SHA256
1
0
forked from pool/wireshark
wireshark/wireshark.spec

904 lines
38 KiB
RPMSpec
Raw Normal View History

#
# spec file for package wireshark (Version 1.2.0)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: wireshark
License: GPL v2 or later
Group: Productivity/Networking/Diagnostic
Summary: A Network Traffic Analyser
Version: 1.2.0
Release: 2
Url: http://www.wireshark.org/
Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2
Source1: include.filelist
# PATCH-FIX-OPENSUSE wireshark-1.0.8-desktop.patch bnc#349782 prusnak@suse.cz -- fix icon and run as root
Patch0: %{name}-1.0.8-desktop.patch
# PATCH-FIX-OPENSUSE wireshark-1.2.0-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
Patch1: %{name}-1.2.0-disable-warning-dialog.patch
# PATCH-FIX-OPENSUSE wireshark-1.2.0-asneeded.patch cmorve69@yahoo.es -- compile with --as-needed
Patch2: %{name}-1.2.0-asneeded.patch
# PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
Patch3: %{name}-1.2.0-geoip.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: xdg-utils
Provides: ethereal = %{version}
Obsoletes: ethereal < %{version}
BuildRequires: bison
BuildRequires: cairo-devel
BuildRequires: flex
BuildRequires: gtk2-devel
BuildRequires: krb5-devel
BuildRequires: libcap-devel
BuildRequires: libcares-devel
BuildRequires: libgcrypt-devel
%if 0%{?suse_version} > 1100
BuildRequires: libGeoIP-devel
Recommends: GeoIP
%endif
BuildRequires: libgnutls-devel
BuildRequires: libpcap-devel
BuildRequires: libsmi-devel
BuildRequires: lua-devel
BuildRequires: net-snmp-devel
BuildRequires: openssl-devel
BuildRequires: pcre-devel
BuildRequires: portaudio-devel
BuildRequires: python
BuildRequires: tcpd-devel
BuildRequires: update-desktop-files
BuildRequires: xdg-utils
BuildRequires: zlib-devel
%description
Wireshark is a free network protocol analyzer for Unix and Windows. It
allows you to examine data from a live network or from a capture file
on disk. You can interactively browse the capture data, viewing summary
and detail information for each packet. Wireshark has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
Authors:
--------
Gerald Combs <gerald[AT]ethereal.com>
Gilbert Ramirez <gram[AT]alumni.rice.edu>
Hannes R. Boehm <hannes[AT]boehm.org>
Mike Hall <mike[AT]hallzone.net>
Bobo Rajec <bobo[AT]bsp-consulting.sk>
Laurent Deniel <laurent.deniel[AT]free.fr>
Don Lafontaine <lafont02[AT]cn.ca>
Guy Harris <guy[AT]alum.mit.edu>
Simon Wilkinson <sxw[AT]dcs.ed.ac.uk>
Joerg Mayer <jmayer[AT]loplof.de>
Martin Maciaszek <fastjack[AT]i-s-o.net>
Didier Jorand <Didier.Jorand[AT]alcatel.fr>
Jun-ichiro itojun Hagino <itojun[AT]itojun.org>
Richard Sharpe <sharpe[AT]ns.aus.com>
John McDermott <jjm[AT]jkintl.com>
Jeff Jahr <jjahr[AT]shastanets.com>
Brad Robel-Forrest <bradr[AT]watchguard.com>
Ashok Narayanan <ashokn[AT]cisco.com>
Aaron Hillegass <aaron[AT]classmax.com>
Jason Lango <jal[AT]netapp.com>
Johan Feyaerts <Johan.Feyaerts[AT]siemens.atea.be>
Olivier Abad <oabad[AT]noos.fr>
and many others. For details see /usr/share/doc/packages/wireshark/AUTHORS
%package devel
License: GPL v2 or later
Summary: A Network Traffic Analyser
Group: Productivity/Networking/Diagnostic
Requires: %{name} = %{version} glibc-devel glib2-devel
Provides: ethereal-devel = %{version}
Obsoletes: ethereal-devel < %{version}
%description devel
Wireshark is a free network protocol analyzer for Unix and Windows. It
allows you to examine data from a live network or from a capture file
on disk. You can interactively browse the capture data, viewing summary
and detail information for each packet. Wireshark has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
Authors:
--------
Gerald Combs <gerald[AT]ethereal.com>
Gilbert Ramirez <gram[AT]alumni.rice.edu>
Hannes R. Boehm <hannes[AT]boehm.org>
Mike Hall <mike[AT]hallzone.net>
