2012-04-15 14:03:50 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Apr 14 12:37:37 UTC 2012 - reddwarf@opensuse.org
|
|
|
|
|
|
|
|
- Update to version 1.6.7:
|
|
|
|
+ Bugs fixed:
|
|
|
|
- Malformed Packets H263-1996 (RFC2190). (Bug 6996)
|
|
|
|
- Wireshark could crash while trying to open an rpcap: URL.
|
|
|
|
(Bug 6922)
|
|
|
|
+ Updated H.263 Protocol Support
|
|
|
|
|
2012-04-01 15:51:52 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Apr 1 11:58:31 UTC 2012 - zaitor@opensuse.org
|
|
|
|
|
|
|
|
- Update to version 1.6.6:
|
|
|
|
+ wnpa-sec-2012-04: The ANSI A dissector could dereference a NULL
|
|
|
|
pointer and crash. (Bug 6823)
|
|
|
|
+ wnpa-sec-2012-05: The IEEE 802.11 dissector could go into an
|
|
|
|
infinite loop. (Bug 6809)
|
|
|
|
+ wnpa-sec-2012-06: The pcap and pcap-ng file parsers could crash
|
|
|
|
trying to read ERF data. (Bug 6804)
|
|
|
|
+ wnpa-sec-2012-07: The MP2T dissector could try to allocate too
|
|
|
|
much memory and crash. (Bug 6804)
|
|
|
|
+ The Windows installers now include GnuTLS 1.12.18, which fixes
|
|
|
|
several vulnerabilities.
|
|
|
|
+ Bugs fixed:
|
|
|
|
- ISO SSAP: ActivityStart: Invalid decoding the activity
|
|
|
|
parameter as a BER Integer. (Bug 2873)
|
|
|
|
- Forward slashes in URI need to be converted to backslashes if
|
|
|
|
WIN32. (Bug 5237)
|
|
|
|
- Character echo pauses in Capture Filter field in Capture
|
|
|
|
Options. (Bug 5356)
|
|
|
|
- Some PGM options are not parsed correctly. (Bug 5687)
|
|
|
|
- dumpcap crashes when capturing from pipe to a pcap-ng file
|
|
|
|
(e.g., when passing data from CACE Pilot to Wireshark). (Bug
|
|
|
|
5939)
|
|
|
|
- Unable to rearrange columns in preferences on Windows. (Bug
|
|
|
|
6077) (Note: this bug still affects the 64-bit package)
|
|
|
|
- No error for UDP/IPv6 packet with zero checksum. (Bug 6232)
|
|
|
|
- Wireshark installer doesn't add access_bpf in 10.5.8. (Bug
|
|
|
|
6526)
|
|
|
|
- Corrupted Diameter dictionary file that crashes Wireshark.
|
|
|
|
(Bug 6664)
|
|
|
|
- packetBB dissector bug: More than 1000000 items in the tree
|
|
|
|
possible infinite loop. (Bug 6687)
|
|
|
|
- ZEP dissector: Timestamp not always displayed correctly.
|
|
|
|
Fractional seconds never displayed. (Bug 6703)
|
|
|
|
- GOOSE Messages don't use the length field to perform the
|
|
|
|
dissection. (Bug 6734)
|
|
|
|
- Ethernet traces in K12 text format sometimes give bogus
|
|
|
|
"malformed frame" errors and other problems. (Bug 6735)
|
|
|
|
- max_ul_ext isn't printed/decoded to the packet details log in
|
|
|
|
GTP protocol packet. (Bug 6761)
|
|
|
|
- non-IPP packets to or from port 631 are dissected as IPP.
|
|
|
|
(Bug 6765)
|
|
|
|
- lua proto registration fails for uppercase proto /
|
|
|
|
g_ascii_strdown problem. (Bug 6766)
|
|
|
|
- no menu item Fle->Export->SSL Session Keys in GTK. (Bug 6813)
|
|
|
|
- IAX2 dissector reads past end of packet for unknown IEs. (Bug
|
|
|
|
6815)
|
|
|
|
- TShark 1.6.5 immediately crashes on SSL decryption (every
|
|
|
|
time). (Bug 6817)
|
|
|
|
- USB: unknown GET DESCRIPTOR response triggers assert failure.
|
|
|
|
(Bug 6826)
|
|
|
|
- IEEE1588 PTPv2 over IPv6. (Bug 6836)
|
|
|
|
- Patch to fix DTLS decryption. (Bug 6847)
|
|
|
|
- Expression... dialog crash. (Bug 6891)
|
|
|
|
- display filter "gtp.msisdn" not working. (Bug 6947)
|
|
|
|
- Multiprotocol Label Switching Echo - Return Code: Reserved(5)
|
|
|
|
(Bug 6951)
|
|
|
|
- ISAKMP : VendorID CheckPoint : Malformed Packet. (Bug 6972)
|
|
|
|
- Adding a Custom HTTP Header Field with a trailing colon
|
|
|
|
causes wireshark to immediately crash (and crash upon
|
|
|
|
restart). (Bug 6982)
|
|
|
|
- Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
|
|
|
|
(Bug 7000)
|
|
|
|
- MySQL dissector assertion. (Ask 8649)
|
|
|
|
- Radiotap header format data rate alignment issues. (Ask 8649)
|
|
|
|
|
2012-03-02 17:21:49 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 1 15:29:52 UTC 2012 - asn@cryptomilk.org
|
|
|
|
|
|
|
|
- Add known bit for Netlogon ServerAutheticate2 flags.
|
|
|
|
|
2012-01-19 13:34:09 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jan 17 06:13:35 UTC 2012 - cyliu@suse.com
|
|
|
|
|
|
|
|
- update to 1.6.5
|
|
|
|
- Security fixes:
|
|
|
|
- wnpa-sec-2012-01 Laurent Butti discovered that Wireshark failed to
|
|
|
|
properly check record sizes for many packet capture file formats.
|
|
|
|
(Bug 6663, bug 6666, bug 6667, bug 6668, bug 6669, bug 6670)
|
|
|
|
- wnpa-sec-2012-02 Wireshark could dereference a NULL pointer and
|
|
|
|
crash. (Bug 6634)
|
|
|
|
- wnpa-sec-2012-03 The RLC dissector could overflow a buffer. (Bug 6391)
|
|
|
|
- Bug fixes:
|
|
|
|
- "Closing File!" Dialog Hangs. (Bug 3046)
|
|
|
|
- Sub-fields of data field should appear in exported PDML as children
|
|
|
|
of the data field instead of as siblings to it. (Bug 3809)
|
|
|
|
- Incorrect time differences displayed with time reference set. (Bug 5580)
|
|
|
|
- Wrong packet type association of SNMP trap after TFTP transfer. (Bug 5727)
|
|
|
|
- SSL/TLS decryption needs wireshark to be rebooted. (Bug 6032)
|
|
|
|
- Export HTTP Objects -> save all crashes Wireshark. (Bug 6250)
|
|
|
|
- Wireshark Netflow dissector complains there is no template found though
|
|
|
|
the template is exported. (Bug 6325)
|
|
|
|
- DCERPC EPM tower UUID must be interpreted always as little endian.
|
|
|
|
(Bug 6368)
|
|
|
|
- Crash if no recent files. (Bug 6549)
|
|
|
|
- IPv6 frame containing routing header with 0 segments left calculates wrong
|
|
|
|
UDP checksum. (Bug 6560)
|
|
|
|
- IPv4 UDP/TCP Checksum incorrect if routing header present. (Bug 6561)
|
|
|
|
- Incorrect Parsing of SCPS Capabilities Option introduced in response
|
|
|
|
to bug 6194. (Bug 6562)
|
|
|
|
- Various crashes after loading NetMon2.x capture file. (Bug 6578)
|
|
|
|
- Fixed compilation of dumpcap on some systems (when MUST_DO_SELECT is
|
|
|
|
defined). (Bug 6614)
|
|
|
|
- SIGSEGV in SVN 40046. (Bug 6634)
|
|
|
|
- Wireshark dissects TCP option 25 as an "April 1" option. (Bug 6643)
|
|
|
|
- ZigBee ZCL Dissector reports invalid status. (Bug 6649)
|
|
|
|
- ICMPv6 DNSSL option malformed on padding. (Bug 6660)
|
|
|
|
- Wrong tvb_get_bits function call in packet-csn1.c. (Bug 6708)
|
|
|
|
- [UDP] - Length Field of Pseudo Header while computing CheckSum is not
|
|
|
|
correct. (Bug 6711)
|
|
|
|
- pcapio.c: bug in libpcap_write_interface_description_block. (Bug 6719)
|
|
|
|
- Memory leaks in various dissectors.
|
|
|
|
- Bytes highlighted in wrong Byte pane when field selected in Details pane.
|
|
|
|
- Updated Protocol Support
|
|
|
|
- BGP, BMC CSN1, DCERPC EPM, DCP(ETSI) DMP DTLS GSM Management,
|
|
|
|
H245 HPTEAM, ICMPv6, IEEE 802.15.4 IPSEC IPv4, IPv6,
|
|
|
|
ISAKMP KERBEROS LDSS NFS RLC, RPC-NETLOGON RRC RTMPT SIGCOMP
|
|
|
|
SSL SYSLOG TCP, UDP, XML ZigBee ZCL
|
|
|
|
- New and Updated Capture File Support
|
|
|
|
- Accellent 5Views, AIX iptrace, HP-UX nettl, I4B, Microsoft Network
|
|
|
|
Monitor, Novell LANalyzer, PacketLogger, Pcap-ng, Sniffer, Tektronix
|
|
|
|
K12, WildPackets {Airo,Ether}Peek.
|
|
|
|
|
|
|
|
- update to 1.6.4
|
|
|
|
- Bug fixes:
|
|
|
|
- Patch to fix memory leaks/errors in Lua plugin. (Bug 5575)
|
|
|
|
- Wireshark crashes if a field of type BASE_CUSTOM is applied as a
|
|
|
|
column. (Bug 6503)
|
|
|
|
- Filter Expression dialog can only be opened once. (Bug 6537)
|
|
|
|
- Wireshark crashes if compiled without GLib thread support. (Bug 6540)
|
|
|
|
- 80211 QoS Control: Add Raw TID. (Bug 6548)
|
|
|
|
- SNMP length check error. (Bug 6564)
|
|
|
|
- UCP dissector bug of operation 61. (Bug 6570)
|
|
|
|
|
|
|
|
- fix bnc#741187, #741188, #741190
|
|
|
|
|
2011-10-11 17:51:00 +02:00
|
|
|
-------------------------------------------------------------------
|
2011-11-04 23:54:00 +01:00
|
|
|
Wed Nov 2 15:07:21 UTC 2011 - tabraham@novell.com
|
|
|
|
|
|
|
|
- update to 1.6.3
|
|
|
|
- Security fixes:
|
|
|
|
- wnpa-sec-2011-17 The CSN.1 dissector could crash. (Bug 6351)
|
|
|
|
- Bug fixes:
|
|
|
|
- Wireshark window takes very long time to show up if invalid
|
|
|
|
network file path is at recent file list (Bug 3810)
|
|
|
|
- ISUP party number dissection. (Bug 5221)
|
|
|
|
- Ethernet packets with both VLAN tag and LLC header no longer
|
|
|
|
displayed correctly. (Bug 5645)
|
|
|
|
- SLL encapsuled 802.1Q VLAN is not dissected. (Bug 5680)
|
|
|
|
- Dissection fails for frames with Gigamon Header and VLAN. (Bug 6305)
|
|
|
|
- RTP Stream Analysis does not work for TURN-encapsulated RTP. (Bug 6322)
|
|
|
|
- packet-csn1.c doesn't process CSN_CHOICE entries properly. (Bug 6328)
|
|
|
|
- GUI crash on invalid IEEE 802.11 GAS frame. (Bug 6345)
|
|
|
|
- ICMPv6 router advertisement Prefix Information Flag R "Router
|
|
|
|
Address" missing. (Bug 6350)
|
|
|
|
- Inner tag of 802.1ad frames not parsed properly. (Bug 6366)
|
|
|
|
- Added cursor type decoding to MySQL dissector. (Bug 6396)
|
|
|
|
- WPA IE pairwise cipher suite dissector uses incorrect value_string
|
|
|
|
list. (Bug 6420)
|
|
|
|
- text_import_scanner.l missing. (Bug 6531)
|
|
|
|
- Updated protocol support:
|
|
|
|
- AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11,
|
|
|
|
IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- Endace ERF.
|
|
|
|
|
|
|
|
- update to 1.6.2
|
|
|
|
- Security fixes:
|
|
|
|
- wnpa-sec-2011-12 A large loop in the OpenSafety dissector could
|
|
|
|
cause a crash. (Bug 6138)
|
|
|
|
- wnpa-sec-2011-16 The CSN.1 dissector could crash. (Bug 6139)
|
|
|
|
- Bug fixes:
|
|
|
|
- configure ignores (partially) LDFLAGS. (Bug 5607)
|
|
|
|
- Build fails when it tries to #include <getopt.h>, not present in
|
|
|
|
Solaris 9. (Bug 5608)
|
|
|
|
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
|
|
|
|
- BACnet who-is request device range values are not decoded correctly
|
|
|
|
in the packet details window. (Bug 5769)
|
|
|
|
- Wireshark crashes if sercosiii module isn't installed. (Bug 6006)
|
|
|
|
- Editcap could create invalid pcap files when converting from JPEG.
|
|
|
|
(Bug 6010)
|
|
|
|
- Timestamp is incorrectly decoded for ICMP Timestamp Response packets
|
|
|
|
from MS Windows. (Bug 6114)
|
|
|
|
- Wrong display of CSN_BIT in CSN.1. (Bug 6151)
|
|
|
|
- Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c. (Bug 6166)
|
|
|
|
- Wireshark cannot display Reachable time & Retrans timer in IPv6 RA
|
|
|
|
messages. (Bug 6168)
|
|
|
|
- ReadPropertyMultiple-ACK not correctly dissected. (Bug 6178)
|
|
|
|
- GTPv2 dissectors should treat gtpv2_ccrsi as optional. (Bug 6183)
|
|
|
|
- tshark run with -Tpdml makes a seg fault. (Bug 6245)
|
|
|
|
- TShark/dumpcap skips capture duration flag occasionally. (Bug 6280)
|
|
|
|
- Wireshark improperly parsing 802.11 Beacon Country Information
|
|
|
|
tag. (Bug 6264)
|
|
|
|
- Wrong display of CSN_BIT under CSN_UNION. (Bug 6287)
|
|
|
|
- Updated protocol support:
|
|
|
|
- BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP,
|
|
|
|
ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- CommView, pcap-ng, JPEG.
|
|
|
|
|
|
|
|
- update to 1.6.1
|
|
|
|
- Security fixes:
|
|
|
|
- Bug fixes:
|
|
|
|
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
|
|
|
|
- wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
|
|
|
|
- Missing LUA function. (Bug 5006)
|
|
|
|
- Lua API description about creating a new Tvb from a bytearray is
|
|
|
|
not correct in wireshark's user guide. (Bug 5199)
|
|
|
|
- Character echo pauses in Capture Filter field in Capture Options.
