From d7ac33e270e721780eb65eb235c79e1e3d4d30e28437ccddd6d49b6ba2d2b425 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Mon, 2 Sep 2024 12:28:06 +0000 Subject: [PATCH] Accepting request 1198279 from home:pmonrealgonzalez:branches:network:utilities - Update to 4.99.5: * Refine protocol decoding for: - BGP: Fix an undefined behavior when it tries to parse a too-short packet. - CARP: Print the protocol name before any GET_(). - CDP: only hex-dump unknown TLVs in verbose mode. - DHCP: parse the SZTP redirect tag. - DHCPv6: client-id/server-id DUID type 2 correction; parse the user class, boot file URL, and SZTP redirect options; add DUID-UUID printing (RFC6355). - DNS: Detect and correctly handle too-short URI RRs. - EAP: Assign ndo_protocol in the eap_print() function. - Frame Relay (Multilink): Fix the Timestamp Information Element printing. - ICMPv6: Fix printing the Home Agent Address Discovery Reply Message. - IEEE 802.11: no need for an element ID in the structures for IEs, make the length in the IE structures a u_int, include the "TA" field while printing Block Ack Control frame. - IP: Enable TSO (TCP Segmentation Offload) support; fix printing invalid cases as invalid, not truncated; use ND_ICHECKMSG_ZU() to test the header length. - IPv6: Fix printing invalid cases as invalid, not truncated; use ND_ICHECKMSG_U() to print an invalid version. - IPv6: Fix invalid 32-bit versus 64-bit printouts of fragment headers. - ISAKMP: Fix printing Delete payload SPI when size is zero. - Kerberos: Print the protocol name, remove a redundant bounds check. - lwres: Fix an undefined behavior in pointer arithmetic. - OpenFlow 1.0: Fix indentation of PORT_MOD, improve handling of some lengths, and fix handling of snapend. - TCP: Test ports < 1024 in port order to select the printer. - UDP: Move source port equal BCM_LI_PORT to bottom of long if else chain. - UDP: Test ports < 1024 in port order to select the printer. - LDP: Add missing fields of the Common Session Parameters TLV and fix the OBS-URL: https://build.opensuse.org/request/show/1198279 OBS-URL: https://build.opensuse.org/package/show/network:utilities/tcpdump?expand=0&rev=70 --- .gitattributes | 23 + .gitignore | 1 + tcpdump-4.99.4.tar.gz | 3 + tcpdump-4.99.4.tar.gz.sig | Bin 0 -> 442 bytes tcpdump-4.99.5.tar.xz | 3 + tcpdump-4.99.5.tar.xz.sig | Bin 0 -> 442 bytes tcpdump-qeth | 80 +++ tcpdump.changes | 1061 +++++++++++++++++++++++++++++++++++++ tcpdump.keyring | 40 ++ tcpdump.spec | 77 +++ 10 files changed, 1288 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 tcpdump-4.99.4.tar.gz create mode 100644 tcpdump-4.99.4.tar.gz.sig create mode 100644 tcpdump-4.99.5.tar.xz create mode 100644 tcpdump-4.99.5.tar.xz.sig create mode 100644 tcpdump-qeth create mode 100644 tcpdump.changes create mode 100644 tcpdump.keyring create mode 100644 tcpdump.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/tcpdump-4.99.4.tar.gz b/tcpdump-4.99.4.tar.gz new file mode 100644 index 0000000..4223abd --- /dev/null +++ b/tcpdump-4.99.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0232231bb2f29d6bf2426e70a08a7e0c63a0d59a9b44863b7f5e2357a6e49fea +size 1903612 diff --git a/tcpdump-4.99.4.tar.gz.sig b/tcpdump-4.99.4.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..20d556cc83b2492e2a006ae54b34c77ab40e7fe69523b44a3fda490ae38ceb57 GIT binary patch literal 442 zcmV;r0Y(0a0k;GI0SW*e79j*57HU^QtGVDLnvF2viQe(q!Cegn0%R~~O8^Q95a5a4 z@!7#$4SsVBAgQr=geh#gyMs^LeO@OG;|$Xc&XO&j817P5nk+XOar1s?pU=D3R5vPo zDt5Jfs1S5QYR@9q{{vYAM*x}q41GDk3W~;uq~`GyLNMV0T*H$ev!fQ6bQ96Esxx-e zX_uQ^{FwAz>P4(+i5qEw4p3^T0;S@yGVJSNHw>|~pSJWo^|a^+l5W-e>_d+yM+-~b zkR_lrNH#BtJ4YZ#US$)5&Q$y`Ll)qbNGuGa*;2e8{Z%KGf!Iy6Mli~s-t literal 0 HcmV?d00001 diff --git a/tcpdump-4.99.5.tar.xz b/tcpdump-4.99.5.tar.xz new file mode 100644 index 0000000..574ed10 --- /dev/null +++ b/tcpdump-4.99.5.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d76395ab82d659d526291b013eee200201380930793531515abfc6e77b4f2ee5 +size 1418476 diff --git a/tcpdump-4.99.5.tar.xz.sig b/tcpdump-4.99.5.tar.xz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..a68c3e4f8f13b4185c5c9a807e7f7a6271f601087789f16b8bcef1f99f5702b7 GIT binary patch literal 442 zcmV;r0Y(0a0k;GI0SW*e79j*57HU^QtGVDLnvF2viQe(q!Cegn0%p=FDgX)z5a5a4 z@!7#$4gI1FAcOh1AoQ=Ar3J15;|CFl%9qlHb#JArJaFn!{aAO;j%JoAX1JA(4nuwT zT+|rcrN6kq0ysC28^}El{b3-*%6>iLU+YqzEKb@d_jt!&S)U3mR=LTQ6lyY|t3IT` zDz{}v(4J*O-LV87E)Zn%mt9MQbfia|hXrr}ZJ;L~ys7$IA(Da@xSqD^Ohlf;zp zM};?&Umg>f79&V7MpmzsWQ;NhPQx#1CHKMSJJ?1)^i}4pHd*0gmT5eXBgdu*lb=rl zq2$bc?G@=PY)VFr?PB8LF>7(kAv6+}CZWox=3Q>OIB|QES7$c%#ofoQSz4++CUY+T k=c}^g1-mAq(J(6}1N*M)K4`(QD$EVpA0xQF*8(OYRKIA+s{jB1 literal 0 HcmV?d00001 diff --git a/tcpdump-qeth b/tcpdump-qeth new file mode 100644 index 0000000..d508f4d --- /dev/null +++ b/tcpdump-qeth @@ -0,0 +1,80 @@ +#!/usr/bin/perl +# (C)2002 by IBM Corporation, published under terms of the GPL V2 +# Author: Holger Smolinski +# this file is a wrapper around tcpdump, which provides the capability +# for debugging qeth and/or HiperSocket(TM) network interfaces under +# Linux for S/390 and zSeries. tcpdump Syntax is preserved. +# Bugs: When the input pipe ends the process is not stopped. + +use Getopt::Std; + +my $incmd,$outcmd; + +getopts ("adeflnNOpqRStuvxXc:C:F:i:m:r:s:T:w:E:",\%options); + +# Check which options to replace for the reader process +if ( defined($options{'r'}) ) { + $incmd = "cat $options{'r'}"; + $filter_out = 1; +} else { + $incmd = "tcpdump -l -w -"; + $filter_out = 0; + if ( defined($options{'i'}) ) { + $incmd .= " -i ".$options{'i'}; + delete $options{'i'}; # remove -i option from option list + } + foreach $key (@ARGV) { + $incmd .= " $key"; + } +} + +$outcmd = "tcpdump -r -"; +# Rebuild arglist for the writer process +delete $options{'r'}; # remove -r option from option list +foreach $key (keys %options) { + if ((index "adeflnNOpqRStuvxX",$key) >= 0 ) { + $outcmd .= " -$key"; + } else { + $outcmd .= " -$key $options{$key}"; + } + if ( $filter_out == 1 ) { + foreach $key (@ARGV) { + $outcmd .