Bobo Rajec <bobo[AT]bsp-consulting.sk>
Laurent Deniel <laurent.deniel[AT]free.fr>
Don Lafontaine <lafont02[AT]cn.ca>
Guy Harris <guy[AT]alum.mit.edu>
Simon Wilkinson <sxw[AT]dcs.ed.ac.uk>
Joerg Mayer <jmayer[AT]loplof.de>
Martin Maciaszek <fastjack[AT]i-s-o.net>
Didier Jorand <Didier.Jorand[AT]alcatel.fr>
Jun-ichiro itojun Hagino <itojun[AT]itojun.org>
Richard Sharpe <sharpe[AT]ns.aus.com>
John McDermott <jjm[AT]jkintl.com>
Jeff Jahr <jjahr[AT]shastanets.com>
Brad Robel-Forrest <bradr[AT]watchguard.com>
Ashok Narayanan <ashokn[AT]cisco.com>
Aaron Hillegass <aaron[AT]classmax.com>
Jason Lango <jal[AT]netapp.com>
Johan Feyaerts <Johan.Feyaerts[AT]siemens.atea.be>
Olivier Abad <oabad[AT]noos.fr>
and many others. For details see /usr/share/doc/packages/wireshark/AUTHORS
%prep
%setup -q
%patch0
%patch1
%patch2
%patch3
%build
%configure
make %{?jobs:-j%jobs}
%install
make "DESTDIR=$RPM_BUILD_ROOT" install
ln -fs wireshark $RPM_BUILD_ROOT%{_bindir}/ethereal
ln -fs tshark $RPM_BUILD_ROOT%{_bindir}/tethereal
install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}
install -d -m 0755 $RPM_BUILD_ROOT%{_mandir}/man1/
install -m 0644 *.1 $RPM_BUILD_ROOT%{_mandir}/man1/
%suse_update_desktop_file -i wireshark System Network
find $RPM_BUILD_ROOT -name "*.la" -exec rm {} \;
install -d -m 0755 $RPM_BUILD_ROOT%{_includedir}/wireshark
for i in `cat %{SOURCE1}`; do
install -m 644 $i $RPM_BUILD_ROOT%{_includedir}/wireshark
done
install -D -m 0644 image/wsicon48.png $RPM_BUILD_ROOT%{_datadir}/pixmaps/wireshark.png
%clean
rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root)
%doc AUTHORS COPYING NEWS README README.linux README.vmware
%{_mandir}/man1/[^i]*
%{_mandir}/man4/*
%{_datadir}/applications/*.desktop
%{_datadir}/pixmaps/wireshark.png
%{_bindir}/[^i]*
%{_libdir}/lib*.so.*
%{_libdir}/wireshark
%{_datadir}/wireshark
%files devel
%defattr(-,root,root)
%doc doc/README.*
%{_includedir}/wireshark
%{_libdir}/*.so
%{_bindir}/idl2wrs
%{_mandir}/man1/idl2wrs*
%changelog
* Wed Jun 17 2009 prusnak@suse.cz
- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
(geoip.patch)
* Wed Jun 17 2009 prusnak@suse.cz
- updated to 1.2.0
Bug Fixes
Too many bugs have been fixed since the 1.0 release to list here.
Some notable fixes are:
o Type-ahead search now works properly.
o Several bugs that affected capture from pipes have been fixed.
o Many Lua-related bugs have been fixed.
o Several memory leaks have been found and fixed.
o The "Follow TCP Stream" feature could show two streams at the
same time The hex dump view has been narrowed.
o WPA and SSL decryption bugs have been fixed.
o Readability problems on 256-color displays on Windows have
been fixed.
New and Updated Features
The following features are new (or have been significantly
updated) since version 1.0:
o Wireshark has a spiffy new start page.
o Display filters now autocomplete.
o A 64-bit Windows (x64) installer is now provided.
o Support for the c-ares resolver library has been added. It has
many advantages over ADNS.
o Many new protocol dissectors and capture file formats have
been added (see below for a complete list).
o Macintosh OS X support has been improved.
o GeoIP database lookups.
o OpenStreetMap + GeoIP integration.
o Improved Postscript(R) print output.
o The preference handling code is now much smarter about
changes.
o Support for Pcap-ng, the next-generation capture file format.
o Support for process information correlation via IPFIX.
o Column widths are now saved.
o The last used configuration profile is now saved.
o Protocol preferences are changeable from the packet details
context menu.
o Support for IP packet comparison.
o Capinfos now shows the average packet rate.
o GTK1 is no longer supported. (Yes, this is a feature.)
o Official Windows packages are now built using Microsoft Visual
C++ 2008 SP1.