|
|
|
|
(Bug 5356)
|
|
|
|
- White space in protocol field abbreviation causes runtime failure
|
|
|
|
while registering Lua dissector. (Bug 5569)
|
|
|
|
- "File not found" box uses wrong filename encoding. (Bug 5715)
|
|
|
|
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many .
|
|
|
|
(Bug 5803)
|
|
|
|
- Wireshark crashes if Lua contains "Pref.range()" with missing arguments.
|
|
|
|
(Bug 5895)
|
|
|
|
- The "range" field in Lua's "Pref.range()" serves as default while the
|
|
|
|
"default" field does nothing . (Bug 5896)
|
|
|
|
- Wireshark crashes when calling TreeItem:set_len() on TreeItem without
|
|
|
|
tvb. (Bug 5941)
|
|
|
|
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
|
|
|
|
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
|
|
|
|
- Cannot Live-capture VirtualBox network packets with Wireshark; pipe
|
|
|
|
problem. (Bug 6002)
|
|
|
|
- Interface list in Capture Options isn't cleared when selecting other
|
|
|
|
host. (Bug 6008)
|
|
|
|
- H323 rate multiplier wrong. (Bug 6009)
|
|
|
|
- Inclusion of config.h is too late in lex-files resulting in wrong
|
|
|
|
definition of _FILE_OFFSET_BITS. (Bug 6012)
|
|
|
|
- tshark crashes when loading Lua script that contains GUI function.
|
|
|
|
(Bug 6018)
|
|
|
|
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
|
|
|
|
decoded/described. (Bug 6022)
|
|
|
|
- Wireshark crashes when setting custom column's field name with
|
|
|
|
conditional. (Bug 6028)
|
|
|
|
- Crash after applying "expert.severity" field as column. (Bug 6035)
|
|
|
|
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
|
|
|
|
- The SSL dissector can not resemble correctly the frames after TCP
|
|
|
|
zero window probe packet. (Bug 6059)
|
|
|
|
- Packet parser takes too long for this trace. (Bug 6073)
|
|
|
|
- Wireshark crashes after repeating "File -> Import -> Cancel". (Bug 6080)
|
|
|
|
- Decoding of MQ ASCII and EBCDIC Traffic Flow - ASCII shows fine,
|
|
|
|
EBCDIC does not. (Bug 6084)
|
|
|
|
- 802.11 Association Response Packet's "Status Code" field is imprecisely
|
|
|
|
decoded/described. (Bug 6093)
|
|
|
|
- Abis interface not correctly handled in gsmtap dissector. (Bug 6097)
|
|
|
|
- Wrong decoding of RLC/MAC EGPRS Packet Downlink Ack/Nack (3GPP TS
|
|
|
|
44.060). (Bug 6098)
|
|
|
|
- CSN Ack/Nack Description wrongly handled in gsm_rlcmac_dl dissector
|
|
|
|
(3GPP TS 44.060). (Bug 6101)
|
|
|
|
- wireshark 1.6.0 and python support: installer fails to create the
|
|
|
|
wspy_dissectors subdirectory and . (Bug 6110)
|
|
|
|
- Wireshark crash during RTP stream analysis. (Bug 6120)
|
|
|
|
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- Network Monitor.
|
|
|
|
|
|
|
|
- update to 1.6.0
|
|
|
|
- Security fixes:
|
|
|
|
- Bug fixes:
|
|
|
|
- Wireshark is unresponsive when capturing from named pipes on Windows.
|
|
|
|
(Bug 1759)
|
|
|
|
- Crash when sorting column while capturing. (Bug 4273)
|
|
|
|
- Ring buffers are no longer turned on by default when using multiple
|
|
|
|
capture files.
|
|
|
|
- New and updated features:
|
|
|
|
- Large file (greater than 2 GB) support has been improved.
|
|
|
|
- Wireshark and TShark can import text dumps, similar to text2pcap
|
|
|
|
- You can now view Wireshark's dissector tables (for example the TCP
|
|
|
|
port to dissector mappings) from the main window.
|
|
|
|
- Wireshark can export SSL session keys via File->Export->SSL Session
|
|
|
|
Keys...
|
|
|
|
- You can hide columns in the packet list.
|
|
|
|
- Wireshark can now export SMB objects.
|
|
|
|
- dftest and randpkt now have manual pages.
|
|
|
|
- TShark can now display iSCSI, ICMP and ICMPv6 service response times.
|
|
|
|
- Dumpcap can now save files with a user-specified group id.
|
|
|
|
- Syntax checking is done for capture filters.
|
|
|
|
- You can display the compiled BPF code for capture filters in the
|
|
|
|
Capture Options dialog.
|
|
|
|
- You can now navigate backwards and forwards through TCP and UDP
|
|
|
|
sessions using Ctrl+, and Ctrl+. .
|
|
|
|
- Packet length is (finally) a default column.
|
|
|
|
- TCP window size is now avaiable both scaled and unscaled. A TCP window
|
|
|
|
scaling graph is available in the GUI.
|
|
|
|
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree
|
|
|
|
instead of a separate tree
|
|
|
|
- Various dissectors now display some UTF-16 strings as proper Unicode
|
|
|
|
including the DCE/RPC and SMB dissectors.
|
|
|
|
- The RTP player now has an option to show the time of day in the graph
|
|
|
|
in addition to the seconds since beginning of capture.
|
|
|
|
- The RTP player now shows why media interruptions occur.
|
|
|
|
- Graphs now save as PNG images by default.
|
|
|
|
- TShark can read and write host name information from and to pcapng
|
|
|
|
formatted files. Wireshark can read it. TShark can dump host name
|
|
|
|
information via [-z hosts]
|
|
|
|
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of
|
|
|
|
[-z <proto>,rtt] for all protocols that support service response
|
|
|
|
time statistics. This matches Wireshark's syntax for this option.
|
|
|
|
- Wireshark and TShark can now read compressed Windows Sniffer files.
|
|
|
|
- New protocol support:
|
|
|
|
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol,
|
|
|
|
Broadcast/Multicast Control, Constrained Application Protocol (COAP),
|
|
|
|
Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre
|
|
|
|
Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband
|
|
|
|
Socket Direct Protocol (SDP), JSON, LISP Control, LISP Data, LISP,
|
|
|
|
MikroTik MAC-Telnet, MRP Multiple Mac Registration Protocol (MMRP) Mongo
|
|
|
|
Wire Protocol, MUX27010, Network Monitor 802.11 radio header, OPC UA
|
|
|
|
ExtensionObjects, openSAFETY, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD
|
|
|
|
Framing, RObust Header Compression (ROHC), RSIP, SAMETIME, SCoP, SGSAP,
|
|
|
|
Tektronix Teklink, USB/AT Commands, uTorrent Transport Protocol, WAI
|
|
|
|
authentication, Wi-Fi P2P (Wi-Fi Direct)
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
|
|
|
|
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
|
|
|
|
Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments,
|
|
|
|
TamoSoft CommView
|
|
|
|
|
|
|
|
- update to 1.5.1
|
|
|
|
- Security fixes:
|
|
|
|
- Bug fixes:
|
|
|
|
- Wireshark is unresponsive when capturing from named pipes on Windows.
|
|
|
|
(Bug 1759)
|
|
|
|
- Ring buffers are no longer turned on by default when using multiple
|
|
|
|
capture files.
|
|
|
|
- New and updated features:
|
|
|
|
- Wireshark and TShark can import text dumps, similar to text2pcap
|
|
|
|
- You can now view Wireshark's dissector tables (for example the TCP
|
|
|
|
port to dissector mappings) from the main window.
|
|
|
|
- TShark can show a specific occurrence of a field when using '-T fields'.
|
|
|
|
- Custom columns can show a specific occurrence of a field.
|
|
|
|
- You can hide columns in the packet list.
|
|
|
|
- Wireshark can now export SMB objects.
|
|
|
|
- dftest and randpkt now have manual pages.
|
|
|
|
- TShark can now display iSCSI service response times.
|
|
|
|
- Dumpcap can now save files with a user-specified group id.
|
|
|
|
- Syntax checking is done for capture filters
|
|
|
|
- You can display the compiled BPF code for capture filters in the
|
|
|
|
Capture Options dialog.
|
|
|
|
- You can now navigate backwards and forwards through TCP and UDP
|
|
|
|
sessions using Ctrl+, and Ctrl+. .
|
|
|
|
- Packet length is (finally) a default column.
|
|
|
|
- TCP window size is now avaiable both scaled and unscaled. A TCP window
|
|
|
|
scaling graph is available in the GUI.
|
|
|
|
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree
|
|
|
|
- Various dissectors now display some UTF-16 strings as proper Unicode
|
|
|
|
including the DCE/RPC and SMB dissectors
|
|
|
|
- The RTP player now has an option to show the time of day in the graph
|
|
|
|
in addition to the seconds since beginning of capture.
|
|
|
|
- The RTP player now shows why media interruptions occur.
|
|
|
|
- Graphs now save as PNG images by default
|
|
|
|
- TShark can read and write host name information from and to pcapng
|
|
|
|
formatted files. Wireshark can read it. TShark can dump host name
|
|
|
|
information via [-z hosts]
|
|
|
|
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of
|
|
|
|
[-z <proto>,rtt] for all protocols that support service response
|
|
|
|
time statistics. This matches Wireshark's syntax for this option.
|
|
|
|
- New protocol support:
|
|
|
|
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol,
|
|
|
|
Constrained Application Protocol (COAP), Digium TDMoE, Erlang
|
|
|
|
Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over
|
|
|
|
InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket
|
|
|
|
Direct Protocol (SDP), JSON, LISP Data, MikroTik MAC-Telnet, Mongo Wire
|
|
|
|
Protocol, Network Monitor 802.11 radio header, OPC UA ExtensionObjects,
|
|
|
|
PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RSIP, SAMETIME, SCoP, SGSAP,
|
|
|
|
Tektronix Teklink, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
|
|
|
|
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
|
|
|
|
Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments,
|
|
|
|
TamoSoft CommView
|
|
|
|
|
|
|
|
- update to 1.4.10
|
|
|
|
- Security fixes:
|
|
|
|
- wnpa-sec-2011-18 Huzaifa Sidhpurwala of Red Hat Security
|
|
|
|
Response Team discovered that the Infiniband dissector could
|
|
|
|
dereference a NULL pointer. (Bug 6476)
|
|
|
|
- wnpa-sec-2011-19 Huzaifa Sidhpurwala of Red Hat Security
|
|
|
|
Response Team discovered a buffer overflow in the ERF file
|
|
|
|
reader. (Bug 6479)
|
|
|
|
- Bug fixes:
|
|
|
|
- Assertion failed when doing File->Quit->Save during live
|
|
|
|
capture. (Bug 1710)
|
|
|
|
- Wrong PCEP XRO sub-object decoding. (Bug 3778)
|
|
|
|
- Decoding [Status Records] Timestamp Sequence Field in Bundle
|
|
|
|
Protocol fails if over 32 bits. (Bug 4109)
|
|
|
|
- wireshark-1.4.2 crashes when testing the example python
|
|
|
|
dissector because of a dissector count assertion. (Bug 5431)
|
|
|
|
- Wireshark crashes when attempting to open a file via drag & drop
|
|
|
|
when there's already a file open. (Bug 5987)
|
|
|
|
- Add the ability to save filters from the Filter Toolbar into buttons
|
|
|
|
on the Filter Toolbar. (Bug 6207)
|
|
|
|
- Adding and removing custom HTTP headers requires a restart. (Bug 6241)
|
|
|
|
- Can't read full 64-bit SNMP values. (Bug 6295)
|
|
|
|
- BACnet property time-synchronization-interval (204) name shown
|
|
|
|
incorrectly as time-synchronization-recipients. (Bug 6336)
|
|
|
|
- [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347)
|
|
|
|
- Export->Object->HTTP-> save all: Error on saving files. (Bug 6362)
|
|
|
|
- Incorrect identification of UDP-encapsulated NAT-keepalive
|
|
|
|
packets. (Bug 6414)
|
|
|
|
- S1AP protocol can't decode IPv6 transportLayerAddress. (Bug 6435)
|
|
|
|
- RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
|
|
|
|
(Bug 6449)
|
|
|
|
- packet-ajp13 fix, cleanup, and enhancement. (Bug 6452)
|
|
|
|
- Network Instruments Observer file format bugs. (Bug 6453)
|
|
|
|
- Wireshark crashes when using "Open Recent" 2 times in a row. (Bug 6457)
|
|
|
|
- Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data
|
|
|
|
Header. (Bug 6469)
|
|
|
|
- wireshark unable to decode NetFlow options which have system scope
|
|
|
|
size != 4 bytes. (Bug 6471)
|
|
|
|
- Display filter Expression Dialog Box Error. (Bug 6472)
|
|
|
|
- Updated protocol support:
|
|
|
|
- AJP13, ASN.1 PER, BACapp, DTN, GSM SMS, Infiniband, IPsec, NetFlow,
|
|
|
|
PCEP, RTPS2
|
|
|
|
|
|
|
|
- update to 1.4.9
|
|
|
|
- Security fixes:
|
|
|
|
- wnpa-sec-2011-13 A malformed IKE packet could consume excessive
|
|
|
|
resources.
|
|
|
|
- wnpa-sec-2011-14 A malformed capture file could result in an invalid
|
|
|
|
root tvbuff and cause a crash. (Bug 6135) CVE-2011-3266
|
|
|
|
- wnpa-sec-2011-15 Wireshark could run arbitrary Lua scripts. (Bug 6136)
|
|
|
|
- Bug fixes:
|
|
|
|
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
|
|
|
|
- H.323 RAS packets missing from packet counts in "Telephony->VoIP
|
|
|
|
Calls" and the "Flow Graph" for the call. (Bug 5848)
|
|
|
|
- Malformed Packet in decode for BGP-AD update. (Bug 6122)
|
|
|
|
- BGP : AS_PATH attribute was decode wrong. (Bug 6188)
|
|
|
|
- Fixes for SCPS TCP option. (Bug 6194)
|
|
|
|
- Offset calculated incorrectly for sFlow extended data. (Bug 6219)
|
|
|
|
- [Enter] key behavior varies when manually typing display filters.
|
|
|
|
(Bug 6228)
|
|
|
|
- Contents of pcapng EnhancedPacketBlocks with comments aren't
|
|
|
|
displayed. (Bug 6229)
|
|
|
|
- Misdecoding 3G Neighbour Cell Information Element in SI2quater
|
|
|
|
message due to a coding typo. (Bug 6237)
|
|
|
|
- Mis-spelled word "unknown" in assorted files. (Bug 6244)
|
|
|
|
- btl2cap extended window shows wrong bit. (Bug 6257)
|
|
|
|
- NDMP dissector incorrectly represents "ndmp.bytes_left_to_read"
|
|
|
|
as signed. (Bug 6262)
|
|
|
|
- ERF records with extension headers not written out correctly to
|
|
|
|
pcap or pcap-ng files. (Bug 6265)
|
|
|
|
- RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276)
|
|
|
|
- Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
|
|
|
|
- File types with no snaplen written out with a zero snaplen in pcap-ng
|
|
|
|
files. (Bug 6289)
|
|
|
|
- MEGACO context tracking fix - context id reuse. (Bug 6311)
|
|
|
|
- Updated protocol support:
|
|
|
|
- BGP, Bluetooth L2CAP, GSM A RR, H.225, IKE, MEGACO, NDMP, RTPS2, SCPS,
|
|
|
|
sFlow, SNMP
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- CommView, pcap-ng.
