Accepting request 734758 from home:pmonrealgonzalez:branches:Base:System

- Update to 1.9.1
   * Five CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165
   * Fixes for CVE-2018-16301, errors in pcapng reading.
   * Mention pcap_get_required_select_timeout() in the main pcap man page
   * Fix pcap-usb-linux.c build on systems with musl
   * Fix assorted man page and other documentation issues
   * Plug assorted memory leaks
   * Documentation changes to use https:
   * Changes to how time stamp calculations are done
   * Lots of tweaks to make newer compilers happier and warning-free and
         to fix instances of C undefined behavior
   * Warn if AC_PROG_CC_C99 can't enable C99 support
   * Rename pcap_set_protocol() to  pcap_set_protocol_linux().
   * Align pcap_t private data on an 8-byte boundary.
   * Fix various error messages
   * Use 64-bit clean API in dag_findalldevs()
   * Fix cleaning up after some errors
   * Work around some ethtool ioctl bugs in newer Linux kernels
   * Add backwards compatibility sections to some man pages
   * Fix autotool configuration on AIX and macOS
   * Don't export bpf_filter_with_aux_data() or struct bpf_aux_data;
         they're internal-only and subject to change
   * Fix pcapng block size checking
   * Fix reading of capture statistics for Linux USB
   * Fix packet size values for Linux USB packets
   * Check only VID in VLAN test in filterss
   * Fix pcap_list_datalinks on 802.11 devices on macOS
   * Fix overflows with very large snapshot length in pcap file
   * Improve parsing of rpcapd configuration file
   * Handle systems without strlcpy() or strlcat() better

OBS-URL: https://build.opensuse.org/request/show/734758
OBS-URL: https://build.opensuse.org/package/show/Base:System/libpcap?expand=0&rev=67

Check-only-VID-in-VLAN-test-issue-461.patch

@@ -1,45 +0,0 @@
-From: Michal Kubecek <mkubecek@suse.cz>
-Date: Mon, 24 Sep 2018 18:19:04 +0200
-Subject: Check only VID in VLAN test (issue #461)
-Patch-mailine: libpcap-1.9.1?
-Git-commit: b525a0863466ba863630c0450926044230b447e8
-References: https://github.com/the-tcpdump-group/libpcap/issues/461
-
-The SKF_AD_VLAN_TAG value in metadata contains the whole TCI so that if we
-want to use it for "vlan <id>" test, we need to apply 0xfff mask to compare
-only VID.
-
-Rather than adding another 'and' instruction, use existing one we already
-have for the "not offloaded" case so that when patching block like e.g.
-
-  (010) ldh      [14]
-  (011) and      #0xfff
-  (012) jeq      #0xb             jt 13   jf 14
-
-we jump to (011) instead of (012).
-
-Fixes: 04660eb1e561 ("Use BPF extensions in compiled filters")
----
- gencode.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
---- a/gencode.c
-+++ b/gencode.c
-@@ -8234,12 +8234,15 @@ gen_vlan_patch_vid_test(compiler_state_t *cstate, struct block *b_vid)
- 	sappend(s, s2);
- 	sjeq->s.jt = s2;
- 
--	/* jump to the test in b_vid (bypass loading VID from packet data) */
-+	/* Jump to the test in b_vid. We need to jump one instruction before
-+	 * the end of the b_vid block so that we only skip loading the TCI
-+	 * from packet data and not the 'and' instruction extractging VID.
-+	 */
- 	cnt = 0;
- 	for (s2 = b_vid->stmts; s2; s2 = s2->next)
- 		cnt++;
- 	s2 = new_stmt(cstate, JMP(BPF_JA));
--	s2->s.k = cnt;
-+	s2->s.k = cnt - 1;
- 	sappend(s, s2);
- 
- 	/* insert our statements at the beginning of b_vid */

libpcap-1.0.0-ppp.patch

@@ -2,11 +2,11 @@ Index: gencode.c
 ===================================================================
 --- gencode.c.orig
 +++ gencode.c
-@@ -7549,6 +7549,7 @@ gen_inbound(compiler_state_t *cstate, in
+@@ -8204,6 +8204,7 @@ gen_inbound(compiler_state_t *cstate, in
  	 */
  	switch (cstate->linktype) {
  	case DLT_SLIP:
-+        case DLT_PPP:
- 		b0 = gen_relation(cstate, BPF_JEQ,
- 			  gen_load(cstate, Q_LINK, gen_loadi(cstate, 0), 1),
- 			  gen_loadi(cstate, 0),
++	case DLT_PPP:
+ 		b0 = gen_relation_internal(cstate, BPF_JEQ,
+ 			  gen_load_internal(cstate, Q_LINK, gen_loadi_internal(cstate, 0), 1),
+ 			  gen_loadi_internal(cstate, 0),

libpcap-1.9.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2edb88808e5913fdaa8e9c1fcaf272e19b2485338742b5074b9fe44d68f37019
-size 832079

libpcap-1.9.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:635237637c5b619bcceba91900666b64d56ecb7be63f298f601ec786ce087094
+size 861228