= " $key"; + } + } +} + +open READER,"$incmd|" or die "Cannot spawn reader command $incmd"; +open WRITER,"|$outcmd" or die "Cannot spawn writer command $outcmd"; + +sysread READER,$filehdr,24 or die "Cannot read file header"; +($magic,$version_major,$version_minor,$thiszone,$sigfigs,$snaplen,$linktype) = + unpack("ISSIIII",$filehdr); +$snaplen += 14; +$filehdr = pack ("ISSIIII",($magic,$version_major,$version_minor,$thiszone,$sigfigs,$snaplen,$linktype)); +syswrite WRITER,$filehdr,24; + +$etherheaderip6 = pack ("IIIS",(0,0,0,0x8dd)); +$etherheaderip4 = pack ("IIIS",(0,0,0,0x800)); + +while ( 1 ) { + $hdrd = 0; + do {$hdrd += sysread READER, $pkthdr, 16-$hdrd, $hdrd; } while ($hdrd < 16); + ($seconds,$usecs,$caplen,$len) = unpack ("IIII",$pkthdr); + $hdrd = 0; + do {$hdrd += sysread READER, $packet,$caplen-$hdrd, $hdrd; } while ($hdrd < $caplen); + $paktype = unpack("C",$packet); + if ( $paktype & 0xf0 == 0x60 ) { + $caplen += 14; + $len += 14; + $header = $etehrheaderip6; + } elsif ($paktype >= 0x45 && $paktype <= 0x4f ) { + $caplen += 14; + $len += 14; + $header = $etherheaderip4; + } else { + $header = ""; + } + $pkthdr = pack ("IIII",($seconds,$usecs,$caplen,$len)); + syswrite WRITER,"$pkthdr$header$packet",16+$caplen; +} diff --git a/tcpdump.changes b/tcpdump.changes new file mode 100644 index 0000000..9d74f08 --- /dev/null +++ b/tcpdump.changes @@ -0,0 +1,1061 @@ +------------------------------------------------------------------- +Mon Sep 2 09:29:52 UTC 2024 - Pedro Monreal + +- Update to 4.99.5: + * Refine protocol decoding for: + - BGP: Fix an undefined behavior when it tries to parse a too-short packet. + - CARP: Print the protocol name before any GET_(). + - CDP: only hex-dump unknown TLVs in verbose mode. + - DHCP: parse the SZTP redirect tag. + - DHCPv6: client-id/server-id DUID type 2 correction; parse the user class, + boot file URL, and SZTP redirect options; add DUID-UUID printing (RFC6355). + - DNS: Detect and correctly handle too-short URI RRs. + - EAP: Assign ndo_protocol in the eap_print() function. + - Frame Relay (Multilink): Fix the Timestamp Information Element printing. + - ICMPv6: Fix printing the Home Agent Address Discovery Reply Message. + - IEEE 802.11: no need for an element ID in the structures for IEs, make + the length in the IE structures a u_int, include the "TA" field while + printing Block Ack Control frame. + - IP: Enable TSO (TCP Segmentation Offload) support; fix printing invalid + cases as invalid, not truncated; use ND_ICHECKMSG_ZU() to test the + header length. + - IPv6: Fix printing invalid cases as invalid, not truncated; use + ND_ICHECKMSG_U() to print an invalid version. + - IPv6: Fix invalid 32-bit versus 64-bit printouts of fragment headers. + - ISAKMP: Fix printing Delete payload SPI when size is zero. + - Kerberos: Print the protocol name, remove a redundant bounds check. + - lwres: Fix an undefined behavior in pointer arithmetic. + - OpenFlow 1.0: Fix indentation of PORT_MOD, improve handling of + some lengths, and fix handling of snapend. + - TCP: Test ports < 1024 in port order to select the printer. + - UDP: Move source port equal BCM_LI_PORT to bottom of long if else chain. + - UDP: Test ports < 1024 in port order to select the printer. + - LDP: Add missing fields of the Common Session Parameters TLV and fix the + offset for the A&D bits. + - NFLOG: Use correct AF code points on all OSes. + - OSPF: Pad TLVs in LS_OPAQUE_TYPE_RI to multiples of 4 bytes. + - OSPF: Update LS-Ack printing not to run off the end of the packet. + - OSPF6: Fix an undefined behavior. + - PPP: Check if there is some data to hexdump. + - PPP: Remove an extra colon before LCP Callback Operation. + - Use the buffer stack for de-escaping PPP; fixes CVE-2024-2397; + Note: This problem does not affect any tcpdump release. + - PTP: Fix spelling of type SIGNALING, Parse major and minor version + correctly, Print majorSdoId field instead of just the first bit. + - RPKI-Router: Refine length and bounds checks. + - RX, SNMP, ZEP, smbutil.c: Use the "%Y-%m-%d" date format. + * User interface: + - Print the supported time stamp types (-J) to stdout instead of stderr. + - Print the list of data link types (-L) to stdout instead of stderr. + - Update --version option to print 32/64-bit build and time_t size. + - Support "3des" as an alias for "des_ede3_cbc" even if the crypto + library doesn't support adding aliases. + * Source code: + - tcpdump: Fix a memory leak. + - child_cleanup: reap as many child processes as possible. + - Ignore failures when setting the default "any" device DLL to LINUX_SLL2. + - Fix for backends which doesn't support capsicum. + - Introduce new ND_ICHECK*() macros to deduplicate more code. + - Skip privilege dropping when using -Z root on --with-user builds. + - Free interface list just before exiting where it wasn't being freed. + +------------------------------------------------------------------- +Mon Feb 19 13:13:20 UTC 2024 - Frederic Crozat + +- Update url for tcpdump keyring and refresh keyring. + +------------------------------------------------------------------- +Sat Apr 8 11:04:16 UTC 2023 - Andreas Stieger + +- update to 4.99.4: + * LSP ping: Fix "Unused value" warnings from Coverity + * CVE-2023-1801: out-of-bounds write in the SMB printer (boo#1210265) + * DNS: sync resource types with IANA + * ICMPv6: Update the output to show a RPL DAO field name + Geneve: Fix the Geneve UDP port test + * build system tweaks and documentation updates + +------------------------------------------------------------------- +Tue Jan 17 08:18:36 UTC 2023 - Dirk Müller + +- update to 4.99.3: + * Updated printers: + PTP: Use the proper values for the control field and print un-allocated + values for the message field as "Reserved" instead of "none". + * Source code: + smbutil.c: Replace obsolete function call (asctime) + * Documentation: + Reformat the installation notes (INSTALL.txt) in Markdown. + Convert CONTRIBUTING to Markdown. + CONTRIBUTING.md: Document the use of "protocol: " in a commit summary. + Add a README file for NetBSD. + Fix CMake build to set man page section numbers in tcpdump.1 + +------------------------------------------------------------------- +Sun Jan 1 12:50:29 UTC 2023 - Andreas Stieger + +- update to 4.99.2: + * Multiple fixes and improvements to BGP, DSA, EAP, 802.11, + 802.15.4, RRCP, MPLS, ICMP, VQP, Juniper, lwres, Ethernet, + IPX, Zephyr, VRRP, DCCP, IPv6, ISAKMP, RADIUS, TCP, RESp, + Arista, sFlow, VRRP, OSPF, OSPFv3, ICMPv3, ICMPv6, NFS, PTP, + WHOIS, MPTCP, ESP, PPP, ZEP printers + * Build system updates, developer visible fixes, documentation + +------------------------------------------------------------------- +Sun Jun 13 09:33:08 UTC 2021 - Andreas Stieger + +- update to 4.99.1: + * Squelch some compiler warnings + * ICMP: Update the snapend for some nested IP packets + * MACsec: Update the snapend thus the ICV field is not payload + for the caller + * EIGRP: Fix packet header fields + * SMB: Disable printer by default in CMake builds + * OLSR: Print the protocol name even if the packet is invalid + * MSDP: Print ": " before the protocol name + * ESP: Remove padding, padding length and next header from the buffer + * DHCPv6: Update the snapend for nested DHCPv6 packets + * OpenFlow 1.0: Get snapend right for nested frames + * TCP: Update the snapend before decoding a MPTCP option + * Ethernet, IEEE 802.15.4, IP, L2TP, TCP, ZEP: Add bounds checks + * ForCES: Refine SPARSEDATA-TLV length check + * ASCII/hex: Use nd_trunc_longjmp() in truncation cases + * GeoNet: Add a ND_TCHECK_LEN() call + * Replace ND_TCHECK_/memcpy() pairs with GET_CPY_BYTES() + * BGP: Fix overwrites of global 'astostr' temporary buffer + * ARP: fix overwrites of static buffer in q922_string() + * Frame Relay: have q922_string() handle errors better + +------------------------------------------------------------------- +Fri Feb 19 14:07:16 UTC 2021 - Pedro Monreal + +- Fix excess of precission in floating point registers for i586 + until resolved upstream. + +------------------------------------------------------------------- +Mon Jan 4 13:01:06 UTC 2021 - Pedro Monreal + +- Update to 4.99.0 + IMPORTANT: Upsteam moved the default install directory to bindir. + For compatibility, tcpdump is still being installed in + sbindir and a symlink in bindir has been added. + * Print unsupported link-layer protocol packets in hex. + * Add support for new network protocols and DLTs: Arista, Autosar + SOME/IP, Broadcom LI and Ethernet switches tag, IEEE 802.15.9, + IP-over-InfiniBand (IPoIB), Linux SLL2, Linux vsockmon, MACsec, + Marvell Distributed Switch Architecture, OpenFlow 1.3, Precision + Time Protocol (PTP), SSH, WHOIS, ZigBee Encapsulation Protocol (ZEP). + * Make protocol-specific updates for: AH, DHCP, DNS, ESP, FRF.16, + HNCP, ICMP6, IEEE 802.15.4, IPv6, IS-IS, Linux SLL, LLDP, LSP + ping, MPTCP, NFS, NSH, NTP, OSPF, OSPF6, PGM, PIM, PPTP, RADIUS, + RSVP, Rx, SMB, UDLD, VXLAN-GPE. + * User interface: + - Make SLL2 the default for Linux "any" pseudo-device. + - Add --micro and --nano shorthands. + - Add --count to print a counter only instead of decoding. + - Add --print, to cause packet printing even with -w. + - Add support for remote capture if libpcap supports it. + - Flush the output packet buffer on a SIGUSR2. + - Handle very large -f files by rejecting them. + * Source code: + - Introduce new helper functions, including GET_*(), + nd_print_protocol(), nd_print_invalid(), nd_print_trunc(), + nd_trunc_longjmp() and others. + - Put integer signedness right in many cases. + - Introduce nd_uint*, nd_mac_addr, nd_ipv4 and nd_ipv6 types + to fix alignment issues, especially on SPARC. + - Use a table instead of getprotobynumber(). + - Get rid of ND_UNALIGNED and ND_TCHECK(). + - Make roundup2() generally available. + - Resync SMI list against Wireshark. +- Remove patches fixed upstream: + * tcpdump-CVE-2018-19519.patch + * tcpdump-CVE-2020-8037.patch + +------------------------------------------------------------------- +Mon Jan 4 12:53:10 UTC 2021 - Pedro Monreal + +- Remove unrecognized configure option: enable-ipv6 + +------------------------------------------------------------------- +Thu Nov 5 10:58:11 UTC 2020 - Pedro Monreal + +- Security fix: [bsc#1178466, CVE-2020-8037] + * PPP decapsulator: Allocate the right buffer size +- Add tcpdump-CVE-2020-8037.patch + +------------------------------------------------------------------- +Fri Dec 13 17:21:34 UTC 2019 - Michel Normand + +- ignore make check failure for PowerPC as tracked upstream + https://github.com/the-tcpdump-group/tcpdump/issues/814 + +------------------------------------------------------------------- +Tue Oct 15 07:53:47 UTC 2019 - Martin Pluskal + +- Trim CFLAGS + +------------------------------------------------------------------- +Wed Oct 2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez + +- Update to 4.9.3 [bsc#1153098] + * Fix buffer overflow/overread vulnerabilities: + - CVE-2017-16808 (AoE) + - CVE-2018-14468 (FrameRelay) + - CVE-2018-14469 (IKEv1) + - CVE-2018-14470 (BABEL) + - CVE-2018-14466 (AFS/RX) + - CVE-2018-14461 (LDP) + - CVE-2018-14462 (ICMP) + - CVE-2018-14465 (RSVP) + - CVE-2018-14881 (BGP) + - CVE-2018-14464 (LMP) + - CVE-2018-14463 (VRRP) + - CVE-2018-14467 (BGP) + - CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled) + - CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled) + - CVE-2018-14880 (OSPF6) + - CVE-2018-16451 (SMB) + - CVE-2018-14882 (RPL) + - CVE-2018-16227 (802.11) + - CVE-2018-16229 (DCCP) + - CVE-2018-16301 (was fixed in libpcap) + - CVE-2018-16230 (BGP) + - CVE-2018-16452 (SMB) + - CVE-2018-16300 (BGP) + - CVE-2018-16228 (HNCP) + - CVE-2019-15166 (LMP) + - CVE-2019-15167 (VRRP) + * Fix for cmdline argument/local issues: + - CVE-2018-14879 (tcpdump -V) +- Drop patches fixed upstream: + * tcpdump-CVE-2017-16808.patch + * tcpdump-CVE-2019-1010220.patch + * tcpdump-ikev2pI2.patch + +------------------------------------------------------------------- +Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez + +- Security fix [bsc#1142439, CVE-2019-1010220] + * Buffer Over-read in print_prefix which may expose data + * Added tcpdump-CVE-2019-1010220.patch + +------------------------------------------------------------------- +Tue Jul 23 10:37:17 UTC 2019 - Pedro Monreal Gonzalez + +- Use %license macro for LICENSE file + +------------------------------------------------------------------- +Tue Jul 23 10:24:31 UTC 2019 - Pedro Monreal Gonzalez + +- Security fix [bsc#1068716, CVE-2017-16808] + * Heap-based buffer over-read related to aoe_print and lookup_emem + * Added tcpdump-CVE-2017-16808.patch + +------------------------------------------------------------------- +Thu Dec 6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez + +- Security fix [bsc#1117267, CVE-2018-19519] + * Buffer overread in print-hncp.c:print_prefix. + * Added patch tcpdump-CVE-2018-19519.patch + +------------------------------------------------------------------- +Tue Sep 12 15:23:04 UTC 2017 - pmonrealgonzalez@suse.com + +- Disabled ikev2pI2 test that fails on some architectures + * Added patch tcpdump-ikev2pI2.patch + +------------------------------------------------------------------- +Tue Sep 12 14:51:00 UTC 2017 - pmonrealgonzalez@suse.com + +- Update to version 4.9.2 [bsc#1057247] + * Security fixes: + - CVE-2017-11108 segfault in STP decoder + - Segfault in ESP decoder with OpenSSL 1.1 + - CVE-2017-11543 buffer overflow in SLIP decoder + - CVE-2017-13011 buffer overflow in bittok2str_internal() + - CVE-2017-12989 infinite loop in the RESP parser + - CVE-2017-12990 infinite loop in the ISAKMP parser + - CVE-2017-12995 infinite loop in the DNS parser + - CVE-2017-12997 infinite loop in the LLDP parser + - CVE-2017-11541 buffer over-read in safeputs() + - CVE-2017-11542 buffer over-read in PIMv1 decoder + - CVE-2017-12893 buffer over-read in the SMB/CIFS parser + - CVE-2017-12894 buffer over-read in several protocol parsers + - CVE-2017-12895 buffer over-read in the ICMP parser + - CVE-2017-12896 buffer over-read in the ISAKMP parser + - CVE-2017-12897 buffer over-read in the ISO CLNS parser + - CVE-2017-12898 buffer over-read in the NFS parser + - CVE-2017-12899 buffer over-read in the DECnet parser + - CVE-2017-12900 buffer over-read in the in several protocol parsers + - CVE-2017-12901 buffer over-read in the EIGRP parser + - CVE-2017-12902 buffer over-read in the Zephyr parser + - CVE-2017-12985 buffer over-read in the IPv6 parser + - CVE-2017-12986 buffer over-read in the IPv6 routing header parser + - CVE-2017-12987 buffer over-read in the 802.11 parser + - CVE-2017-12988 buffer over-read in the telnet parser + - CVE-2017-12991 buffer over-read in the BGP parser + - CVE-2017-12992 buffer over-read in the RIPng parser + - CVE-2017-12993 buffer over-read in the Juniper protocols parser + - CVE-2017-12994 buffer over-read in the BGP parser + - CVE-2017-12996 buffer over-read in the PIMv2 parser + - CVE-2017-12998 