|
|
|
|
|
|
|
|
- update to 1.4.8
|
|
|
|
- Security fixes:
|
|
|
|
- CVE-2011-2597 The Lucent/Ascend file parser was susceptible to an
|
|
|
|
infinite loop.
|
|
|
|
- The ANSI MAP dissector was susceptible to an infinite loop. (Bug 6044)
|
|
|
|
- Bug fixes:
|
|
|
|
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
|
|
|
|
- Wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
|
|
|
|
- Missing LUA function. (Bug 5006)
|
|
|
|
- Lua API description about creating a new Tvb from a bytearray is not
|
|
|
|
correct in wireshark's user guide. (Bug 5199)
|
|
|
|
- sflow decode error for some extended formats. (Bug 5379)
|
|
|
|
- White space in protocol field abbreviation causes runtime failure
|
|
|
|
while registering Lua dissector. (Bug 5569)
|
|
|
|
- "File not found" box uses wrong filename encoding. (Bug 5715)
|
|
|
|
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many.
|
|
|
|
(Bug 5803)
|
|
|
|
- Wireshark crashes if Lua contains "Pref.range()" with missing
|
|
|
|
arguments. (Bug 5895)
|
|
|
|
- The "range" field in Lua's "Pref.range()" serves as default while
|
|
|
|
the "default" field does nothing. (Bug 5896)
|
|
|
|
- Wireshark crashes when calling TreeItem:set_len() on TreeItem
|
|
|
|
without tvb. (Bug 5941)
|
|
|
|
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
|
|
|
|
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
|
|
|
|
- H323 rate multiplier wrong. (Bug 6009)
|
|
|
|
- tshark crashes when loading Lua script that contains GUI function.
|
|
|
|
(Bug 6018)
|
|
|
|
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
|
|
|
|
decoded/described. (Bug 6022)
|
|
|
|
- Wireshark crashes when setting custom column's field name with
|
|
|
|
conditional. (Bug 6028)
|
|
|
|
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
|
|
|
|
- The SSL dissector can not resemble correctly the frames after TCP
|
|
|
|
zero window probe packet. (Bug 6059)
|
|
|
|
- Packet parser takes too long for this trace. (Bug 6073)
|
|
|
|
- 802.11 Association Response Packet's "Status Code" field is
|
|
|
|
imprecisely decoded/described. (Bug 6093)
|
|
|
|
- Wireshark 1.6.0 and Python support: installer fails to create the
|
|
|
|
wspy_dissectors subdirectory and . (Bug 6110)
|
|
|
|
- Wireshark crash during RTP stream analysis. (Bug 6120)
|
|
|
|
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
|
|
|
|
- Updated protocol support:
|
|
|
|
- ANSI MAP, GIOP, H.323, IEEE 802.11, MSRP, RPCAP, sFlow, TCP
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- Lucent/Ascend
|
|
|
|
|
|
|
|
- update to 1.4.7
|
|
|
|
- Security fixes:
|
|
|
|
- Large/infinite loop in the DICOM dissector. (Bug 5876)
|
|
|
|
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
|
|
|
|
that a corrupted Diameter dictionary file could crash Wireshark.
|
|
|
|
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
|
|
|
|
that a corrupted snoop file could crash Wireshark. (Bug 5912)
|
|
|
|
- David Maciejak of Fortinet's FortiGuard Labs discovered that malformed
|
|
|
|
compressed capture data could crash Wireshark. (Bug 5908)
|
|
|
|
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
|
|
|
|
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
|
|
|
|
- Bug fixes:
|
|
|
|
- AIM dissector has some endian issues. (Bug 5464)
|
|
|
|
- Telephony->MTP3->MSUS doesn't display window. (Bug 5605)
|
|
|
|
- Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7")
|
|
|
|
packets. (Bug 5817)
|
|
|
|
- Service Indicator in M3UA protocol data. (Bug 5834)
|
|
|
|
- IEC60870-5-104 protocol, incorrect decoding of timestamp type
|
|
|
|
CP56Time2a. (Bug 5889)
|
|
|
|
- DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF
|
|
|
|
_FDCTR_16NF. (Bug 5920)
|
|
|
|
- 3GPP QoS: Traffic class is not decoded properly. (Bug 5928)
|
|
|
|
- Wireshark crashes when creating ProtoField.framenum in Lua. (Bug 5930)
|
|
|
|
- Fix a wrong mask to extract FMID from DECT packets dissector. (Bug 5947)
|
|
|
|
- Incorrect DHCPv6 remote identifier option parsing. (Bug 5962)
|
|
|
|
- Updated protocol support:
|
|
|
|
- DICOM, IEC104, M3UA, TCP
|
|
|
|
- New and Updated capture file suppport:
|
|
|
|
- Network Monitor
|
|
|
|
|
|
|
|
- Drop patches (fixed upstream):
|
|
|
|
+ wireshark-1.6.2-CVE-2011-3483.patch
|
|
|
|
+ wireshark-1.6.2-CVE-2011-3360.patch
|
|
|
|
+ wireshark-1.6.2-CVE-2011-3266.patch
|
|
|
|
+ wireshark-1.4.8-CVE-2011-2698.patch
|
|
|
|
+ wireshark-1.4.8-CVE-2011-2597.patch
|
|
|
|
+ wireshark-1.2.17-CVE-2011-2175.patch
|
|
|
|
+ wireshark-1.2.17-CVE-2011-2174.patch
|
|
|
|
+ wireshark-1.2.17-CVE-2011-1959.patch
|
|
|
|
+ wireshark-1.2.17-CVE-2011-1958.patch
|
|
|
|
+ wireshark-1.2.17-CVE-2011-1957.patch
|
|
|
|
+ wireshark-nfsv4-opts.patch
|
|
|
|
|
|
|
|
- changed spec to resolve rpmlint warning regarding devel package in
|
|
|
|
non-devel group
|
|
|
|
- changed spec to resolve rpmlint warnings regarding macro-in-comment
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2011-10-11 17:51:00 +02:00
|
|
|
Mon Sep 26 14:07:31 CST 2011 - cyliu@novell.com
|
|
|
|
|
|
|
|
- security fixes (#bnc 718032)
|
|
|
|
* CVE-2011-3266: Wireshark IKE dissector vulnerability
|
|
|
|
* CVE-2011-3360: Wireshark Lua script execution vulnerability
|
|
|
|
* CVE-2011-3483: Wireshark buffer exception handling vulnerability
|
|
|
|
|
2011-08-18 11:12:15 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 10 06:25:28 UTC 2011 - cyliu@novell.com
|
|
|
|
|
|
|
|
- security fixes (#bnc 706728)
|
|
|
|
* CVE-2011-2597: Lucent/Ascend file parser susceptible to infinite loop
|
|
|
|
* CVE-2011-2698: ANSI MAP dissector susceptible to infinite loop
|
|
|
|
|
2011-07-20 05:05:04 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 18 07:43:08 UTC 2011 - cyliu@novell.com
|
|
|
|
|
|
|
|
- security fixes [#bnc 697516]
|
|
|
|
* CVE-2011-1957: Large/infinite loop in the DICOM dissector
|
|
|
|
* CVE-2011-1959: A corrupted snoop file could crash Wireshark
|
|
|
|
* CVE-2011-2174: Malformed compressed capture data could crash Wireshark
|
|
|
|
* CVE-2011-2175: A corrupted Visual Networks file could crash Wireshark
|
|
|
|
* CVE-2011-1958: dereferene a NULL pointer if we had a corrupted Diameter
|
|
|
|
dictionary
|
|
|
|
|
2011-05-24 17:53:03 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 24 16:40:30 CEST 2011 - dimstar@opensuse.org
|
|
|
|
|
|
|
|
- Update to version 1.4.6:
|
|
|
|
+ Wireshark and TShark can crash while analyzing TCP packets.
|
|
|
|
+ Updated protocol support: TCP
|
|
|
|
- Changes from version 1.4.5:
|
|
|
|
+ Security Fixes:
|
|
|
|
- The NFS dissector could crash on Windows.
|
|
|
|
- The X.509if dissector could crash
|
|
|
|
+ bugs fixed:
|
|
|
|
- Cygwin make fails after updating to bash v 4.1.9.2
|
|
|
|
- Export HTTP > All - System Appears Hung (but isn't).
|
|
|
|
- Some HTTP responses don't decode with TCP reassembly on.
|
|
|
|
- Wireshark crashes when cancelling a large sort operation.
|
|
|
|
- Wireshark crashes if SSL preferences RSA key is actually a
|
|
|
|
DSA key.
|
|
|
|
- tshark incorrectly calculates TCP stream for some syn packets
|
|
|
|
- Wireshark not able to decode the PPP frame in a sflow
|
|
|
|
(RFC3176) flow sample packet because Wireshark incorrectly
|
|
|
|
read the protocol in PPP frame header. (Bug 5746)
|
|
|
|
- Mysql protocol dissector: all fields should be little endian.
|
|
|
|
- Error when opening snoop from Juniper SSG-140.
|
|
|
|
- svnversion: command not found.
|
|
|
|
- Value of TCP segment data cannot be copied.
|
|
|
|
- proto_field_is_referenced() is not exported in
|
|
|
|
libwireshark.dll
|
|
|
|
- Wireshark ver. 1.4.4 not displayed "Granted QoS" field in a
|
|
|
|
A11 packet.
|
|
|
|
+ Updated protocol support:
|
|
|
|
HTTP, LDAP, MySQL, NFS, sFlow, SSL, TCP
|
|
|
|
- Drop patches (fixed upstream):
|
|
|
|
+ wireshark-1.4.4-CVE-2011-1590.patch
|
|
|
|
+ wireshark-1.4.4-CVE-2011-1591.patch
|
|
|
|
+ wireshark-1.4.4-CVE-2011-1592.patch
|
|
|
|
|
2011-05-10 13:13:33 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Apr 26 09:11:54 UTC 2011 - cyliu@novell.com
|
|
|
|
|
|
|
|
- security fixes [#bnc 688109]
|
|
|
|
* CVE-2011-1590: Use of un-initialised variables
|
|
|
|
* CVE-2011-1592: Crash in NFS dissector on Windows
|
|
|
|
* CVE-2011-1591: Buffer overflow in DECT dissector
|
|
|
|
|
2011-04-11 16:44:12 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 8 10:59:35 CST 2011 - cyliu@novell.com
|
|
|
|
|
|
|
|
- updated to 1.4.4
|
|
|
|
* security fixes
|
|
|
|
o The DOCSIS dissector could crash (CVE-2010-1455, bnc#603251)
|
|
|
|
o Crash when receiving a malformed SNMP packet
|
|
|
|
(CVE-2010-3445, bnc#643078)
|
|
|
|
o Multiple buffer overflow and dereference vulnerabilities
|
|
|
|
(bnc#655121)
|
|
|
|
o LDSS dissector overflow (CVE-2010-4300, bnc#655448)
|
|
|
|
o ZCL dissector infinite loop (CVE-2010-4301, bnc#655448)
|
|
|
|
o Buffer overflows in ENTTEC DMX Data RLE and others
|
|
|
|
(CVE-2010-4538, bnc#662029)
|
|
|
|
o Freeing uninitialized pointer (CVE-2011-0538, bnc#669908)
|
|
|
|
o dct3trace buffer overflow (CVE-2011-0713, bnc#672916)
|
|
|
|
o Off-by-one in dissect_6lowpan_iphc (CVE-2011-1138, bnc#678567)
|
|
|
|
o Crash via corrupted pcap file (CVE-2011-1139, bnc#678568)
|
|
|
|
o Crash via SMB or CLDAP packet (CVE-2011-1140, bnc#678569)
|
|
|
|
o Crash in NTLMSSP via crafted pcap file (CVE-2011-1143, bnc#678571)
|
|
|
|
o Wireshark pcap buffer overflow (CVE-2011-0024, bnc#683335)
|
|
|
|
* Updated Protocol Support
|
|
|
|
ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM
|
|
|
|
Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow,
|
|
|
|
NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
|
|
|
|
* New and Updated Capture File Support
|
|
|
|
LANalyzer, Nokia DCT3, Pcap-ng
|
|
|
|
|
2011-02-15 14:04:22 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 15 12:52:45 UTC 2011 - prusnak@opensuse.org
|
|
|
|
|
|
|
|
- updated to 1.4.3
|
|
|
|
- security fixes:
|
|
|
|
o MAC-LTE dissector could overflow a buffer
|
|
|
|
o ENTTEC dissector could overflow a buffer
|
|
|
|
o ASN.1 BER dissector could assert and make Wireshark exit prematurely
|
|
|
|
- bug fixes:
|
|
|
|
o AMQP failed assertion
|
|
|
|
o Reassemble.c leaks memory for GLIB > 2.8
|
|
|
|
o Fuzz testing reports possible dissector bug: TCP
|
|
|
|
o Wrong length calculation in new_octet_aligned_subset_bits()
|
|
|
|
o Function dissect_per_bit_string_display might read more bytes
|
|
|
|
than available
|
|
|
|
o Wireshark crashes with Copy -> Description on date/time fields
|
|
|
|
o DHCPv6 OPTION_CLIENT_FQDN parse error
|
|
|
|
o Information element Error for supported channels
|
|
|
|
o Assert when using ASN.1 dissector with loading a 'type table'
|
|
|
|
o Bug with RWH parsing in Infiniband dissector
|
|
|
|
o Help->About Wireshark mis-reports OS
|
|
|
|
o Delegated-IPv6-Prefix(123) is shown incorrect as
|
|
|
|
X-Ascend-Call-Attempt-Limit(123)
|
|
|
|
o "tshark -r file -T fields" is truncating exported data
|
|
|
|
o gsm_a_dtap: incorrect "Extraneous Data" when decoding Packet
|
|
|
|
Flow Identifier
|
|
|
|
o Improper decode of TLS 1.2 packet containing both
|
|
|
|
CertificateRequest and ServerHelloDone messages
|
|
|
|
o LTE-PDCP UL and DL problem
|
|
|
|
o CIGI 3.2/3.3 support broken
|
|
|
|
o Prepare Filter in RTP Streams dialog does not work correctly.
