LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 01-17-2020, 12:22 PM   #1
glupa4e
Member
 
Registered: Jan 2011
Posts: 250

Rep: Reputation: 2
Unhappy Slackware x64 14.2 - Wireshark fails to compile from SBo


Hello,
i have upgraded all listed wireshark's dependencies. When i try to upgrade to the latest version in the slackbuilds.org reposotory, i get the following error.
Code:
[  2%] Linking C shared library ../run/libwsutil.so
[  2%] Built target wsutil
Scanning dependencies of target idl2wrs
[  2%] Building C object CMakeFiles/idl2wrs.dir/epan/dissectors/dcerpc/idl2wrs.c.o
[  2%] Linking C executable run/idl2wrs
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_pss_sha384_sign_digest_tr@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_pss_sha256_verify_digest@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_pss_sha512_sign_digest_tr@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_cfb_encrypt@NETTLE_6'
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_sec_decrypt@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_pss_sha256_sign_digest_tr@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_get_secp_224r1@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_hkdf_expand@NETTLE_6'
/usr/lib64/libgnutls.so: undefined reference to `nettle_get_secp_521r1@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_get_secp_192r1@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_pss_sha384_verify_digest@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_rsa_pss_sha512_verify_digest@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_get_secp_256r1@HOGWEED_4'
/usr/lib64/libgnutls.so: undefined reference to `nettle_cfb_decrypt@NETTLE_6'
/usr/lib64/libgnutls.so: undefined reference to `nettle_get_secp_384r1@HOGWEED_4'
collect2: error: ld returned 1 exit status
CMakeFiles/idl2wrs.dir/build.make:101: recipe for target 'run/idl2wrs' failed
make[2]: *** [run/idl2wrs] Error 1
CMakeFiles/Makefile2:231: recipe for target 'CMakeFiles/idl2wrs.dir/all' failed
make[1]: *** [CMakeFiles/idl2wrs.dir/all] Error 2
Makefile:138: recipe for target 'all' failed
make: *** [all] Error 2
Any idea, if that can be fixed and how?
Thanks!
 
Old 01-17-2020, 12:46 PM   #2
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 6,467

Rep: Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262
Are you on a fully patched 14.2 install? gnutls was upgraded in March 2019 and wireshark was likely tested against that version.

Code:
patches/packages/gnutls-3.6.7-x86_64-1_slack14.2.txz:  Upgraded.
  Fixes security issues:
  libgnutls, gnutls tools: Every gnutls_free() will automatically set
  the free'd pointer to NULL. This prevents possible use-after-free and
  double free issues. Use-after-free will be turned into NULL dereference.
  The counter-measure does not extend to applications using gnutls_free().
  libgnutls: Fixed a memory corruption (double free) vulnerability in the
  certificate verification API. Reported by Tavis Ormandy; addressed with
  the change above. [GNUTLS-SA-2019-03-27, #694]
  libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async
  messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
  libgnutls: enforce key usage limitations on certificates more actively.
  Previously we would enforce it for TLS1.2 protocol, now we enforce it
  even when TLS1.3 is negotiated, or on client certificates as well. When
  an inappropriate for TLS1.3 certificate is seen on the credentials
  structure GnuTLS will disable TLS1.3 support for that session (#690).
  libgnutls: enforce the equality of the two signature parameters fields
  in a certificate. We were already enforcing the signature algorithm,
  but there was a bug in parameter checking code.
  (* Security fix *)
 
1 members found this post helpful.
Old 01-17-2020, 12:54 PM   #3
glupa4e
Member
 
Registered: Jan 2011
Posts: 250

Original Poster
Rep: Reputation: 2
Although i have not performed a full upgrade, i have upgraded all the necessary libriaries, i thought so

Code:
Looking for gnutls in package list. Please wait... DONE

The list below shows all packages with name matching "gnutls".

[ Status           ] [ Repository               ] [ Package                                  ]
   installed               multilib                     gnutls-compat32-3.6.7-x86_64-1_slack14.2compat32  
   installed               patches                      gnutls-3.6.7-x86_64-1_slack14.2           
  uninstalled(masked)      slackware64                  gnutls-3.4.13-x86_64-1                    

You can search specific files using "slackpkg file-search file".
I forgot to tell you, i have a multilib setup.
 
Old 01-17-2020, 01:14 PM   #4
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 6,467

Rep: Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262Reputation: 4262
The next package to look at would be the nettle package.

Code:
patches/packages/nettle-3.4.1-x86_64-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue:
  A Bleichenbacher type side-channel based padding oracle attack was found
  in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5
  data. An attacker who is able to run a process on the same physical core
  as the victim process, could use this flaw to extract plaintext or in some
  cases downgrade any TLS connections to a vulnerable server.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16869
  (* Security fix *)
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
nvidia-driver SBo The symbolic link '/usr/lib/libGL.so.1' does not point to 'tmp/SBo/package-nvidia-driver/usr/lib64/libGL.so.1' Gerardo Zamudio Slackware 5 07-30-2017 11:44 PM
Questions for Robby, ponce, or anyone from SBo about SBo submission requirements. ReaperX7 Slackware 4 06-07-2015 12:30 PM
FFMPEG for APACHE 2.4.6 (x64), PHP 5.5 (x64), MYSQL 5.6 (x64) on WINDOWS 8 (x64) Punctual Programming 3 08-07-2013 06:20 PM
Nvidia-driver.SlackBuild from SBo (or: I am a bad and sloppy SBo maintainer) kingbeowulf Slackware 8 08-31-2012 03:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 03:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration