Pedro Monreal Gonzalez
72f913f819
OBS-URL: https://build.opensuse.org/package/show/network:utilities/tcpdump?expand=0&rev=72
1067 lines
46 KiB
Plaintext
1067 lines
46 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Dec 4 08:40:11 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
- Update tcpdump.keyring with upstream RSA signing key.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 2 09:29:52 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
- Update to 4.99.5:
|
|
* Refine protocol decoding for:
|
|
- BGP: Fix an undefined behavior when it tries to parse a too-short packet.
|
|
- CARP: Print the protocol name before any GET_().
|
|
- CDP: only hex-dump unknown TLVs in verbose mode.
|
|
- DHCP: parse the SZTP redirect tag.
|
|
- DHCPv6: client-id/server-id DUID type 2 correction; parse the user class,
|
|
boot file URL, and SZTP redirect options; add DUID-UUID printing (RFC6355).
|
|
- DNS: Detect and correctly handle too-short URI RRs.
|
|
- EAP: Assign ndo_protocol in the eap_print() function.
|
|
- Frame Relay (Multilink): Fix the Timestamp Information Element printing.
|
|
- ICMPv6: Fix printing the Home Agent Address Discovery Reply Message.
|
|
- IEEE 802.11: no need for an element ID in the structures for IEs, make
|
|
the length in the IE structures a u_int, include the "TA" field while
|
|
printing Block Ack Control frame.
|
|
- IP: Enable TSO (TCP Segmentation Offload) support; fix printing invalid
|
|
cases as invalid, not truncated; use ND_ICHECKMSG_ZU() to test the
|
|
header length.
|
|
- IPv6: Fix printing invalid cases as invalid, not truncated; use
|
|
ND_ICHECKMSG_U() to print an invalid version.
|
|
- IPv6: Fix invalid 32-bit versus 64-bit printouts of fragment headers.
|
|
- ISAKMP: Fix printing Delete payload SPI when size is zero.
|
|
- Kerberos: Print the protocol name, remove a redundant bounds check.
|
|
- lwres: Fix an undefined behavior in pointer arithmetic.
|
|
- OpenFlow 1.0: Fix indentation of PORT_MOD, improve handling of
|
|
some lengths, and fix handling of snapend.
|
|
- TCP: Test ports < 1024 in port order to select the printer.
|
|
- UDP: Move source port equal BCM_LI_PORT to bottom of long if else chain.
|
|
- UDP: Test ports < 1024 in port order to select the printer.
|
|
- LDP: Add missing fields of the Common Session Parameters TLV and fix the
|
|
offset for the A&D bits.
|
|
- NFLOG: Use correct AF code points on all OSes.
|
|
- OSPF: Pad TLVs in LS_OPAQUE_TYPE_RI to multiples of 4 bytes.
|
|
- OSPF: Update LS-Ack printing not to run off the end of the packet.
|
|
- OSPF6: Fix an undefined behavior.
|
|
- PPP: Check if there is some data to hexdump.
|
|
- PPP: Remove an extra colon before LCP Callback Operation.
|
|
- Use the buffer stack for de-escaping PPP; fixes CVE-2024-2397;
|
|
Note: This problem does not affect any tcpdump release.
|
|
- PTP: Fix spelling of type SIGNALING, Parse major and minor version
|
|
correctly, Print majorSdoId field instead of just the first bit.
|
|
- RPKI-Router: Refine length and bounds checks.
|
|
- RX, SNMP, ZEP, smbutil.c: Use the "%Y-%m-%d" date format.
|
|
* User interface:
|
|
- Print the supported time stamp types (-J) to stdout instead of stderr.
|
|
- Print the list of data link types (-L) to stdout instead of stderr.
|
|
- Update --version option to print 32/64-bit build and time_t size.
|
|
- Support "3des" as an alias for "des_ede3_cbc" even if the crypto
|
|
library doesn't support adding aliases.
|
|
* Source code:
|
|
- tcpdump: Fix a memory leak.
|
|
- child_cleanup: reap as many child processes as possible.
|
|
- Ignore failures when setting the default "any" device DLL to LINUX_SLL2.
|
|
- Fix for backends which doesn't support capsicum.
|
|
- Introduce new ND_ICHECK*() macros to deduplicate more code.
|
|
- Skip privilege dropping when using -Z root on --with-user builds.
|
|
- Free interface list just before exiting where it wasn't being freed.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 19 13:13:20 UTC 2024 - Frederic Crozat <fcrozat@suse.com>
|
|
|
|
- Update url for tcpdump keyring and refresh keyring.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Apr 8 11:04:16 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 4.99.4:
|
|
* LSP ping: Fix "Unused value" warnings from Coverity
|
|
* CVE-2023-1801: out-of-bounds write in the SMB printer (boo#1210265)
|
|
* DNS: sync resource types with IANA
|
|
* ICMPv6: Update the output to show a RPL DAO field name
|
|
Geneve: Fix the Geneve UDP port test
|
|
* build system tweaks and documentation updates
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 17 08:18:36 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 4.99.3:
|
|
* Updated printers:
|
|
PTP: Use the proper values for the control field and print un-allocated
|
|
values for the message field as "Reserved" instead of "none".
|
|
* Source code:
|
|
smbutil.c: Replace obsolete function call (asctime)
|
|
* Documentation:
|
|
Reformat the installation notes (INSTALL.txt) in Markdown.
|
|
Convert CONTRIBUTING to Markdown.
|
|
CONTRIBUTING.md: Document the use of "protocol: " in a commit summary.
|
|
Add a README file for NetBSD.