|
|
|
|
o Wrong decode at ethernet OAM Y.1731 ETH-CC
|
|
|
|
o WPS: RF bands decryption
|
|
|
|
o Incorrect LTP SDNV value handling
|
|
|
|
o LTP bug found by randpkt
|
|
|
|
o Buffer overflow in SNMP EngineID preferences
|
|
|
|
- updated protocol support:
|
|
|
|
AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC,
|
|
|
|
GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T,
|
|
|
|
RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM, WPS
|
|
|
|
- new and updated capture file support:
|
|
|
|
Endace ERF, Microsoft Network Monitor, VMS TCPtrace
|
|
|
|
|
2010-12-08 18:31:25 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Dec 8 16:15:13 UTC 2010 - prusnak@opensuse.org
|
|
|
|
|
|
|
|
- updated to 1.4.2
|
|
|
|
- security fixes:
|
|
|
|
* Nephi Johnson of BreakingPoint discovered that the LDSS
|
|
|
|
dissector could overflow a buffer. (Bug 5318)
|
|
|
|
* The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
|
|
|
|
- bug fixes:
|
|
|
|
* File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
|
|
|
|
* Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off
|
|
|
|
the end of the line" if click on last PDU. (Bug 5285)
|
|
|
|
* GTK-ERROR can occur in packets when there are multiple
|
|
|
|
Netbios/SMB headers in a single frame. (Bug 5289)
|
|
|
|
* "Tshark -G values" crashes on Windows. (Bug 5296)
|
|
|
|
* PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
|
|
|
|
* PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
|
|
|
|
* [lua] Dumper:close() will cause a segfault due later GC of
|
|
|
|
the Dumper. (Bug 5320)
|
|
|
|
* Network Instruments' trace files sometimes cannot be read with
|
|
|
|
an error message of "Observer: bad record: Invalid magic number". (Bug 5330)
|
|
|
|
* IO Graph Time of Day times incorrect for filtered data. (Bug 5340)
|
|
|
|
* Wireshark tools do not detect and read some ERF files correctly. (Bug 5344)
|
|
|
|
* "editcap -h" sends some lines to stderr and others to stdout. (Bug 5353)
|
|
|
|
* IP Timestamp Option: "flag=3" variant (prespecified) not displayed
|
|
|
|
correctly. (Bug 5357)
|
|
|
|
* AgentX PDU Header 'hex field highlighting' incorrectly spans
|
|
|
|
extra bytes. (Bug 5364)
|
|
|
|
* AgentX dissector cannot handle null OID in Open-PDU. (Bug 5368)
|
|
|
|
* Crash with "Gtk-ERROR **: Byte index 6 is off the end of the line". (Bug 5374)
|
|
|
|
* ANCP Portmanagment TLV wrong decoded. (Bug 5388)
|
|
|
|
* Crash during startup because of Python SyntaxError in wspy_libws.py. (Bug 5389)
|
|
|
|
- Updated Protocol Support
|
|
|
|
* AgentX, ANCP, DIAMETER, HTTP, IP, LDSS, MIME, NBNS, PROFINET,
|
|
|
|
SIP, TCP, Telnet, ZigBee
|
|
|
|
- New and Updated Capture File Support
|
|
|
|
* Endace ERF, Network Instruments Observer
|
|
|
|
- fix lua error at startup (enable_lua.patch) [bnc#650434]
|
|
|
|
- apply nfsv4 patch from Fedora (nfsv4-opts.patch)
|
|
|
|
|
2010-11-10 16:42:35 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Nov 10 15:36:51 UTC 2010 - prusnak@opensuse.org
|
|
|
|
|
|
|
|
- updated to 1.4.1
|
|
|
|
* security fixes:
|
|
|
|
o stack overflow in ASN.1 BER dissector
|
|
|
|
* bug fixes:
|
|
|
|
o Incorrect behavior using sorting in the packet list
|
|
|
|
o Cooked-capture dissector should omit the source address field if empty
|
|
|
|
o MySQL dissector doesn't dissect MySQL stream
|
|
|
|
o Wireshark crashes if active display filter macro is renamed
|
|
|
|
o Incorrect dissection of MAP V2 PRN_ACK
|
|
|
|
o TCP bytes_in_flight becomes inflated with lost packets
|
|
|
|
o GTP header is exported in PDML with an incorrect size
|
|
|
|
o Packet list hidden columns will not be parsed correctly from preferences file
|
|
|
|
o Wireshark does not display the t.38 graph
|
|
|
|
o Wireshark don't show mgcp calls in "Telephony → VoIP calls"
|
|
|
|
o Wireshark 1.4.0 & VoIP calls "Prepare Filter" problem
|
|
|
|
o GTPv2: IMSI is decoded improperly
|
|
|
|
o EPS Quality of Service IE decoding is wrong
|
|
|
|
o Wireshark mistakenly writes "not all data available" for IPv4 checksum
|
|
|
|
o GSM: Cell Channel Description, range 1024 format
|
|
|
|
o Wrong SDP interpretation on VoIP call flow chart
|
|
|
|
o The CLDAP attribute value on a CLDAP reply is no longer being decoded
|
|
|
|
o [NAS EPS] Traffic Flow Template IE dissection bugs
|
|
|
|
o [NAS EPS] Use Request Type IE defined in 3GPP 24.008
|
|
|
|
o NTLMSSP_AUTH domain and username truncated to first letter with IE8/Windows7
|
|
|
|
o IPv6 RH0: dest addr is to be used i.s.o. last RH address when 0 segments remain
|
|
|
|
o EIGRP dissection error in Flags field in external route TLVs.
|
|
|
|
o MRP packet is not correctly parsed in PROFINET multiple write record request
|
|
|
|
o MySQL Enhancement: support of Show Fields and bug fix
|
|
|
|
o [NAS EPS] Fix TFT decoding when having several Packet Filters defined
|
|
|
|
o Crash if using ssl.debug.file with no password for ssl.keys_list
|
|
|
|
* updated protocol support
|
|
|
|
ASN.1 BER, ASN.1 PER, EIGRP, GSM A RR, GSM Management, GSM MAP,
|
|
|
|
GTP, GTPv2, ICMPv6, Interlink, IPv4, IPv6, IPX, LDAP, LLC, MySQL,
|
|
|
|
NAS EPS, NTLMSSP, PN-IO, PPP, RPC, SDP, SLL, SSL, TCP
|
|
|
|
|
2010-10-06 23:05:22 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Sep 9 18:34:09 CEST 2010 - dimstar@opensuse.org
|
|
|
|
|
|
|
|
- Update to version 1.4.0:
|
|
|
|
+ The packet list internals have been rewritten and are now more
|
|
|
|
efficient.
|
|
|
|
+ Columns are easier to use. You can add a protocol field as a
|
|
|
|
column by right-clicking on its packet detail item, and you
|
|
|
|
can adjust some column preferences by right-clicking the
|
|
|
|
column header.
|
|
|
|
+ Preliminary Python scripting support has been added.
|
|
|
|
+ Many memory leaks have been fixed.
|
|
|
|
+ Packets can now be ignored (excluded from dissection), similar
|
|
|
|
to the way they can be marked.
|
|
|
|
+ Manual IP address resolution is now supported.
|
|
|
|
+ Columns with seconds can now be displayed as hours, minutes
|
|
|
|
and seconds.
|
|
|
|
+ You can now set the capture buffer size on UNIX and Linux if
|
|
|
|
you have libpcap 1.0.0 or greater.
|
|
|
|
+ TShark no longer needs elevated privileges on UNIX or Linux to
|
|
|
|
list interfaces. Only dumpcap requires privileges now.
|
|
|
|
+ Wireshark and TShark can enable 802.11 monitor mode directly
|
|
|
|
if you have libpcap 1.0.0 or greater.
|
|
|
|
+ You can play RTP streams directly from the RTP Analysis
|
|
|
|
window.
|
|
|
|
+ Capinfos and editcap now respectively support time order
|
|
|
|
checking and forcing.
|
|
|
|
+ Wireshark now has a "jump to timestamp" command-line option.
|
|
|
|
+ You can open JPEG files directly in Wireshark.
|
|
|
|
+ Many new and updated protocols.
|
|
|
|
+ See NEWS for a full list of changes.
|
|
|
|
- Drop wireshark-1.2.0-asneeded.patch, fixed upstream.
|
|
|
|
- Rebase wireshark-corosync-packet-dissector.patch.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 25 16:53:31 UTC 2010 - prusnak@opensuse.org
|
|
|
|
|
|
|
|
- updated to 1.2.10 [bnc#630599]
|
|
|
|
* Security fixes:
|
|
|
|
o The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4867)
|
|
|
|
o The GSM A RR dissector could crash. (Bug 4897)
|
|
|
|
o Due to a regression the ASN.1 BER dissector could overrun the stack.
|
|
|
|
o The IPMI dissector could go into an infinite loop.
|
|
|
|
o CVE-2010-2993
|
|
|
|
* Bug fixes:
|
|
|
|
o Wireshark crashes after configuring new Information column. (Bug 4854)
|
|
|
|
o Crash triggered when changing display filter from right-mouse pop-up menu via packet-list. (Bug 4860)
|
|
|
|
o Wireshark crash selecting Inter-Asterisk exchange v2 packet data. (Bug 4868)
|
|
|
|
o zlib-1.2.5 cause tshark to stop live capture. (Bug 4916)
|
|
|
|
o Crash when adding SNMP users. (Bug 4926)
|
|
|
|
o Wireshark via ssh -X on ipv6 link-local address fails to allow capture. (Bug 4945)
|
|
|
|
o OMAPI dissector fails to parse combined initialization messages. (Bug 4982)
|
|
|
|
o QUERY_FS_INFO for Macintosh level 0x301 - MacSupportFlags decodes wrong. (Bug 4993)
|
|
|
|
o SCSI dissector misidentifies ATA PASSTHROUGH command as ACCESS CONTROL IN. (Bug 5037)
|
|
|
|
o Wrong decoding of GTP Prime (GTP') packets. (Bug 5055)
|
|
|
|
* Updated Protocol Support
|
|
|
|
ASN.1 BER, GSM A RR, GTP, IAX2, IPMI, OMAPI, PRES, SCSI, SMB, UNISTIM
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 25 16:53:31 UTC 2010 - prusnak@opensuse.org
|
|
|
|
|
|
|
|
- updated to 1.2.9 [bnc#613487]
|
|
|
|
* Security fixes:
|
|
|
|
o The SMB dissector could dereference a NULL pointer. (Bug 4734)
|
|
|
|
o J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack.
|
|
|
|
o The SMB PIPE dissector could dereference a NULL pointer on some platforms.
|
|
|
|
o The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. (Bug 4826)
|
|
|
|
o The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4837)
|
|
|
|
* Bug fixes:
|
|
|
|
o Cannot open file with File -> Open. (Bug 1791)
|
|
|
|
o Application crash when changing real-time option. (Bug 4035)
|
|
|
|
o Crash in filter autocompletion. (Bug 4306)
|
|
|
|
o The XML dissector doesn't allow dots (".") in tags. (Bug 4405)
|
|
|
|
o Live capture stops when using zlib 1.2.5. (Bug 4708)
|
|
|
|
o Want to be able to apply decode as to Data Portion of Lan Trace. (Bug 4721)
|
|
|
|
o SABP short pdu (packet_per.c). (Bug 4743)
|
|
|
|
o Kerberos pre-auth type constants - MS extensions are wrong. (Bug 4752)
|
|
|
|
o Check HTTP Content-Length parsing for overflow. (Bug 4758)
|
|
|
|
o Wrong variable used for proto_tree_add_text() in ptp dissector. (Bug 4773)
|
|
|
|
o Crash when close window frame of gtk file chooser. (Bug 4778)
|
|
|
|
o text2pcap expects \n delimited text (instead of \r\n) on win32. (Bug 4780)
|
|
|
|
o Wrong decoding for BGP ORF. (Bug 4782)
|
|
|
|
o Crash when Ctrl-Backspacing the display filter. (Bug 4797)
|
|
|
|
o Acker AFI field incorrect size in PGM dissector. (Bug 4798)
|
|
|
|
o Fedora 13: wireshark fails to build (linking problem). (Bug 4815)
|
|
|
|
o The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles. (Bug 4839)
|
|
|
|
o AES-CTR decoding not working, (dissectors/packet_ipsec.c using gcrypt). (Bug 4838)
|
|
|
|
* Updated Protocol Support
|
|
|
|
ASN.1 BER, BGP, HTTP, IGMP, IPsec, Kerberos, NFS, PGM, PTP, SABP, SigComp, SMB, TCAP, XML,
|
|
|
|
* Updated Capture File Support
|
|
|
|
ERF, PacketLogger.
|
|
|
|
|
2010-06-04 02:29:28 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 3 06:41:23 UTC 2010 - tserong@novell.com
|
|
|
|
|
|
|
|
- Added corosync packet dissector (patch 4724 from
|
|
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3232,
|
|
|
|
minus "private key" setting, which doesn't work with
|
|
|
|
nice random binary keys in /etc/corosync/authkey)
|
|
|
|
|
2010-05-14 12:51:10 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 14 12:48:53 CEST 2010 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.8
|
|
|
|
* Security Fixes:
|
|
|
|
o The DOCSIS dissector could crash. (Bug 4644), (bug 4646)
|
|
|
|
* Bug Fixes:
|
|
|
|
o HTTP parser limits with Content-Length. (Bug 1958)
|
|
|
|
o MATE dissector bug with GOGs. (Bug 3010)
|
|
|
|
o Changing fonts and deleting system time from preferences,
|
|
|
|
results in wireshark crash. (Bug 3387)
|
|
|
|
o ERF file starting with record with timestamp=0,1 or 2 not
|
|
|
|
recognized as ERF file. (Bug 4503)
|
|
|
|
o The SSL dissector can not correctly resemple SSL records when
|
|
|
|
the record header is spit between packets. (Bug 4535)
|
|
|
|
o TCP reassembly can call subdissector with incorrect TCP
|
|
|
|
sequence number. (Bug 4624)
|
|
|
|
o PTP dissector displays big correction field values wrong. (Bug
|
|
|
|
4635)
|
|
|
|
o MSF is at Anthorn, not Rugby. (Bug 4678)
|
|
|
|
o ProtoField __tostring() description is missing in Wireshark's
|
|
|
|
Lua API Reference Manual. (Bug 4695)
|
|
|
|
o EVRC packet bundling not handled correctly. (Bug 4718)
|
|
|
|
o Completely unresponsive when run very first time by root user.
|
|
|
|
(Bug 4308)
|
|
|
|
* Updated Protocol Support
|
|
|
|
DOCSIS, HTTP, SSL
|
|
|
|
* Updated Capture File Support
|
|
|
|
ERF, PacketLogger.
|
|
|
|
|
2010-05-06 22:52:40 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 5 16:29:26 EST 2010 - sharms@ubuntu.com
|
|
|
|
|
|
|
|
- updated to new stable upstream version 1.2.7
|
|
|
|
* Bug Fixes:
|
|
|
|
o SNMPv3 Engine ID registration. (Bug 2426)
|
|
|
|
o Open file dialog always displayed when clicking anywhere on Wireshark. (Bug 2478)
|
|
|
|
o tshark reports wrong number of bytes on big dumpfiles with -z io,stat. (Bug 3205)
|
|
|
|
o Negative INTEGER number displayed as positive number in SNMP dissector. (Bug 3230)
|
|
|
|
o Add support for FT_BOOLEAN fields to wslua FieldInfo. (Bug 4049)
|
|
|
|
o Wireshark crashes w/ GLib error when trying to play RTP stream. (Bug 4119)
|
|
|
|
o Windows 2000 support has been restored. (Bug 4176)
|
|
|
|
o Wrong dissection on be_cell_id_list for bssmap. (Bug 4437)
|
|
|
|
o I/O Graph dropdown boxes not working correctly. (Bug 4487)
|
|
|
|
o Runtime Error when right-clicking field and selecting "Filter Field Reference". (Bug 4522)
|
|
|
|
o In GSM SMS PDU TPVPF showing wrong. (Bug 4524)
|
|
|
|
o Profinet: May be wrong defined byte meaning. (Bug 4525)
|
|
|
|
o GLib-CRITICAL ** Message. (Bug 4547)
|
|
|
|
o Certain EDP display filters trigger Wireshark/tshark runtime error. (Bug 4563)
|
|
|
|
o Some NCP frames trigger "Dissector bug, protocol NCP". (Bug 4565)
|
|
|
|
o The encapsulation abbreviation "bluetooth-h4" is ambiguous. (Bug 4613)
|
|
|
|
* Updated Protocol Support:
|
|
|
|
o BSSMAP, DMP, GSM SMS, LDSS, NCP, PN/IO, PPP, SIP, SNMP
|
|
|
|
|
2010-02-01 14:32:49 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 1 14:29:26 CET 2010 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- update desktop file to use xdg-su [bnc#540627]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 1 14:26:27 CET 2010 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.6
|
|
|
|
* Security Fixes:
|
|
|
|
o Babi discovered several buffer overflows in the LWRES
|
|
|
|
* Bug Fixes:
|
|
|
|
o Wireshark could crash while decrypting Kerberos data.
|
|
|
|
o Address display filters hang Wireshark. (Bug 658)
|
|
|
|
o PSML - structure context node missing. (Bug 1564)
|
|
|
|
o Wireshark doesn't dynamically update the packet list. (Bug 1605)
|
|
|
|
o LUA: There's no tvb_get_stringz() equivalent. (Bug 2244)
|
|
|
|
o tvb_new_real_data is prone to memory leak. (Bug 3917)
|
|
|
|
o Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986)
|
|
|
|
o Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177)
|
|
|
|
o Wireshark can't decrypt WPA(2)-PSK when passphrase is 63 bytes. (Bug 4183)
|
|
|
|
o RTP stream analysis: Wrong jitter values after clicking the refresh button. (Bug 4340)
|
|
|
|
o Wireshark decodes bootp option 2 incorrectly. (Bug 4342)
|
|
|
|
o Deleting SMI modules causes Wireshark to crash. (Bug 4354)
|
|
|
|
o Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363)
|
|
|
|
o PDML output from TShark includes invalid characters. (Bug 4402)
|
|
|
|
o Empty GPRS LLC S frames cause truncated data exception. (Bug 4417)
|
|
|
|
* Updated Protocol Support
|
|
|
|
BJNP, BOOTP/DHCP, DHCPv6, FIP, GPRS LLC, IEEE 802.11, IP,
|
|
|
|
Kerberos, OPCUA, SCTP, SSL, ZRTP
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 1 13:36:40 CET 2010 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.5
|
|
|
|
* Security Fixes:
|
|
|
|
o The Daintree SNA file parser could overflow a buffer. (Bug 4294)
|
|
|
|
o The SMB and SMB2 dissectors could crash. (Bug 4301)
|
|
|
|
* Bug Fixes:
|
|
|
|
o Wireshark does not graph rtp streams. (Bug 3801)
|
|
|
|
o Wireshark showing extraneous data in a TCP stream. (Bug 3955)
|
|
|
|
o Wrong decoding of gtp.target identification. (Bug 3974)
|
|
|
|
o TTE dissector bug. (Bug 4247)
|
|
|
|
o Upper case in Lua pref symbol causes Wireshark to crash. (Bug 4255)
|
|
|
|
o Incorrect display of stream data using "Follow tcp stream" option. (Bug 4288)
|
|
|
|
o Custom RADIUS dictionary can cause a crash. (Bug 4316)
|
|
|
|
* Updated Protocol Support
|
|
|
|
DAP, eDonkey, GTP, IPMI, MIP, RADIUS, RANAP, SMB, SMB2, TCP,
|
|
|
|
TTE, VNC, X.509sat
|
|
|
|
* Updated Capture File Support
|
|
|
|
Daintree SNA
|
|
|
|
|
2009-11-25 15:24:54 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 23 16:02:25 UTC 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.4
|
|
|
|
* Bug Fixes
|
|
|
|
- Can't save RTP stream in both directions. (Bug 4120)
|
|
|
|
* Updated Protocol Support
|
|
|
|
- DCERPC, IPFIX/Netflow, IPv4, NAS EPS, RTCP, TIPC
|
|
|
|
|
2009-11-23 16:58:34 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Oct 30 15:47:50 CET 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.3
|
|
|
|
* Security fixes:
|
|
|
|
- The Paltalk dissector could crash on alignment-sensitive processors.
|
|
|
|
- The DCERPC/NT dissector could crash.
|
|
|
|
- The SMB dissector could crash.
|
|
|
|
* Bug fixes:
|
|
|
|
- Wireshark memory leak with each file open and/or display filter change.
|
|
|
|
- DHCP Dissector displays negative lease time.
|
|
|
|
- Invalid advertised window line on tcptrace style graph.
|
|
|
|
- SMB get_dfs_referral referral entry is not dissected correctly.
|
|
|
|
- Error dissecting eMule sourceOBFU message.
|
|
|
|
- Typos in Diameter XML files.
|
|
|
|
- RSL dissector for MS Power IE is broken.
|
|
|
|
- FIP dissector throws assertion.
|
|
|
|
- TCAP problem with indefinite length 'components' SEQ OF.
|
|
|
|
- GSM MAP: an-APDU not decoded.
|
|
|
|
- Add "Drag and Drop entries..." message on Columns preferences page.
|
|
|
|
- Editcap -t and -w option parses fractional digits incorrectly.
|
|
|
|
* Updated Protocol Support
|
|
|
|
- DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP,
|
|
|
|
Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS
|
|
|
|
|
|
|
|
- updated to 1.2.2
|
|
|
|
* Security fixes:
|
|
|
|
- The GSM A RR dissector could crash. (Bug 3893)
|
|
|
|
- The OpcUa dissector could use excessive CPU and memory. (Bug 3986)
|
|
|
|
- The TLS dissector could crash on some platforms. (Bug 4008)
|
|
|
|
* Bug fixes:
|
|
|
|
- The "Capture->Interfaces" window can't be closed.
|
|
|
|
- tshark-1.0.2 (dumpcap) signal abort core saved.
|
|
|
|
- Memory leak fixes.
|
|
|
|
- Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields.
|
|
|
|
- Wireshark Portable includes wrong WinPcap installer.
|
|
|
|
- Crash when loading a profile.
|
|
|
|
- The proto,colinfo tap doesn't work if the INFO column isn't being printed.
|
|
|
|
- Flow Graph adds too much unnecessary garbage.
|
|
|
|
- The EAP Diameter dictionary file was missing in the distribution.
|
|
|
|
- Graph analysis window is behind other window.
|
|
|
|
- IKEv2 Cert Request payload dissection error.
|
|
|
|
- DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name.
|
|
|
|
- Malformed RTCP Packet error while sending Payload specific RTCP feedback packet (as per RFC 4585).
|
|
|
|
- 802.11n Block Ack packet Bitmap field missing.
|
|
|
|
- Wireshark doesn't decode WBXML/ActiveSync information correctly.
|
|
|
|
- Malformed packet when IPv6 packet has Next Header == 59.
|
|
|
|
- Wireshark could crash while reading an ERF file.
|
|
|
|
- Minor errors in gsm rr dissectors.
|
|
|
|
- WPA Decryption Issues.
|
|
|
|
- GSM A RR sys info dissection problem.
|
|
|
|
- GSM A RR inverts MEAS-VALID values.
|
|
|
|
- PDML output leaks ~300 bytes / packet.
|
|
|
|
- Incorrect station identifier parsing in Kingfisher dissector.
|
|
|
|
- DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect.
|
|
|
|
- Wireshark could leak memory while analyzing SSL.
|
|
|
|
- Wireshark could crash while updating menu items after reading a file in some cases.
|
|
|
|
* Updated Protocol Support
|
|
|
|
- DCERPC, DHCPv6, DNS, E.212, GSM A RR, GTPv2, H.248, IEEE 802.11,
|
|
|
|
IPMI, ISAKMP/IKE, ISUP, Kingfisher, LDAP, OpcUA, RTCP, SCTP, SIP,
|
|
|
|
SSL, TCP, WBXML, ZRTP
|
|
|
|
* Updated Capture File Support
|
|
|
|
- ERF
|
|
|
|
|
|
|
|
- dropped obsoleted 3 CVE patches (see previous entry)
|
|
|
|
|
2009-10-08 02:50:24 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Oct 2 18:19:09 CEST 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- fix CVE-2009-3241 (CVE-2009-3241.patch) [bnc#541654]
|
|
|
|
- fix CVE-2009-3242 (CVE-2009-3242.patch) [bnc#541659]
|
|
|
|
- fix CVE-2009-3243 (CVE-2009-3243.patch) [bnc#541655]
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 5 12:45:38 CEST 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.1
|
|
|
|
* Bug Fixes
|
|
|
|
- The IPMI dissector could overrun a buffer.
|
|
|
|
- The AFS dissector could crash.
|
|
|
|
- The Infiniband dissector could crash on some platforms.
|
|
|
|
- The Bluetooth L2CAP dissector could crash.
|
|
|
|
- The RADIUS dissector could crash.
|
|
|
|
- The MIOP dissector could crash.
|
|
|
|
- The sFlow dissector could use excessive CPU and memory.
|
|
|
|
- Wireshark could crash while reading a pcap-ng file.
|
|
|
|
- Wireshark could crash while reading a PacketLogger file.
|
|
|
|
- CFLOW decoding is wrong for IPv6 fields (Bug 3328)
|
|
|
|
- Buildbot crash output: fuzz-2009-04-24-2891.pcap (Bug 3438)
|
|
|
|
- packet-dcm, corrupt DICOM export files (Bug 3493)
|
|
|
|
- GeoIP map should use random temporary file name (Bug 3530)
|
|
|
|
- Wireshark crashes when range_string is the data type (Bug 3536)
|
|
|
|
- Pcap-ng breaks VoIP call data (Bug 3539)
|
|
|
|
- ANSI MAP legInformation BER Error (Bug 3541)
|
|
|
|
- Starting Wireshark Portable 1.2.0 gives error message. (Bug 3547)
|
|
|
|
- The title in the TCP sequence graphs is too short. (Bug 3556)
|
|
|
|
- USB Packets in pcap-ng Files Not Dissected Properly (Bug 3560)
|
|
|
|
- 802.11 decryption is broken (Bug 3590)
|
|
|
|
- SMB2 Error Response doesn't decode properly (Bug 3609)
|
|
|
|
- configure.in uses deprecated autoconf test for gnutls detection (Bug 3627)
|
|
|
|
- Radius Malformed Packet error message (Bug 3635)
|
|
|
|
- Wireshark could crash when loading a profile. (Bug 3640)
|
|
|
|
- Analyze->Decode as... menu item becomes unavailable (Bug 3642)
|
|
|
|
- btsnoop: Incorrect error message for not supported datalink type (Bug 3645)
|
|
|
|
- Decode error for network-id in BICC BCU-ID (Bug 3648)
|
|
|
|
- IEC 60870-5-104 dissector decodes nothing (Bug 3650)
|
|
|
|
- radius_register_avp_dissector() can stop RADIUS dissector from working correctly (Bug 3651)
|
|
|
|
- ANSI ISUP Cause indicators with coding standard=ANSI fail to dissect. (Bug 3654)
|
|
|
|
- Wrong field position in PacketCable Multimedia Extended Classifier (Bug 3656)
|
|
|
|
- FF Protocol "FMS Initiate - Version OD Calling" field packet data not unpacked properly (Bug 3694)
|
|
|
|
- hci_h4: Optimize column/field handling (Bug 3703)
|
|
|
|
- BSSLAP Protocol Not Decoded In BSSMAP-LE Messages (Bug 3711)
|
|
|
|
- Description of tshark -t dd missing from tshark.pod (Bug 3723)
|
|
|
|
- Problem in packet-per.c for ASN.1 PER Encoding (Bug 3733)
|
|
|
|
- [SNMP] Crash when dissecting packet (custom MIB) (Bug 3746)
|
|
|
|
* Updated Protocol Support
|
|
|
|
- AFS, ANSI ISUP, ANSI MAP, ASN.1 PER, Bluetooth HCI H4, Bluetooth L2CAP,
|
|
|
|
BSS CFLOW, COPS, Diameter, DICOM, FF-HSE, ICMPv6, IEC-60870-5-104,
|
|
|
|
IEEE 802.11, Infiniband, IPMI, MIOP, RADIUS, RSVP, sFlow, SNMP, SMB2, ZIOP
|
|
|
|
* New Capture File Support
|
|
|
|
- Btsnoop, DCT3, Packetlogger, pcap-ng
|
|
|
|
|
2009-07-16 17:52:32 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 15 14:06:19 CEST 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- fix asneeded.patch (patch Makefile.in files also)
|
|
|
|
|
2009-06-20 04:08:32 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jun 17 17:13:53 CEST 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
|
|
|
|
(geoip.patch)
|
|
|
|
|
2009-06-17 15:51:24 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jun 17 12:36:52 CEST 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.2.0
|
|
|
|
Bug Fixes
|
|
|
|
Too many bugs have been fixed since the 1.0 release to list here.
|
|
|
|
Some notable fixes are:
|
|
|
|
o Type-ahead search now works properly.
|
|
|
|
o Several bugs that affected capture from pipes have been fixed.
|
|
|
|
o Many Lua-related bugs have been fixed.
|
|
|
|
o Several memory leaks have been found and fixed.
|
|
|
|
o The "Follow TCP Stream" feature could show two streams at the
|
|
|
|
same time The hex dump view has been narrowed.
|
|
|
|
o WPA and SSL decryption bugs have been fixed.
|
|
|
|
o Readability problems on 256-color displays on Windows have
|
|
|
|
been fixed.
|
|
|
|
New and Updated Features
|
|
|
|
The following features are new (or have been significantly
|
|
|
|
updated) since version 1.0:
|
|
|
|
o Wireshark has a spiffy new start page.
|
|
|
|
o Display filters now autocomplete.
|
|
|
|
o A 64-bit Windows (x64) installer is now provided.
|
|
|
|
o Support for the c-ares resolver library has been added. It has
|
|
|
|
many advantages over ADNS.
|
|
|
|
o Many new protocol dissectors and capture file formats have
|
|
|
|
been added (see below for a complete list).
|
|
|
|
o Macintosh OS X support has been improved.
|
|
|
|
o GeoIP database lookups.
|
|
|
|
o OpenStreetMap + GeoIP integration.
|
|
|
|
o Improved Postscript(R) print output.
