rpm/wireshark
SHA256
1
0
Fork 0
forked from pool/wireshark
Code Pull Requests Activity

Accepting request 90132 from home:tabraham1:net

Browse Source 
update to 1.6.3

OBS-URL: https://build.opensuse.org/request/show/90132
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=46
This commit is contained in:
OBS User mrdocs 2011-11-04 22:54:00 +00:00 committed by Git OBS Bridge
parent c87cef8c94
commit 69de01cf37
18 changed files with 435 additions and 397 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
wireshark-1.2.0-disable-warning-dialog.patch
View File

@ -1,24 +1,20 @@
Index: gtk/main.c
===================================================================
--- gtk/main.c.orig
+++ gtk/main.c
@@ -1421,13 +1421,13 @@ set_display_filename(capture_file *cf)
}
--- gtk/main.c.orig 2011-11-03 03:42:21.018970202 -0400
+++ gtk/main.c 2011-11-03 03:45:09.134971896 -0400
@@ -1382,11 +1382,13 @@
static GtkWidget *close_dlg = NULL;
GtkWidget *close_dlg = NULL;
-
+/*
static void
priv_warning_dialog_cb(gpointer dialog, gint btn _U_, gpointer data _U_)
{
recent.privs_warn_if_elevated = !simple_dialog_check_get(dialog);
}
-
+*/
#ifdef _WIN32
static void
npf_warning_dialog_cb(gpointer dialog, gint btn _U_, gpointer data _U_)
@@ -1997,9 +1997,10 @@ check_and_warn_user_startup(gchar *cf_na
@@ -1967,9 +1969,10 @@
#endif
{
gchar *cur_user, *cur_group;
@ -30,12 +26,11 @@ Index: gtk/main.c
if (running_with_special_privs() && recent.privs_warn_if_elevated) {
cur_user = get_cur_username();
cur_group = get_cur_groupname();
@@ -2011,7 +2012,7 @@ check_and_warn_user_startup(gchar *cf_na
@@ -1981,6 +1984,7 @@
simple_dialog_check_set(priv_warning_dialog, "Don't show this message again.");
simple_dialog_set_cb(priv_warning_dialog, priv_warning_dialog_cb, NULL);
}
-
+*/
#ifdef _WIN32
/* Warn the user if npf.sys isn't loaded. */
if (!stdin_capture && !cf_name && !npf_sys_is_running() && recent.privs_warn_if_no_npf && get_os_major_version() >= 6) {

8
wireshark-1.2.0-geoip.patch
View File

@ -1,8 +1,6 @@
Index: epan/geoip_db.c
===================================================================
--- epan/geoip_db.c.orig
+++ epan/geoip_db.c
@@ -161,6 +161,9 @@ geoip_db_init(void) {
--- epan/geoip_db.c.orig 2011-11-03 03:52:16.118977107 -0400
+++ epan/geoip_db.c 2011-11-03 03:56:23.711016549 -0400
@@ -165,6 +165,9 @@
geoip_dat_scan_dir(geoip_db_paths[i].path);
}
}

24
wireshark-1.2.17-CVE-2011-1957.patch
View File

@ -1,24 +0,0 @@
--- trunk/epan/dissectors/packet-dcm.c 2011/04/30 08:36:00 36957
+++ trunk/epan/dissectors/packet-dcm.c 2011/04/30 17:43:05 36958
@@ -6519,6 +6519,7 @@
/* Process all PDUs in the buffer */
while (pdu_start < tlen) {
+ guint32 old_pdu_start;
if ((pdu_len+6) > (tlen-offset)) {
@@ -6539,7 +6540,13 @@
offset=dissect_dcm_pdu(tvb, pinfo, tree, pdu_start);
/* Next PDU */
+ old_pdu_start = pdu_start;
pdu_start = pdu_start + pdu_len + 6;
+ if (pdu_start <= old_pdu_start) {
+ expert_add_info_format(pinfo, NULL, PI_MALFORMED, PI_ERROR,
+ "Invalid PDU length (%u)", pdu_len);
+ THROW(ReportedBoundsError);
+ }
if (pdu_start < tlen - 6) {
/* we got at least 6 bytes of the next PDU still in the buffer */

29
wireshark-1.2.17-CVE-2011-1958.patch
View File

@ -1,29 +0,0 @@
--- trunk/epan/diam_dict.l 2011/05/06 15:05:51 37010
+++ trunk/epan/diam_dict.l 2011/05/06 19:39:47 37011
@@ -269,9 +269,6 @@
yyterminate();
}
- include_stack[include_stack_ptr++] = YY_CURRENT_BUFFER;
-
-
for (e = ents.next; e; e = e->next) {
if (strcmp(e->name,yytext) == 0) {
yyin = ddict_open(sys_dir,e->file);
@@ -282,6 +279,7 @@
yyterminate();
}
} else {
+ include_stack[include_stack_ptr++] = YY_CURRENT_BUFFER;
yy_switch_to_buffer(yy_create_buffer( yyin, YY_BUF_SIZE ) );
BEGIN LOADING;
}
@@ -290,7 +288,7 @@
}
if (!e) {
- fprintf(stderr, "Could not find entity: '%s'", e->name );
+ fprintf(stderr, "Could not find entity: '%s'\n", yytext );
yyterminate();
}