New Protocol Support
Anything in Anything Protocol, ATM PW, N-to-one Cell Mode,
B.A.T.M.A.N. Layer 3 Protocol, BACnet MS/TP, BSS LCS Assistance
Protocol, Canon BJNP, CESoPSN basic NxDS0 mode (no RTP support),
Charging ASE, Cimetrics MS/TP, DECT Protocol, Digital Private
Signalling System No 1 Link Layer, DOCSIS Mac Domain Description,
DOCSIS Registration Request Multipart, DOCSIS Registration
Response Multipart, DOCSIS Synchronisation Message, E100
Encapsulation, EHS, Enhanced Variable Rate Codec, Ethernet Global
Data, Ethernet PW, Exchange 2003 Directory Request For Response,
Far End Failure Detection, FCoE Initialization Protocol, GOOSE,
GPEF, GPRS Tunneling Protocol V2, GSM A-I/F COMMON, GSM A-I/F GPRS
Mobility and Session Management, GSM SACCH, GSM Um Interface, HDLC
PW, FR port mode (no CW), HDLC-like framing for PPP, IEC
60870-5-104,Apci, IEC 60870-5-104,Asdu, IEEE 802.15.4 Low-Rate
Wireless PAN non-ASK PHY, IEEE C37.118 Synchrophasor Protocol,
Intelligent Platform Management Interface (Session Wrapper),
Inter-Integrated Circuit, Internal TDM, IPSICTL, ISMACryp
Protocol, iWARP Direct Data Placement and Remote Direct Memory
Access Protocol, iWARP Marker Protocol data unit Aligned framing,
Kontiki Delivery Protocol, LANforge Traffic Generator, Layer 1
Event Messages, Lb-I/F BSSMAP LE, LeCroy VICP, Link Access
Procedure, Channel Dm (LAPDm), Local Download Sharing Service, LTE
Radio Resource Control (RRC) protocol, MAC-LTE, Memcache Protocol,
Mesh Header, MP4V-ES, Nasdaq TotalView-ITCH, Nasdaq-SoupTCP
version 2.0, NAT Port Mapping Protocol, Netdump Protocol,
Non-Access-Stratum (NAS)PDU, PacketLogger, Paltalk Messenger
Protocol, PDCP-LTE, PW Associated Channel Header, PW Ethernet
Control Word, PW Frame Relay DLCI Control Word, PW MPLS Control
Word (generic/preferred), Real-Time Publish-Subscribe Wire
Protocol 2.x, Remote Packet Capture, RLC-LTE, SAToP (no RTP
support), SERCOS III V1.1, SIMULCRYPT Protocol, Subnetwork
Dependent Convergence Protocol XID, Teamspeak2 Protocol,
TTEthernet, TTEthernet Protocol Control Frame, Turbocell Aggregate
Data, Turbocell Header, TURN Channel, Unreliable Multicast
Inter-ORB Protocol, VCDU, Wave Short Message Protocol(IEEE
P1609.3), Wireless Access Station Session Protocol, Wireshark
Expert Info, World of Warcraft, Xpress Transport Protocol, ZigBee
Application Framework, ZigBee Application Support Layer, ZigBee
Device Profile, ZigBee Encapsulation Protocol, ZigBee Network
Layer, Zipped Inter-ORB Protocol, ZRTP
Updated Protocol Support
There are too many updates to list here.
New Capture File Support
Apple Bluetooth PacketLogger, Daintree's Sensor Network Analyzer,
dct3trace, Pcap-NG, TNEF (yes, those silly winmail.dat
attachments)
- removed obsoleted patches:
* help.patch (not needed anymore)
* sigpipe-block.patch (not needed anymore)
* Tue May 26 2009 cmorve69@yahoo.es
- made it compile with --as-needed
* Fri May 22 2009 prusnak@suse.cz
- updated to 1.0.8
* bug fixes
o The PCNFSD dissector could crash.
* the following bugs have been fixed:
o Lua integration could crash (Bug 2453)
o The SCCP dissector could crash when loading more than one file
in a single session. (Bug 3409)
o The NDMP dissector could crash if reassembly was enabled. (Bug 3470)
* updated protocol support
o All ASN.1 protocols, DICOM, NDMP, PCNFSD, RTCP, SCCP, SSL, STANAG 5066
* Fri Apr 17 2009 cseader@novell.com
- removing --with-ssl and adding --with-gnutls
* per Wireshark documentation "The SSL dissector is fully functional and even supports
advanced features such as decryption of SSL if the encryption key can be provided and
WireShark is compiled against Gnu-TLS (rather than openssl or bsafe)."
* Wed Apr 15 2009 cseader@novell.com
- updated to 1.0.7
o security fixes
* The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382)
Versions affected: 0.99.6 to 1.0.6
CVE-2009-1210
* The LDAP dissector could crash on Windows. (Bug 3262)
Versions affected: 0.99.2 to 1.0.6
CVE-2009-1267
* The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269)
Versions affected: 0.9.6 to 1.0.6
CVE-2009-1268
* Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366)
Versions affected: 0.99.6 to 1.0.6
CVE-2009-1269
o bug fixes
* Correct use of proto_tree_add_int_format() (Bug 3048)
* RTP dynamic payload clock rates incorrectly determined (Bug 3067)
* TShark fails to properly close capture files when opening new ones (Bug 3172)
* ANSI MAP digits type decode and bitmask corrections (Bug 3233)
* Two small patches for ipvs-syncd dissector (Bug 3236)
* BGP capability dissection failure (Bug 3247)
* ANSI MAP fix for missing MEID/MSC ID number in RegNot (Bug 3255)
* BACnet PrivateTransferError shows malformed packet (Bug 3257)
* Windows silent installer is not that silent (Bug 3260)
* Crash in ASN.1 dissector when using 'type table' (Bug 3271)
* 802.11n SM Power save mode value 0x3 label is incorrect (Bug 3276)
* 802.11 WME ie displayed incorrectly (Bug 3284)
* "Copy as filter" from the packet list has been fixed.