|
|
|
|
o The preference handling code is now much smarter about
|
|
|
|
changes.
|
|
|
|
o Support for Pcap-ng, the next-generation capture file format.
|
|
|
|
o Support for process information correlation via IPFIX.
|
|
|
|
o Column widths are now saved.
|
|
|
|
o The last used configuration profile is now saved.
|
|
|
|
o Protocol preferences are changeable from the packet details
|
|
|
|
context menu.
|
|
|
|
o Support for IP packet comparison.
|
|
|
|
o Capinfos now shows the average packet rate.
|
|
|
|
o GTK1 is no longer supported. (Yes, this is a feature.)
|
|
|
|
o Official Windows packages are now built using Microsoft Visual
|
|
|
|
C++ 2008 SP1.
|
|
|
|
New Protocol Support
|
|
|
|
Anything in Anything Protocol, ATM PW, N-to-one Cell Mode,
|
|
|
|
B.A.T.M.A.N. Layer 3 Protocol, BACnet MS/TP, BSS LCS Assistance
|
|
|
|
Protocol, Canon BJNP, CESoPSN basic NxDS0 mode (no RTP support),
|
|
|
|
Charging ASE, Cimetrics MS/TP, DECT Protocol, Digital Private
|
|
|
|
Signalling System No 1 Link Layer, DOCSIS Mac Domain Description,
|
|
|
|
DOCSIS Registration Request Multipart, DOCSIS Registration
|
|
|
|
Response Multipart, DOCSIS Synchronisation Message, E100
|
|
|
|
Encapsulation, EHS, Enhanced Variable Rate Codec, Ethernet Global
|
|
|
|
Data, Ethernet PW, Exchange 2003 Directory Request For Response,
|
|
|
|
Far End Failure Detection, FCoE Initialization Protocol, GOOSE,
|
|
|
|
GPEF, GPRS Tunneling Protocol V2, GSM A-I/F COMMON, GSM A-I/F GPRS
|
|
|
|
Mobility and Session Management, GSM SACCH, GSM Um Interface, HDLC
|
|
|
|
PW, FR port mode (no CW), HDLC-like framing for PPP, IEC
|
|
|
|
60870-5-104,Apci, IEC 60870-5-104,Asdu, IEEE 802.15.4 Low-Rate
|
|
|
|
Wireless PAN non-ASK PHY, IEEE C37.118 Synchrophasor Protocol,
|
|
|
|
Intelligent Platform Management Interface (Session Wrapper),
|
|
|
|
Inter-Integrated Circuit, Internal TDM, IPSICTL, ISMACryp
|
|
|
|
Protocol, iWARP Direct Data Placement and Remote Direct Memory
|
|
|
|
Access Protocol, iWARP Marker Protocol data unit Aligned framing,
|
|
|
|
Kontiki Delivery Protocol, LANforge Traffic Generator, Layer 1
|
|
|
|
Event Messages, Lb-I/F BSSMAP LE, LeCroy VICP, Link Access
|
|
|
|
Procedure, Channel Dm (LAPDm), Local Download Sharing Service, LTE
|
|
|
|
Radio Resource Control (RRC) protocol, MAC-LTE, Memcache Protocol,
|
|
|
|
Mesh Header, MP4V-ES, Nasdaq TotalView-ITCH, Nasdaq-SoupTCP
|
|
|
|
version 2.0, NAT Port Mapping Protocol, Netdump Protocol,
|
|
|
|
Non-Access-Stratum (NAS)PDU, PacketLogger, Paltalk Messenger
|
|
|
|
Protocol, PDCP-LTE, PW Associated Channel Header, PW Ethernet
|
|
|
|
Control Word, PW Frame Relay DLCI Control Word, PW MPLS Control
|
|
|
|
Word (generic/preferred), Real-Time Publish-Subscribe Wire
|
|
|
|
Protocol 2.x, Remote Packet Capture, RLC-LTE, SAToP (no RTP
|
|
|
|
support), SERCOS III V1.1, SIMULCRYPT Protocol, Subnetwork
|
|
|
|
Dependent Convergence Protocol XID, Teamspeak2 Protocol,
|
|
|
|
TTEthernet, TTEthernet Protocol Control Frame, Turbocell Aggregate
|
|
|
|
Data, Turbocell Header, TURN Channel, Unreliable Multicast
|
|
|
|
Inter-ORB Protocol, VCDU, Wave Short Message Protocol(IEEE
|
|
|
|
P1609.3), Wireless Access Station Session Protocol, Wireshark
|
|
|
|
Expert Info, World of Warcraft, Xpress Transport Protocol, ZigBee
|
|
|
|
Application Framework, ZigBee Application Support Layer, ZigBee
|
|
|
|
Device Profile, ZigBee Encapsulation Protocol, ZigBee Network
|
|
|
|
Layer, Zipped Inter-ORB Protocol, ZRTP
|
|
|
|
Updated Protocol Support
|
|
|
|
There are too many updates to list here.
|
|
|
|
New Capture File Support
|
|
|
|
Apple Bluetooth PacketLogger, Daintree's Sensor Network Analyzer,
|
|
|
|
dct3trace, Pcap-NG, TNEF (yes, those silly winmail.dat
|
|
|
|
attachments)
|
|
|
|
|
|
|
|
- removed obsoleted patches:
|
|
|
|
* help.patch (not needed anymore)
|
|
|
|
* sigpipe-block.patch (not needed anymore)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 26 15:49:43 CEST 2009 - cmorve69@yahoo.es
|
|
|
|
|
|
|
|
- made it compile with --as-needed
|
|
|
|
|
2009-05-25 01:00:23 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 22 13:36:43 CEST 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.0.8
|
|
|
|
* bug fixes
|
|
|
|
o The PCNFSD dissector could crash.
|
|
|
|
* the following bugs have been fixed:
|
|
|
|
o Lua integration could crash (Bug 2453)
|
|
|
|
o The SCCP dissector could crash when loading more than one file
|
|
|
|
in a single session. (Bug 3409)
|
|
|
|
o The NDMP dissector could crash if reassembly was enabled. (Bug 3470)
|
|
|
|
* updated protocol support
|
|
|
|
o All ASN.1 protocols, DICOM, NDMP, PCNFSD, RTCP, SCCP, SSL, STANAG 5066
|
|
|
|
|
2009-04-20 16:36:57 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 17 21:27:27 CEST 2009 - cseader@novell.com
|
|
|
|
|
|
|
|
- removing --with-ssl and adding --with-gnutls
|
2009-05-25 01:00:23 +02:00
|
|
|
* per Wireshark documentation "The SSL dissector is fully functional and even supports
|
|
|
|
advanced features such as decryption of SSL if the encryption key can be provided and
|
|
|
|
WireShark is compiled against Gnu-TLS (rather than openssl or bsafe)."
|
2009-04-20 16:36:57 +02:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 15 23:43:32 CEST 2009 - cseader@novell.com
|
|
|
|
|
|
|
|
- updated to 1.0.7
|
2009-05-25 01:00:23 +02:00
|
|
|
o security fixes
|
2009-04-20 16:36:57 +02:00
|
|
|
* The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382)
|
|
|
|
Versions affected: 0.99.6 to 1.0.6
|
|
|
|
CVE-2009-1210
|
|
|
|
* The LDAP dissector could crash on Windows. (Bug 3262)
|
|
|
|
Versions affected: 0.99.2 to 1.0.6
|
|
|
|
CVE-2009-1267
|
|
|
|
* The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269)
|
|
|
|
Versions affected: 0.9.6 to 1.0.6
|
|
|
|
CVE-2009-1268
|
|
|
|
* Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366)
|
|
|
|
Versions affected: 0.99.6 to 1.0.6
|
2009-05-25 01:00:23 +02:00
|
|
|
CVE-2009-1269
|
2009-04-20 16:36:57 +02:00
|
|
|
o bug fixes
|
|
|
|
* Correct use of proto_tree_add_int_format() (Bug 3048)
|
|
|
|
* RTP dynamic payload clock rates incorrectly determined (Bug 3067)
|
|
|
|
* TShark fails to properly close capture files when opening new ones (Bug 3172)
|
|
|
|
* ANSI MAP digits type decode and bitmask corrections (Bug 3233)
|
|
|
|
* Two small patches for ipvs-syncd dissector (Bug 3236)
|
|
|
|
* BGP capability dissection failure (Bug 3247)
|
|
|
|
* ANSI MAP fix for missing MEID/MSC ID number in RegNot (Bug 3255)
|
|
|
|
* BACnet PrivateTransferError shows malformed packet (Bug 3257)
|
|
|
|
* Windows silent installer is not that silent (Bug 3260)
|
|
|
|
* Crash in ASN.1 dissector when using 'type table' (Bug 3271)
|
|
|
|
* 802.11n SM Power save mode value 0x3 label is incorrect (Bug 3276)
|
|
|
|
* 802.11 WME ie displayed incorrectly (Bug 3284)
|
2009-05-25 01:00:23 +02:00
|
|
|
* "Copy as filter" from the packet list has been fixed.
|
2009-04-20 16:36:57 +02:00
|
|
|
o updated protocol support
|
2009-05-25 01:00:23 +02:00
|
|
|
* ACN, ANSI MAP, ASN.1 BACnet, BGP, CPHAP, GSM MAP, IEEE 802.11, IPVS, LDAP, NetFlow/IPFIX, PROFINET, RTP, SNMP, WSP
|
|
|
|
|
2009-02-16 16:06:47 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 16 15:11:00 CET 2009 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.0.6
|
|
|
|
o security fixes
|
|
|
|
* possible crash if the HOME environment variable contained
|
|
|
|
sprintf-style string formatting characters
|
|
|
|
* possible crash while reading a malformed NetScreen snoop file
|
|
|
|
* possible crash while reading a Tektronix K12 text capture file
|
|
|
|
o bug fixes
|
|
|
|
* Crash when loading capture file and Preferences: NO Info column
|
|
|
|
* Some Lua scripts may lead to corruption via out of bounds stack
|
|
|
|
* Build with GLib 1.2 fails with error: 'G_MININT32' undeclared
|
|
|
|
* Wrong decoding IMSI with GSM MAP protocol
|
|
|
|
* Segmentation fault for "Follow TCP stream"
|
|
|
|
* SMPP optional parameter 'network_error_code' incorrectly decoded
|
|
|
|
* DHCPv6 dissector doesn't handle malformed FQDN
|
|
|
|
* WCCP overrides CFLOW as decoded protocol
|
|
|
|
* Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object
|
|
|
|
* ANSI MAP fix for TRN digits/SMS and OTA subdissection
|
|
|
|
o updated protocol support
|
|
|
|
* AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS
|
|
|
|
o New and Updated Capture File Support
|
|
|
|
* NetScreen snoop
|
|
|
|
|
2008-12-18 15:22:09 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Dec 17 15:22:40 CET 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.0.5
|
|
|
|
* security fixes
|
|
|
|
o The SMTP dissector could consume excessive amounts of CPU
|
|
|
|
and memory
|
2009-02-16 16:06:47 +01:00
|
|
|
o The WLCCP dissector could go into an infinite loop
|
2008-12-18 15:22:09 +01:00
|
|
|
* bug fixes
|
|
|
|
o Missing CRLF during HTTP POST in the "packet details" window
|
|
|
|
(Bug 2534)
|
|
|
|
o Memory assertion in time_secs_to_str_buf() when compiled
|
|
|
|
with GCC 4.2.3 (Bug 2777)
|
|
|
|
o Diameter dissector fails RFC 4005 compliance (Bug 2828)
|
|
|
|
o LDP vendor private TLV type is not correctly shown (Bug 2832)
|
|
|
|
o Wireshark on MacOS does not run when there are spaces in
|
|
|
|
its path (Bug 2844)
|
|
|
|
o OS X Intel package incorrectly claims to be Universal (Bug 2979)
|
|
|
|
o Compilation broke when compiling without zlib (Bug 2993)
|
|
|
|
o Memory leaks (Bugs 3017 ... 3022, 3079)
|
|
|
|
o Incorrect address structure assigned for find_conversation()
|
|
|
|
in WSP (Bug 3071)
|
|
|
|
o Error parsing the BSSGP protocol (Bug 3085)
|
|
|
|
o Assertion thrown in fvalue_get_uinteger when decoding TIPC
|
|
|
|
(Bug 3086)
|
|
|
|
o LUA script : Wireshark crashes after closing and opening again
|
|
|
|
a window used by a listener.draw() function. (Bug 3090)
|
|
|
|
* Updated Protocol Support
|
|
|
|
ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP,
|
|
|
|
MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066,
|
|
|
|
TACACS, TIPC, WLCCP, WSP
|
|
|
|
|
2008-11-28 12:18:20 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 24 16:13:47 CET 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- fix wireshark freeze when closing capture window [bnc#417850]
|
|
|
|
(sigpipe-block.patch)
|
|
|
|
- don't show warning when running as root [bnc#349782]
|
|
|
|
- altered .desktop file to run wireshark gui as root automatically
|
|
|
|
|
2008-09-06 04:17:49 +02:00
|
|
|
-------------------------------------------------------------------
|
2008-11-04 17:58:51 +01:00
|
|
|
Tue Nov 4 14:04:16 CET 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.0.4
|
|
|
|
* security fixes
|
|
|
|
o Florent Drouin and David Maciejak found that the Bluetooth ACL
|
|
|
|
dissector could crash or abort. (Bug 1513)
|
|
|
|
o The Q.931 dissector could crash or abort. (Bug 2870)
|
|
|
|
o Wireshark could abort while reading Tamos CommView capture
|
|
|
|
files. (Bug 2926)
|
|
|
|
o David Maciejak found that the USB dissector could crash or
|
|
|
|
abort. This led to the disovery of a similar problem in the
|
|
|
|
Bluetooth RFCOMM dissector. (Bug 2922)
|
|
|
|
o Vivek Gupta and David Maciejak found that the PRP and MATE
|
|
|
|
dissectors could make Wireshark crash. (Neither PRP nor MATE
|
|
|
|
are enabled by default.) (Bug 2549)
|
|
|
|
* bug fixes
|
|
|
|
o Let MP2T call its subdissectors, even without tree (Bug 2627)
|
|
|
|
o Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
|
|
|
|
(Bug 2685)
|
|
|
|
o Failure to dissect long SASL wrapped LDAP response (Bug 2687)
|
|
|
|
o Fix compiler warnings (Bug 2823)
|
|
|
|
o Homeplug dissection bugs (Bug 2859)
|
|
|
|
o Malformed Packet DCP ETSI error (Bug 2860)
|
|
|
|
o Wrong size of selected_registrar in WPS dissector (Bug 2865)
|
|
|
|
o Dissector assertion displaying cookies in DTLS frames (Bug
|
|
|
|
2876)
|
|
|
|
o Missing field type in documentation (Bug 2889)
|
|
|
|
o Wireshark -p switch seems to have no effect to PROMISCUOUS
|
|
|
|
mode (Bug 2891)
|
|
|
|
o Misspelled PPI error vector magnitude filter (Bug 2903)
|
|
|
|
o Modbus Function 43 Encapsulated Interface Transport decoding
|
|
|
|
(Bug 2917)
|
|
|
|
o Crash when printing or exporting some protocol data (Bug 2934)
|
|
|
|
o Crash when selecting "Export Selected Packet Bytes" (Bug 2964)
|
|
|
|
* updated protocol support
|
|
|
|
AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug,
|
|
|
|
IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL,
|
|
|
|
SNMP, USB, WPS
|
|
|
|
* new and updated capture file support
|
|
|
|
AiroPeek, CommView
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2008-09-06 04:17:49 +02:00
|
|
|
Thu Sep 4 17:58:51 CEST 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.0.3 - bug fixes:
|
|
|
|
o The NCP dissector was susceptible to a number of problems,
|
|
|
|
including buffer overflows and an infinite loop.