19
wireshark-1.2.17-CVE-2011-1959.patch
View File

@ -1,19 +0,0 @@
--- trunk/wiretap/snoop.c 2011/05/11 20:40:14 37067
+++ trunk/wiretap/snoop.c 2011/05/11 22:36:59 37068
@@ -473,6 +473,16 @@
rec_size = g_ntohl(hdr.rec_len);
orig_size = g_ntohl(hdr.orig_len);
packet_size = g_ntohl(hdr.incl_len);
+ if (orig_size > WTAP_MAX_PACKET_SIZE) {
+ /*
+ * Probably a corrupt capture file; don't blow up trying
+ * to allocate space for an immensely-large packet.
+ */
+ *err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup_printf("snoop: File has %u-byte original length, bigger than maximum of %u",
+ orig_size, WTAP_MAX_PACKET_SIZE);
+ return FALSE;
+ }
if (packet_size > WTAP_MAX_PACKET_SIZE) {
/*
* Probably a corrupt capture file; don't blow up trying

13
wireshark-1.2.17-CVE-2011-2174.patch
View File

@ -1,13 +0,0 @@
--- trunk/epan/tvbuff.c 2011/05/12 15:48:51 37080
+++ trunk/epan/tvbuff.c 2011/05/12 16:31:42 37081
@@ -3425,9 +3425,9 @@
inflateEnd(strm);
g_free(strm);
g_free(strmbuf);
- g_free(compr);
if (uncompr == NULL) {
+ g_free(compr);
return NULL;
}

18
wireshark-1.2.17-CVE-2011-2175.patch
View File

@ -1,18 +0,0 @@
--- trunk/wiretap/visual.c 2011/05/13 17:05:05 37127
+++ trunk/wiretap/visual.c 2011/05/13 17:12:44 37128
@@ -420,6 +420,15 @@
break;
}
+ if (wth->phdr.len > WTAP_MAX_PACKET_SIZE) {
+ /* Check if wth->phdr.len is sane, small values of wth.phdr.len before
+ the case loop above can cause integer underflows */
+ *err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup_printf("visual: File has %u-byte original packet, bigger than maximum of %u",
+ wth->phdr.len, WTAP_MAX_PACKET_SIZE);
+ return FALSE;
+ }
+
/* Sanity check */
if (wth->phdr.len < wth->phdr.caplen)
{

6
wireshark-1.2.4-enable_lua.patch
View File

@ -1,7 +1,7 @@
Index: wireshark-1.4.3/epan/wslua/template-init.lua
Index: epan/wslua/template-init.lua
===================================================================
--- wireshark-1.4.3.orig/epan/wslua/template-init.lua
+++ wireshark-1.4.3/epan/wslua/template-init.lua
--- epan/wslua/template-init.lua
+++ epan/wslua/template-init.lua
@@ -42,7 +42,7 @@ if running_superuser then
local disabled_lib = {}
setmetatable(disabled_lib,{ __index = function() error("this package has been disabled") end } );

3
wireshark-1.4.6.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f923f1e923dcb479b7fdb9bc6d4ce4c27ae8ac1f0148f2820bece476872df1d7
size 20496268