o updated protocol support
* ACN, ANSI MAP, ASN.1 BACnet, BGP, CPHAP, GSM MAP, IEEE 802.11, IPVS, LDAP, NetFlow/IPFIX, PROFINET, RTP, SNMP, WSP
* Mon Feb 16 2009 prusnak@suse.cz
- updated to 1.0.6
o security fixes
* possible crash if the HOME environment variable contained
sprintf-style string formatting characters
* possible crash while reading a malformed NetScreen snoop file
* possible crash while reading a Tektronix K12 text capture file
o bug fixes
* Crash when loading capture file and Preferences: NO Info column
* Some Lua scripts may lead to corruption via out of bounds stack
* Build with GLib 1.2 fails with error: 'G_MININT32' undeclared
* Wrong decoding IMSI with GSM MAP protocol
* Segmentation fault for "Follow TCP stream"
* SMPP optional parameter 'network_error_code' incorrectly decoded
* DHCPv6 dissector doesn't handle malformed FQDN
* WCCP overrides CFLOW as decoded protocol
* Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object
* ANSI MAP fix for TRN digits/SMS and OTA subdissection
o updated protocol support
* AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS
o New and Updated Capture File Support
* NetScreen snoop
* Wed Dec 17 2008 prusnak@suse.cz
- updated to 1.0.5
* security fixes
o The SMTP dissector could consume excessive amounts of CPU
and memory
o The WLCCP dissector could go into an infinite loop
* bug fixes
o Missing CRLF during HTTP POST in the "packet details" window
(Bug 2534)
o Memory assertion in time_secs_to_str_buf() when compiled
with GCC 4.2.3 (Bug 2777)
o Diameter dissector fails RFC 4005 compliance (Bug 2828)
o LDP vendor private TLV type is not correctly shown (Bug 2832)
o Wireshark on MacOS does not run when there are spaces in
its path (Bug 2844)
o OS X Intel package incorrectly claims to be Universal (Bug 2979)
o Compilation broke when compiling without zlib (Bug 2993)
o Memory leaks (Bugs 3017 ... 3022, 3079)
o Incorrect address structure assigned for find_conversation()
in WSP (Bug 3071)
o Error parsing the BSSGP protocol (Bug 3085)
o Assertion thrown in fvalue_get_uinteger when decoding TIPC
(Bug 3086)
o LUA script : Wireshark crashes after closing and opening again
a window used by a listener.draw() function. (Bug 3090)
* Updated Protocol Support
ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP,
MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066,
TACACS, TIPC, WLCCP, WSP
* Mon Nov 24 2008 prusnak@suse.cz
- fix wireshark freeze when closing capture window [bnc#417850]
(sigpipe-block.patch)
- don't show warning when running as root [bnc#349782]
- altered .desktop file to run wireshark gui as root automatically
* Tue Nov 04 2008 prusnak@suse.cz
- updated to 1.0.4
* security fixes
o Florent Drouin and David Maciejak found that the Bluetooth ACL
dissector could crash or abort. (Bug 1513)
o The Q.931 dissector could crash or abort. (Bug 2870)
o Wireshark could abort while reading Tamos CommView capture
files. (Bug 2926)
o David Maciejak found that the USB dissector could crash or
abort. This led to the disovery of a similar problem in the
Bluetooth RFCOMM dissector. (Bug 2922)
o Vivek Gupta and David Maciejak found that the PRP and MATE
dissectors could make Wireshark crash. (Neither PRP nor MATE
are enabled by default.) (Bug 2549)
* bug fixes
o Let MP2T call its subdissectors, even without tree (Bug 2627)
o Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
(Bug 2685)
o Failure to dissect long SASL wrapped LDAP response (Bug 2687)
o Fix compiler warnings (Bug 2823)
o Homeplug dissection bugs (Bug 2859)
o Malformed Packet DCP ETSI error (Bug 2860)
o Wrong size of selected_registrar in WPS dissector (Bug 2865)
o Dissector assertion displaying cookies in DTLS frames (Bug
2876)
o Missing field type in documentation (Bug 2889)
o Wireshark -p switch seems to have no effect to PROMISCUOUS
mode (Bug 2891)
o Misspelled PPI error vector magnitude filter (Bug 2903)
o Modbus Function 43 Encapsulated Interface Transport decoding
(Bug 2917)
o Crash when printing or exporting some protocol data (Bug 2934)
o Crash when selecting "Export Selected Packet Bytes" (Bug 2964)
* updated protocol support
AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug,
IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL,
SNMP, USB, WPS
* new and updated capture file support
AiroPeek, CommView
* Thu Sep 04 2008 prusnak@suse.cz
- updated to 1.0.3 - bug fixes:
o The NCP dissector was susceptible to a number of problems,
including buffer overflows and an infinite loop.
o Wireshark could crash while uncompressing zlib-compressed
packet data.
o Wireshark could crash while reading a Tektronix .rf5 file.
o 802.11 WPA/WPA2-PSK Unable to decode Group Keys. (Bug 1420)
o Packets could wrongly be dissected as "Redback Lawful
Intercept" (Bug 2376)
o MIKEY dissector improvements (Bug 2400)
o tvb_get_bits{16|32} could read past the end of a tvbuff (Bug
2439)
o Incorrect wslua function names. (Bug 2448)
o Memory corruption in wslua. (Bug 2453)
o Unknown PPPoE TAGs which are present in a PPPoE discovery
packet are not displayed under "PPPoE Tags" subtree/section.
(Bug 2458)
o Following a TCP stream could incorrectly reassemble packets.
(Bug 2606)
o SIP decode shows fully expanded "Content-Length" header
instead of compact form. (Bug 2635)
o Segmentation fault loading trace containing NCP packets. (Bug
2675)
o SIP packets might incorrectly be displayed as malformed. (Bug
2729)
o RTCP BYE padding interpreted incorrectly. (Bug 2778)
o Reversed RTP stream is saved as silent .au file, forward
stream saves correctly. (Bug 2780)
o Fix some lint warnings. (Bug 2822)
o Setting a duration on a capture file would capture for an
extra second.
