------------------------------------------------------------------- Sat Apr 8 11:04:16 UTC 2023 - Andreas Stieger - update to 4.99.4: * LSP ping: Fix "Unused value" warnings from Coverity * CVE-2023-1801: out-of-bounds write in the SMB printer (boo#1210265) * DNS: sync resource types with IANA * ICMPv6: Update the output to show a RPL DAO field name Geneve: Fix the Geneve UDP port test * build system tweaks and documentation updates ------------------------------------------------------------------- Tue Jan 17 08:18:36 UTC 2023 - Dirk Müller - update to 4.99.3: * Updated printers: PTP: Use the proper values for the control field and print un-allocated values for the message field as "Reserved" instead of "none". * Source code: smbutil.c: Replace obsolete function call (asctime) * Documentation: Reformat the installation notes (INSTALL.txt) in Markdown. Convert CONTRIBUTING to Markdown. CONTRIBUTING.md: Document the use of "protocol: " in a commit summary. Add a README file for NetBSD. Fix CMake build to set man page section numbers in tcpdump.1 ------------------------------------------------------------------- Sun Jan 1 12:50:29 UTC 2023 - Andreas Stieger - update to 4.99.2: * Multiple fixes and improvements to BGP, DSA, EAP, 802.11, 802.15.4, RRCP, MPLS, ICMP, VQP, Juniper, lwres, Ethernet, IPX, Zephyr, VRRP, DCCP, IPv6, ISAKMP, RADIUS, TCP, RESp, Arista, sFlow, VRRP, OSPF, OSPFv3, ICMPv3, ICMPv6, NFS, PTP, WHOIS, MPTCP, ESP, PPP, ZEP printers * Build system updates, developer visible fixes, documentation ------------------------------------------------------------------- Sun Jun 13 09:33:08 UTC 2021 - Andreas Stieger - update to 4.99.1: * Squelch some compiler warnings * ICMP: Update the snapend for some nested IP packets * MACsec: Update the snapend thus the ICV field is not payload for the caller * EIGRP: Fix packet header fields * SMB: Disable printer by default in CMake builds * OLSR: Print the protocol name even if the packet is invalid * MSDP: Print ": " before the protocol name * ESP: Remove padding, padding length and next header from the buffer * DHCPv6: Update the snapend for nested DHCPv6 packets * OpenFlow 1.0: Get snapend right for nested frames * TCP: Update the snapend before decoding a MPTCP option * Ethernet, IEEE 802.15.4, IP, L2TP, TCP, ZEP: Add bounds checks * ForCES: Refine SPARSEDATA-TLV length check * ASCII/hex: Use nd_trunc_longjmp() in truncation cases * GeoNet: Add a ND_TCHECK_LEN() call * Replace ND_TCHECK_/memcpy() pairs with GET_CPY_BYTES() * BGP: Fix overwrites of global 'astostr' temporary buffer * ARP: fix overwrites of static buffer in q922_string() * Frame Relay: have q922_string() handle errors better ------------------------------------------------------------------- Fri Feb 19 14:07:16 UTC 2021 - Pedro Monreal - Fix excess of precission in floating point registers for i586 until resolved upstream. ------------------------------------------------------------------- Mon Jan 4 13:01:06 UTC 2021 - Pedro Monreal - Update to 4.99.0 IMPORTANT: Upsteam moved the default install directory to bindir. For compatibility, tcpdump is still being installed in sbindir and a symlink in bindir has been added. * Print unsupported link-layer protocol packets in hex. * Add support for new network protocols and DLTs: Arista, Autosar SOME/IP, Broadcom LI and Ethernet switches tag, IEEE 802.15.9, IP-over-InfiniBand (IPoIB), Linux SLL2, Linux vsockmon, MACsec, Marvell Distributed Switch Architecture, OpenFlow 1.3, Precision Time Protocol (PTP), SSH, WHOIS, ZigBee Encapsulation Protocol (ZEP). * Make protocol-specific updates for: AH, DHCP, DNS, ESP, FRF.16, HNCP, ICMP6, IEEE 802.15.4, IPv6, IS-IS, Linux SLL, LLDP, LSP ping, MPTCP, NFS, NSH, NTP, OSPF, OSPF6, PGM, PIM, PPTP, RADIUS, RSVP, Rx, SMB, UDLD, VXLAN-GPE. * User interface: - Make SLL2 the default for Linux "any" pseudo-device. - Add --micro and --nano shorthands. - Add --count to print a counter only instead of decoding. - Add --print, to cause packet printing even with -w. - Add support for remote capture if libpcap supports it. - Flush the output packet buffer on a SIGUSR2. - Handle very large -f files by rejecting them. * Source code: - Introduce new helper functions, including GET_*(), nd_print_protocol(), nd_print_invalid(), nd_print_trunc(), nd_trunc_longjmp() and others. - Put integer signedness right in many cases. - Introduce nd_uint*, nd_mac_addr, nd_ipv4 and nd_ipv6 types to fix alignment issues, especially on SPARC. - Use a table instead of getprotobynumber(). - Get rid of ND_UNALIGNED and ND_TCHECK(). - Make roundup2() generally available. - Resync SMI list against Wireshark. - Remove patches fixed upstream: * tcpdump-CVE-2018-19519.patch * tcpdump-CVE-2020-8037.patch ------------------------------------------------------------------- Mon Jan 4 12:53:10 UTC 2021 - Pedro Monreal - Remove