120
wireshark-1.4.8-CVE-2011-2597.patch
View File

@ -1,120 +0,0 @@
--- trunk/wiretap/ascend_scanner.l 2011/06/08 18:26:50 37624
+++ trunk/wiretap/ascend_scanner.l 2011/06/08 20:58:44 37625
@@ -16,17 +16,17 @@
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
- *
+ *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
@@ -55,7 +55,7 @@
extern char *ascend_ra_ptr;
extern char *ascend_ra_last;
#define YY_INPUT(buf,result,max_size) { int c = file_getc(yy_fh); \
-result = (c==EOF) ? YY_NULL : (buf[0] = c, 1); }
+result = (c==EOF) ? YY_NULL : (buf[0] = c, 1); }
int at_eof;
int mul, scratch;
@@ -159,17 +159,17 @@
return WDS_PREFIX;
}
-<sc_ether_direction>[^\(]+ {
+<sc_ether_direction>[^\(]{2,20} {
BEGIN(sc_gen_task);
- return STRING;
+ return STRING;
}
-<sc_isdn_call>[^\/\(:]+ {
+<sc_isdn_call>[^\/\(:]{2,20} {
BEGIN(sc_gen_task);
return DECNUM;
}
-<sc_wds_user>[^:]+ {
+<sc_wds_user>[^:]{2,20} {
char *atcopy = g_strdup(ascendtext);
char colon = input();
char after = input();
@@ -200,7 +200,7 @@
return DECNUM;
}
-<sc_gen_task>(0x|0X)?{H}+ {
+<sc_gen_task>(0x|0X)?{H}{2,8} {
BEGIN(sc_gen_time_s);
ascendlval.d = strtoul(ascendtext, NULL, 16);
return HEXNUM;
@@ -210,13 +210,13 @@
return STRING;
}
-<sc_gen_time_s>{D}+ {
+<sc_gen_time_s>{D}{1,10} {
BEGIN(sc_gen_time_u);
ascendlval.d = strtol(ascendtext, NULL, 10);
return DECNUM;
}
-<sc_gen_time_u>{D}+ {
+<sc_gen_time_u>{D}{1,6} {
char *atcopy = g_strdup(ascendtext);
BEGIN(sc_gen_octets);
/* only want the most significant 2 digits. convert to usecs */
@@ -227,7 +227,7 @@
return DECNUM;
}
-<sc_gen_octets>{D}+ {
+<sc_gen_octets>{D}{1,10} {
BEGIN(sc_gen_counter);
ascendlval.d = strtol(ascendtext, NULL, 10);
return DECNUM;
@@ -243,11 +243,11 @@
return HEXBYTE;
}
-<sc_gen_byte>" "{4} {
+<sc_gen_byte>" "{4} {
BEGIN(sc_chardisp);
}
-<sc_chardisp>.* {
+<sc_chardisp>.* {
BEGIN(sc_gen_byte);
}
@@ -315,7 +315,7 @@
return WDD_CHUNK;
}
-<sc_wdd_chunknum>{H}+ {
+<sc_wdd_chunknum>{H}{1,8} {
BEGIN(sc_wdd_type);
ascendlval.d = strtoul(ascendtext, NULL, 16);
return HEXNUM;
@@ -349,7 +349,7 @@
/*
* We want to stop processing when we get to the end of the input.
- * (%option noyywrap is not used because if used then
+ * (%option noyywrap is not used because if used then
* some flex versions (eg: 2.5.35) generate code which causes
* warnings by the Windows VC compiler).
*/

15
wireshark-1.4.8-CVE-2011-2698.patch
View File

@ -1,15 +0,0 @@
--- trunk/epan/dissectors/packet-ansi_a.c 2011/07/07 13:57:08 37929
+++ trunk/epan/dissectors/packet-ansi_a.c 2011/07/07 16:37:33 37930
@@ -2682,10 +2682,10 @@
break;
default:
- proto_tree_add_text(tree, tvb, curr_offset, len - 1,
+ proto_tree_add_text(tree, tvb, curr_offset, len,
"Cell ID - Non IOS format");
- curr_offset += (len - 1);
+ curr_offset += len;
break;
}

19
wireshark-1.6.2-CVE-2011-3266.patch
View File

@ -1,19 +0,0 @@
--- trunk/epan/dissectors/packet-isakmp.c 2011/07/28 18:17:16 38246
+++ trunk/epan/dissectors/packet-isakmp.c 2011/07/28 22:19:46 38247
@@ -3880,12 +3880,13 @@
offset += 2;
length -= 2;
-
- while (length > 0) {
+ if (spi_size > 0) {
+ while (length > 0) {
proto_tree_add_item(tree, hf_isakmp_delete_spi, tvb, offset, spi_size, FALSE);
offset+=spi_size;
length-=spi_size;
- }
+ }
+ }
}

10
wireshark-1.6.2-CVE-2011-3360.patch
View File

@ -1,10 +0,0 @@
--- trunk/epan/wslua/template-init.lua 2011/08/08 17:59:32 38413
+++ trunk/epan/wslua/template-init.lua 2011/08/08 19:10:19 38414
@@ -73,5 +73,5 @@
DATA_DIR = datafile_path()
USER_DIR = persconffile_path()
-dofile("console.lua")
---dofile("dtd_gen.lua")
+dofile(DATA_DIR.."console.lua")
+--dofile(DATA_DIR.."dtd_gen.lua")

12
wireshark-1.6.2-CVE-2011-3483.patch
View File

@ -1,12 +0,0 @@
Index: wireshark-1.4.4/epan/packet.c
===================================================================
--- wireshark-1.4.4.orig/epan/packet.c
+++ wireshark-1.4.4/epan/packet.c
@@ -321,6 +321,7 @@ dissect_packet(epan_dissect_t *edt, unio
edt->pi.annex_a_used = MTP2_ANNEX_A_USED_UNKNOWN;
edt->pi.dcerpc_procedure_name="";
edt->pi.link_dir = LINK_DIR_UNKNOWN;
+ edt->tvb = NULL;
/* to enable decode as for ethertype=0x0000 (fix for bug 4721) */
edt->pi.ethertype = G_MAXINT;

3
wireshark-1.6.3.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:07084c9e0f0a8acefe9fbe860762d2b323b4867e7202d6146f5c581d1d5303e0
size 21468737