* Wed Apr 02 2008 prusnak@suse.cz
- updated to 1.0.0 \o/
* setcurity fixes:
o the X.509sat dissector could crash
o the Roofnet dissector could crash
o the LDAP dissector could crash
o the SCCP dissector could crash while using the "decode as" feature
* buf fixes:
o several SNMP-related bugs have been fixed
o several memory-related bugs have been fixed
* new protocol support:
IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol, RedBack
Lawful Intercept, Xcsl
* updated protocol support:
AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP
(renamed from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay,
EtherCAT, FIX, GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS,
JXTA, NCP, P_Mul, PCAP, PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP,
RTMPT, RTP, RX, SABP, SCSI OSD, sFlow, SMPP, SNMP, SSCOP, TAPA,
TIPC, TPNCP, UNISTIM, X.25, X.509sat, XML
* new and updated capture file support:
Hilscher Analyzer
- dropped patches:
* strncat.patch (obsoleted by update)
* Thu Feb 28 2008 prusnak@suse.cz
- updated to 0.99.8
* security fixes
o fixed crash in SCTP, SNMP and TFTP dissectors
The following bugs have been fixed:
o Wireshark could crash when:
- saving I/O graphs
- editing table-based preferences
- trying to play RTP streams.
- trying to apply a display filter macro
- using Turkish and other locales.
* new features:
o multiple configuration profiles
o temporary coloring rules (let you color or filter on a conversation)
o I/O graphs have been improved
o Wireshark now has WLAN traffic statistics
o the Wireshark GUI now supports RPCAP
o conversations and endopoints can now be limited to the current display filter
o experimental support for the NTAR/PcapNG file format
* new protocol support:
AiroPeek Remote Capture, China Mobile Point to Point, Distributed
Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
Foundation, International Passenger Airline Reservation
System/Airline Link Control, Microsoft DirectPlay, Path
Computation Element communication Protocol, Real Time Messaging
Protocol, S1 Application Protocol, Scripting Service Protocol,
Societe Internationale de Telecommunications Aeronautiques, Unisys
Transmittal System, Wi-fi Protected Setup,
* updated protocol support:
3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI
MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL,
HCI CMD, HCI EVT, HCI SCO, L2CAP, SDP), CDP, CFM, CMS, COPS,
Camel, Cisco ERSPAN, DAP, DCERPC SPOOLSS, DCERPC, DHCP, DHCPv6,
DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet,
FMP, FTAM, GMRP, GRE, GSM MAP, GSM SMS, GSS-API, GTP, Gryphon,
H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE
802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP,
MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM,
PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT
LCT, ROS, RPC, RPL, RRC, RTCP, RTP, SCCP, SCTP, SDP, SLL, SMB,
SMB2, SMPP, SMTP, SNMP, SRVLOC, SSL, STUN2, T.38, TCAP, TCP, TFTP,
TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420,
X.509if, X.509sat
* new and updated capture file support:
Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
Visual Networks
- removed obsolete patch:
* strptime.patch (included in update)
- added bison and flex to BuildRequires
* Thu Feb 21 2008 crrodriguez@suse.de
- fix -devel package dependencies
* Wed Jan 09 2008 prusnak@suse.cz
- fix strptime function inclusion (strptime.patch)
- do not package non linux READMEs
* Wed Dec 19 2007 prusnak@suse.cz
- updated to 0.99.7
* security fixes
o Wireshark could crash when reading an MP3 file.
o Beyond Security discovered that Wireshark could loop
excessively while reading a malformed DNP packet.
o Stefan Esser discovered a buffer overflow in the SSL
dissector.
o The ANSI MAP dissector could be susceptible to a buffer
overflow on some platforms.
o The Firebird/Interbase dissector could go into an infinite
loop or crash.
o The NCP dissector could cause a crash.
o The HTTP dissector could crash on some systems while decoding
chunked messages.
o The MEGACO dissector could enter a large loop and consume
system resources.
o The DCP ETSI dissector could enter a large loop and consume
system resources.
o Fabiodds discovered a buffer overflow in the iSeries (OS/400)
Communication trace file parser.
o The PPP dissector could overflow a buffer.
o The Bluetooth SDP dissector could go into an infinite loop.
o A malformed RPC Portmap packet could cause a crash.
o The IPv6 dissector could loop excessively.
o The USB dissector could loop excessively or crash.
o The SMB dissector could crash.
o The RPL dissector could go into an infinite loop.
o The WiMAX dissector could crash due to unaligned access on
some platforms.
o The CIP dissector could attempt to allocate a huge amount of
memory and crash.
* bug fixes
o Handling of non-ASCII file names and paths has been improved.
o Wireshark could crash while editing a coloring rule or a UAT
table.
o The display filter code could crash while bitwise ANDing an
IPv4 address.
* news and updates
o Most of the capture code has been moved out of the GUI, which
means that Wireshark no longer needs to be run as root.
o Many display filter names have been cleaned up. If your
favorite display filter just went missing, please consult the
display filter reference to find out where it ended up.
o You can now filter directly on SNMP OIDs.
o IO graphs have more display options, and you can now export
graphs.
o You can now follow UDP streams in addition to TCP and SSL
streams.
o You can now disable coloring rules without deleting them.
o Main window toolbar buttons are now available even when the
window is small.
o Optimizations have been applied in some places to make
Wireshark start up and run faster.