buffer over-read in the IS-IS parser + - CVE-2017-12999 buffer over-read in the IS-IS parser + - CVE-2017-13000 buffer over-read in the IEEE 802.15.4 parser + - CVE-2017-13001 buffer over-read in the NFS parser + - CVE-2017-13002 buffer over-read in the AODV parser + - CVE-2017-13003 buffer over-read in the LMP parser + - CVE-2017-13004 buffer over-read in the Juniper protocols parser + - CVE-2017-13005 buffer over-read in the NFS parser + - CVE-2017-13006 buffer over-read in the L2TP parser + - CVE-2017-13007 buffer over-read in the Apple PKTAP parser + - CVE-2017-13008 buffer over-read in the IEEE 802.11 parser + - CVE-2017-13009 buffer over-read in the IPv6 mobility parser + - CVE-2017-13010 buffer over-read in the BEEP parser + - CVE-2017-13012 buffer over-read in the ICMP parser + - CVE-2017-13013 buffer over-read in the ARP parser + - CVE-2017-13014 buffer over-read in the White Board protocol parser + - CVE-2017-13015 buffer over-read in the EAP parser + - CVE-2017-13016 buffer over-read in the ISO ES-IS parser + - CVE-2017-13017 buffer over-read in the DHCPv6 parser + - CVE-2017-13018 buffer over-read in the PGM parser + - CVE-2017-13019 buffer over-read in the PGM parser + - CVE-2017-13020 buffer over-read in the VTP parser + - CVE-2017-13021 buffer over-read in the ICMPv6 parser + - CVE-2017-13022 buffer over-read in the IP parser + - CVE-2017-13023 buffer over-read in the IPv6 mobility parser + - CVE-2017-13024 buffer over-read in the IPv6 mobility parser + - CVE-2017-13025 buffer over-read in the IPv6 mobility parser + - CVE-2017-13026 buffer over-read in the ISO IS-IS parser + - CVE-2017-13027 buffer over-read in the LLDP parser + - CVE-2017-13028 buffer over-read in the BOOTP parser + - CVE-2017-13029 buffer over-read in the PPP parser + - CVE-2017-13030 buffer over-read in the PIM parser + - CVE-2017-13031 buffer over-read in the IPv6 fragmentation header parser + - CVE-2017-13032 buffer over-read in the RADIUS parser + - CVE-2017-13033 buffer over-read in the VTP parser + - CVE-2017-13034 buffer over-read in the PGM parser + - CVE-2017-13035 buffer over-read in the ISO IS-IS parser + - CVE-2017-13036 buffer over-read in the OSPFv3 parser + - CVE-2017-13037 buffer over-read in the IP parser + - CVE-2017-13038 buffer over-read in the PPP parser + - CVE-2017-13039 buffer over-read in the ISAKMP parser + - CVE-2017-13040 buffer over-read in the MPTCP parser + - CVE-2017-13041 buffer over-read in the ICMPv6 parser + - CVE-2017-13042 buffer over-read in the HNCP parser + - CVE-2017-13043 buffer over-read in the BGP parser + - CVE-2017-13044 buffer over-read in the HNCP parser + - CVE-2017-13045 buffer over-read in the VQP parser + - CVE-2017-13046 buffer over-read in the BGP parser + - CVE-2017-13047 buffer over-read in the ISO ES-IS parser + - CVE-2017-13048 buffer over-read in the RSVP parser + - CVE-2017-13049 buffer over-read in the Rx protocol parser + - CVE-2017-13050 buffer over-read in the RPKI-Router parser + - CVE-2017-13051 buffer over-read in the RSVP parser + - CVE-2017-13052 buffer over-read in the CFM parser + - CVE-2017-13053 buffer over-read in the BGP parser + - CVE-2017-13054 buffer over-read in the LLDP parser + - CVE-2017-13055 buffer over-read in the ISO IS-IS parser + - CVE-2017-13687 buffer over-read in the Cisco HDLC parser + - CVE-2017-13688 buffer over-read in the OLSR parser + - CVE-2017-13689 buffer over-read in the IKEv1 parser + - CVE-2017-13690 buffer over-read in the IKEv2 parser + - CVE-2017-13725 buffer over-read in the IPv6 routing header parser + * Dropped patch tcpdump-reverted-test-scripts-fix.patch + +------------------------------------------------------------------- +Wed Aug 23 13:51:30 UTC 2017 - pmonrealgonzalez@suse.com + +- Reverted upstream commit that makes some tests to fail when + compiling with openssl-1.1.0 + * Upstream commit 68cc39dd64688829be2632d9cd24f7efa3da79bb + * Added patch tcpdump-reverted-test-scripts-fix.patch + * Removed patch tcpdump-ikev2pI2-test-fails-ppc.patch + +------------------------------------------------------------------- +Wed Jul 26 12:33:53 UTC 2017 - pmonrealgonzalez@suse.com + +- Disable ikev2pI2 test that fails on ppc, ppc64 and ppc64le + * Added patch tcpdump-ikev2pI2-test-fails-ppc.patch + +------------------------------------------------------------------- +Wed Jul 26 09:16:56 UTC 2017 - pmonrealgonzalez@suse.com + +- Update to version 4.9.1 [bsc#1047873] + * CVE-2017-11108/Fix bounds checking for STP. + * Make assorted documentation updates and fix a few typos in output. + * Fixup -C for file size >2GB + * Show AddressSanitizer presence in version output. + * Fix a bug in test scripts. + * Fix a use-after-free when the requested interface does not exist. + +------------------------------------------------------------------- +Thu Feb 2 14:47:56 UTC 2017 - pmonrealgonzalez@suse.com + +- version update to 4.9.0 bsc#1020940 + * CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). + * CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). + * CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). + * CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). + * CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). + * CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). + * CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). + * CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). + * CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). + * CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). + * CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). + * CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + * CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). + * CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). + * CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). + * CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). + * CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). + * CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. + * CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. + * CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. + * CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. + * CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). + * CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). + * CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). + * CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). + * CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. + * CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). + * CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + * CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). + * CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). + * CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). + * CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). + * CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). + * CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). + * CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). + * CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). + * CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). + * CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). + * CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). + * CVE-2017-5485 