65
wireshark-nfsv4-opts.patch
View File

@ -1,65 +0,0 @@
Index: wireshark-1.4.3/epan/dissectors/packet-nfs.c
===================================================================
--- wireshark-1.4.3.orig/epan/dissectors/packet-nfs.c
+++ wireshark-1.4.3/epan/dissectors/packet-nfs.c
@@ -8795,6 +8795,8 @@ dissect_nfs_argop4(tvbuff_t *tvb, int of
ftree = proto_item_add_subtree(fitem, ett_nfs_argop4);
}
+ proto_item_append_text(tree, ", Ops(%d):", ops);
+
for (ops_counter=0; ops_counter<ops; ops_counter++)
{
opcode = tvb_get_ntohl(tvb, offset);
@@ -8824,6 +8826,15 @@ dissect_nfs_argop4(tvbuff_t *tvb, int of
break;
}
+ if (opcode != NFS4_OP_PUTFH) {
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_append_fstr(pinfo->cinfo, COL_INFO, " %s",
+ names_nfsv4_operation[opcode - 3].strptr);
+ }
+ }
+ proto_item_append_text(tree, " %s",
+ names_nfsv4_operation[opcode - 3].strptr);
+
switch(opcode)
{
case NFS4_OP_ACCESS:
@@ -9290,6 +9301,8 @@ dissect_nfs_resop4(tvbuff_t *tvb, int of
ftree = proto_item_add_subtree(fitem, ett_nfs_resop4);
}
+ proto_item_append_text(tree, ", Ops(%d):", ops);
+
for (ops_counter = 0; ops_counter < ops; ops_counter++)
{
opcode = tvb_get_ntohl(tvb, offset);
@@ -9321,6 +9334,17 @@ dissect_nfs_resop4(tvbuff_t *tvb, int of
offset = dissect_nfs_nfsstat4(tvb, offset, newftree, &status);
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ if (status != NFS4_OK) {
+ col_append_fstr(pinfo->cinfo, COL_INFO, " %s(%d)",
+ names_nfsv4_operation[opcode - 3].strptr, status);
+ } else if (opcode != NFS4_OP_PUTFH) {
+ col_append_fstr(pinfo->cinfo, COL_INFO, " %s",
+ names_nfsv4_operation[opcode - 3].strptr);
+ }
+ }
+ proto_item_append_text(tree, " %s(%d)",
+ names_nfsv4_operation[opcode - 3].strptr, status);
/*
* With the exception of NFS4_OP_LOCK, NFS4_OP_LOCKT, and
* NFS4_OP_SETATTR, all other ops do *not* return data with the
@@ -9665,7 +9689,7 @@ static const value_string nfsv3_proc_val
static const vsff nfs4_proc[] = {
{ 0, "NULL",
dissect_nfs3_null_call, dissect_nfs3_null_reply },
- { 1, "COMPOUND",
+ { 1, "COMP",
dissect_nfs4_compound_call, dissect_nfs4_compound_reply },
{ 0, NULL, NULL, NULL }
};