|
|
Fix CMake build to set man page section numbers in tcpdump.1
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 1 12:50:29 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 4.99.2:
|
|
* Multiple fixes and improvements to BGP, DSA, EAP, 802.11,
|
|
802.15.4, RRCP, MPLS, ICMP, VQP, Juniper, lwres, Ethernet,
|
|
IPX, Zephyr, VRRP, DCCP, IPv6, ISAKMP, RADIUS, TCP, RESp,
|
|
Arista, sFlow, VRRP, OSPF, OSPFv3, ICMPv3, ICMPv6, NFS, PTP,
|
|
WHOIS, MPTCP, ESP, PPP, ZEP printers
|
|
* Build system updates, developer visible fixes, documentation
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jun 13 09:33:08 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 4.99.1:
|
|
* Squelch some compiler warnings
|
|
* ICMP: Update the snapend for some nested IP packets
|
|
* MACsec: Update the snapend thus the ICV field is not payload
|
|
for the caller
|
|
* EIGRP: Fix packet header fields
|
|
* SMB: Disable printer by default in CMake builds
|
|
* OLSR: Print the protocol name even if the packet is invalid
|
|
* MSDP: Print ": " before the protocol name
|
|
* ESP: Remove padding, padding length and next header from the buffer
|
|
* DHCPv6: Update the snapend for nested DHCPv6 packets
|
|
* OpenFlow 1.0: Get snapend right for nested frames
|
|
* TCP: Update the snapend before decoding a MPTCP option
|
|
* Ethernet, IEEE 802.15.4, IP, L2TP, TCP, ZEP: Add bounds checks
|
|
* ForCES: Refine SPARSEDATA-TLV length check
|
|
* ASCII/hex: Use nd_trunc_longjmp() in truncation cases
|
|
* GeoNet: Add a ND_TCHECK_LEN() call
|
|
* Replace ND_TCHECK_/memcpy() pairs with GET_CPY_BYTES()
|
|
* BGP: Fix overwrites of global 'astostr' temporary buffer
|
|
* ARP: fix overwrites of static buffer in q922_string()
|
|
* Frame Relay: have q922_string() handle errors better
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 19 14:07:16 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
- Fix excess of precission in floating point registers for i586
|
|
until resolved upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 4 13:01:06 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
- Update to 4.99.0
|
|
IMPORTANT: Upsteam moved the default install directory to bindir.
|
|
For compatibility, tcpdump is still being installed in
|
|
sbindir and a symlink in bindir has been added.
|
|
* Print unsupported link-layer protocol packets in hex.
|
|
* Add support for new network protocols and DLTs: Arista, Autosar
|
|
SOME/IP, Broadcom LI and Ethernet switches tag, IEEE 802.15.9,
|
|
IP-over-InfiniBand (IPoIB), Linux SLL2, Linux vsockmon, MACsec,
|
|
Marvell Distributed Switch Architecture, OpenFlow 1.3, Precision
|
|
Time Protocol (PTP), SSH, WHOIS, ZigBee Encapsulation Protocol (ZEP).
|
|
* Make protocol-specific updates for: AH, DHCP, DNS, ESP, FRF.16,
|
|
HNCP, ICMP6, IEEE 802.15.4, IPv6, IS-IS, Linux SLL, LLDP, LSP
|
|
ping, MPTCP, NFS, NSH, NTP, OSPF, OSPF6, PGM, PIM, PPTP, RADIUS,
|
|
RSVP, Rx, SMB, UDLD, VXLAN-GPE.
|
|
* User interface:
|
|
- Make SLL2 the default for Linux "any" pseudo-device.
|
|
- Add --micro and --nano shorthands.
|
|
- Add --count to print a counter only instead of decoding.
|
|
- Add --print, to cause packet printing even with -w.
|
|
- Add support for remote capture if libpcap supports it.
|
|
- Flush the output packet buffer on a SIGUSR2.
|
|
- Handle very large -f files by rejecting them.
|
|
* Source code:
|
|
- Introduce new helper functions, including GET_*(),
|
|
nd_print_protocol(), nd_print_invalid(), nd_print_trunc(),
|
|
nd_trunc_longjmp() and others.
|
|
- Put integer signedness right in many cases.
|
|
- Introduce nd_uint*, nd_mac_addr, nd_ipv4 and nd_ipv6 types
|
|
to fix alignment issues, especially on SPARC.
|
|
- Use a table instead of getprotobynumber().
|
|
- Get rid of ND_UNALIGNED and ND_TCHECK().
|
|
- Make roundup2() generally available.
|
|
- Resync SMI list against Wireshark.
|
|
- Remove patches fixed upstream:
|
|
* tcpdump-CVE-2018-19519.patch
|
|
* tcpdump-CVE-2020-8037.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 4 12:53:10 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
- Remove unrecognized configure option: enable-ipv6
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 5 10:58:11 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
- Security fix: [bsc#1178466, CVE-2020-8037]
|
|
* PPP decapsulator: Allocate the right buffer size
|
|
- Add tcpdump-CVE-2020-8037.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 13 17:21:34 UTC 2019 - Michel Normand <normand@linux.vnet.ibm.com>
|
|
|
|
- ignore make check failure for PowerPC as tracked upstream
|
|
https://github.com/the-tcpdump-group/tcpdump/issues/814
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 15 07:53:47 UTC 2019 - Martin Pluskal <mpluskal@suse.com>
|
|
|
|
- Trim CFLAGS
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
- Update to 4.9.3 [bsc#1153098]
|
|
* Fix buffer overflow/overread vulnerabilities:
|
|
- CVE-2017-16808 (AoE)
|
|
- CVE-2018-14468 (FrameRelay)
|
|
- CVE-2018-14469 (IKEv1)
|
|
- CVE-2018-14470 (BABEL)
|
|
- CVE-2018-14466 (AFS/RX)
|
|
- CVE-2018-14461 (LDP)
|
|
- CVE-2018-14462 (ICMP)
|
|
- CVE-2018-14465 (RSVP)
|
|
- CVE-2018-14881 (BGP)
|
|
- CVE-2018-14464 (LMP)
|
|
- CVE-2018-14463 (VRRP)
|
|
- CVE-2018-14467 (BGP)
|
|
- CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
|
|
- CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
|
|
- CVE-2018-14880 (OSPF6)
|
|
- CVE-2018-16451 (SMB)
|
|
- CVE-2018-14882 (RPL)
|
|
- CVE-2018-16227 (802.11)
|
|
- CVE-2018-16229 (DCCP)
|
|
- CVE-2018-16301 (was fixed in libpcap)
|
|
- CVE-2018-16230 (BGP)
|
|
- CVE-2018-16452 (SMB)
|
|
- CVE-2018-16300 (BGP)
|
|
- CVE-2018-16228 (HNCP)
|
|
- CVE-2019-15166 (LMP)
|
|
- CVE-2019-15167 (VRRP)
|
|
* Fix for cmdline argument/local issues:
|
|
- CVE-2018-14879 (tcpdump -V)
|
|
- Drop patches fixed upstream:
|
|
* tcpdump-CVE-2017-16808.patch
|
|
* tcpdump-CVE-2019-1010220.patch
|
|
* tcpdump-ikev2pI2.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
- Security fix [bsc#1142439, CVE-2019-1010220]
|
|
* Buffer Over-read in print_prefix which may expose data
|
|
* Added tcpdump-CVE-2019-1010220.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 23 10:37:17 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
- Use %license macro for LICENSE file
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 23 10:24:31 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
- Security fix [bsc#1068716, CVE-2017-16808]
|
|
* Heap-based buffer over-read related to aoe_print and lookup_emem
|
|
* Added tcpdump-CVE-2017-16808.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
- Security fix [bsc#1117267, CVE-2018-19519]
|
|
* Buffer overread in print-hncp.c:print_prefix.