|
|
|
|
o Wireshark could crash while uncompressing zlib-compressed
|
|
|
|
packet data.
|
|
|
|
o Wireshark could crash while reading a Tektronix .rf5 file.
|
|
|
|
o 802.11 WPA/WPA2-PSK Unable to decode Group Keys. (Bug 1420)
|
|
|
|
o Packets could wrongly be dissected as "Redback Lawful
|
|
|
|
Intercept" (Bug 2376)
|
|
|
|
o MIKEY dissector improvements (Bug 2400)
|
|
|
|
o tvb_get_bits{16|32} could read past the end of a tvbuff (Bug
|
|
|
|
2439)
|
|
|
|
o Incorrect wslua function names. (Bug 2448)
|
|
|
|
o Memory corruption in wslua. (Bug 2453)
|
|
|
|
o Unknown PPPoE TAGs which are present in a PPPoE discovery
|
|
|
|
packet are not displayed under "PPPoE Tags" subtree/section.
|
|
|
|
(Bug 2458)
|
|
|
|
o Following a TCP stream could incorrectly reassemble packets.
|
|
|
|
(Bug 2606)
|
|
|
|
o SIP decode shows fully expanded "Content-Length" header
|
|
|
|
instead of compact form. (Bug 2635)
|
|
|
|
o Segmentation fault loading trace containing NCP packets. (Bug
|
|
|
|
2675)
|
|
|
|
o SIP packets might incorrectly be displayed as malformed. (Bug
|
|
|
|
2729)
|
|
|
|
o RTCP BYE padding interpreted incorrectly. (Bug 2778)
|
|
|
|
o Reversed RTP stream is saved as silent .au file, forward
|
|
|
|
stream saves correctly. (Bug 2780)
|
|
|
|
o Fix some lint warnings. (Bug 2822)
|
|
|
|
o Setting a duration on a capture file would capture for an
|
|
|
|
extra second.
|
|
|
|
|
2008-04-10 11:43:10 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 2 11:30:51 CEST 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 1.0.0 \o/
|
|
|
|
* setcurity fixes:
|
|
|
|
o the X.509sat dissector could crash
|
|
|
|
o the Roofnet dissector could crash
|
|
|
|
o the LDAP dissector could crash
|
|
|
|
o the SCCP dissector could crash while using the "decode as" feature
|
|
|
|
* buf fixes:
|
|
|
|
o several SNMP-related bugs have been fixed
|
|
|
|
o several memory-related bugs have been fixed
|
|
|
|
* new protocol support:
|
|
|
|
IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol, RedBack
|
|
|
|
Lawful Intercept, Xcsl
|
|
|
|
* updated protocol support:
|
|
|
|
AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP
|
|
|
|
(renamed from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay,
|
|
|
|
EtherCAT, FIX, GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS,
|
|
|
|
JXTA, NCP, P_Mul, PCAP, PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP,
|
|
|
|
RTMPT, RTP, RX, SABP, SCSI OSD, sFlow, SMPP, SNMP, SSCOP, TAPA,
|
|
|
|
TIPC, TPNCP, UNISTIM, X.25, X.509sat, XML
|
|
|
|
* new and updated capture file support:
|
|
|
|
Hilscher Analyzer
|
|
|
|
- dropped patches:
|
|
|
|
* strncat.patch (obsoleted by update)
|
|
|
|
|
2008-02-28 18:25:39 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Feb 28 11:38:06 CET 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 0.99.8
|
|
|
|
* security fixes
|
|
|
|
o fixed crash in SCTP, SNMP and TFTP dissectors
|
|
|
|
The following bugs have been fixed:
|
|
|
|
o Wireshark could crash when:
|
|
|
|
- saving I/O graphs
|
|
|
|
- editing table-based preferences
|
|
|
|
- trying to play RTP streams.
|
|
|
|
- trying to apply a display filter macro
|
|
|
|
- using Turkish and other locales.
|
|
|
|
* new features:
|
|
|
|
o multiple configuration profiles
|
|
|
|
o temporary coloring rules (let you color or filter on a conversation)
|
|
|
|
o I/O graphs have been improved
|
|
|
|
o Wireshark now has WLAN traffic statistics
|
|
|
|
o the Wireshark GUI now supports RPCAP
|
|
|
|
o conversations and endopoints can now be limited to the current display filter
|
|
|
|
o experimental support for the NTAR/PcapNG file format
|
|
|
|
* new protocol support:
|
|
|
|
AiroPeek Remote Capture, China Mobile Point to Point, Distributed
|
|
|
|
Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
|
|
|
|
Foundation, International Passenger Airline Reservation
|
|
|
|
System/Airline Link Control, Microsoft DirectPlay, Path
|
|
|
|
Computation Element communication Protocol, Real Time Messaging
|
|
|
|
Protocol, S1 Application Protocol, Scripting Service Protocol,
|
|
|
|
Societe Internationale de Telecommunications Aeronautiques, Unisys
|
|
|
|
Transmittal System, Wi-fi Protected Setup,
|
|
|
|
* updated protocol support:
|
|
|
|
3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI
|
|
|
|
MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL,
|
|
|
|
HCI CMD, HCI EVT, HCI SCO, L2CAP, SDP), CDP, CFM, CMS, COPS,
|
|
|
|
Camel, Cisco ERSPAN, DAP, DCERPC SPOOLSS, DCERPC, DHCP, DHCPv6,
|
|
|
|
DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet,
|
|
|
|
FMP, FTAM, GMRP, GRE, GSM MAP, GSM SMS, GSS-API, GTP, Gryphon,
|
|
|
|
H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE
|
|
|
|
802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP,
|
|
|
|
MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM,
|
|
|
|
PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT
|
|
|
|
LCT, ROS, RPC, RPL, RRC, RTCP, RTP, SCCP, SCTP, SDP, SLL, SMB,
|
|
|
|
SMB2, SMPP, SMTP, SNMP, SRVLOC, SSL, STUN2, T.38, TCAP, TCP, TFTP,
|
|
|
|
TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420,
|
|
|
|
X.509if, X.509sat
|
|
|
|
* new and updated capture file support:
|
|
|
|
Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
|
|
|
|
Visual Networks
|
|
|
|
- removed obsolete patch:
|
|
|
|
* strptime.patch (included in update)
|
|
|
|
- added bison and flex to BuildRequires
|
|
|
|
|
2008-02-21 10:32:44 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Feb 21 04:51:57 CET 2008 - crrodriguez@suse.de
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- fix -devel package dependencies
|
2008-02-21 10:32:44 +01:00
|
|
|
|
2008-01-10 03:21:45 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 9 13:20:10 CET 2008 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- fix strptime function inclusion (strptime.patch)
|
|
|
|
- do not package non linux READMEs
|
|
|
|
|
2007-12-19 14:56:16 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Dec 19 13:34:17 CET 2007 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 0.99.7
|
|
|
|
* security fixes
|
|
|
|
o Wireshark could crash when reading an MP3 file.
|
|
|
|
o Beyond Security discovered that Wireshark could loop
|
|
|
|
excessively while reading a malformed DNP packet.
|
|
|
|
o Stefan Esser discovered a buffer overflow in the SSL
|
|
|
|
dissector.
|
|
|
|
o The ANSI MAP dissector could be susceptible to a buffer
|
|
|
|
overflow on some platforms.
|
|
|
|
o The Firebird/Interbase dissector could go into an infinite
|
|
|
|
loop or crash.
|
|
|
|
o The NCP dissector could cause a crash.
|
|
|
|
o The HTTP dissector could crash on some systems while decoding
|
|
|
|
chunked messages.
|
|
|
|
o The MEGACO dissector could enter a large loop and consume
|
|
|
|
system resources.
|
|
|
|
o The DCP ETSI dissector could enter a large loop and consume
|
|
|
|
system resources.
|
|
|
|
o Fabiodds discovered a buffer overflow in the iSeries (OS/400)
|
|
|
|
Communication trace file parser.
|
|
|
|
o The PPP dissector could overflow a buffer.
|
|
|
|
o The Bluetooth SDP dissector could go into an infinite loop.
|
|
|
|
o A malformed RPC Portmap packet could cause a crash.
|
|
|
|
o The IPv6 dissector could loop excessively.
|
|
|
|
o The USB dissector could loop excessively or crash.
|
|
|
|
o The SMB dissector could crash.
|
|
|
|
o The RPL dissector could go into an infinite loop.
|
|
|
|
o The WiMAX dissector could crash due to unaligned access on
|
|
|
|
some platforms.
|
|
|
|
o The CIP dissector could attempt to allocate a huge amount of
|
|
|
|
memory and crash.
|
|
|
|
* bug fixes
|
|
|
|
o Handling of non-ASCII file names and paths has been improved.
|
|
|
|
o Wireshark could crash while editing a coloring rule or a UAT
|
|
|
|
table.
|
|
|
|
o The display filter code could crash while bitwise ANDing an
|
|
|
|
IPv4 address.
|
|
|
|
* news and updates
|
|
|
|
o Most of the capture code has been moved out of the GUI, which
|
|
|
|
means that Wireshark no longer needs to be run as root.
|
|
|
|
o Many display filter names have been cleaned up. If your
|
|
|
|
favorite display filter just went missing, please consult the
|
|
|
|
display filter reference to find out where it ended up.
|
|
|
|
o You can now filter directly on SNMP OIDs.
|
|
|
|
o IO graphs have more display options, and you can now export
|
|
|
|
graphs.
|
|
|
|
o You can now follow UDP streams in addition to TCP and SSL
|
|
|
|
streams.
|
|
|
|
o You can now disable coloring rules without deleting them.
|
|
|
|
o Main window toolbar buttons are now available even when the
|
|
|
|
window is small.
|
|
|
|
o Optimizations have been applied in some places to make
|
|
|
|
Wireshark start up and run faster.
|
|
|
|
* new protocol support
|
|
|
|
ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS,
|
|
|
|
EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and
|
|
|
|
802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM,
|
|
|
|
Wake on LAN, WiMAX ASN Control Plane, X.224,
|
|
|
|
* updated protocol support
|
|
|
|
3Com XNS, 3G A11, ACN, ACP123, ACSE, AIM, ANSI IS-637-A, ANSI MAP,
|
|
|
|
Armagetronad, BACapp, BACnet, BER, BFD, BGP, Bluetooth, CAMEL,
|
|
|
|
CDT, CFM, CIP, Cisco ERSPAN, CLNP, CMIP, CMS, COPS, CTDB, DCCP,
|
|
|
|
DCERPC ATSVC, DCERPC PNIO, DCERPC SAMR, DCERPC, DCOM CBA-ACCO, DCP
|
|
|
|
ETSI, DEC DNA, DFS, DHCP/BOOTP, DHCPv6, DIAMETER, DISP, DMP, DNP,
|
|
|
|
DNS, DOP, DTLS, DUA, eDonkey, ELSM, ESL, Ethernet, FC ELS, FC,
|
|
|
|
FCOE, FTAM, FTP, GDSDB, GIOP, GPRS-LLC, GSM A, GSM MAP, GTP, HSRP,
|
|
|
|
HTTP, IAX2, ICMPv6, IEEE 802.11, INAP, IP, IPMI, IPv6, ISAKMP,
|
|
|
|
ISIS, iSNS, ISUP, IUUP, JXTA, K12, Kerberos, L2TP, LAPD, LDAP,
|
|
|
|
LINX, LPD, LWAPP, MEGACO, MIKEY, MIME Multipart, MMS, MP2T, MPEG
|
|
|
|
PES, MPEG, MTP2, MySQL, NBAP, NetFlow, nettl, NFS, NSIP, OSPF,
|
|
|
|
P_MUL, PANA, PER, PKCS#12, PMIPv6, PN-PTCP, PN-RT, PPI, PPPoE,
|
|
|
|
PRES, PROFINET, PTP, Q.932 ROS, Q.932, QSIG, Radiotap, RADIUS,
|
|
|
|
RANAP, RNSAP, ROS, RTCP, RTP, RTSE, RTSP, SCCP, SCTP, SDP,
|
|
|
|
SIGCOMP, SIP, Slow Protocols, SMB, SMPP, SMTP, SNDCP, SNMP, SRP,
|
|
|
|
SSL, STANAG 4406, STUN2, TCAP, TCP, text/media, TIPC, ULP, UMA,
|
|
|
|
UMTS FP, V5UA, VNC, WiMAX M2M, WiMAX, WLCCP, X.411, X.420, X.509
|
|
|
|
SAT, XML
|
|
|
|
* new and updated capture file support
|
|
|
|
Catapult DCT 2000, Endace ERF, Juniper NetScreen snoop, Visual
|
|
|
|
Networks, Windows Sniffer (NetXRay)
|
|
|
|
- removed fwrite_unused_result.patch
|
|
|
|
|
2007-09-04 01:15:06 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 4 00:24:50 CEST 2007 - ro@suse.de
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- disable -Werror for now
|
2007-09-04 01:15:06 +02:00
|
|
|
|
2007-07-27 02:13:40 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 26 16:58:58 CEST 2007 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- changed libpcap to libpcap-devel in BuildRequires
|
|
|
|
|
2007-07-10 19:15:17 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 10 11:22:31 CEST 2007 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- updated to 0.99.6
|
|
|
|
* security fixes:
|
|
|
|
* crash when dissecting an HTTP chunked response
|
|
|
|
* crash while reading iSeries capture files
|
|
|
|
* exhaust system memory while reading a malformed DCP ETSI packet
|
|
|
|
* loop excessively while reading a malformed SSL packet
|
|
|
|
* DHCP/BOOTP dissector susceptible to an off-by-one error
|
|
|
|
* loop excessively while reading a malformed MMS packet
|
|
|
|
* bug fixes:
|
|
|
|
* WEP decryption would only work for the first key specified
|
|
|
|
* WEP and WPA decryption didn't work for QoS frames
|
|
|
|
* WPA decryption failed if EAPOL handshake packets contained extra data
|
|
|
|
* Wireshark failed to parse colon-separated WEP keys
|
|
|
|
* merging files in Wireshark now appends files properly
|
|
|
|
* hang while saving an RTP stream with bad timestamp data
|
|
|
|
* frame.time_delta display filter now works as expected
|
|
|
|
* for full information see:
|
|
|
|
* http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html
|
|
|
|
- added fwrite_unused_result.patch (fixes warn_unused_result warnings in fwrite calls)
|
|
|
|
- dropped obsolete patches:
|
|
|
|
* dissectors.patch (included in update)
|
|
|
|
|
2007-03-07 22:51:45 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 7 13:48:57 CET 2007 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- added [t]ethereal symlinks [#252117]
|
|
|
|
- cleaned spec file
|
|
|
|
|
2007-02-07 17:11:50 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 7 10:56:50 CET 2007 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- fix SSL support [#242738]
|
|
|
|
- fix build warnings in dissector's code (dissectors.patch)
|
|
|
|
|
2007-02-06 19:25:39 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 6 09:38:41 CET 2007 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- update to 0.99.5
|
|
|
|
* security fixes [#237246]
|
|
|
|
- CVE-2007-0459 The TCP dissector could hang or crash
|
|
|
|
- CVE-2007-0458 The HTTP dissector could crash
|
|
|
|
- CVE-2007-0457 The IEEE 802.11 dissector could crash
|
|
|
|
- CVE-2007-0456 The LLT dissector could crash
|
|
|
|
* various bug fixes, added new protocols, see
|
|
|
|
http://www.wireshark.org/docs/relnotes/wireshark-0.99.5.html
|
|
|
|
for full information
|
|
|
|
- dropped obsoleted patches:
|
|
|
|
* wireshark-0.99.4-printf.diff (included in update)
|
|
|
|
|
2007-01-16 00:41:20 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Dec 7 10:30:28 CET 2006 - prusnak@suse.cz
|
|
|
|
|
|
|
|
- fixed libdir path in spec file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 13 16:29:07 CET 2006 - mjancar@suse.cz
|
|
|
|
|
|
|
|
- update to 0.99.4
|
|
|
|
* final 0.99.4 release
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 7 14:33:33 CET 2006 - ro@suse.de
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- fix manpage permissions
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Oct 30 11:19:14 CET 2006 - mjancar@suse.cz
|
|
|
|
|
|
|
|
- update to 0.99.4pre1
|
|
|
|
* security fixes (#213226)
|
|
|
|
CVE-2006-4574
|
|
|
|
CVE-2006-4805
|
|
|
|
CVE-2006-5468
|
|
|
|
CVE-2006-5469
|
|
|
|
CVE-2006-5740
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Aug 24 13:31:08 CEST 2006 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.99.2 [#201437]
|
|
|
|
* security bugfixes
|
|
|
|
* the packet list context menu now includes a conversation filter
|
|
|
|
* now generate ACL rules for several popular firewall products
|
2009-08-06 00:42:24 +02:00
|
|
|