412
wireshark.changes
View File

@ -1,3 +1,415 @@
-------------------------------------------------------------------
Wed Nov 2 15:07:21 UTC 2011 - tabraham@novell.com
- update to 1.6.3
- Security fixes:
- wnpa-sec-2011-17 The CSN.1 dissector could crash. (Bug 6351)
- Bug fixes:
- Wireshark window takes very long time to show up if invalid
network file path is at recent file list (Bug 3810)
- ISUP party number dissection. (Bug 5221)
- Ethernet packets with both VLAN tag and LLC header no longer
displayed correctly. (Bug 5645)
- SLL encapsuled 802.1Q VLAN is not dissected. (Bug 5680)
- Dissection fails for frames with Gigamon Header and VLAN. (Bug 6305)
- RTP Stream Analysis does not work for TURN-encapsulated RTP. (Bug 6322)
- packet-csn1.c doesn't process CSN_CHOICE entries properly. (Bug 6328)
- GUI crash on invalid IEEE 802.11 GAS frame. (Bug 6345)
- ICMPv6 router advertisement Prefix Information Flag R "Router
Address" missing. (Bug 6350)
- Inner tag of 802.1ad frames not parsed properly. (Bug 6366)
- Added cursor type decoding to MySQL dissector. (Bug 6396)
- WPA IE pairwise cipher suite dissector uses incorrect value_string
list. (Bug 6420)
- text_import_scanner.l missing. (Bug 6531)
- Updated protocol support:
- AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11,
IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL
- New and Updated capture file suppport:
- Endace ERF.
- update to 1.6.2
- Security fixes:
- wnpa-sec-2011-12 A large loop in the OpenSafety dissector could
cause a crash. (Bug 6138)
- wnpa-sec-2011-16 The CSN.1 dissector could crash. (Bug 6139)
- Bug fixes:
- configure ignores (partially) LDFLAGS. (Bug 5607)
- Build fails when it tries to #include <getopt.h>, not present in
Solaris 9. (Bug 5608)
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
- BACnet who-is request device range values are not decoded correctly
in the packet details window. (Bug 5769)
- Wireshark crashes if sercosiii module isn't installed. (Bug 6006)
- Editcap could create invalid pcap files when converting from JPEG.
(Bug 6010)
- Timestamp is incorrectly decoded for ICMP Timestamp Response packets
from MS Windows. (Bug 6114)
- Wrong display of CSN_BIT in CSN.1. (Bug 6151)
- Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c. (Bug 6166)
- Wireshark cannot display Reachable time & Retrans timer in IPv6 RA
messages. (Bug 6168)
- ReadPropertyMultiple-ACK not correctly dissected. (Bug 6178)
- GTPv2 dissectors should treat gtpv2_ccrsi as optional. (Bug 6183)
- tshark run with -Tpdml makes a seg fault. (Bug 6245)
- TShark/dumpcap skips capture duration flag occasionally. (Bug 6280)
- Wireshark improperly parsing 802.11 Beacon Country Information
tag. (Bug 6264)
- Wrong display of CSN_BIT under CSN_UNION. (Bug 6287)
- Updated protocol support:
- BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP,
ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP
- New and Updated capture file suppport:
- CommView, pcap-ng, JPEG.
- update to 1.6.1
- Security fixes:
- Bug fixes:
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
- wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
- Missing LUA function. (Bug 5006)
- Lua API description about creating a new Tvb from a bytearray is
not correct in wireshark's user guide. (Bug 5199)
- Character echo pauses in Capture Filter field in Capture Options.
(Bug 5356)
- White space in protocol field abbreviation causes runtime failure
while registering Lua dissector. (Bug 5569)
- "File not found" box uses wrong filename encoding. (Bug 5715)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many .
(Bug 5803)
- Wireshark crashes if Lua contains "Pref.range()" with missing arguments.
(Bug 5895)
- The "range" field in Lua's "Pref.range()" serves as default while the
"default" field does nothing . (Bug 5896)
- Wireshark crashes when calling TreeItem:set_len() on TreeItem without
tvb. (Bug 5941)
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
- Cannot Live-capture VirtualBox network packets with Wireshark; pipe
problem. (Bug 6002)
- Interface list in Capture Options isn't cleared when selecting other
host. (Bug 6008)
- H323 rate multiplier wrong. (Bug 6009)
- Inclusion of config.h is too late in lex-files resulting in wrong
definition of _FILE_OFFSET_BITS. (Bug 6012)
- tshark crashes when loading Lua script that contains GUI function.
(Bug 6018)
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
decoded/described. (Bug 6022)
- Wireshark crashes when setting custom column's field name with
conditional. (Bug 6028)
- Crash after applying "expert.severity" field as column. (Bug 6035)
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
- The SSL dissector can not resemble correctly the frames after TCP
zero window probe packet. (Bug 6059)
- Packet parser takes too long for this trace. (Bug 6073)
- Wireshark crashes after repeating "File -> Import -> Cancel". (Bug 6080)
- Decoding of MQ ASCII and EBCDIC Traffic Flow - ASCII shows fine,
EBCDIC does not. (Bug 6084)
- 802.11 Association Response Packet's "Status Code" field is imprecisely
decoded/described. (Bug 6093)
- Abis interface not correctly handled in gsmtap dissector. (Bug 6097)
- Wrong decoding of RLC/MAC EGPRS Packet Downlink Ack/Nack (3GPP TS
44.060). (Bug 6098)
- CSN Ack/Nack Description wrongly handled in gsm_rlcmac_dl dissector
(3GPP TS 44.060). (Bug 6101)
- wireshark 1.6.0 and python support: installer fails to create the
wspy_dissectors subdirectory and . (Bug 6110)
- Wireshark crash during RTP stream analysis. (Bug 6120)
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
- New and Updated capture file suppport:
- Network Monitor.
- update to 1.6.0
- Security fixes:
- Bug fixes:
- Wireshark is unresponsive when capturing from named pipes on Windows.
(Bug 1759)
- Crash when sorting column while capturing. (Bug 4273)
- Ring buffers are no longer turned on by default when using multiple
capture files.
- New and updated features:
- Large file (greater than 2 GB) support has been improved.
- Wireshark and TShark can import text dumps, similar to text2pcap
- You can now view Wireshark's dissector tables (for example the TCP
port to dissector mappings) from the main window.
- Wireshark can export SSL session keys via File->Export->SSL Session
Keys...
- You can hide columns in the packet list.
- Wireshark can now export SMB objects.
- dftest and randpkt now have manual pages.