|
|
* Added patch tcpdump-CVE-2018-19519.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 12 15:23:04 UTC 2017 - pmonrealgonzalez@suse.com
|
|
|
|
- Disabled ikev2pI2 test that fails on some architectures
|
|
* Added patch tcpdump-ikev2pI2.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 12 14:51:00 UTC 2017 - pmonrealgonzalez@suse.com
|
|
|
|
- Update to version 4.9.2 [bsc#1057247]
|
|
* Security fixes:
|
|
- CVE-2017-11108 segfault in STP decoder
|
|
- Segfault in ESP decoder with OpenSSL 1.1
|
|
- CVE-2017-11543 buffer overflow in SLIP decoder
|
|
- CVE-2017-13011 buffer overflow in bittok2str_internal()
|
|
- CVE-2017-12989 infinite loop in the RESP parser
|
|
- CVE-2017-12990 infinite loop in the ISAKMP parser
|
|
- CVE-2017-12995 infinite loop in the DNS parser
|
|
- CVE-2017-12997 infinite loop in the LLDP parser
|
|
- CVE-2017-11541 buffer over-read in safeputs()
|
|
- CVE-2017-11542 buffer over-read in PIMv1 decoder
|
|
- CVE-2017-12893 buffer over-read in the SMB/CIFS parser
|
|
- CVE-2017-12894 buffer over-read in several protocol parsers
|
|
- CVE-2017-12895 buffer over-read in the ICMP parser
|
|
- CVE-2017-12896 buffer over-read in the ISAKMP parser
|
|
- CVE-2017-12897 buffer over-read in the ISO CLNS parser
|
|
- CVE-2017-12898 buffer over-read in the NFS parser
|
|
- CVE-2017-12899 buffer over-read in the DECnet parser
|
|
- CVE-2017-12900 buffer over-read in the in several protocol parsers
|
|
- CVE-2017-12901 buffer over-read in the EIGRP parser
|
|
- CVE-2017-12902 buffer over-read in the Zephyr parser
|
|
- CVE-2017-12985 buffer over-read in the IPv6 parser
|
|
- CVE-2017-12986 buffer over-read in the IPv6 routing header parser
|
|
- CVE-2017-12987 buffer over-read in the 802.11 parser
|
|
- CVE-2017-12988 buffer over-read in the telnet parser
|
|
- CVE-2017-12991 buffer over-read in the BGP parser
|
|
- CVE-2017-12992 buffer over-read in the RIPng parser
|
|
- CVE-2017-12993 buffer over-read in the Juniper protocols parser
|
|
- CVE-2017-12994 buffer over-read in the BGP parser
|
|
- CVE-2017-12996 buffer over-read in the PIMv2 parser
|
|
- CVE-2017-12998 buffer over-read in the IS-IS parser
|
|
- CVE-2017-12999 buffer over-read in the IS-IS parser
|
|
- CVE-2017-13000 buffer over-read in the IEEE 802.15.4 parser
|
|
- CVE-2017-13001 buffer over-read in the NFS parser
|
|
- CVE-2017-13002 buffer over-read in the AODV parser
|
|
- CVE-2017-13003 buffer over-read in the LMP parser
|
|
- CVE-2017-13004 buffer over-read in the Juniper protocols parser
|
|
- CVE-2017-13005 buffer over-read in the NFS parser
|
|
- CVE-2017-13006 buffer over-read in the L2TP parser
|
|
- CVE-2017-13007 buffer over-read in the Apple PKTAP parser
|
|
- CVE-2017-13008 buffer over-read in the IEEE 802.11 parser
|
|
- CVE-2017-13009 buffer over-read in the IPv6 mobility parser
|
|
- CVE-2017-13010 buffer over-read in the BEEP parser
|
|
- CVE-2017-13012 buffer over-read in the ICMP parser
|
|
- CVE-2017-13013 buffer over-read in the ARP parser
|
|
- CVE-2017-13014 buffer over-read in the White Board protocol parser
|
|
- CVE-2017-13015 buffer over-read in the EAP parser
|
|
- CVE-2017-13016 buffer over-read in the ISO ES-IS parser
|
|
- CVE-2017-13017 buffer over-read in the DHCPv6 parser
|
|
- CVE-2017-13018 buffer over-read in the PGM parser
|
|
- CVE-2017-13019 buffer over-read in the PGM parser
|
|
- CVE-2017-13020 buffer over-read in the VTP parser
|
|
- CVE-2017-13021 buffer over-read in the ICMPv6 parser
|
|
- CVE-2017-13022 buffer over-read in the IP parser
|
|
- CVE-2017-13023 buffer over-read in the IPv6 mobility parser
|
|
- CVE-2017-13024 buffer over-read in the IPv6 mobility parser
|
|
- CVE-2017-13025 buffer over-read in the IPv6 mobility parser
|
|
- CVE-2017-13026 buffer over-read in the ISO IS-IS parser
|
|
- CVE-2017-13027 buffer over-read in the LLDP parser
|
|
- CVE-2017-13028 buffer over-read in the BOOTP parser
|
|
- CVE-2017-13029 buffer over-read in the PPP parser
|
|
- CVE-2017-13030 buffer over-read in the PIM parser
|
|
- CVE-2017-13031 buffer over-read in the IPv6 fragmentation header parser
|
|
- CVE-2017-13032 buffer over-read in the RADIUS parser
|
|
- CVE-2017-13033 buffer over-read in the VTP parser
|
|
- CVE-2017-13034 buffer over-read in the PGM parser
|
|
- CVE-2017-13035 buffer over-read in the ISO IS-IS parser
|
|
- CVE-2017-13036 buffer over-read in the OSPFv3 parser
|
|
- CVE-2017-13037 buffer over-read in the IP parser
|
|
- CVE-2017-13038 buffer over-read in the PPP parser
|
|
- CVE-2017-13039 buffer over-read in the ISAKMP parser
|
|
- CVE-2017-13040 buffer over-read in the MPTCP parser
|
|
- CVE-2017-13041 buffer over-read in the ICMPv6 parser