unrecognized configure option: enable-ipv6 ------------------------------------------------------------------- Thu Nov 5 10:58:11 UTC 2020 - Pedro Monreal - Security fix: [bsc#1178466, CVE-2020-8037] * PPP decapsulator: Allocate the right buffer size - Add tcpdump-CVE-2020-8037.patch ------------------------------------------------------------------- Fri Dec 13 17:21:34 UTC 2019 - Michel Normand - ignore make check failure for PowerPC as tracked upstream https://github.com/the-tcpdump-group/tcpdump/issues/814 ------------------------------------------------------------------- Tue Oct 15 07:53:47 UTC 2019 - Martin Pluskal - Trim CFLAGS ------------------------------------------------------------------- Wed Oct 2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez - Update to 4.9.3 [bsc#1153098] * Fix buffer overflow/overread vulnerabilities: - CVE-2017-16808 (AoE) - CVE-2018-14468 (FrameRelay) - CVE-2018-14469 (IKEv1) - CVE-2018-14470 (BABEL) - CVE-2018-14466 (AFS/RX) - CVE-2018-14461 (LDP) - CVE-2018-14462 (ICMP) - CVE-2018-14465 (RSVP) - CVE-2018-14881 (BGP) - CVE-2018-14464 (LMP) - CVE-2018-14463 (VRRP) - CVE-2018-14467 (BGP) - CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled) - CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled) - CVE-2018-14880 (OSPF6) - CVE-2018-16451 (SMB) - CVE-2018-14882 (RPL) - CVE-2018-16227 (802.11) - CVE-2018-16229 (DCCP) - CVE-2018-16301 (was fixed in libpcap) - CVE-2018-16230 (BGP) - CVE-2018-16452 (SMB) - CVE-2018-16300 (BGP) - CVE-2018-16228 (HNCP) - CVE-2019-15166 (LMP) - CVE-2019-15167 (VRRP) * Fix for cmdline argument/local issues: - CVE-2018-14879 (tcpdump -V) - Drop patches fixed upstream: * tcpdump-CVE-2017-16808.patch * tcpdump-CVE-2019-1010220.patch * tcpdump-ikev2pI2.patch ------------------------------------------------------------------- Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez - Security fix [bsc#1142439, CVE-2019-1010220] * Buffer Over-read in print_prefix which may expose data * Added tcpdump-CVE-2019-1010220.patch ------------------------------------------------------------------- Tue Jul 23 10:37:17 UTC 2019 - Pedro Monreal Gonzalez - Use %license macro for LICENSE file ------------------------------------------------------------------- Tue Jul 23 10:24:31 UTC 2019 - Pedro Monreal Gonzalez - Security fix [bsc#1068716, CVE-2017-16808] * Heap-based buffer over-read related to aoe_print and lookup_emem * Added tcpdump-CVE-2017-16808.patch ------------------------------------------------------------------- Thu Dec 6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez - Security fix [bsc#1117267, CVE-2018-19519] * Buffer overread in print-hncp.c:print_prefix. * Added patch tcpdump-CVE-2018-19519.patch ------------------------------------------------------------------- Tue Sep 12 15:23:04 UTC 2017 - pmonrealgonzalez@suse.com - Disabled ikev2pI2 test that fails on some architectures * Added patch tcpdump-ikev2pI2.patch ------------------------------------------------------------------- Tue Sep 12 14:51:00 UTC 2017 - pmonrealgonzalez@suse.com - Update to version 4.9.2 [bsc#1057247] * Security fixes: - CVE-2017-11108 segfault in STP decoder - Segfault in ESP decoder with OpenSSL 1.1 - CVE-2017-11543 buffer overflow in SLIP decoder - CVE-2017-13011 buffer overflow in bittok2str_internal() - CVE-2017-12989 infinite loop in the RESP parser - CVE-2017-12990 infinite loop in the ISAKMP parser - CVE-2017-12995 infinite loop in the DNS parser - CVE-2017-12997 infinite loop in the LLDP parser - CVE-2017-11541 buffer over-read in safeputs() - CVE-2017-11542 buffer over-read in PIMv1 decoder - CVE-2017-12893 buffer over-read in the SMB/CIFS parser - CVE-2017-12894 buffer over-read in several protocol parsers - CVE-2017-12895 buffer over-read in the ICMP parser - CVE-2017-12896 buffer over-read in the ISAKMP parser - CVE-2017-12897 buffer over-read in the ISO CLNS parser - CVE-2017-12898 buffer over-read in the NFS parser - CVE-2017-12899 buffer over-read in the DECnet parser - CVE-2017-12900 buffer over-read in the in several protocol parsers - CVE-2017-12901 buffer over-read in the EIGRP parser - CVE-2017-12902 buffer over-read in the Zephyr parser - CVE-2017-12985 buffer over-read in the IPv6 parser - CVE-2017-12986 buffer over-read in the IPv6 routing header parser - CVE-2017-12987 buffer over-read in the 802.11 parser - CVE-2017-12988 buffer over-read in the telnet parser - CVE-2017-12991 buffer over-read in the BGP parser - CVE-2017-12992 buffer over-read in the RIPng parser - CVE-2017-12993 buffer over-read in the Juniper protocols parser - CVE-2017-12994 buffer over-read in the BGP parser - CVE-2017-12996 buffer over-read in the PIMv2 parser - CVE-2017-12998 buffer over-read in the IS-IS parser - CVE-2017-12999 buffer over-read in the IS-IS parser - CVE-2017-13000 buffer over-read in the IEEE 802.15.4 