* new protocol support
ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS,
EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and
802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM,
Wake on LAN, WiMAX ASN Control Plane, X.224,
* updated protocol support
3Com XNS, 3G A11, ACN, ACP123, ACSE, AIM, ANSI IS-637-A, ANSI MAP,
Armagetronad, BACapp, BACnet, BER, BFD, BGP, Bluetooth, CAMEL,
CDT, CFM, CIP, Cisco ERSPAN, CLNP, CMIP, CMS, COPS, CTDB, DCCP,
DCERPC ATSVC, DCERPC PNIO, DCERPC SAMR, DCERPC, DCOM CBA-ACCO, DCP
ETSI, DEC DNA, DFS, DHCP/BOOTP, DHCPv6, DIAMETER, DISP, DMP, DNP,
DNS, DOP, DTLS, DUA, eDonkey, ELSM, ESL, Ethernet, FC ELS, FC,
FCOE, FTAM, FTP, GDSDB, GIOP, GPRS-LLC, GSM A, GSM MAP, GTP, HSRP,
HTTP, IAX2, ICMPv6, IEEE 802.11, INAP, IP, IPMI, IPv6, ISAKMP,
ISIS, iSNS, ISUP, IUUP, JXTA, K12, Kerberos, L2TP, LAPD, LDAP,
LINX, LPD, LWAPP, MEGACO, MIKEY, MIME Multipart, MMS, MP2T, MPEG
PES, MPEG, MTP2, MySQL, NBAP, NetFlow, nettl, NFS, NSIP, OSPF,
P_MUL, PANA, PER, PKCS#12, PMIPv6, PN-PTCP, PN-RT, PPI, PPPoE,
PRES, PROFINET, PTP, Q.932 ROS, Q.932, QSIG, Radiotap, RADIUS,
RANAP, RNSAP, ROS, RTCP, RTP, RTSE, RTSP, SCCP, SCTP, SDP,
SIGCOMP, SIP, Slow Protocols, SMB, SMPP, SMTP, SNDCP, SNMP, SRP,
SSL, STANAG 4406, STUN2, TCAP, TCP, text/media, TIPC, ULP, UMA,
UMTS FP, V5UA, VNC, WiMAX M2M, WiMAX, WLCCP, X.411, X.420, X.509
SAT, XML
* new and updated capture file support
Catapult DCT 2000, Endace ERF, Juniper NetScreen snoop, Visual
Networks, Windows Sniffer (NetXRay)
- removed fwrite_unused_result.patch
* Tue Sep 04 2007 ro@suse.de
- disable -Werror for now
* Thu Jul 26 2007 prusnak@suse.cz
- changed libpcap to libpcap-devel in BuildRequires
* Tue Jul 10 2007 prusnak@suse.cz
- updated to 0.99.6
* security fixes:
* crash when dissecting an HTTP chunked response
* crash while reading iSeries capture files
* exhaust system memory while reading a malformed DCP ETSI packet
* loop excessively while reading a malformed SSL packet
* DHCP/BOOTP dissector susceptible to an off-by-one error
* loop excessively while reading a malformed MMS packet
* bug fixes:
* WEP decryption would only work for the first key specified
* WEP and WPA decryption didn't work for QoS frames
* WPA decryption failed if EAPOL handshake packets contained extra data
* Wireshark failed to parse colon-separated WEP keys
* merging files in Wireshark now appends files properly
* hang while saving an RTP stream with bad timestamp data
* frame.time_delta display filter now works as expected
* for full information see:
* http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html
- added fwrite_unused_result.patch (fixes warn_unused_result warnings in fwrite calls)
- dropped obsolete patches:
* dissectors.patch (included in update)
* Wed Mar 07 2007 prusnak@suse.cz
- added [t]ethereal symlinks [#252117]
- cleaned spec file
* Wed Feb 07 2007 prusnak@suse.cz
- fix SSL support [#242738]
- fix build warnings in dissector's code (dissectors.patch)
* Tue Feb 06 2007 prusnak@suse.cz
- update to 0.99.5
* security fixes [#237246]
- CVE-2007-0459 The TCP dissector could hang or crash
- CVE-2007-0458 The HTTP dissector could crash
- CVE-2007-0457 The IEEE 802.11 dissector could crash
- CVE-2007-0456 The LLT dissector could crash
* various bug fixes, added new protocols, see
http://www.wireshark.org/docs/relnotes/wireshark-0.99.5.html
for full information
- dropped obsoleted patches:
* wireshark-0.99.4-printf.diff (included in update)
* Thu Dec 07 2006 prusnak@suse.cz
- fixed libdir path in spec file
* Mon Nov 13 2006 mjancar@suse.cz
- update to 0.99.4
* final 0.99.4 release