|
|
- CVE-2017-13042 buffer over-read in the HNCP parser
|
|
- CVE-2017-13043 buffer over-read in the BGP parser
|
|
- CVE-2017-13044 buffer over-read in the HNCP parser
|
|
- CVE-2017-13045 buffer over-read in the VQP parser
|
|
- CVE-2017-13046 buffer over-read in the BGP parser
|
|
- CVE-2017-13047 buffer over-read in the ISO ES-IS parser
|
|
- CVE-2017-13048 buffer over-read in the RSVP parser
|
|
- CVE-2017-13049 buffer over-read in the Rx protocol parser
|
|
- CVE-2017-13050 buffer over-read in the RPKI-Router parser
|
|
- CVE-2017-13051 buffer over-read in the RSVP parser
|
|
- CVE-2017-13052 buffer over-read in the CFM parser
|
|
- CVE-2017-13053 buffer over-read in the BGP parser
|
|
- CVE-2017-13054 buffer over-read in the LLDP parser
|
|
- CVE-2017-13055 buffer over-read in the ISO IS-IS parser
|
|
- CVE-2017-13687 buffer over-read in the Cisco HDLC parser
|
|
- CVE-2017-13688 buffer over-read in the OLSR parser
|
|
- CVE-2017-13689 buffer over-read in the IKEv1 parser
|
|
- CVE-2017-13690 buffer over-read in the IKEv2 parser
|
|
- CVE-2017-13725 buffer over-read in the IPv6 routing header parser
|
|
* Dropped patch tcpdump-reverted-test-scripts-fix.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 23 13:51:30 UTC 2017 - pmonrealgonzalez@suse.com
|
|
|
|
- Reverted upstream commit that makes some tests to fail when
|
|
compiling with openssl-1.1.0
|
|
* Upstream commit 68cc39dd64688829be2632d9cd24f7efa3da79bb
|
|
* Added patch tcpdump-reverted-test-scripts-fix.patch
|
|
* Removed patch tcpdump-ikev2pI2-test-fails-ppc.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 26 12:33:53 UTC 2017 - pmonrealgonzalez@suse.com
|
|
|
|
- Disable ikev2pI2 test that fails on ppc, ppc64 and ppc64le
|
|
* Added patch tcpdump-ikev2pI2-test-fails-ppc.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 26 09:16:56 UTC 2017 - pmonrealgonzalez@suse.com
|
|
|
|
- Update to version 4.9.1 [bsc#1047873]
|
|
* CVE-2017-11108/Fix bounds checking for STP.
|
|
* Make assorted documentation updates and fix a few typos in output.
|
|
* Fixup -C for file size >2GB
|
|
* Show AddressSanitizer presence in version output.
|
|
* Fix a bug in test scripts.
|
|
* Fix a use-after-free when the requested interface does not exist.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 2 14:47:56 UTC 2017 - pmonrealgonzalez@suse.com
|
|
|
|
- version update to 4.9.0 bsc#1020940
|
|
* CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
|
|
* CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
|
|
* CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
|
|
* CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
|
|
* CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
|
|
* CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
|
|
* CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
|
|
* CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
|
|
* CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
|
|
* CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
|
|
* CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
|
|
* CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
|
|
* CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
|
|
* CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
|
|
* CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
|
|
* CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
|
|
* CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().
|
|
* CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
|
|
* CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
|
|
* CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
|
|
* CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
|
|
* CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
|
|
* CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
|
|
* CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
|
|
* CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
|
|
* CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
|
|
* CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
|
|
* CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
|
|
* CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
|
|
* CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().
|
|
* CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
|
|
* CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
|
|
* CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
|
|
* CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
|
|
* CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
|
|
* CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
|
|
* CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().