- TShark can now display iSCSI, ICMP and ICMPv6 service response times.
- Dumpcap can now save files with a user-specified group id.
- Syntax checking is done for capture filters.
- You can display the compiled BPF code for capture filters in the
Capture Options dialog.
- You can now navigate backwards and forwards through TCP and UDP
sessions using Ctrl+, and Ctrl+. .
- Packet length is (finally) a default column.
- TCP window size is now avaiable both scaled and unscaled. A TCP window
scaling graph is available in the GUI.
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree
instead of a separate tree
- Various dissectors now display some UTF-16 strings as proper Unicode
including the DCE/RPC and SMB dissectors.
- The RTP player now has an option to show the time of day in the graph
in addition to the seconds since beginning of capture.
- The RTP player now shows why media interruptions occur.
- Graphs now save as PNG images by default.
- TShark can read and write host name information from and to pcapng
formatted files. Wireshark can read it. TShark can dump host name
information via [-z hosts]
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of
[-z <proto>,rtt] for all protocols that support service response
time statistics. This matches Wireshark's syntax for this option.
- Wireshark and TShark can now read compressed Windows Sniffer files.
- New protocol support:
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol,
Broadcast/Multicast Control, Constrained Application Protocol (COAP),
Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre
Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband
Socket Direct Protocol (SDP), JSON, LISP Control, LISP Data, LISP,
MikroTik MAC-Telnet, MRP Multiple Mac Registration Protocol (MMRP) Mongo
Wire Protocol, MUX27010, Network Monitor 802.11 radio header, OPC UA
ExtensionObjects, openSAFETY, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD
Framing, RObust Header Compression (ROHC), RSIP, SAMETIME, SCoP, SGSAP,
Tektronix Teklink, USB/AT Commands, uTorrent Transport Protocol, WAI
authentication, Wi-Fi P2P (Wi-Fi Direct)
- New and Updated capture file suppport:
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments,
TamoSoft CommView
- update to 1.5.1
- Security fixes:
- Bug fixes:
- Wireshark is unresponsive when capturing from named pipes on Windows.
(Bug 1759)
- Ring buffers are no longer turned on by default when using multiple
capture files.
- New and updated features:
- Wireshark and TShark can import text dumps, similar to text2pcap
- You can now view Wireshark's dissector tables (for example the TCP
port to dissector mappings) from the main window.
- TShark can show a specific occurrence of a field when using '-T fields'.
- Custom columns can show a specific occurrence of a field.
- You can hide columns in the packet list.
- Wireshark can now export SMB objects.
- dftest and randpkt now have manual pages.
- TShark can now display iSCSI service response times.
- Dumpcap can now save files with a user-specified group id.
- Syntax checking is done for capture filters
- You can display the compiled BPF code for capture filters in the
Capture Options dialog.
- You can now navigate backwards and forwards through TCP and UDP
sessions using Ctrl+, and Ctrl+. .
- Packet length is (finally) a default column.
- TCP window size is now avaiable both scaled and unscaled. A TCP window
scaling graph is available in the GUI.
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree
- Various dissectors now display some UTF-16 strings as proper Unicode
including the DCE/RPC and SMB dissectors
- The RTP player now has an option to show the time of day in the graph
in addition to the seconds since beginning of capture.
- The RTP player now shows why media interruptions occur.
- Graphs now save as PNG images by default
- TShark can read and write host name information from and to pcapng
formatted files. Wireshark can read it. TShark can dump host name
information via [-z hosts]
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of
[-z <proto>,rtt] for all protocols that support service response
time statistics. This matches Wireshark's syntax for this option.
- New protocol support:
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol,
Constrained Application Protocol (COAP), Digium TDMoE, Erlang
Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over
InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket
Direct Protocol (SDP), JSON, LISP Data, MikroTik MAC-Telnet, Mongo Wire
Protocol, Network Monitor 802.11 radio header, OPC UA ExtensionObjects,
PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RSIP, SAMETIME, SCoP, SGSAP,
Tektronix Teklink, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)
- New and Updated capture file suppport:
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments,
TamoSoft CommView
- update to 1.4.10
- Security fixes:
- wnpa-sec-2011-18 Huzaifa Sidhpurwala of Red Hat Security
Response Team discovered that the Infiniband dissector could
dereference a NULL pointer. (Bug 6476)
- wnpa-sec-2011-19 Huzaifa Sidhpurwala of Red Hat Security
Response Team discovered a buffer overflow in the ERF file
reader. (Bug 6479)
- Bug fixes:
- Assertion failed when doing File->Quit->Save during live
capture. (Bug 1710)
- Wrong PCEP XRO sub-object decoding. (Bug 3778)
- Decoding [Status Records] Timestamp Sequence Field in Bundle
Protocol fails if over 32 bits. (Bug 4109)
- wireshark-1.4.2 crashes when testing the example python
dissector because of a dissector count assertion. (Bug 5431)
- Wireshark crashes when attempting to open a file via drag & drop
when there's already a file open. (Bug 5987)
- Add the ability to save filters from the Filter Toolbar into buttons
on the Filter Toolbar. (Bug 6207)
- Adding and removing custom HTTP headers requires a restart. (Bug 6241)
- Can't read full 64-bit SNMP values. (Bug 6295)
- BACnet property time-synchronization-interval (204) name shown
incorrectly as time-synchronization-recipients. (Bug 6336)
- [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347)
- Export->Object->HTTP-> save all: Error on saving files. (Bug 6362)
- Incorrect identification of UDP-encapsulated NAT-keepalive
packets. (Bug 6414)
- S1AP protocol can't decode IPv6 transportLayerAddress. (Bug 6435)
- RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