parser - CVE-2017-13001 buffer over-read in the NFS parser - CVE-2017-13002 buffer over-read in the AODV parser - CVE-2017-13003 buffer over-read in the LMP parser - CVE-2017-13004 buffer over-read in the Juniper protocols parser - CVE-2017-13005 buffer over-read in the NFS parser - CVE-2017-13006 buffer over-read in the L2TP parser - CVE-2017-13007 buffer over-read in the Apple PKTAP parser - CVE-2017-13008 buffer over-read in the IEEE 802.11 parser - CVE-2017-13009 buffer over-read in the IPv6 mobility parser - CVE-2017-13010 buffer over-read in the BEEP parser - CVE-2017-13012 buffer over-read in the ICMP parser - CVE-2017-13013 buffer over-read in the ARP parser - CVE-2017-13014 buffer over-read in the White Board protocol parser - CVE-2017-13015 buffer over-read in the EAP parser - CVE-2017-13016 buffer over-read in the ISO ES-IS parser - CVE-2017-13017 buffer over-read in the DHCPv6 parser - CVE-2017-13018 buffer over-read in the PGM parser - CVE-2017-13019 buffer over-read in the PGM parser - CVE-2017-13020 buffer over-read in the VTP parser - CVE-2017-13021 buffer over-read in the ICMPv6 parser - CVE-2017-13022 buffer over-read in the IP parser - CVE-2017-13023 buffer over-read in the IPv6 mobility parser - CVE-2017-13024 buffer over-read in the IPv6 mobility parser - CVE-2017-13025 buffer over-read in the IPv6 mobility parser - CVE-2017-13026 buffer over-read in the ISO IS-IS parser - CVE-2017-13027 buffer over-read in the LLDP parser - CVE-2017-13028 buffer over-read in the BOOTP parser - CVE-2017-13029 buffer over-read in the PPP parser - CVE-2017-13030 buffer over-read in the PIM parser - CVE-2017-13031 buffer over-read in the IPv6 fragmentation header parser - CVE-2017-13032 buffer over-read in the RADIUS parser - CVE-2017-13033 buffer over-read in the VTP parser - CVE-2017-13034 buffer over-read in the PGM parser - CVE-2017-13035 buffer over-read in the ISO IS-IS parser - CVE-2017-13036 buffer over-read in the OSPFv3 parser - CVE-2017-13037 buffer over-read in the IP parser - CVE-2017-13038 buffer over-read in the PPP parser - CVE-2017-13039 buffer over-read in the ISAKMP parser - CVE-2017-13040 buffer over-read in the MPTCP parser - CVE-2017-13041 buffer over-read in the ICMPv6 parser - CVE-2017-13042 buffer over-read in the HNCP parser - CVE-2017-13043 buffer over-read in the BGP parser - CVE-2017-13044 buffer over-read in the HNCP parser - CVE-2017-13045 buffer over-read in the VQP parser - CVE-2017-13046 buffer over-read in the BGP parser - CVE-2017-13047 buffer over-read in the ISO ES-IS parser - CVE-2017-13048 buffer over-read in the RSVP parser - CVE-2017-13049 buffer over-read in the Rx protocol parser - CVE-2017-13050 buffer over-read in the RPKI-Router parser - CVE-2017-13051 buffer over-read in the RSVP parser - CVE-2017-13052 buffer over-read in the CFM parser - CVE-2017-13053 buffer over-read in the BGP parser - CVE-2017-13054 buffer over-read in the LLDP parser - CVE-2017-13055 buffer over-read in the ISO IS-IS parser - CVE-2017-13687 buffer over-read in the Cisco HDLC parser - CVE-2017-13688 buffer over-read in the OLSR parser - CVE-2017-13689 buffer over-read in the IKEv1 parser - CVE-2017-13690 buffer over-read in the IKEv2 parser - CVE-2017-13725 buffer over-read in the IPv6 routing header parser * Dropped patch tcpdump-reverted-test-scripts-fix.patch ------------------------------------------------------------------- Wed Aug 23 13:51:30 UTC 2017 - pmonrealgonzalez@suse.com - Reverted upstream commit that makes some tests to fail when compiling with openssl-1.1.0 * Upstream commit 68cc39dd64688829be2632d9cd24f7efa3da79bb * Added patch tcpdump-reverted-test-scripts-fix.patch * Removed patch tcpdump-ikev2pI2-test-fails-ppc.patch ------------------------------------------------------------------- Wed Jul 26 12:33:53 UTC 2017 - pmonrealgonzalez@suse.com - Disable ikev2pI2 test that fails on ppc, ppc64 and ppc64le * Added patch tcpdump-ikev2pI2-test-fails-ppc.patch ------------------------------------------------------------------- Wed Jul 26 09:16:56 UTC 2017 - pmonrealgonzalez@suse.com - Update to version 4.9.1 [bsc#1047873] * CVE-2017-11108/Fix bounds checking for STP. * Make assorted documentation updates and fix a few typos in output. * Fixup -C for file size >2GB * Show AddressSanitizer presence in version output. * Fix a bug in test scripts. * Fix a use-after-free when the requested interface does not exist. ------------------------------------------------------------------- Thu Feb 2 14:47:56 UTC 2017 - pmonrealgonzalez@suse.com - version update to 4.9.0 bsc#1020940 * CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). * CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). * CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). * CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). * CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). * CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). * CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). * CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). * CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). * CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). * CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). * CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). * CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). * CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). * CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). * CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). * CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). * CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. * CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. * CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. * CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. * CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). * CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). * CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). * CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). * CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. * CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). * CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). * CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). * CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). * CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). * CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). * CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). * CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). * CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). * CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). * CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). * CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). * CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). * CVE-2017-5485 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). * CVE-2017-5486 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). ------------------------------------------------------------------- Fri Apr 15 01:28:38 CEST 2016 - ro@suse.de - fix filelist to fix build on s390/s390x ------------------------------------------------------------------- Wed Mar 30 07:43:04 UTC 2016 - bg@suse.com - correctly reference SOURCE1 during installation for s390x ------------------------------------------------------------------- Sun Apr 26 18:51:40 UTC 2015 - astieger@suse.com - tcpdump 4.7.4: * PPKI to Router Protocol: Fix Segmentation Faults and other problems * RPKI to Router Protocol: print strings with fn_printn() * wb: fix some bounds checks (previously patched in, removed CVE-2015-3138.patch) ------------------------------------------------------------------- Fri Apr 17 20:00:24 UTC 2015 - astieger@suse.com - fix a DoS vulnerability in print-wb.c CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch ------------------------------------------------------------------- Fri Mar 13 09:54:11 UTC 2015 - vcizek@suse.com - update to 4.7.3 - fixes four security bugs: * CVE-2015-0261 - IPv6 mobility printer (bnc#922220) * CVE-2015-2153 - tcp printer (bnc#922221) * CVE-2015-2154 - ethernet printer (bnc#922222) * CVE-2015-2155 - force printer (bnc#922223) - drop patches with security fixes (upstream): * tcpdump-CVE-2014-8767.patch * tcpdump-CVE-2014-8768.patch * tcpdump-CVE-2014-8769.patch * 0001-Clean-up-error-message-printing.patch ------------------------------------------------------------------- Fri Feb 6 12:31:23 UTC 2015 - vcizek@suse.com - fix CVE-2014-8767 (bnc#905870) * denial of service in verbose mode using malformed OLSR payload * added tcpdump-CVE-2014-8767.patch - fix CVE-2014-8768 (bnc#905871) * denial of service in verbose mode using malformed Geonet payload * added tcpdump-CVE-2014-8768.patch - fix CVE-2014-8769 (bnc#905872) * unreliable output using malformed AOVD payload * added tcpdump-CVE-2014-8769.patch * added 0001-Clean-up-error-message-printing.patch ------------------------------------------------------------------- Wed Sep 3 18:44:03 UTC 2014 - andreas.stieger@gmx.de - tcpdump 4.6.2: * fix out-of-source-tree builds: find libpcap that is out of source * better configure check for libsmi ------------------------------------------------------------------- Fri Aug 15 19:45:52 UTC 2014 - andreas.stieger@gmx.de - tcpdump 4.6.1: * add a short option '#', same as long option '--number' - includes changes from 4.6.0: * all of tcpdump is now using the new "NDO" code base * nflog, mobile, forces, pptp, AODV, AHCP, IPv6, OSPFv4, RPL, DHCPv6 enhancements/fixes * M3UA decode added. * many new test cases: 82 in 4.5.1 to 133 in 4.6.0 * cleaned up some unnecessary header files * Added bittok2str(). * a number of unaligned access faults fixed * -A flag does not consider CR to be printable anymore * fx.lebail took over coverity baby sitting * default snapshot size increased to 256K for accomodate USB captures - includes changes from 4.5.2: * man page fix - add build and runtime libpcap minimum version - remove old patches, thus making package patchless: tcpdump-4.0.0-prototypes.patch tcpdump-4.0.0-aliasing.patch - run spec cleaner on spec file - remove gpg-offline, now part of source validator - remove versioned binary - run regression tests ------------------------------------------------------------------- Sat Dec 14 11:19:45 UTC 2013 - andreas.stieger@gmx.de - update to 4.5.1 Version 4.5.0 revised for non-code related edits - some NFSv4 fixes for printing - fix printing of unknown TCP options, and tcp fast-open - fixes for syslog parser - some gcc-version-specific flag tuning - improvements to babel printing - add OpenFlow 1.0 (no SSL) and test cases - GeoNet printer. - added STBC Rx support - improvements to DHCPv6 decoder - clarify which autoconf is needed - Point users to the the-tcpdump-group repository on GitHub rather than the mcr repository - Add MSDP printer. - Fixed IPv6 check on Solaris and other OSes requiring extra networking libraries. - Add support for VXLAN (draft-mahalingam-dutt-dcops-vxlan-03), and add "vxlan" as an option for -T. - Add support for OTV (draft-hasmit-otv-04). fixes for DLT_IEEE802_11_RADIO datalink types - added MPTCP decoder ------------------------------------------------------------------- Fri Sep 13 20:37:14 UTC 2013 - andreas.stieger@gmx.de - verify source signature ------------------------------------------------------------------- Wed Sep 11 11:51:41 UTC 2013 - reddwarf@opensuse.org - update to 4.4.0 - RPKI-RTR (RFC6810) is now official (TCP Port 323) - Fix detection of OpenSSL libcrypto. - Add DNSSL (RFC6106) support. - Add "radius" as an option for -T. - Update Action codes for handle_action function according to 802.11s amendment. - Decode DHCPv6 AFTR-Name option (RFC6334). - Updates for Babel. - Fix printing of infinite lifetime in ICMPv6. - Added support for SPB, SPBM Service Identifier, and Unicast Address sub-TLV in ISIS. - Decode RIPv2 authentication up to RFC4822. - Fix RIP Request/full table decoding issues. - On Linux systems with cap-ng.h, drop root privileges using Linux Capabilities. - Add support for reading multiple files. ------------------------------------------------------------------- Fri Jun 15 15:37:15 CEST 2012 - jslaby@suse.de - remove tcpdump-4.0.0-uninitialized.patch, it's solved differently ------------------------------------------------------------------- Thu Jun 14 23:48:25 CEST 2012 - jslaby@suse.de - update to 4.3.0 - fixes for forces: SPARSE data (per RFC 5810) - some more test cases added - updates to documentation on -l, -U and -w flags. - Fix printing of BGP optional headers. - Tried to include DLT_PFSYNC support, failed due to headers required. - added TIPC support. - Fix LLDP Network Policy bit definitions. - fixes for IGMPv3's Max Response Time: it is in units of 0.1 second. - SIGUSR1 can be used rather than SIGINFO for stats - permit -n flag to affect print-ip for protocol numbers - ND_OPT_ADVINTERVAL is in milliseconds, not seconds - Teach PPPoE parser about RFC 4638 ------------------------------------------------------------------- Tue Jan 3 14:48:56 UTC 2012 - puzel@suse.com - update to 4.2.1 - Only build the Babel printer if IPv6 is enabled. - Support Babel on port 6696 as well as 6697. - Include ppi.h in release tarball. - Include all the test files in the release tarball, and don't "include" test files that no longer exist. - Don't assume we have - check for it. - Support "-T carp" as a way of dissecting IP protocol 112 as CARP rather than VRRP. - Support Hilscher NetAnalyzer link-layer header format. - Constify some pointers and fix compiler warnings. - Get rid of never-true test. - Fix an unintended fall-through in a case statement in the ARP printer. - Fix several cases where sizeof(sizeof(XXX)) was used when just sizeof(XXX) was intended. - Make stricter sanity checks in the ES-IS printer. - Get rid of some GCCisms that caused builds to fail with compilers that don't support them. - Fix typo in man page. - Added length checks to Babel printer. - drop tcpdump-4.2.0-ppi.patch (upstream) ------------------------------------------------------------------- Mon Nov 28 12:32:25 UTC 2011 - vcizek@suse.com - update to 4.2.0 * patch that adds missing ppi.h * Summary for 4.2.0 - merged 802.15.4 decoder from Dmitry Eremin-Solenikov - updates to forces for new port numbers - Use "-H", not "-h", for the 802.11s option. (-h always help) - Better ICMPv6 checksum handling. - add support for the RPKI/Router Protocol, per -ietf-sidr-rpki-rtr-12 - get rid of uuencoded pcap test files, git can do binary. - sFlow changes for 64-bit counters. - fixes for PPI packet header handling and printing. - Add DCB Exchange protocol (DCBX) version 1.01. - Babel dissector, from Juliusz Chroboczek and Grégoire Henry. - improvements to radiotap for rate values > 127. - Many improvements to ForCES decode, including fix SCTP TML port - updated RPL type code to RPL-17 draft - Improve printout of DHCPv6 options. - added support and test case for QinQ (802.1q VLAN) packets - Handle DLT_IEEE802_15_4_NOFCS like DLT_IEEE802_15_4. - Build fixes for Sparc and other machines with alignment restrictions. - Merged changes from Debian package. - PGM: Add ACK decoding and add PGMCC DATA and FEEDBACK options. - Build fixes for OSX (Snow Leopard and others) - Add support for IEEE 802.15.4 packets * Summary for 4.1.2 tcpdump release - If -U is specified, flush the file after creating it, so it's not zero-length - Fix TCP flags output description, and some typoes, in the man page - Add a -h flag, and only attempt to recognize 802.11s mesh headers if it's set - When printing the link-layer type list, send *all* output to stderr - Include the CFLAGS setting when configure was run in the compiler flags ------------------------------------------------------------------- Tue Apr 6 09:13:45 UTC 2010 - puzel@novell.com - update to tcpdump-4.1.1 * Don't blow up if a zero-length link-layer address is passed to linkaddr_string() * Fix printing of MAC addresses for VLAN frames with a length field * Add some additional bounds checks and use the EXTRACT_ macros more * Add a -b flag to print the AS number in BGP packets in ASDOT notation rather than ASPLAIN notation * Add ICMPv6 RFC 5006 support * Decode the access flags in NFS access requests * Handle the new DLT_ for memory-mapped USB captures on Linux * Make the default snapshot (-s) the maximum * Print name of device (when -L is used) * Print new TCP flags * Add support for RPL DIO * Add support for TCP User Timeout (UTO) * Add support for non-standard Ethertypes used by 3com PPPoE gear * Add support for 802.11n and 802.11s * Add support for Transparent Ethernet Bridge ethertype in GRE * Add 4 byte AS support for BGP printer * Add support for the MDT SAFI 66 BG printer * Add basic IPv6 support to print-olsr * Add USB printer * Add printer for ForCES * Handle frames with an FCS * Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames * Fix TCP sequence number printing * Report 802.2 packets as 802.2 instead of 802.3 - drop tcpdump-4.0.0-autoconf.patch (not needed with new autoconf) - compile with -fno-strict-aliasing ------------------------------------------------------------------- Wed Jan 14 16:48:42 CET 2009 - prusnak@suse.cz - updated to 4.0.0 * Add support for Bluetooth Sniffing * Add support for Realtek Remote Control Protocol (openrrcp.org.ru) * Add support for 802.11 AVS * Add support for SMB over TCP * Add support for 4 byte BGP AS printing * Add support for compiling on case-insensitive file systems * Add support for ikev2 printing * Update support for decoding AFS * Update DHCPv6 printer * Use newer libpcap API's (allows -B option on all platforms) * Add -I to turn on monitor mode * Bugfixes in lldp, lspping, dccp, ESP, NFS printers * Cleanup unused files and various cruft - dropped obsoleted juniper.patch (included in update) ------------------------------------------------------------------- Tue Jan 8 18:04:02 CET 2008 - prusnak@suse.cz - updated to 3.9.8 * Rework ARP printer * Rework OSPFv3 printer * Add support for Frame-Relay ARP * Decode DHCP Option 121 (RFC 3442 Classless Static Route) * Decode DHCP Option 249 (MS Classless Static Route) the same as Option 121 * TLV: Add support for Juniper .pcap extensions * Print EGP header in new-world-order style * Converted print-isakmp.c to NETDISSECT * Moved AF specific stuff into af.h * Test subsystem now table driven, and saves outputs and diffs to one place * Require for pf definitions - allows reading of pflog formatted libpcap files on an OS other than where the file was generated ------------------------------------------------------------------- Thu Jul 26 16:03:44 CEST 2007 - prusnak@suse.cz - updated to 3.9.7 * NFS: Print unsigned values as such * RX: parse safely * BGP: fixes for IPv6-less builds * 801.1ag: use standard codepoint * use /dev/bpf on systems with such a device * 802.11: print QoS data, avoid dissect of no-data frame, ignore padding * smb: make sure that we haven't gone past the end of the captured data * smb: squelch an uninitialized complaint from coverity * NFS: from NetBSD; don't interpret the reply as a possible NFS reply if it got MSG_DENIED * BGP: don't print TLV values that didn't fit, from www.digit-labs.org * revised INSTALL.txt about libpcap dependancy - dropped obsolete patch: * bgp-overflow.diff (fixed in update) * 802_11-overflow.diff (included in