|
|
* CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
|
|
* CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
|
|
* CVE-2017-5485 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
|
|
* CVE-2017-5486 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 15 01:28:38 CEST 2016 - ro@suse.de
|
|
|
|
- fix filelist to fix build on s390/s390x
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 30 07:43:04 UTC 2016 - bg@suse.com
|
|
|
|
- correctly reference SOURCE1 during installation for s390x
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Apr 26 18:51:40 UTC 2015 - astieger@suse.com
|
|
|
|
- tcpdump 4.7.4:
|
|
* PPKI to Router Protocol: Fix Segmentation Faults and other problems
|
|
* RPKI to Router Protocol: print strings with fn_printn()
|
|
* wb: fix some bounds checks
|
|
(previously patched in, removed CVE-2015-3138.patch)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 17 20:00:24 UTC 2015 - astieger@suse.com
|
|
|
|
- fix a DoS vulnerability in print-wb.c
|
|
CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 13 09:54:11 UTC 2015 - vcizek@suse.com
|
|
|
|
- update to 4.7.3
|
|
- fixes four security bugs:
|
|
* CVE-2015-0261 - IPv6 mobility printer (bnc#922220)
|
|
* CVE-2015-2153 - tcp printer (bnc#922221)
|
|
* CVE-2015-2154 - ethernet printer (bnc#922222)
|
|
* CVE-2015-2155 - force printer (bnc#922223)
|
|
- drop patches with security fixes (upstream):
|
|
* tcpdump-CVE-2014-8767.patch
|
|
* tcpdump-CVE-2014-8768.patch
|
|
* tcpdump-CVE-2014-8769.patch
|
|
* 0001-Clean-up-error-message-printing.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 6 12:31:23 UTC 2015 - vcizek@suse.com
|
|
|
|
- fix CVE-2014-8767 (bnc#905870)
|
|
* denial of service in verbose mode using malformed OLSR payload
|
|
* added tcpdump-CVE-2014-8767.patch
|
|
- fix CVE-2014-8768 (bnc#905871)
|
|
* denial of service in verbose mode using malformed Geonet payload
|
|
* added tcpdump-CVE-2014-8768.patch
|
|
- fix CVE-2014-8769 (bnc#905872)
|
|
* unreliable output using malformed AOVD payload
|
|
* added tcpdump-CVE-2014-8769.patch
|
|
* added 0001-Clean-up-error-message-printing.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 3 18:44:03 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
- tcpdump 4.6.2:
|
|
* fix out-of-source-tree builds: find libpcap that is out of source
|
|
* better configure check for libsmi
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 15 19:45:52 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
- tcpdump 4.6.1:
|
|
* add a short option '#', same as long option '--number'
|
|
- includes changes from 4.6.0:
|
|
* all of tcpdump is now using the new "NDO" code base
|
|
* nflog, mobile, forces, pptp, AODV, AHCP, IPv6, OSPFv4, RPL,
|
|
DHCPv6 enhancements/fixes
|
|
* M3UA decode added.
|
|
* many new test cases: 82 in 4.5.1 to 133 in 4.6.0
|
|
* cleaned up some unnecessary header files
|
|
* Added bittok2str().
|
|
* a number of unaligned access faults fixed
|
|
* -A flag does not consider CR to be printable anymore
|
|
* fx.lebail took over coverity baby sitting
|
|
* default snapshot size increased to 256K for accomodate USB
|
|
captures
|
|
- includes changes from 4.5.2:
|
|
* man page fix
|
|
- add build and runtime libpcap minimum version
|
|
- remove old patches, thus making package patchless:
|
|
tcpdump-4.0.0-prototypes.patch
|
|
tcpdump-4.0.0-aliasing.patch
|
|
- run spec cleaner on spec file
|
|
- remove gpg-offline, now part of source validator
|
|
- remove versioned binary
|
|
- run regression tests
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Dec 14 11:19:45 UTC 2013 - andreas.stieger@gmx.de
|
|
|
|
- update to 4.5.1
|
|
Version 4.5.0 revised for non-code related edits
|
|
- some NFSv4 fixes for printing
|
|
- fix printing of unknown TCP options, and tcp fast-open
|
|
- fixes for syslog parser
|
|
- some gcc-version-specific flag tuning
|
|
- improvements to babel printing
|
|
- add OpenFlow 1.0 (no SSL) and test cases
|
|
- GeoNet printer.
|
|
- added STBC Rx support
|
|
- improvements to DHCPv6 decoder
|
|
- clarify which autoconf is needed
|
|
- Point users to the the-tcpdump-group repository on GitHub rather
|
|
than the mcr repository
|
|
- Add MSDP printer.
|
|
- Fixed IPv6 check on Solaris and other OSes requiring extra
|
|
networking libraries.
|
|
- Add support for VXLAN (draft-mahalingam-dutt-dcops-vxlan-03),
|
|
and add "vxlan" as an option for -T.
|
|
- Add support for OTV (draft-hasmit-otv-04).
|
|
fixes for DLT_IEEE802_11_RADIO datalink types
|
|
- added MPTCP decoder
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 13 20:37:14 UTC 2013 - andreas.stieger@gmx.de
|
|
|
|
- verify source signature
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 11 11:51:41 UTC 2013 - reddwarf@opensuse.org
|
|
|
|
- update to 4.4.0
|
|
- RPKI-RTR (RFC6810) is now official (TCP Port 323)
|
|
- Fix detection of OpenSSL libcrypto.
|
|
- Add DNSSL (RFC6106) support.
|
|
- Add "radius" as an option for -T.
|
|
- Update Action codes for handle_action function according to
|
|
802.11s amendment.
|
|
- Decode DHCPv6 AFTR-Name option (RFC6334).
|
|
- Updates for Babel.
|
|
- Fix printing of infinite lifetime in ICMPv6.
|
|
- Added support for SPB, SPBM Service Identifier, and Unicast
|
|
Address sub-TLV in ISIS.
|
|
- Decode RIPv2 authentication up to RFC4822.
|
|
- Fix RIP Request/full table decoding issues.
|
|
- On Linux systems with cap-ng.h, drop root privileges
|
|
using Linux Capabilities.
|
|
- Add support for reading multiple files.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 15 15:37:15 CEST 2012 - jslaby@suse.de
|
|
|
|
- remove tcpdump-4.0.0-uninitialized.patch, it's solved differently
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 14 23:48:25 CEST 2012 - jslaby@suse.de
|
|
|
|
- update to 4.3.0
|
|
- fixes for forces: SPARSE data (per RFC 5810)
|
|
- some more test cases added
|
|
- updates to documentation on -l, -U and -w flags.
|
|
- Fix printing of BGP optional headers.
|
|
- Tried to include DLT_PFSYNC support, failed due to headers required.
|
|
- added TIPC support.
|
|
- Fix LLDP Network Policy bit definitions.
|
|
- fixes for IGMPv3's Max Response Time: it is in units of 0.1 second.
|
|
- SIGUSR1 can be used rather than SIGINFO for stats
|
|
- permit -n flag to affect print-ip for protocol numbers
|
|
- ND_OPT_ADVINTERVAL is in milliseconds, not seconds
|
|
- Teach PPPoE parser about RFC 4638
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 3 14:48:56 UTC 2012 - puzel@suse.com
|
|
|
|
- update to 4.2.1
|
|
- Only build the Babel printer if IPv6 is enabled.