(Bug 6449)
- packet-ajp13 fix, cleanup, and enhancement. (Bug 6452)
- Network Instruments Observer file format bugs. (Bug 6453)
- Wireshark crashes when using "Open Recent" 2 times in a row. (Bug 6457)
- Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data
Header. (Bug 6469)
- wireshark unable to decode NetFlow options which have system scope
size != 4 bytes. (Bug 6471)
- Display filter Expression Dialog Box Error. (Bug 6472)
- Updated protocol support:
- AJP13, ASN.1 PER, BACapp, DTN, GSM SMS, Infiniband, IPsec, NetFlow,
PCEP, RTPS2
- update to 1.4.9
- Security fixes:
- wnpa-sec-2011-13 A malformed IKE packet could consume excessive
resources.
- wnpa-sec-2011-14 A malformed capture file could result in an invalid
root tvbuff and cause a crash. (Bug 6135) CVE-2011-3266
- wnpa-sec-2011-15 Wireshark could run arbitrary Lua scripts. (Bug 6136)
- Bug fixes:
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
- H.323 RAS packets missing from packet counts in "Telephony->VoIP
Calls" and the "Flow Graph" for the call. (Bug 5848)
- Malformed Packet in decode for BGP-AD update. (Bug 6122)
- BGP : AS_PATH attribute was decode wrong. (Bug 6188)
- Fixes for SCPS TCP option. (Bug 6194)
- Offset calculated incorrectly for sFlow extended data. (Bug 6219)
- [Enter] key behavior varies when manually typing display filters.
(Bug 6228)
- Contents of pcapng EnhancedPacketBlocks with comments aren't
displayed. (Bug 6229)
- Misdecoding 3G Neighbour Cell Information Element in SI2quater
message due to a coding typo. (Bug 6237)
- Mis-spelled word "unknown" in assorted files. (Bug 6244)
- btl2cap extended window shows wrong bit. (Bug 6257)
- NDMP dissector incorrectly represents "ndmp.bytes_left_to_read"
as signed. (Bug 6262)
- ERF records with extension headers not written out correctly to
pcap or pcap-ng files. (Bug 6265)
- RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276)
- Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
- File types with no snaplen written out with a zero snaplen in pcap-ng
files. (Bug 6289)
- MEGACO context tracking fix - context id reuse. (Bug 6311)
- Updated protocol support:
- BGP, Bluetooth L2CAP, GSM A RR, H.225, IKE, MEGACO, NDMP, RTPS2, SCPS,
sFlow, SNMP
- New and Updated capture file suppport:
- CommView, pcap-ng.
- update to 1.4.8
- Security fixes:
- CVE-2011-2597 The Lucent/Ascend file parser was susceptible to an
infinite loop.
- The ANSI MAP dissector was susceptible to an infinite loop. (Bug 6044)
- Bug fixes:
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
- Wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
- Missing LUA function. (Bug 5006)
- Lua API description about creating a new Tvb from a bytearray is not
correct in wireshark's user guide. (Bug 5199)
- sflow decode error for some extended formats. (Bug 5379)
- White space in protocol field abbreviation causes runtime failure
while registering Lua dissector. (Bug 5569)
- "File not found" box uses wrong filename encoding. (Bug 5715)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many.
(Bug 5803)
- Wireshark crashes if Lua contains "Pref.range()" with missing
arguments. (Bug 5895)
- The "range" field in Lua's "Pref.range()" serves as default while
the "default" field does nothing. (Bug 5896)
- Wireshark crashes when calling TreeItem:set_len() on TreeItem
without tvb. (Bug 5941)
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
- H323 rate multiplier wrong. (Bug 6009)
- tshark crashes when loading Lua script that contains GUI function.
(Bug 6018)
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
decoded/described. (Bug 6022)
- Wireshark crashes when setting custom column's field name with
conditional. (Bug 6028)
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
- The SSL dissector can not resemble correctly the frames after TCP
zero window probe packet. (Bug 6059)
- Packet parser takes too long for this trace. (Bug 6073)
- 802.11 Association Response Packet's "Status Code" field is
imprecisely decoded/described. (Bug 6093)
- Wireshark 1.6.0 and Python support: installer fails to create the
wspy_dissectors subdirectory and . (Bug 6110)
- Wireshark crash during RTP stream analysis. (Bug 6120)
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
- Updated protocol support:
- ANSI MAP, GIOP, H.323, IEEE 802.11, MSRP, RPCAP, sFlow, TCP
- New and Updated capture file suppport:
- Lucent/Ascend
- update to 1.4.7
- Security fixes:
- Large/infinite loop in the DICOM dissector. (Bug 5876)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Diameter dictionary file could crash Wireshark.
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark. (Bug 5912)
- David Maciejak of Fortinet's FortiGuard Labs discovered that malformed
compressed capture data could crash Wireshark. (Bug 5908)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
- Bug fixes:
- AIM dissector has some endian issues. (Bug 5464)
- Telephony->MTP3->MSUS doesn't display window. (Bug 5605)
- Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7")
packets. (Bug 5817)
- Service Indicator in M3UA protocol data. (Bug 5834)
- IEC60870-5-104 protocol, incorrect decoding of timestamp type
CP56Time2a. (Bug 5889)
- DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF
_FDCTR_16NF. (Bug 5920)
- 3GPP QoS: Traffic class is not decoded properly. (Bug 5928)
- Wireshark crashes when creating ProtoField.framenum in Lua. (Bug 5930)
- Fix a wrong mask to extract FMID from DECT packets dissector. (Bug 5947)
- Incorrect DHCPv6 remote identifier option parsing. (Bug 5962)
- Updated protocol support:
- DICOM, IEC104, M3UA, TCP
- New and Updated capture file suppport:
- Network Monitor
- Drop patches (fixed upstream):
+ wireshark-1.6.2-CVE-2011-3483.patch
+ wireshark-1.6.2-CVE-2011-3360.patch
+ wireshark-1.6.2-CVE-2011-3266.patch
+ wireshark-1.4.8-CVE-2011-2698.patch
+ wireshark-1.4.8-CVE-2011-2597.patch
+ wireshark-1.2.17-CVE-2011-2175.patch
+ wireshark-1.2.17-CVE-2011-2174.patch
+ wireshark-1.2.17-CVE-2011-1959.patch
+ wireshark-1.2.17-CVE-2011-1958.patch
+ wireshark-1.2.17-CVE-2011-1957.patch
+ wireshark-nfsv4-opts.patch
- changed spec to resolve rpmlint warning regarding devel package in
non-devel group
- changed spec to resolve rpmlint warnings regarding macro-in-comment
-------------------------------------------------------------------
Mon Sep 26 14:07:31 CST 2011 - cyliu@novell.com