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). + * CVE-2017-5486 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). + +------------------------------------------------------------------- +Fri Apr 15 01:28:38 CEST 2016 - ro@suse.de + +- fix filelist to fix build on s390/s390x + +------------------------------------------------------------------- +Wed Mar 30 07:43:04 UTC 2016 - bg@suse.com + +- correctly reference SOURCE1 during installation for s390x + +------------------------------------------------------------------- +Sun Apr 26 18:51:40 UTC 2015 - astieger@suse.com + +- tcpdump 4.7.4: + * PPKI to Router Protocol: Fix Segmentation Faults and other problems + * RPKI to Router Protocol: print strings with fn_printn() + * wb: fix some bounds checks + (previously patched in, removed CVE-2015-3138.patch) + +------------------------------------------------------------------- +Fri Apr 17 20:00:24 UTC 2015 - astieger@suse.com + +- fix a DoS vulnerability in print-wb.c + CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch + +------------------------------------------------------------------- +Fri Mar 13 09:54:11 UTC 2015 - vcizek@suse.com + +- update to 4.7.3 +- fixes four security bugs: + * CVE-2015-0261 - IPv6 mobility printer (bnc#922220) + * CVE-2015-2153 - tcp printer (bnc#922221) + * CVE-2015-2154 - ethernet printer (bnc#922222) + * CVE-2015-2155 - force printer (bnc#922223) +- drop patches with security fixes (upstream): + * tcpdump-CVE-2014-8767.patch + * tcpdump-CVE-2014-8768.patch + * tcpdump-CVE-2014-8769.patch + * 0001-Clean-up-error-message-printing.patch + +------------------------------------------------------------------- +Fri Feb 6 12:31:23 UTC 2015 - vcizek@suse.com + +- fix CVE-2014-8767 (bnc#905870) + * denial of service in verbose mode using malformed OLSR payload + * added tcpdump-CVE-2014-8767.patch +- fix CVE-2014-8768 (bnc#905871) + * denial of service in verbose mode using malformed Geonet payload + * added tcpdump-CVE-2014-8768.patch +- fix CVE-2014-8769 (bnc#905872) + * unreliable output using malformed AOVD payload + * added tcpdump-CVE-2014-8769.patch + * added 0001-Clean-up-error-message-printing.patch + +------------------------------------------------------------------- +Wed Sep 3 18:44:03 UTC 2014 - andreas.stieger@gmx.de + +- tcpdump 4.6.2: + * fix out-of-source-tree builds: find libpcap that is out of source + * better configure check for libsmi + +------------------------------------------------------------------- +Fri Aug 15 19:45:52 UTC 2014 - andreas.stieger@gmx.de + +- tcpdump 4.6.1: + * add a short option '#', same as long option '--number' +- includes changes from 4.6.0: + * all of tcpdump is now using the new "NDO" code base + * nflog, mobile, forces, pptp, AODV, AHCP, IPv6, OSPFv4, RPL, + DHCPv6 enhancements/fixes + * M3UA decode added. + * many new test cases: 82 in 4.5.1 to 133 in 4.6.0 + * cleaned up some unnecessary header files + * Added bittok2str(). + * a number of unaligned access faults fixed + * -A flag does not consider CR to be printable anymore + * fx.lebail took over coverity baby sitting + * default snapshot size increased to 256K for accomodate USB + captures +- includes changes from 4.5.2: + * man page fix +- add build and runtime libpcap minimum version +- remove old patches, thus making package patchless: + tcpdump-4.0.0-prototypes.patch + tcpdump-4.0.0-aliasing.patch +- run spec cleaner on spec file +- remove gpg-offline, now part of source validator +- remove versioned binary +- run regression tests + +------------------------------------------------------------------- +Sat Dec 14 11:19:45 UTC 2013 - andreas.stieger@gmx.de + +- update to 4.5.1 + Version 4.5.0 revised for non-code related edits + - some NFSv4 fixes for printing + - fix printing of unknown TCP options, and tcp fast-open + - fixes for syslog parser + - some gcc-version-specific flag tuning + - improvements to babel printing + - add OpenFlow 1.0 (no SSL) and test cases + - GeoNet printer. + - added STBC Rx support + - improvements to DHCPv6 decoder + - clarify which autoconf is needed + - Point users to the the-tcpdump-group repository on GitHub rather + than the mcr repository + - Add MSDP printer. + - Fixed IPv6 check on Solaris and other OSes requiring extra + networking libraries. + - Add support for VXLAN (draft-mahalingam-dutt-dcops-vxlan-03), + and add "vxlan" as an option for -T. + - Add support for OTV (draft-hasmit-otv-04). + fixes for DLT_IEEE802_11_RADIO datalink types + - added MPTCP decoder + +------------------------------------------------------------------- +Fri Sep 13 20:37:14 UTC 2013 - andreas.stieger@gmx.de + +- verify source signature + +------------------------------------------------------------------- +Wed Sep 11 11:51:41 UTC 2013 - reddwarf@opensuse.org + +- update to 4.4.0 + - RPKI-RTR (RFC6810) is now official (TCP Port 323) + - Fix detection of OpenSSL libcrypto. + - Add DNSSL (RFC6106) support. + - Add "radius" as an option for -T. + - Update Action codes for handle_action function according to + 802.11s amendment. + - Decode DHCPv6 AFTR-Name option (RFC6334). + - Updates for Babel. + - Fix printing of infinite lifetime in ICMPv6. + - Added support for SPB, SPBM Service Identifier, and Unicast + Address sub-TLV in ISIS. + - Decode RIPv2 authentication up to RFC4822. + - Fix RIP Request/full table decoding issues. + - On Linux systems with cap-ng.h, drop root privileges + using Linux Capabilities. + - Add support for reading multiple files. + +------------------------------------------------------------------- +Fri Jun 15 15:37:15 CEST 2012 - jslaby@suse.de + +- remove tcpdump-4.0.0-uninitialized.patch, it's solved differently + +------------------------------------------------------------------- +Thu Jun 14 23:48:25 CEST 2012 - jslaby@suse.de + +- update to 4.3.0 + - fixes for forces: SPARSE data (per RFC 5810) + - some more test cases added + - updates to documentation on -l, -U and -w flags. + - Fix printing of BGP optional headers. + - Tried to include DLT_PFSYNC support, failed due to headers required. + - added TIPC support. + - Fix LLDP Network Policy bit definitions. + - fixes for IGMPv3's Max Response Time: it is in units of 0.1 second. + - SIGUSR1 can be used rather than SIGINFO for stats + - permit -n flag to affect print-ip for protocol numbers + - ND_OPT_ADVINTERVAL is in milliseconds, not seconds + - Teach PPPoE parser about RFC 4638 + +------------------------------------------------------------------- +Tue Jan 3 14:48:56 UTC 2012 - puzel@suse.com + +- update to 4.2.1 + - Only build the Babel printer if IPv6 is enabled. + - Support Babel on port 6696 as well as 6697. + - Include ppi.h in release tarball. + - Include all the test files