|
|
- Support Babel on port 6696 as well as 6697.
|
|
- Include ppi.h in release tarball.
|
|
- Include all the test files in the release tarball, and don't
|
|
"include" test files that no longer exist.
|
|
- Don't assume we have <rpc/rpc.h> - check for it.
|
|
- Support "-T carp" as a way of dissecting IP protocol 112 as CARP
|
|
rather than VRRP.
|
|
- Support Hilscher NetAnalyzer link-layer header format.
|
|
- Constify some pointers and fix compiler warnings.
|
|
- Get rid of never-true test.
|
|
- Fix an unintended fall-through in a case statement in the ARP
|
|
printer.
|
|
- Fix several cases where sizeof(sizeof(XXX)) was used when just
|
|
sizeof(XXX) was intended.
|
|
- Make stricter sanity checks in the ES-IS printer.
|
|
- Get rid of some GCCisms that caused builds to fail with compilers
|
|
that don't support them.
|
|
- Fix typo in man page.
|
|
- Added length checks to Babel printer.
|
|
- drop tcpdump-4.2.0-ppi.patch (upstream)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 28 12:32:25 UTC 2011 - vcizek@suse.com
|
|
|
|
- update to 4.2.0
|
|
* patch that adds missing ppi.h
|
|
* Summary for 4.2.0
|
|
- merged 802.15.4 decoder from Dmitry Eremin-Solenikov <dbaryshkov
|
|
at gmail dot com>
|
|
- updates to forces for new port numbers
|
|
- Use "-H", not "-h", for the 802.11s option. (-h always help)
|
|
- Better ICMPv6 checksum handling.
|
|
- add support for the RPKI/Router Protocol, per -ietf-sidr-rpki-rtr-12
|
|
- get rid of uuencoded pcap test files, git can do binary.
|
|
- sFlow changes for 64-bit counters.
|
|
- fixes for PPI packet header handling and printing.
|
|
- Add DCB Exchange protocol (DCBX) version 1.01.
|
|
- Babel dissector, from Juliusz Chroboczek and Grégoire Henry.
|
|
- improvements to radiotap for rate values > 127.
|
|
- Many improvements to ForCES decode, including fix SCTP TML port
|
|
- updated RPL type code to RPL-17 draft
|
|
- Improve printout of DHCPv6 options.
|
|
- added support and test case for QinQ (802.1q VLAN) packets
|
|
- Handle DLT_IEEE802_15_4_NOFCS like DLT_IEEE802_15_4.
|
|
- Build fixes for Sparc and other machines with alignment restrictions.
|
|
- Merged changes from Debian package.
|
|
- PGM: Add ACK decoding and add PGMCC DATA and FEEDBACK options.
|
|
- Build fixes for OSX (Snow Leopard and others)
|
|
- Add support for IEEE 802.15.4 packets
|
|
* Summary for 4.1.2 tcpdump release
|
|
- If -U is specified, flush the file after creating it, so it's
|
|
not zero-length
|
|
- Fix TCP flags output description, and some typoes, in the man
|
|
page
|
|
- Add a -h flag, and only attempt to recognize 802.11s mesh
|
|
headers if it's set
|
|
- When printing the link-layer type list, send *all* output to
|
|
stderr
|
|
- Include the CFLAGS setting when configure was run in the
|
|
compiler flags
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 6 09:13:45 UTC 2010 - puzel@novell.com
|
|
|
|
- update to tcpdump-4.1.1
|
|
* Don't blow up if a zero-length link-layer address is passed to
|
|
linkaddr_string()
|
|
* Fix printing of MAC addresses for VLAN frames with a length
|
|
field
|
|
* Add some additional bounds checks and use the EXTRACT_ macros
|
|
more
|
|
* Add a -b flag to print the AS number in BGP packets in ASDOT
|
|
notation rather than ASPLAIN notation
|
|
* Add ICMPv6 RFC 5006 support
|
|
* Decode the access flags in NFS access requests
|
|
* Handle the new DLT_ for memory-mapped USB captures on Linux
|
|
* Make the default snapshot (-s) the maximum
|
|
* Print name of device (when -L is used)
|
|
* Print new TCP flags
|
|
* Add support for RPL DIO
|
|
* Add support for TCP User Timeout (UTO)
|
|
* Add support for non-standard Ethertypes used by 3com PPPoE gear
|
|
* Add support for 802.11n and 802.11s
|
|
* Add support for Transparent Ethernet Bridge ethertype in GRE
|
|
* Add 4 byte AS support for BGP printer
|
|
* Add support for the MDT SAFI 66 BG printer
|
|
* Add basic IPv6 support to print-olsr
|
|
* Add USB printer
|
|
* Add printer for ForCES
|
|
* Handle frames with an FCS
|
|
* Handle 802.11n Control Wrapper, Block Acq Req and Block Ack frames
|
|
* Fix TCP sequence number printing
|
|
* Report 802.2 packets as 802.2 instead of 802.3
|
|
- drop tcpdump-4.0.0-autoconf.patch (not needed with new autoconf)
|
|
- compile with -fno-strict-aliasing
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 14 16:48:42 CET 2009 - prusnak@suse.cz
|
|
|
|
- updated to 4.0.0
|
|
* Add support for Bluetooth Sniffing
|
|
* Add support for Realtek Remote Control Protocol (openrrcp.org.ru)
|
|
* Add support for 802.11 AVS
|
|
* Add support for SMB over TCP
|
|
* Add support for 4 byte BGP AS printing
|
|
* Add support for compiling on case-insensitive file systems
|
|
* Add support for ikev2 printing
|
|
* Update support for decoding AFS
|
|
* Update DHCPv6 printer
|
|
* Use newer libpcap API's (allows -B option on all platforms)
|
|
* Add -I to turn on monitor mode
|
|
* Bugfixes in lldp, lspping, dccp, ESP, NFS printers
|
|
* Cleanup unused files and various cruft
|
|
- dropped obsoleted juniper.patch (included in update)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 8 18:04:02 CET 2008 - prusnak@suse.cz
|
|
|
|
- updated to 3.9.8
|
|
* Rework ARP printer
|
|
* Rework OSPFv3 printer
|
|
* Add support for Frame-Relay ARP
|
|
* Decode DHCP Option 121 (RFC 3442 Classless Static Route)
|
|
* Decode DHCP Option 249 (MS Classless Static Route) the same as Option 121
|
|