update) - changed libpcap to libpcap-devel in BuildRequires ------------------------------------------------------------------- Thu Jul 12 11:37:08 CEST 2007 - prusnak@suse.cz - update to 3.9.6 * added support for: - OIF RSVP Extensions UNI 1.0 Rev. 2 and additional RSVP objects - Message-id NACK c-type - 802.3ah loopback ctrl msg - Multiple-STP as per 802.1s - rapid-SPT as per 802.1w - CFM Link-trace msg, Link-trace-Reply msg, - unidirectional link detection - the olsr protocol as per RFC 3626 plus the LQ extensions from olsr.org - variable-length checksum in DCCP, as per section 9 of RFC 4340 - per-VLAN spanning tree and per-VLAN rapid spanning tree - Multiple-STP as per 802.1s - the cisco propriatry 'dynamic trunking protocol' - the cisco proprietary VTP protocol - additional values in pflog * changes to both TCP and IP Printer Output * fixed a potential buffer overflow in the 802.11 printer * print basic info about a few more Cisco LAN protocols * mDNS cleanup * ICMP MPLS rework of the extension code * use the correct codepoint for the OSPF simple text auth token entry * use safeputs to print the password * update dhcp6 options table as per IETF standardization activities - fixed overflow in bgp (bgp-overflow.patch) [#291356] ------------------------------------------------------------------- Fri Mar 2 11:44:35 CET 2007 - prusnak@suse.cz - fixed one byte overflow (802_11-overflow.diff) [#250163] ------------------------------------------------------------------- Wed Jan 3 15:43:19 CET 2007 - prusnak@suse.cz - update to 3.9.5 * Fixes for 64bit compiling * Updated list of DNS RR typecodes * Add basic support for keyed authentication TCP option * Fix printing for 4.4BSD/NetBSD NFS Filehandles * Add support for: - Frame-Relay ARP - parsing Juniper .pcap files - FRF.16 Multilink Frame-Relay (DLT_MFR) - PIMv2 checksum verification - further dissection of the IPCP Compression Option - Cisco's proposed VQP protocol - Cisco style NLPID encapsulation - PPP over Frame-Relay - Address-Withdraw and Label-Withdraw Msgs - BFD Discriminator TLV - BGP signaled VPLS ------------------------------------------------------------------- Wed Jan 25 21:42:01 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Thu Jan 12 20:17:27 CET 2006 - mjancar@suse.cz - compile with -fstack-protector ------------------------------------------------------------------- Mon Jan 9 17:30:29 CET 2006 - mjancar@suse.cz - update to 3.9.4 - drop obsolete patches * tcpdump-3.9.4-overflow.diff ------------------------------------------------------------------- Thu Sep 1 14:50:13 CEST 2005 - mjancar@suse.cz - enable support for TSO packets (#114159) ------------------------------------------------------------------- Fri Aug 5 08:59:48 CEST 2005 - cthiel@suse.de - fixed buffer overflow in addrtoname.c:499 ------------------------------------------------------------------- Tue Aug 2 19:43:32 CEST 2005 - mjancar@suse.cz - update to 3.9.3 ------------------------------------------------------------------- Thu Aug 05 13:11:52 CEST 2004 - postadal@suse.cz - updated to version 3.8.3 - removed obsoleted patches (isakmp-fix2, isakmp-fix3, radius-fix) ------------------------------------------------------------------- Mon Mar 29 17:44:10 CEST 2004 - postadal@suse.cz - fixed overflow in ISAKMP (CAN-2004-0183) [#36828] ------------------------------------------------------------------- Fri Feb 6 09:32:15 CET 2004 - ro@suse.de - fix configure.in (test for pcap_debug was broken) ------------------------------------------------------------------- Tue Jan 20 15:42:46 CET 2004 - postadal@suse.cz - updated to version 3.8.1 * fixed security bug in L2TP (CAN-2003-1029) - removed obsoleted patches (isakmp-buffer-overflow-fix, compile) - fixed security bugs in these parsers: RADIUS (CAN-2004-0055), ISAKMP (CAN-2004-0057) [#33763] ------------------------------------------------------------------- Sat Jan 10 17:26:25 CET 2004 - adrian@suse.de - build as user ------------------------------------------------------------------- Tue Jan 06 14:12:36 CET 2004 - postadal@suse.cz - fixed two remotely exploitable buffer overflows in the ISAKMP parser [#33763] (CAN-2003-0989) ------------------------------------------------------------------- Thu Jul 24 14:03:01 CEST 2003 - postadal@suse.cz - updated to version 3.7.2 - removed obsoleted patches (tcpdump-nfs-fix, tcpdump-isakmp, tcpdump-bgp) ------------------------------------------------------------------- Wed May 7 16:08:11 CEST 2003 - ro@suse.de - make it compile with current glibc headers (move include of netinet/in.h further up) ------------------------------------------------------------------- Wed Mar 05 15:22:20 CET 2003 - postadal@suse.cz - fixed security bugs in parsing ISAKMP, BGP and NFS ------------------------------------------------------------------- Tue Oct 1 12:04:37 CEST 2002 - froh@suse.de - s390/s390x: dumping of qeth interfaces needs some filtering, which is accomplished by the new 'tcpdump-qeth' (#15626, #22085) ------------------------------------------------------------------- Mon May 20 13:12:35 CEST 2002 - postadal@suse.de - fixed bug in displaying NFS traffic - updated to version 3.7.1 * support more protocols * better Linux libc5 compat ------------------------------------------------------------------- Wed Apr 3 17:05:07 CEST 2002 - postadal@suse.cz - fixed to compile with autoconf-2.53 ------------------------------------------------------------------- Mon Jun 18 11:09:57 CEST 2001 - cihlar@suse.cz - updated to version 3.6.2 - removed obsolete patches - compile against package libpcap ------------------------------------------------------------------- Tue Feb 6 12:02:52 CET 2001 - ro@suse.de - tcpclice.c: include time.h - smbutil.c: include time.h ------------------------------------------------------------------- Fri Jan 19 00:35:14 PST 2001 - bk@suse.de - Turn off PACKET_RX_RING too. It is not available in lx_sus22 and not enabled in our 2.4 kernel configs and causes a warning on every start and possible trouble. See bug #5178 ------------------------------------------------------------------- Thu Jan 11 20:01:29 CET 2001 - ak@suse.de - Turn off PACKET_TRECV. It's not enabled in our kernel and causes some problems. ------------------------------------------------------------------- Fri Nov 24 17:31:36 CET 2000 - ak@suse.de - Add mb() for ppc ------------------------------------------------------------------- Tue Nov 14 13:00:34 CET 2000 - ro@suse.de - groups sorted ------------------------------------------------------------------- Tue Nov 14 12:09:19 MET 2000 - ak@suse.de - add some protocols to make it build on 6.1 again ------------------------------------------------------------------- Mon Nov 13 18:19:49 MET 2000 - ak@suse.de - add membar fix for sparc ------------------------------------------------------------------- Sat Nov 11 20:10:43 MET 2000 - ak@suse.de - fix some buffer overflows. ------------------------------------------------------------------- Thu May 18 17:46:34 CEST 2000 - schwab@suse.de - Fix missing declaration. - Fix broken includes. - Get rid of Makefile.Linux and clean up spec file. - Update config.{sub,guess}. ------------------------------------------------------------------- Thu May 11 13:41:14 CEST 2000 - ak@suse.de - add security fix for endless dns looping. From Guy Harris. ------------------------------------------------------------------- Thu Mar 2 12:38:44 CET 2000 - ak@suse.de - move man pages to /usr/share/man ------------------------------------------------------------------- Wed Dec 22 14:24:46 CET 1999 - ak@suse.de - fix promiscuous mode bug ------------------------------------------------------------------- Fri Dec 3 21:45:44 CET 1999 - bk@suse.de - disabled NO_SMP_DEBUG changes by ank(did not compile on sparc) ------------------------------------------------------------------- Sat Nov 6 16:22:35 CET 1999 - bk@suse.de - Integrated changes from ak: strip tcpdump and a fix a -p crash bug (pcap-maddr-fix) ------------------------------------------------------------------- Wed Oct 27 04:52:43 CEST 1999 - bk@suse.de - Andi Kleen added patches from Alexey Kuznetsov. Features e.g.: - device independent libpcap, Kernel support for new link-layers, e.g. ISDN (libpcap uses PF_PACKET,SOCK_DGRAM instead of PF_INET,SOCK_PACKET) - IPv6 and APM support, SMB updates - libpcap support for "In Kernel Packet Filtering" (CONFIG_FILTER) - made a libpcapn subpackage which holds the new libpcap for developers. - Added fix to reestablish old output format of tcpdump from Andi Kleen. ------------------------------------------------------------------- Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. ------------------------------------------------------------------- Tue Sep 29 10:03:04 MEST 1998 - ro@suse.de - print_i4l : include net/ethernet.h instead of netinet/if_ether.h for glibc ---------------------------------------------------------------------------- Mon Mar 2 16:58:50 MET 1998 - florian@suse.de - update to version 3.4a6 ---------------------------------------------------------------------------- Mon Jul 7 13:17:08 CEST 1997 - florian@suse.de - update to version 3.4a5 - added isdn-patches ---------------------------------------------------------------------------- Mon Jul 7 13:17:08 CEST 1997 - florian@suse.de - update to version 3.4a3 ---------------------------------------------------------------------------- Sun Apr 13 23:04:29 MEST 1997 - florian@suse.de - update to new version 3.3.1a2 with automatic detection of packet types ---------------------------------------------------------------------------- Sun Nov 10 22:17:10 CET 1996 - florian@suse.de - added the changes distributed with samba - added isdn patches