libpcap.changes

@@ -1,3 +1,69 @@
+-------------------------------------------------------------------
+Wed Oct  2 13:40:23 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
+
+- Update to 1.9.1
+   * Five CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165
+   * Fixes for CVE-2018-16301, errors in pcapng reading.
+   * Mention pcap_get_required_select_timeout() in the main pcap man page
+   * Fix pcap-usb-linux.c build on systems with musl
+   * Fix assorted man page and other documentation issues
+   * Plug assorted memory leaks
+   * Documentation changes to use https:
+   * Changes to how time stamp calculations are done
+   * Lots of tweaks to make newer compilers happier and warning-free and
+         to fix instances of C undefined behavior
+   * Warn if AC_PROG_CC_C99 can't enable C99 support
+   * Rename pcap_set_protocol() to  pcap_set_protocol_linux().
+   * Align pcap_t private data on an 8-byte boundary.
+   * Fix various error messages
+   * Use 64-bit clean API in dag_findalldevs()
+   * Fix cleaning up after some errors
+   * Work around some ethtool ioctl bugs in newer Linux kernels
+   * Add backwards compatibility sections to some man pages
+   * Fix autotool configuration on AIX and macOS
+   * Don't export bpf_filter_with_aux_data() or struct bpf_aux_data;
+         they're internal-only and subject to change
+   * Fix pcapng block size checking
+   * Fix reading of capture statistics for Linux USB
+   * Fix packet size values for Linux USB packets
+   * Check only VID in VLAN test in filterss
+   * Fix pcap_list_datalinks on 802.11 devices on macOS
+   * Fix overflows with very large snapshot length in pcap file
+   * Improve parsing of rpcapd configuration file
+   * Handle systems without strlcpy() or strlcat() better
+   * Fix crashes and other errors with invalid filter expressions
+   * Fix use of uninitialized file descriptor in remote capture
+   * Fix some CMake issues
+   * Fix some divide-by-zero issues with the filter compiler
+   * Work around a GNU libc bug in pcap_nametonetaddr()
+   * Add support for DLT_LINUX_SLL2
+   * Fix handling of the packet-count argument for Myricom SNF devices
+   * Fix --disable-rdma in configure script
+   * Fix compilation of TurboCap support
+   * Constify first argument to pcap_findalldevs_ex()
+   * Fix a number of issues when running rpcapd as an inetd-style daemon
+   * Fix CMake issues with D-Bus libraries
+   * In rpcapd, clean up termination of a capture session
+   * Redo remote capture protocol negotiation
+   * In rpcapd, report the same error for "invalid user name" and
+         "invalid password", to make brute-forcing harder
+   * For remote captures, add an error code for "the server requires TLS"
+   * Fix building as part of Npcap
+   * Allow rpcapd to rebind more rapidly
+   * Fix building shared libpcap library on midipix (midipix.org)
+   * Fix hack to detect UTF-16LE adapter names on Windows not to go past
+         the end of the string
+   * Have pcap_dump_open_append() create the dump file if it doesn't exists
+   * Fix the maxmum snapshot length for DLT_USBPCAP
+   * Use -fPIC when building for 64-bit SPARC on Linux
+   * Fix CMake 64-bit library installation directory on some Linux distributions
+   * Boost the TPACKET_V3 timeout to the maximum if a timeout of 0 was specified
+   * PCAPNG reader applies some sanity checks before doing malloc().
+- Drop patch fixed upstream:
+   * Check-only-VID-in-VLAN-test-issue-461.patch
+- Rebase patch:
+   * libpcap-1.0.0-ppp.patch
+
 -------------------------------------------------------------------
 Fri Aug  2 07:06:13 UTC 2019 - Martin Liška <mliska@suse.cz>
 

libpcap.spec

@@ -17,21 +17,19 @@
 
 
 Name:           libpcap
-Version:        1.9.0
+Version:        1.9.1
 Release:        0
 Summary:        A Library for Network Sniffers
 License:        BSD-3-Clause
 Group:          Development/Libraries/C and C++
-Url:            http://www.tcpdump.org/
-Source:         http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
+Url:            https://www.tcpdump.org/
+Source:         https://www.tcpdump.org/release/%{name}-%{version}.tar.gz
 Source2:        baselibs.conf
-Source3:        http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
-Source4:        http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
-# https://github.com/the-tcpdump-group/libpcap/pull/556
+Source3:        https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
+Source4:        https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
 Patch2:         libpcap-1.0.0-ppp.patch
 Patch3:         libpcap-1.0.0-s390.patch
 Patch5:         libpcap-no-old-socket.patch
-Patch6:         Check-only-VID-in-VLAN-test-issue-461.patch
 BuildRequires:  autoconf >= 2.64
 BuildRequires:  automake
 BuildRequires:  bison
@@ -41,7 +39,6 @@ BuildRequires:  flex
 BuildRequires:  libnl3-devel
 BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(libusb-1.0)
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
 libpcap is a library used by packet sniffer programs. It provides an
@@ -90,7 +87,6 @@ libpcap static libraries
 %patch2
 %patch3 -p1
 %patch5 -p1
-%patch6 -p1
 
 %build
 %global _lto_cflags %{_lto_cflags} -ffat-lto-objects
@@ -114,17 +110,15 @@ make DESTDIR=%{buildroot} install install-shared
 %postun -n libpcap1 -p /sbin/ldconfig
 
 %files -n libpcap1
-%defattr(-, root, root)
-%doc CHANGES CREDITS LICENSE README.md doc/README.linux.md TODO
+%license LICENSE
+%doc CHANGES CREDITS README.md doc/README.linux.md TODO
 %{_libdir}/*.so.*
 %{_mandir}/man7/*
 
 %files devel-static
-%defattr(-, root, root)
 %{_libdir}/*.*a
 
 %files devel
-%defattr(-, root, root)
 %{_mandir}/man[1-6]/*
 %{_includedir}/*
 %{_bindir}/pcap-config