* Tue Nov 07 2006 ro@suse.de
- fix manpage permissions
* Mon Oct 30 2006 mjancar@suse.cz
- update to 0.99.4pre1
* security fixes (#213226)
CVE-2006-4574
CVE-2006-4805
CVE-2006-5468
CVE-2006-5469
CVE-2006-5740
* Thu Aug 24 2006 postadal@suse.cz
- updated to version 0.99.2 [#201437]
* security bugfixes
* the packet list context menu now includes a conversation filter
* now generate ACL rules for several popular firewall products
* new protocols: Daytime, JPEG (RTP payload), Pegasus Lightweight
Stream Control, Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport
- removed oblsoleted patch buffer_overflow_fix.patch
* Tue Jul 25 2006 postadal@suse.cz
- project Ethereal moved to Wireshark project (renamed)
- updated to version 0.99.2
* security bugfixes
* multicast stream analysis
* you can now find next/previous marked frames
* the SMB dissector tracks filenames and share names
* added reading support of BER-encoded files
* new protocols: Bluetooth HCI (ACL, Command, Event, L2CAP, H4,
RFCOMM, SCO, SDP), Cisco WIDS, DTLS, Ether-S-Bus, OMA ULP,
PN-MRP, PN-MRRT, REXEC (yes, that REXEC), RRLP, RSerPool
(CalcAppProtocol, ComponentStatusProtocol, FractalGeneratorProtocol,
PingPongProtocol), Telkonet, TiVoConnect Discovery Protocol
- fixed buffer overflow in nettl.c [wireshark#1015] (buffer_overflow_fix.patch)
- removed obsoleted patches (CVE-2006-1932-40.patch, hash_returnval.patch,
infinite-loop.patch)
* Mon Jun 12 2006 lmichnovic@suse.cz
- fixed forgoten return value (hash_retval.patch) [#183696]
* Wed May 03 2006 postadal@suse.cz
- fixed security bugs [#167928] (CVE-2006-1932 - CVE-2006-1940)
(CVE-2006-1932-40.patch)
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Sat Jan 07 2006 postadal@suse.cz
- updated to version 0.10.14
* Wed Dec 21 2005 meissner@suse.de
- added -fstack-protector
- add pcre/pcre-devel to get regexp support.
* Tue Nov 01 2005 postadal@suse.cz
- fixed infinite loop [#128637] (infinite-loop.patch)
* Fri Oct 21 2005 postadal@suse.cz
- updated to version 0.10.13 (a lot of security fixes enpa-sa-00021)
[#128637]
* Tue Sep 06 2005 lmuelle@suse.de
- Add kerberos-devel-packages to neededforbuild and --with-krb5=/usr to the
configure arguments; [#115457].
* Wed Aug 31 2005 postadal@suse.cz
- changed category of desktop file from Monitor to System [#114060]
* Mon Aug 29 2005 postadal@suse.cz
- all data moved from /usr/X11R6 to /usr [#112816]
- branched devel package and packed includes [#112815]
* Wed Jul 27 2005 postadal@suse.cz
- updated to version 0.10.12 (a lot of security fixes enpa-sa-00020)
- removed obsoleted gcc4 patch
- removed unneeded .la files
- moved /etc/{manuf,diameter} to /usr/X11R6/share/ethereal
(changed loading data files)
* Fri May 06 2005 postadal@suse.cz
- updated to version 0.10.11 (a lot of security fixes enpa-sa-00019)
* Wed May 04 2005 postadal@suse.cz
- fixed segfaults when trying to access help [#81523]
* Thu Mar 17 2005 postadal@suse.cz
- fixed security bugs in Etheric, GPRS-LLC, 3GPP2 A11, IAPP dissectors.
[#71777] (enpa-sa-00018: CAN-2005-0704, CAN-2005-0705, CAN-2005-0699,
CAN-2005-0739)
- fixed bugs in JXTA, sFlow
* Fri Jan 21 2005 postadal@suse.cz
- updated to version 0.10.9
* Wed Jan 12 2005 postadal@suse.cz
- updated to version 0.10.8
* Wed Dec 08 2004 postadal@suse.cz
- added new icon
* Tue Nov 30 2004 postadal@suse.cz
- updated to version 0.10.7
- packaged missed pixmap file
* Wed Oct 27 2004 mmj@suse.de
- Add rpm-devel, popt-devel and tcpd-devel to #nfb to fix build
- Don't remove buildroot in install
* Wed Aug 25 2004 lmuelle@suse.de
- Add libadns and libadns-devel to BuildRequires, [#43590].