in the release tarball, and don't + "include" test files that no longer exist. + - Don't assume we have - check for it. + - Support "-T carp" as a way of dissecting IP protocol 112 as CARP + rather than VRRP. + - Support Hilscher NetAnalyzer link-layer header format. + - Constify some pointers and fix compiler warnings. + - Get rid of never-true test. + - Fix an unintended fall-through in a case statement in the ARP + printer. + - Fix several cases where sizeof(sizeof(XXX)) was used when just + sizeof(XXX) was intended. + - Make stricter sanity checks in the ES-IS printer. + - Get rid of some GCCisms that caused builds to fail with compilers + that don't support them. + - Fix typo in man page. + - Added length checks to Babel printer. +- drop tcpdump-4.2.0-ppi.patch (upstream) + +------------------------------------------------------------------- +Mon Nov 28 12:32:25 UTC 2011 - vcizek@suse.com + +- update to 4.2.0 + * patch that adds missing ppi.h + * Summary for 4.2.0 + - merged 802.15.4 decoder from Dmitry Eremin-Solenikov + - updates to forces for new port numbers + - Use "-H", not "-h", for the 802.11s option. (-h always help) + - Better ICMPv6 checksum handling. + - add support for the RPKI/Router Protocol, per -ietf-sidr-rpki-rtr-12 + - get rid of uuencoded pcap test files, git can do binary. + - sFlow changes for 64-bit counters. + - fixes for PPI packet header handling and printing. + - Add DCB Exchange protocol (DCBX) version 1.01. + - Babel dissector, from Juliusz Chroboczek and Grégoire Henry. + - improvements to radiotap for rate values > 127. + - Many improvements to ForCES decode, including fix SCTP TML port + - updated RPL type code to RPL-17 draft + - Improve printout of DHCPv6 options. + - added support and test case for QinQ (802.1q VLAN) packets + - Handle DLT_IEEE802_15_4_NOFCS like DLT_IEEE802_15_4. + - Build fixes for Sparc and other machines with alignment restrictions. + - Merged changes from Debian package. + - PGM: Add ACK decoding and add PGMCC DATA and FEEDBACK options. + - Build fixes for OSX (Snow Leopard and others) + - Add support for IEEE 802.15.4 packets + * Summary for 4.1.2 tcpdump release + - If -U is specified, flush the file after creating it, so it's + not zero-length + - Fix TCP flags output description, and some typoes, in the man + page + - Add a -h flag, and only attempt to recognize 802.11s mesh + headers if it's set + - When printing the link-layer type list, send *all* output to + stderr + - Include the CFLAGS setting when configure was run in the + compiler flags + +------------------------------------------------------------------- +Tue Apr 6 09:13:45 UTC 2010 - puzel@novell.com + +- update to tcpdump-4.1.1 + * Don't blow up if a zero-length link-layer address is passed to + linkaddr_string() + * Fix printing of MAC addresses for VLAN frames with a length + field + * Add some additional bounds checks and use the EXTRACT_ macros + more + * Add a -b flag to print the AS number in BGP packets in ASDOT + notation rather than ASPLAIN notation + * Add ICMPv6 RFC 5006 support + * Decode the access flags in NFS access requests + * Handle the new DLT_ for memory-mapped USB captures on Linux + * Make the default snapshot (-s) the maximum + * Print name of device (when -L is used) + * Print new TCP flags + * Add support for RPL DIO + * Add support for TCP User Timeout (UTO) + * Add support for non-standard Ethertypes used by 3com PPPoE gear + * Add support for 802.11n and 802.11s + * Add support for Transparent Ethernet Bridge ethertype in GRE + * Add 4 byte AS support for BGP printer + * Add support for the MDT SAFI 66 BG printer + * Add basic IPv6 support to print-olsr + * Add USB printer + * Add printer for ForCES + * Handle frames with an FCS + * Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames + * Fix TCP sequence number printing + * Report 802.2 packets as 802.2 instead of 802.3 +- drop tcpdump-4.0.0-autoconf.patch (not needed with new autoconf) +- compile with -fno-strict-aliasing + +------------------------------------------------------------------- +Wed Jan 14 16:48:42 CET 2009 - prusnak@suse.cz + +- updated to 4.0.0 + * Add support for Bluetooth Sniffing + * Add support for Realtek Remote Control Protocol (openrrcp.org.ru) + * Add support for 802.11 AVS + * Add support for SMB over TCP + * Add support for 4 byte BGP AS printing + * Add support for compiling on case-insensitive file systems + * Add support for ikev2 printing + * Update support for decoding AFS + * Update DHCPv6 printer + * Use newer libpcap API's (allows -B option on all platforms) + * Add -I to turn on monitor mode + * Bugfixes in lldp, lspping, dccp, ESP, NFS printers + * Cleanup unused files and various cruft +- dropped obsoleted juniper.patch (included in update) + +------------------------------------------------------------------- +Tue Jan 8 18:04:02 CET 2008 - prusnak@suse.cz + +- updated to 3.9.8 + * Rework ARP printer + * Rework OSPFv3 printer + * Add support for Frame-Relay ARP + * Decode DHCP Option 121 (RFC 3442 Classless Static Route) + * Decode DHCP Option 249 (MS Classless Static Route) the same as Option 121 + * TLV: Add support for Juniper .pcap extensions + * Print EGP header in new-world-order style + * Converted print-isakmp.c to NETDISSECT + * Moved AF specific stuff into af.h + * Test subsystem now table driven, and saves outputs and diffs to one place + * Require for pf definitions - allows reading of pflog formatted + libpcap files on an OS other than where the file was generated + +------------------------------------------------------------------- +Thu Jul 26 16:03:44 CEST 2007 - prusnak@suse.cz + +- updated to 3.9.7 + * NFS: Print unsigned values as such + * RX: parse safely + * BGP: fixes for IPv6-less builds + * 801.1ag: use standard codepoint + * use /dev/bpf on systems with such a device + * 802.11: print QoS data, avoid dissect of no-data frame, ignore padding + * smb: make sure that we haven't gone past the end of the captured data + * smb: squelch an uninitialized complaint from coverity + * NFS: from NetBSD; don't interpret the reply as a possible NFS reply if it got MSG_DENIED + * BGP: don't print TLV values that didn't fit, from www.digit-labs.org + * revised INSTALL.txt about libpcap dependancy +- dropped obsolete patch: + * bgp-overflow.diff (fixed in update) + * 802_11-overflow.diff (included in update) +- changed libpcap to libpcap-devel in BuildRequires + +------------------------------------------------------------------- +Thu Jul 12 11:37:08 CEST 2007 - prusnak@suse.cz + +- update to 3.9.6 + * added support for: + - OIF RSVP Extensions UNI 1.0 Rev. 2 and additional RSVP objects + - Message-id NACK c-type + - 802.3ah loopback ctrl msg + - Multiple-STP as per 802.1s + - rapid-SPT as per 802.1w + - CFM Link-trace msg, Link-trace-Reply msg, + - unidirectional link detection + - the olsr protocol as per RFC 3626 plus the LQ extensions from olsr.org + - variable-length checksum in DCCP, as per section 9 of RFC 4340 + - per-VLAN