||
GitLab
|
||||
|
||||
2197
CVE-2024-0209.patch
Normal file
2197
CVE-2024-0209.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -5,7 +5,7 @@
|
||||
Summary: Network traffic analyzer
|
||||
Name: wireshark
|
||||
Version: 3.6.14
|
||||
Release: 6
|
||||
Release: 7
|
||||
Epoch: 1
|
||||
License: GPL+
|
||||
Url: http://www.wireshark.org/
|
||||
@ -30,7 +30,9 @@ Patch13: CVE-2023-4511.patch
|
||||
Patch14: CVE-2023-5371.patch
|
||||
# https://gitlab.com/wireshark/wireshark/-/commit/197e96f05303af0340b7e626f2b15c2edbf350b0
|
||||
Patch15: CVE-2023-6175.patch
|
||||
Patch16: Fix-libvirt-build-fail.patch
|
||||
Patch16: Fix-libvirt-build-fail.patch
|
||||
Patch17: CVE-2024-0208.patch
|
||||
Patch18: CVE-2024-0209.patch
|
||||
|
||||
Requires: xdg-utils
|
||||
Requires: hicolor-icon-theme
|
||||
@ -205,6 +207,9 @@ exit 0
|
||||
%{_mandir}/man?/*
|
||||
|
||||
%changelog
|
||||
* Thu Jan 04 2024 wangkai <13474090681@163.com> - 1:3.6.14-7
|
||||
- Fix CVE-2024-0208,CVE-2024-0209
|
||||
|
||||
* Mon Oct 16 2023 zhengting <zhengting13@huawei.com> -1:3.6.14-6
|
||||
- Fix libvirt build fail problem
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user