* TLV: Add support for Juniper .pcap extensions
|
|
* Print EGP header in new-world-order style
|
|
* Converted print-isakmp.c to NETDISSECT
|
|
* Moved AF specific stuff into af.h
|
|
* Test subsystem now table driven, and saves outputs and diffs to one place
|
|
* Require <net/pfvar.h> for pf definitions - allows reading of pflog formatted
|
|
libpcap files on an OS other than where the file was generated
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 26 16:03:44 CEST 2007 - prusnak@suse.cz
|
|
|
|
- updated to 3.9.7
|
|
* NFS: Print unsigned values as such
|
|
* RX: parse safely
|
|
* BGP: fixes for IPv6-less builds
|
|
* 801.1ag: use standard codepoint
|
|
* use /dev/bpf on systems with such a device
|
|
* 802.11: print QoS data, avoid dissect of no-data frame, ignore padding
|
|
* smb: make sure that we haven't gone past the end of the captured data
|
|
* smb: squelch an uninitialized complaint from coverity
|
|
* NFS: from NetBSD; don't interpret the reply as a possible NFS reply if it got MSG_DENIED
|
|
* BGP: don't print TLV values that didn't fit, from www.digit-labs.org
|
|
* revised INSTALL.txt about libpcap dependancy
|
|
- dropped obsolete patch:
|
|
* bgp-overflow.diff (fixed in update)
|
|
* 802_11-overflow.diff (included in update)
|
|
- changed libpcap to libpcap-devel in BuildRequires
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 12 11:37:08 CEST 2007 - prusnak@suse.cz
|
|
|
|
- update to 3.9.6
|
|
* added support for:
|
|
- OIF RSVP Extensions UNI 1.0 Rev. 2 and additional RSVP objects
|
|
- Message-id NACK c-type
|
|
- 802.3ah loopback ctrl msg
|
|
- Multiple-STP as per 802.1s
|
|
- rapid-SPT as per 802.1w
|
|
- CFM Link-trace msg, Link-trace-Reply msg,
|
|
- unidirectional link detection
|
|
- the olsr protocol as per RFC 3626 plus the LQ extensions from olsr.org
|
|
- variable-length checksum in DCCP, as per section 9 of RFC 4340
|
|
- per-VLAN spanning tree and per-VLAN rapid spanning tree
|
|
- Multiple-STP as per 802.1s
|
|
- the cisco propriatry 'dynamic trunking protocol'
|
|
- the cisco proprietary VTP protocol
|
|
- additional values in pflog
|
|
* changes to both TCP and IP Printer Output
|
|
* fixed a potential buffer overflow in the 802.11 printer
|
|
* print basic info about a few more Cisco LAN protocols
|
|
* mDNS cleanup
|
|
* ICMP MPLS rework of the extension code
|
|
* use the correct codepoint for the OSPF simple text auth token entry
|
|
* use safeputs to print the password
|
|
* update dhcp6 options table as per IETF standardization activities
|
|
- fixed overflow in bgp (bgp-overflow.patch) [#291356]
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 2 11:44:35 CET 2007 - prusnak@suse.cz
|
|
|
|
- fixed one byte overflow (802_11-overflow.diff) [#250163]
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 3 15:43:19 CET 2007 - prusnak@suse.cz
|
|
|
|
- update to 3.9.5
|
|
* Fixes for 64bit compiling
|
|
* Updated list of DNS RR typecodes
|
|
* Add basic support for keyed authentication TCP option
|
|
* Fix printing for 4.4BSD/NetBSD NFS Filehandles
|
|
* Add support for:
|
|
- Frame-Relay ARP
|
|
- parsing Juniper .pcap files
|
|
- FRF.16 Multilink Frame-Relay (DLT_MFR)
|
|
- PIMv2 checksum verification
|
|
- further dissection of the IPCP Compression Option
|
|
- Cisco's proposed VQP protocol
|
|
- Cisco style NLPID encapsulation
|
|
- PPP over Frame-Relay
|
|
- Address-Withdraw and Label-Withdraw Msgs
|
|
- BFD Discriminator TLV
|
|
- BGP signaled VPLS
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 25 21:42:01 CET 2006 - mls@suse.de
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 12 20:17:27 CET 2006 - mjancar@suse.cz
|
|
|
|
- compile with -fstack-protector
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 9 17:30:29 CET 2006 - mjancar@suse.cz
|
|
|
|
- update to 3.9.4
|
|
- drop obsolete patches
|
|
* tcpdump-3.9.4-overflow.diff
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 1 14:50:13 CEST 2005 - mjancar@suse.cz
|
|
|
|
- enable support for TSO packets (#114159)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 5 08:59:48 CEST 2005 - cthiel@suse.de
|
|
|
|
- fixed buffer overflow in addrtoname.c:499
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 2 19:43:32 CEST 2005 - mjancar@suse.cz
|
|
|
|
- update to 3.9.3
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 05 13:11:52 CEST 2004 - postadal@suse.cz
|
|
|
|
- updated to version 3.8.3
|
|
- removed obsoleted patches (isakmp-fix2, isakmp-fix3, radius-fix)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 29 17:44:10 CEST 2004 - postadal@suse.cz
|
|
|
|
- fixed overflow in ISAKMP (CAN-2004-0183) [#36828]
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 6 09:32:15 CET 2004 - ro@suse.de
|
|
|
|
- fix configure.in (test for pcap_debug was broken)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 20 15:42:46 CET 2004 - postadal@suse.cz
|
|
|
|
- updated to version 3.8.1
|
|
* fixed security bug in L2TP (CAN-2003-1029)
|
|
- removed obsoleted patches (isakmp-buffer-overflow-fix, compile)
|
|
|
|
- fixed security bugs in these parsers: RADIUS (CAN-2004-0055),
|
|
ISAKMP (CAN-2004-0057) [#33763]
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jan 10 17:26:25 CET 2004 - adrian@suse.de
|
|
|
|
- build as user
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 06 14:12:36 CET 2004 - postadal@suse.cz
|
|
|
|
- fixed two remotely exploitable buffer overflows in the ISAKMP parser
|
|