33
wireshark.spec
View File

@ -20,7 +20,7 @@
%define use_caps 0
Name: wireshark
Version: 1.4.6
Version: 1.6.3
Release: 1
License: GPLv2+
Summary: A Network Traffic Analyser
@ -28,7 +28,7 @@ Url: http://www.wireshark.org/
Group: Productivity/Networking/Diagnostic
Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2
Source1: include.filelist
# PATCH-FIX-OPENSUSE wireshark-1.2.0-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
# PATCH-FIX-OPENSUSE wireshark-1.6.3-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
Patch1: %{name}-1.2.0-disable-warning-dialog.patch
# PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
Patch2: %{name}-1.2.0-geoip.patch
@ -36,18 +36,6 @@ Patch2: %{name}-1.2.0-geoip.patch
Patch3: %{name}-corosync-packet-dissector.patch
# PATCH-FIX-OPENSUSE wireshark-1.2.4-enable_lua.patch bnc#650434
Patch4: %{name}-1.2.4-enable_lua.patch
# PATCH-FEATURE-OPENSUSE wireshark-nfsv4-opts.patch -- add NFSv4 options
Patch5: %{name}-nfsv4-opts.patch
Patch6: %{name}-1.2.17-CVE-2011-1957.patch
Patch7: %{name}-1.2.17-CVE-2011-1959.patch
Patch8: %{name}-1.2.17-CVE-2011-2174.patch
Patch9: %{name}-1.2.17-CVE-2011-2175.patch
Patch10: %{name}-1.2.17-CVE-2011-1958.patch
Patch11: %{name}-1.4.8-CVE-2011-2597.patch
Patch12: %{name}-1.4.8-CVE-2011-2698.patch
Patch13: %{name}-1.6.2-CVE-2011-3266.patch
Patch14: %{name}-1.6.2-CVE-2011-3360.patch
Patch15: %{name}-1.6.2-CVE-2011-3483.patch
BuildRequires: bison
BuildRequires: cairo-devel
BuildRequires: flex
@ -89,7 +77,7 @@ view the reconstructed stream of a TCP session.
%package devel
License: GPLv2+
Summary: A Network Traffic Analyser
Group: Productivity/Networking/Diagnostic
Group: Development/Libraries/C and C++
Requires: %{name} = %{version}
Requires: glibc-devel
Requires: glib2-devel
@ -108,18 +96,7 @@ view the reconstructed stream of a TCP session.
%setup -q
%patch2
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch4
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark.desktop
# run as root on 11.3 and older - bnc#349782
@ -139,7 +116,7 @@ ln -fs wireshark %{buildroot}%{_bindir}/ethereal
ln -fs tshark %{buildroot}%{_bindir}/tethereal
install -d -m 0755 %{buildroot}%{_sysconfdir}
install -d -m 0755 %{buildroot}%{_mandir}/man1/
# install -m 0644 *.1 %{buildroot}%{_mandir}/man1/
# install -m 0644 *.1 %%{buildroot}%%{_mandir}/man1/
install -d -m 0755 %{buildroot}%{_includedir}/wireshark
for i in `cat %{SOURCE1}`; do
install -m 644 $i %{buildroot}%{_includedir}/wireshark