* new protocols: Daytime, JPEG (RTP payload), Pegasus Lightweight
|
2007-01-16 00:41:20 +01:00
|
|
|
Stream Control, Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport
|
|
|
|
- removed oblsoleted patch buffer_overflow_fix.patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 25 15:34:04 CEST 2006 - postadal@suse.cz
|
|
|
|
|
|
|
|
- project Ethereal moved to Wireshark project (renamed)
|
|
|
|
- updated to version 0.99.2
|
|
|
|
* security bugfixes
|
|
|
|
* multicast stream analysis
|
|
|
|
* you can now find next/previous marked frames
|
|
|
|
* the SMB dissector tracks filenames and share names
|
|
|
|
* added reading support of BER-encoded files
|
2009-08-06 00:42:24 +02:00
|
|
|
* new protocols: Bluetooth HCI (ACL, Command, Event, L2CAP, H4,
|
|
|
|
RFCOMM, SCO, SDP), Cisco WIDS, DTLS, Ether-S-Bus, OMA ULP,
|
|
|
|
PN-MRP, PN-MRRT, REXEC (yes, that REXEC), RRLP, RSerPool
|
|
|
|
(CalcAppProtocol, ComponentStatusProtocol, FractalGeneratorProtocol,
|
2007-01-16 00:41:20 +01:00
|
|
|
PingPongProtocol), Telkonet, TiVoConnect Discovery Protocol
|
|
|
|
- fixed buffer overflow in nettl.c [wireshark#1015] (buffer_overflow_fix.patch)
|
|
|
|
- removed obsoleted patches (CVE-2006-1932-40.patch, hash_returnval.patch,
|
|
|
|
infinite-loop.patch)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 12 16:19:16 CEST 2006 - lmichnovic@suse.cz
|
|
|
|
|
|
|
|
- fixed forgoten return value (hash_retval.patch) [#183696]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 3 09:01:49 CEST 2006 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed security bugs [#167928] (CVE-2006-1932 - CVE-2006-1940)
|
2009-08-06 00:42:24 +02:00
|
|
|
(CVE-2006-1932-40.patch)
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 25 21:35:45 CET 2006 - mls@suse.de
|
|
|
|
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Jan 7 18:27:16 CET 2006 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.14
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Dec 21 13:02:50 CET 2005 - meissner@suse.de
|
|
|
|
|
|
|
|
- added -fstack-protector
|
|
|
|
- add pcre/pcre-devel to get regexp support.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 1 16:26:26 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed infinite loop [#128637] (infinite-loop.patch)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Oct 21 11:07:07 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.13 (a lot of security fixes enpa-sa-00021)
|
|
|
|
[#128637]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 6 21:39:28 CEST 2005 - lmuelle@suse.de
|
|
|
|
|
|
|
|
- Add kerberos-devel-packages to neededforbuild and --with-krb5=/usr to the
|
|
|
|
configure arguments; [#115457].
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 31 09:23:51 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- changed category of desktop file from Monitor to System [#114060]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Aug 29 22:33:59 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- all data moved from /usr/X11R6 to /usr [#112816]
|
|
|
|
- branched devel package and packed includes [#112815]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 27 14:43:03 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.12 (a lot of security fixes enpa-sa-00020)
|
|
|
|
- removed obsoleted gcc4 patch
|
|
|
|
- removed unneeded .la files
|
2009-08-06 00:42:24 +02:00
|
|
|
- moved /etc/{manuf,diameter} to /usr/X11R6/share/ethereal
|
2007-01-16 00:41:20 +01:00
|
|
|
(changed loading data files)
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 6 10:22:44 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.11 (a lot of security fixes enpa-sa-00019)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 4 12:01:42 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed segfaults when trying to access help [#81523]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 17 18:04:14 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed security bugs in Etheric, GPRS-LLC, 3GPP2 A11, IAPP dissectors.
|
2009-08-06 00:42:24 +02:00
|
|
|
[#71777] (enpa-sa-00018: CAN-2005-0704, CAN-2005-0705, CAN-2005-0699,
|
2007-01-16 00:41:20 +01:00
|
|
|
CAN-2005-0739)
|
|
|
|
- fixed bugs in JXTA, sFlow
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jan 21 14:08:05 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.9
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 12 18:52:23 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.8
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Dec 08 14:15:58 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- added new icon
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 30 13:46:48 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.7
|
|
|
|
- packaged missed pixmap file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Oct 27 11:46:20 CEST 2004 - mmj@suse.de
|
|
|
|
|
|
|
|
- Add rpm-devel, popt-devel and tcpd-devel to #nfb to fix build
|
|
|
|
- Don't remove buildroot in install
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 25 13:57:21 CEST 2004 - lmuelle@suse.de
|
|
|
|
|
|
|
|
- Add libadns and libadns-devel to BuildRequires, [#43590].
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Aug 16 19:00:10 CEST 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.6
|
|
|
|
- removed obsoleted patches (ipv6-filter-fix, secfix1)
|
|
|
|
- merged help-fix patch in config patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 14 12:33:34 CEST 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.5 (security update) [#42820]
|
|
|
|
* several security fixes; enpa-sa-00015 (CAN-2004-0633, CAN-2004-0634,
|
|
|
|
CAN-2004-0635)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Apr 29 13:31:26 CEST 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- added missing online help [#39518]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 02 13:31:08 CEST 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- added check for resolved address in default filter
|
|
|
|
(modified previous patch ipv6-filter-fix.diff)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 29 11:59:10 CEST 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.3 (security update) [#35449]
|
|
|
|
* several security fixes; enpa-sa-00013; CAN-2004-0176 CAN-2004-0367,
|
|
|
|
CAN-2004-0365
|
|
|
|
- fixed lib64 paths
|
|
|
|
- fixed default filter (ipv6 problem)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 23 16:09:11 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed locating manuf file in /etc [#34386]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 02 17:07:34 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- added desktop file with "X-KDE-SubstituteUID=true" (asks for root passwd)
|
|
|
|
[#35118]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 25 13:16:01 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.10.2
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jan 22 23:23:07 CET 2004 - mmj@suse.de
|
|
|
|
|
|
|
|
- Update to 0.10.0a
|
|
|
|
- Use -fno-strict-aliasing
|
|
|
|
- Use gtk2
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Jan 10 11:02:01 CET 2004 - adrian@suse.de
|
|
|
|
|
|
|
|
- build as user
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Dec 18 15:35:19 CET 2003 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed security bug (in SMB dissectors);[#33650] enpa-sa-00012
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 10 13:48:12 CET 2003 - ro@suse.de
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- use net-snmp instead of ucdsnmp
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Nov 06 15:47:43 CET 2003 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed security bugs (in GTP,ISAKMP,MEGACO,SOCKS dissectors); enpa-sa-00011
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Aug 16 16:50:01 CEST 2003 - adrian@suse.de
|
|
|
|
|
|
|
|
- install desktop file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jul 25 15:19:33 CEST 2003 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.9.14
|
|
|
|
* support for searching for arbitrary text and binary data in frames
|
|
|
|
* new protocols: Echo, eDonkey, Jabber, MS Messenger, sFlow
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 3 16:58:59 CEST 2003 - lmuelle@suse.de
|
|
|
|
|
|
|
|
- update to version 0.9.13
|
|
|
|
* support for GNU ADNS library
|
|
|
|
* "Decode As..." functionality has been added to Tethereal via the "-d" flag
|
|
|
|
* support for a system-wide color filter file
|
|
|
|
* several security fixes; enpa-sa-00010; CAN-2003-0428 CAN-2003-0429
|
|
|
|
CAN-2003-0431 CAN-2003-0432
|
|
|
|
- removed gcc patch as included in upstream
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 10 16:55:32 CET 2003 - postadal@suse.cz
|
|
|
|
|
|
|
|
- update to version 0.9.10 (security fix)
|
|
|
|
- removed obsoleted unused plugin patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Mar 7 01:48:07 CET 2003 - ro@suse.de
|
|
|
|
|
|
|
|
- removed mminimal-toc from CFLAGS (ppc64)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 29 14:08:44 CET 2003 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.9.9
|
|
|
|
* more statistics have been added
|
|
|
|
* the RADIUS dissector can now decrypt user passwords
|
|
|
|
* new protocols: MDSHDR, MEGACO, MySQL, SDLC, X.29
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 27 01:56:56 CET 2003 - ro@suse.de
|
|
|
|
|
|
|
|
- fix build with gcc-3.3
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 22 23:10:47 CET 2003 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version 0.9.8
|
|
|
|
* new protocols: ARCNET, ClearCase NFS, DCERPC LSA_DS, Fibre Channel,
|
|
|
|
HyperSCSI, MDNS, PCLI, RPL, 802.1s MSTP, FIX, GSS-API, Interbase, NDPS,
|
|
|
|
Netflow (Cisco and Juniper), SCCP-Management, SPNEGO
|
|
|
|
- plugin fix (added header file with macros)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 28 14:24:40 CEST 2002 - postadal@suse.cz
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- added %config to file list
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 23 11:41:00 CEST 2002 - postadal@suse.cz
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- update to version 0.9.6 (security fix)
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Aug 15 12:52:38 CEST 2002 - postadal@suse.cz
|
|
|
|
|
|
|
|
- update to version 0.9.5 (security fix)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Jun 29 21:22:08 CEST 2002 - olh@suse.de
|
|
|
|
|
|
|
|
- build with -mminimal-toc on ppc64
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 16 10:08:21 CET 2002 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- update to version 0.9.0
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 26 10:36:42 CET 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- update to version 0.8.20
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 25 13:40:31 CEST 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- update to version 0.8.19
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jun 15 10:06:50 CEST 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- added openssl, openssl-devel to neededforbuild
|
|
|
|
- run confugure with --with-ssl=/usr
|
|
|
|
- link against libcrypto (libsnmp needs it)
|
|
|
|
- fixed to compile with ipv6 support
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jun 8 13:43:21 CEST 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- fixed to compile with new autoconf
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Apr 24 15:15:51 CEST 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- fixed warnings on ia64
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 20 15:27:20 CET 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- upgrade to version 0.8.16
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 6 13:30:03 CET 2001 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- upgrade to version 0.8.15
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 6 02:20:12 CET 2000 - ro@suse.de
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- fixed neededforbuild
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Oct 31 13:57:12 CET 2000 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- upgrade to version 0.8.13
|
|
|
|
- bzipped sources
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Aug 3 09:18:12 CEST 2000 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- upgrade to version 0.8.11
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 12 10:46:58 CEST 2000 - cihlar@suse.cz
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- upgrade to version 0.8.9
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 10 15:05:25 CEST 2000 - cihlar@suse.cz
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- upgrade to version 0.8.8
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Apr 13 14:29:50 CEST 2000 - cihlar@suse.cz
|
|
|
|
|
|
|
|
- upgrade to version 0.8.6
|
2009-08-06 00:42:24 +02:00
|
|
|
- added BuildRoot
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Apr 10 22:06:38 CEST 2000 - bk@suse.de
|
|
|
|
|
|
|
|
- added suse update config macro
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 1 14:20:59 MET 2000 - choeger@suse.de
|
|
|
|
|
2009-08-06 00:42:24 +02:00
|
|
|
- new version, 0.8.3
|
2007-01-16 00:41:20 +01:00
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 19 09:58:05 MET 2000 - choeger@suse.de
|
|
|
|
|
|
|
|
- new version, 0.8.1
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Nov 25 12:34:15 CET 1999 - choeger@suse.de
|
|
|
|
|
|
|
|
- new version, 0.7.8
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Oct 28 16:55:41 CEST 1999 - choeger@suse.de
|
|
|
|
|
|
|
|
- new version, 0.7.7
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
|
|
|
|
|
|
|
|
- ran old prepare_spec on spec file to switch to new prepare_spec.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Sep 1 18:04:36 CEST 1999 - choeger@suse.de
|
|
|
|
|
|
|
|
- new version
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 13 12:42:22 MEST 1999 - bs@suse.de
|
|
|
|
|
|
|
|
- use gtk and glib instead of gtkn and glibn
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 12 01:48:43 MEST 1999 - ro@suse.de
|
|
|
|
|
|
|
|
- libpcap is an extra package now
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 8 10:43:00 MEST 1999 - choeger@suse.de
|
|
|
|
|
|
|
|
- new version, v0.6.3
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 1 16:58:22 MEST 1999 - ro@suse.de
|
|
|
|
|
|
|
|
- fixed: X11 -> X11R6
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 26 09:39:50 MEST 1999 - choeger@suse.de
|
|
|
|
|
|
|
|
- new package v0.6.2
|
|
|
|
|