[#33763] (CAN-2003-0989)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 24 14:03:01 CEST 2003 - postadal@suse.cz
|
|
|
|
- updated to version 3.7.2
|
|
- removed obsoleted patches (tcpdump-nfs-fix, tcpdump-isakmp, tcpdump-bgp)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 7 16:08:11 CEST 2003 - ro@suse.de
|
|
|
|
- make it compile with current glibc headers
|
|
(move include of netinet/in.h further up)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 05 15:22:20 CET 2003 - postadal@suse.cz
|
|
|
|
- fixed security bugs in parsing ISAKMP, BGP and NFS
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 1 12:04:37 CEST 2002 - froh@suse.de
|
|
|
|
- s390/s390x: dumping of qeth interfaces needs some filtering, which
|
|
is accomplished by the new 'tcpdump-qeth' (#15626, #22085)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 20 13:12:35 CEST 2002 - postadal@suse.de
|
|
|
|
- fixed bug in displaying NFS traffic
|
|
- updated to version 3.7.1
|
|
* support more protocols
|
|
* better Linux libc5 compat
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 3 17:05:07 CEST 2002 - postadal@suse.cz
|
|
|
|
- fixed to compile with autoconf-2.53
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 18 11:09:57 CEST 2001 - cihlar@suse.cz
|
|
|
|
- updated to version 3.6.2
|
|
- removed obsolete patches
|
|
- compile against package libpcap
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 6 12:02:52 CET 2001 - ro@suse.de
|
|
|
|
- tcpclice.c: include time.h
|
|
- smbutil.c: include time.h
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 19 00:35:14 PST 2001 - bk@suse.de
|
|
|
|
- Turn off PACKET_RX_RING too. It is not available in lx_sus22 and
|
|
not enabled in our 2.4 kernel configs and causes a warning on
|
|
every start and possible trouble. See bug #5178
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 11 20:01:29 CET 2001 - ak@suse.de
|
|
|
|
- Turn off PACKET_TRECV. It's not enabled in our kernel and causes some
|
|
problems.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 24 17:31:36 CET 2000 - ak@suse.de
|
|
|
|
- Add mb() for ppc
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 14 13:00:34 CET 2000 - ro@suse.de
|
|
|
|
- groups sorted
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 14 12:09:19 MET 2000 - ak@suse.de
|
|
|
|
- add some protocols to make it build on 6.1 again
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 13 18:19:49 MET 2000 - ak@suse.de
|
|
|
|
- add membar fix for sparc
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Nov 11 20:10:43 MET 2000 - ak@suse.de
|
|
|
|
- fix some buffer overflows.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 18 17:46:34 CEST 2000 - schwab@suse.de
|
|
|
|
- Fix missing declaration.
|
|
- Fix broken includes.
|
|
- Get rid of Makefile.Linux and clean up spec file.
|
|
- Update config.{sub,guess}.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 11 13:41:14 CEST 2000 - ak@suse.de
|
|
|
|
- add security fix for endless dns looping. From Guy Harris.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 2 12:38:44 CET 2000 - ak@suse.de
|
|
|
|
- move man pages to /usr/share/man
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 22 14:24:46 CET 1999 - ak@suse.de
|
|
|
|
- fix promiscuous mode bug
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 3 21:45:44 CET 1999 - bk@suse.de
|
|
|
|
- disabled NO_SMP_DEBUG changes by ank(did not compile on sparc)
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Nov 6 16:22:35 CET 1999 - bk@suse.de
|
|
|
|
- Integrated changes from ak:
|
|
strip tcpdump and a fix a -p crash bug (pcap-maddr-fix)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 27 04:52:43 CEST 1999 - bk@suse.de
|
|
|
|
- Andi Kleen added patches from Alexey Kuznetsov. Features e.g.:
|
|
- device independent libpcap, Kernel support for new link-layers, e.g. ISDN
|
|
(libpcap uses PF_PACKET,SOCK_DGRAM instead of PF_INET,SOCK_PACKET)
|
|
- IPv6 and APM support, SMB updates
|
|
- libpcap support for "In Kernel Packet Filtering" (CONFIG_FILTER)
|
|
- made a libpcapn subpackage which holds the new libpcap for developers.
|
|
- Added fix to reestablish old output format of tcpdump from Andi Kleen.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
|
|
|
|
- ran old prepare_spec on spec file to switch to new prepare_spec.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 29 10:03:04 MEST 1998 - ro@suse.de
|
|
|
|
- print_i4l : include net/ethernet.h instead of netinet/if_ether.h for glibc
|
|
|
|
----------------------------------------------------------------------------
|
|
Mon Mar 2 16:58:50 MET 1998 - florian@suse.de
|
|
|
|
- update to version 3.4a6
|
|
|
|
----------------------------------------------------------------------------
|
|
Mon Jul 7 13:17:08 CEST 1997 - florian@suse.de
|
|
|
|
- update to version 3.4a5
|
|
|
|
- added isdn-patches
|
|
|
|
|
|
----------------------------------------------------------------------------
|
|
Mon Jul 7 13:17:08 CEST 1997 - florian@suse.de
|
|
|
|
|
|
- update to version 3.4a3
|
|
|
|
|
|
----------------------------------------------------------------------------
|
|
Sun Apr 13 23:04:29 MEST 1997 - florian@suse.de
|
|
|
|
|
|
- update to new version 3.3.1a2 with automatic detection of packet types
|
|
|
|
|
|
----------------------------------------------------------------------------
|
|
Sun Nov 10 22:17:10 CET 1996 - florian@suse.de
|
|
|
|
|
|
- added the changes distributed with samba
|
|
|
|
- added isdn patches
|
|
|
|
|