spanning tree and per-VLAN rapid spanning tree + - Multiple-STP as per 802.1s + - the cisco propriatry 'dynamic trunking protocol' + - the cisco proprietary VTP protocol + - additional values in pflog + * changes to both TCP and IP Printer Output + * fixed a potential buffer overflow in the 802.11 printer + * print basic info about a few more Cisco LAN protocols + * mDNS cleanup + * ICMP MPLS rework of the extension code + * use the correct codepoint for the OSPF simple text auth token entry + * use safeputs to print the password + * update dhcp6 options table as per IETF standardization activities +- fixed overflow in bgp (bgp-overflow.patch) [#291356] + +------------------------------------------------------------------- +Fri Mar 2 11:44:35 CET 2007 - prusnak@suse.cz + +- fixed one byte overflow (802_11-overflow.diff) [#250163] + +------------------------------------------------------------------- +Wed Jan 3 15:43:19 CET 2007 - prusnak@suse.cz + +- update to 3.9.5 + * Fixes for 64bit compiling + * Updated list of DNS RR typecodes + * Add basic support for keyed authentication TCP option + * Fix printing for 4.4BSD/NetBSD NFS Filehandles + * Add support for: + - Frame-Relay ARP + - parsing Juniper .pcap files + - FRF.16 Multilink Frame-Relay (DLT_MFR) + - PIMv2 checksum verification + - further dissection of the IPCP Compression Option + - Cisco's proposed VQP protocol + - Cisco style NLPID encapsulation + - PPP over Frame-Relay + - Address-Withdraw and Label-Withdraw Msgs + - BFD Discriminator TLV + - BGP signaled VPLS + +------------------------------------------------------------------- +Wed Jan 25 21:42:01 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Thu Jan 12 20:17:27 CET 2006 - mjancar@suse.cz + +- compile with -fstack-protector + +------------------------------------------------------------------- +Mon Jan 9 17:30:29 CET 2006 - mjancar@suse.cz + +- update to 3.9.4 +- drop obsolete patches + * tcpdump-3.9.4-overflow.diff + +------------------------------------------------------------------- +Thu Sep 1 14:50:13 CEST 2005 - mjancar@suse.cz + +- enable support for TSO packets (#114159) + +------------------------------------------------------------------- +Fri Aug 5 08:59:48 CEST 2005 - cthiel@suse.de + +- fixed buffer overflow in addrtoname.c:499 + +------------------------------------------------------------------- +Tue Aug 2 19:43:32 CEST 2005 - mjancar@suse.cz + +- update to 3.9.3 + +------------------------------------------------------------------- +Thu Aug 05 13:11:52 CEST 2004 - postadal@suse.cz + +- updated to version 3.8.3 +- removed obsoleted patches (isakmp-fix2, isakmp-fix3, radius-fix) + +------------------------------------------------------------------- +Mon Mar 29 17:44:10 CEST 2004 - postadal@suse.cz + +- fixed overflow in ISAKMP (CAN-2004-0183) [#36828] + +------------------------------------------------------------------- +Fri Feb 6 09:32:15 CET 2004 - ro@suse.de + +- fix configure.in (test for pcap_debug was broken) + +------------------------------------------------------------------- +Tue Jan 20 15:42:46 CET 2004 - postadal@suse.cz + +- updated to version 3.8.1 + * fixed security bug in L2TP (CAN-2003-1029) +- removed obsoleted patches (isakmp-buffer-overflow-fix, compile) + +- fixed security bugs in these parsers: RADIUS (CAN-2004-0055), + ISAKMP (CAN-2004-0057) [#33763] + +------------------------------------------------------------------- +Sat Jan 10 17:26:25 CET 2004 - adrian@suse.de + +- build as user + +------------------------------------------------------------------- +Tue Jan 06 14:12:36 CET 2004 - postadal@suse.cz + +- fixed two remotely exploitable buffer overflows in the ISAKMP parser + [#33763] (CAN-2003-0989) + +------------------------------------------------------------------- +Thu Jul 24 14:03:01 CEST 2003 - postadal@suse.cz + +- updated to version 3.7.2 +- removed obsoleted patches (tcpdump-nfs-fix, tcpdump-isakmp, tcpdump-bgp) + +------------------------------------------------------------------- +Wed May 7 16:08:11 CEST 2003 - ro@suse.de + +- make it compile with current glibc headers + (move include of netinet/in.h further up) + +------------------------------------------------------------------- +Wed Mar 05 15:22:20 CET 2003 - postadal@suse.cz + +- fixed security bugs in parsing ISAKMP, BGP and NFS + +------------------------------------------------------------------- +Tue Oct 1 12:04:37 CEST 2002 - froh@suse.de + +- s390/s390x: dumping of qeth interfaces needs some filtering, which + is accomplished by the new 'tcpdump-qeth' (#15626, #22085) + +------------------------------------------------------------------- +Mon May 20 13:12:35 CEST 2002 - postadal@suse.de + +- fixed bug in displaying NFS traffic +- updated to version 3.7.1 + * support more protocols + * better Linux libc5 compat + +------------------------------------------------------------------- +Wed Apr 3 17:05:07 CEST 2002 - postadal@suse.cz + +- fixed to compile with autoconf-2.53 + +------------------------------------------------------------------- +Mon Jun 18 11:09:57 CEST 2001 - cihlar@suse.cz + +- updated to version 3.6.2 +- removed obsolete patches +- compile against package libpcap + +------------------------------------------------------------------- +Tue Feb 6 12:02:52 CET 2001 - ro@suse.de + +- tcpclice.c: include time.h +- smbutil.c: include time.h + +------------------------------------------------------------------- +Fri Jan 19 00:35:14 PST 2001 - bk@suse.de + +- Turn off PACKET_RX_RING too. It is not available in lx_sus22 and + not enabled in our 2.4 kernel configs and causes a warning on + every start and possible trouble. See bug #5178 + +------------------------------------------------------------------- +Thu Jan 11 20:01:29 CET 2001 - ak@suse.de + +- Turn off PACKET_TRECV. It's not enabled in our kernel and causes some +problems. + +------------------------------------------------------------------- +Fri Nov 24 17:31:36 CET 2000 - ak@suse.de + +- Add mb() for ppc + +------------------------------------------------------------------- +Tue Nov 14 13:00:34 CET 2000 - ro@suse.de + +- groups sorted + +------------------------------------------------------------------- +Tue Nov 14 12:09:19 MET 2000 - ak@suse.de + +- add some protocols to make it build on 6.1 again + +------------------------------------------------------------------- +Mon Nov 13 18:19:49 MET 2000 - ak@suse.de + +- add membar fix for sparc + +------------------------------------------------------------------- +Sat Nov 11 20:10:43 MET 2000 - ak@suse.de + +- fix some buffer overflows. + +------------------------------------------------------------------- +Thu May 18 17:46:34 CEST 2000 - schwab@suse.de + +- Fix missing declaration. +- Fix broken includes. +- Get rid of Makefile.Linux and clean up spec file. +- Update config.