* Mon Aug 16 2004 postadal@suse.cz
- updated to version 0.10.6
- removed obsoleted patches (ipv6-filter-fix, secfix1)
- merged help-fix patch in config patch
* Wed Jul 14 2004 postadal@suse.cz
- updated to version 0.10.5 (security update) [#42820]
* several security fixes; enpa-sa-00015 (CAN-2004-0633, CAN-2004-0634,
CAN-2004-0635)
* Thu Apr 29 2004 postadal@suse.cz
- added missing online help [#39518]
* Fri Apr 02 2004 postadal@suse.cz
- added check for resolved address in default filter
(modified previous patch ipv6-filter-fix.diff)
* Mon Mar 29 2004 postadal@suse.cz
- updated to version 0.10.3 (security update) [#35449]
* several security fixes; enpa-sa-00013; CAN-2004-0176 CAN-2004-0367,
CAN-2004-0365
- fixed lib64 paths
- fixed default filter (ipv6 problem)
* Tue Mar 23 2004 postadal@suse.cz
- fixed locating manuf file in /etc [#34386]
* Tue Mar 02 2004 postadal@suse.cz
- added desktop file with "X-KDE-SubstituteUID=true" (asks for root passwd)
[#35118]
* Wed Feb 25 2004 postadal@suse.cz
- updated to version 0.10.2
* Fri Jan 23 2004 mmj@suse.de
- Update to 0.10.0a
- Use -fno-strict-aliasing
- Use gtk2
* Sat Jan 10 2004 adrian@suse.de
- build as user
* Thu Dec 18 2003 postadal@suse.cz
- fixed security bug (in SMB dissectors);[#33650] enpa-sa-00012
* Mon Nov 10 2003 ro@suse.de
- use net-snmp instead of ucdsnmp
* Thu Nov 06 2003 postadal@suse.cz
- fixed security bugs (in GTP,ISAKMP,MEGACO,SOCKS dissectors); enpa-sa-00011
* Sat Aug 16 2003 adrian@suse.de
- install desktop file
* Fri Jul 25 2003 postadal@suse.cz
- updated to version 0.9.14
* support for searching for arbitrary text and binary data in frames
* new protocols: Echo, eDonkey, Jabber, MS Messenger, sFlow
* Thu Jul 03 2003 lmuelle@suse.de
- update to version 0.9.13
* support for GNU ADNS library
* "Decode As..." functionality has been added to Tethereal via the "-d" flag
* support for a system-wide color filter file
* several security fixes; enpa-sa-00010; CAN-2003-0428 CAN-2003-0429
CAN-2003-0431 CAN-2003-0432
- removed gcc patch as included in upstream
* Mon Mar 10 2003 postadal@suse.cz
- update to version 0.9.10 (security fix)
- removed obsoleted unused plugin patch
* Fri Mar 07 2003 ro@suse.de
- removed mminimal-toc from CFLAGS (ppc64)
* Wed Jan 29 2003 postadal@suse.cz
- updated to version 0.9.9
* more statistics have been added
* the RADIUS dissector can now decrypt user passwords
* new protocols: MDSHDR, MEGACO, MySQL, SDLC, X.29
* Mon Jan 27 2003 ro@suse.de
- fix build with gcc-3.3
* Thu Jan 23 2003 postadal@suse.cz
- updated to version 0.9.8
* new protocols: ARCNET, ClearCase NFS, DCERPC LSA_DS, Fibre Channel,
HyperSCSI, MDNS, PCLI, RPL, 802.1s MSTP, FIX, GSS-API, Interbase, NDPS,
Netflow (Cisco and Juniper), SCCP-Management, SPNEGO
- plugin fix (added header file with macros)
* Wed Aug 28 2002 postadal@suse.cz
- added %%config to file list
* Fri Aug 23 2002 postadal@suse.cz
- update to version 0.9.6 (security fix)
* Thu Aug 15 2002 postadal@suse.cz
- update to version 0.9.5 (security fix)
* Sat Jun 29 2002 olh@suse.de
- build with -mminimal-toc on ppc64
* Wed Jan 16 2002 cihlar@suse.cz
- update to version 0.9.0
* Mon Nov 26 2001 cihlar@suse.cz
- update to version 0.8.20
* Wed Jul 25 2001 cihlar@suse.cz
- update to version 0.8.19
* Fri Jun 15 2001 cihlar@suse.cz
- added openssl, openssl-devel to neededforbuild
- run confugure with --with-ssl=/usr
- link against libcrypto (libsnmp needs it)
- fixed to compile with ipv6 support
* Fri Jun 08 2001 cihlar@suse.cz
- fixed to compile with new autoconf
* Tue Apr 24 2001 cihlar@suse.cz
- fixed warnings on ia64
* Tue Mar 20 2001 cihlar@suse.cz
- upgrade to version 0.8.16
* Tue Mar 06 2001 cihlar@suse.cz
- upgrade to version 0.8.15
* Mon Nov 06 2000 ro@suse.de
- fixed neededforbuild
* Tue Oct 31 2000 cihlar@suse.cz
- upgrade to version 0.8.13
- bzipped sources
* Thu Aug 03 2000 cihlar@suse.cz
- upgrade to version 0.8.11
* Mon Jun 12 2000 cihlar@suse.cz
- upgrade to version 0.8.9
* Wed May 10 2000 cihlar@suse.cz
- upgrade to version 0.8.8
* Thu Apr 13 2000 cihlar@suse.cz
- upgrade to version 0.8.6
- added BuildRoot
* Mon Apr 10 2000 bk@suse.de
- added suse update config macro
* Wed Mar 01 2000 choeger@suse.de
- new version, 0.8.3
* Wed Jan 19 2000 choeger@suse.de
- new version, 0.8.1
* Thu Nov 25 1999 choeger@suse.de
- new version, 0.7.8
* Thu Oct 28 1999 choeger@suse.de
- new version, 0.7.7
* Mon Sep 13 1999 bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
* Wed Sep 01 1999 choeger@suse.de
- new version
* Tue Jul 13 1999 bs@suse.de
- use gtk and glib instead of gtkn and glibn
* Mon Jul 12 1999 ro@suse.de
- libpcap is an extra package now
* Thu Jul 08 1999 choeger@suse.de
- new version, v0.6.3
* Tue Jun 01 1999 ro@suse.de
- fixed: X11 -> X11R6
* Wed May 26 1999 choeger@suse.de
- new package v0.6.2