{sub,guess}. + +------------------------------------------------------------------- +Thu May 11 13:41:14 CEST 2000 - ak@suse.de + +- add security fix for endless dns looping. From Guy Harris. + +------------------------------------------------------------------- +Thu Mar 2 12:38:44 CET 2000 - ak@suse.de + +- move man pages to /usr/share/man + +------------------------------------------------------------------- +Wed Dec 22 14:24:46 CET 1999 - ak@suse.de + +- fix promiscuous mode bug + +------------------------------------------------------------------- +Fri Dec 3 21:45:44 CET 1999 - bk@suse.de + +- disabled NO_SMP_DEBUG changes by ank(did not compile on sparc) + +------------------------------------------------------------------- +Sat Nov 6 16:22:35 CET 1999 - bk@suse.de + +- Integrated changes from ak: + strip tcpdump and a fix a -p crash bug (pcap-maddr-fix) + +------------------------------------------------------------------- +Wed Oct 27 04:52:43 CEST 1999 - bk@suse.de + +- Andi Kleen added patches from Alexey Kuznetsov. Features e.g.: + - device independent libpcap, Kernel support for new link-layers, e.g. ISDN + (libpcap uses PF_PACKET,SOCK_DGRAM instead of PF_INET,SOCK_PACKET) + - IPv6 and APM support, SMB updates + - libpcap support for "In Kernel Packet Filtering" (CONFIG_FILTER) +- made a libpcapn subpackage which holds the new libpcap for developers. +- Added fix to reestablish old output format of tcpdump from Andi Kleen. + +------------------------------------------------------------------- +Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de + +- ran old prepare_spec on spec file to switch to new prepare_spec. + +------------------------------------------------------------------- +Tue Sep 29 10:03:04 MEST 1998 - ro@suse.de + +- print_i4l : include net/ethernet.h instead of netinet/if_ether.h for glibc + +---------------------------------------------------------------------------- +Mon Mar 2 16:58:50 MET 1998 - florian@suse.de + +- update to version 3.4a6 + +---------------------------------------------------------------------------- +Mon Jul 7 13:17:08 CEST 1997 - florian@suse.de + +- update to version 3.4a5 + +- added isdn-patches + + +---------------------------------------------------------------------------- +Mon Jul 7 13:17:08 CEST 1997 - florian@suse.de + + +- update to version 3.4a3 + + +---------------------------------------------------------------------------- +Sun Apr 13 23:04:29 MEST 1997 - florian@suse.de + + +- update to new version 3.3.1a2 with automatic detection of packet types + + +---------------------------------------------------------------------------- +Sun Nov 10 22:17:10 CET 1996 - florian@suse.de + + +- added the changes distributed with samba + +- added isdn patches + + diff --git a/tcpdump.keyring b/tcpdump.keyring new file mode 100644 index 0000000..711863d --- /dev/null +++ b/tcpdump.keyring @@ -0,0 +1,40 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGRBFGRD2gBDCDcthM1N9jeWic9tD17LsHwWyh/IelKgFMVFShgHk31YsQUetKn +5hGKlW0WU7+r3dsECiqxgyuqeUKvqiZneqma0GDk1n8ucXLc7oFFLrF7qbvssPPM +831014FlzsN82OZZ1SnNUGacdyNzV5myPybKILWemsLuAJaGU60IkAJkTReiaMFR +pB0QmBiqM5KY2SHAkeja2+UhupBw/lHyAwU/KVhkohmvUTJeUBJaKK2gRY7jJQmf +ouTbIe0nKIqDzMmE9GvFhyQmMJzbxAwTfSxSZq3bMCpsyQtjoi2LGQFoMVkI6g7K +IRNWgCqSTHF238VIdOkLzbwuoZAmS+oacXszIln2jLJsKkbiCCOb/lV+5u5O6/wJ +M4RHxCBnkRgBmMLyXSM9qAo1FU5suPqf01msqvKMsa99lTF6kIWurR/7rw4S2bNl +iaMqHNHliFNfaAE42S8as+Pw5Rhq2SJczWyd8rYw/q1IIZyKLO1oGn6ZRt+EQ7BS +8nlREmT/MDqP0rgrpvRrABEBAAG0PVRoZSBUY3BkdW1wIEdyb3VwIChQYWNrYWdl +IHNpZ25pbmcga2V5KSA8cmVsZWFzZUB0Y3BkdW1wLm9yZz6JAcIEEwECACgFAlGR +D2gCGwMFCRLMAwAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOCJ3vHZwV0N +wPAMH22fmTbjByMSvR/gxDFA26ULgf02qZzqYlRLKB7EDbEjB1Ga6PrLB22Sn/b5 +8fxNw/9zH0EPkorv0YnBhinE51jLmZ99Sk5eGFIMcCkNAOOhadFZGGKarekEPwNB +oDtxCuSuOQ0JVvyn5fLcbA5u3+LBvHvbnUKgCpiXahpq15bZiS1aoVkdXknUQVO+ +bU6Y2lj3m8Q1C6t+J29UvbyixgQhFeTkl25NZkTS6Cqds5F9q3nUBD/7gvQbATBy +A+p+iWLHqt1s4c5UHRzriuLyBbnJgOEI13pNbgFIoKhbCSGQj0uQVZORmzzqs0nh +QXtj+JPOAMd619mHjmhXItgqu2llywQ36tXTEdRoUjJmgMkoqXtZQ8XDVdJ6f/sG +OJDHCctr5aVanWierzePl1PvWPWeC9mnB6Nnxuah+8zQFb4wXUnYO09OX47UgQlu +mE9/lZfY7okIODVrXjqbPVxSBLzCzptBrkeZ3brkrl5oCdYlWsUiQCY0hO6jzMEd +CnxEp1kkn2eJATAEEAECAAYFAlGaR8gACgkQbzNW3/yhb5DWLgigkgtM5wXCQkJz +VyXdCVTfdP9KXEZ1LM1NpRVHbk8lRmgWn4LHb2y1zmH8TDioAyz7GMSFDvqK5kqc +ZPOFi3YZOqLwtcYjAk+jW0ekmx7ao1fIsMjsTvAMVq/EKNRq8IeiKhJSD4KCttFa +qvtD5IfxlgsMoVAdsXF0tyTtC457zWCof3FP7Wbm3MRN3TV4eJInEZhKFgLt4xM6 +dCI4ifizu4aPe/TptNl+MuyYTXmPghkQgoeTB9b2qhklp5ccX+8HYeWrpMuCM4er +YYG/j5tZ5YJ/13HDO7S22Wxp94h0hy7NgZ7DRXP0XGp5NvS1stLMGwPm6wyYsjtL +m+jWKltF1WFO1z8zSpZaC+u1GSe48qpqA40kiQHZBBMBCgA/AhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgBYhBB8WaldCq7ngJJqNMOCJ3vHZwV0NBQJkW/jVBQkU +rr/tAAoJEOCJ3vHZwV0NIPgMIMrN0kI3pB/qhJOq7yaVNSm64jOEVW1JhaMiHZbj +AXwbUR3pOF+B9vsA5sWbDZaAxrRElcOZKuq2JLlfX3M9/Jkq6cYKux6YEeKC5ndg +UH9d+BWwVRoguqBkvIKlgrdT/EY70Q3Hsy8lhdUkj7bWl9e4bIUiRfo84BbXH7Pj +DJAFiCB8RFsq/YHneRlX9rv1fFnmfa88BCAyguL0B66jW71Yo8B0R/JEVqKpoBTG +1A6hX4QNAzMKnWzPQgmo7ZKMwdJ5TfnoGrzkQsKJ6BXJtTMoZGfXVlXsypXpAdgx +IR09MajrTbPKkGhl+LcNIy4MGcdpzYx01dFRZO5UbrCZy4K0He6xMqXWlacXiQO0 +6jrci1jnTRP+0adgTEAXESgfmqV+jS9DMwcfRM5A0q6lzwpurDEPupwZyuh4MYi9 +wf7CaPhHpBsaEsiUvYxNqsvrOFW2j7yw6BDKL4YgSlSzhIZ1Fhig4I+EFvjocsdx +/VSUTa8cfnq681jkq+yqvEfo+HLqvfo= +=SAFa +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tcpdump.spec b/tcpdump.spec new file mode 100644 index 0000000..5dee740 --- /dev/null +++ b/tcpdump.spec @@ -0,0 +1,77 @@ +# +# spec file for package tcpdump +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define min_libpcap_version 1.10.0 +Name: tcpdump +Version: 4.99.5 +Release: 0 +Summary: A Packet Sniffer +License: BSD-3-Clause +URL: https://www.tcpdump.org/ +Source: https://www.tcpdump.org/release/%{name}-%{version}.tar.xz +Source1: tcpdump-qeth +Source2: https://www.tcpdump.org/release/%{name}-%{version}.tar.xz.sig +Source3: https://www.tcpdump.org/release/signing-key-RSA-E089DEF1D9C15D0D.asc#/%{name}.keyring +BuildRequires: libpcap-devel >= %{min_libpcap_version} +BuildRequires: libsmi-devel +BuildRequires: openssl-devel +Requires: libpcap >= %{min_libpcap_version} + +%description +This program can "read" all or only certain packets going over the +ethernet. It can be used to debug specific network problems. + +%prep +%autosetup -p1 + +%build +# guessing TSO needed in print-ip.c +export CFLAGS="%{optflags} -DGUESS_TSO" +%ifarch i586 +export CFLAGS="$CFLAGS -ffloat-store" +%endif +%configure +%make_build + +%install +mkdir -p %{buildroot}%{_sbindir} +mkdir -p %{buildroot}%{_mandir}/man1 +mkdir -p %{buildroot}%{_libdir} +install -m755 tcpdump %{buildroot}%{_sbindir} +install -m644 tcpdump.1 %{buildroot}%{_mandir}/man1/ +%ifarch s390 s390x + install -D -m 755 %{SOURCE1} %{buildroot}%{_sbindir} +%endif +# Add a symlink in /usr/bin to be accessed by users +mkdir -p %{buildroot}%{_bindir} +ln -sf %{_sbindir}/tcpdump %{buildroot}%{_bindir}/tcpdump + +%check +%make_build check + +%files +%license LICENSE +%doc CHANGES CREDITS README* *.awk +%{_mandir}/man?/* +%{_sbindir}/tcpdump +%{_bindir}/tcpdump +%ifarch s390 s390x +%{_sbindir}/tcpdump-qeth +%endif + +%changelog