SHA256
1
0
forked from pool/wireshark

Accepting request 90137 from network:utilities

update to 1.6.3 (forwarded request 90132 from tabraham1)

OBS-URL: https://build.opensuse.org/request/show/90137
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wireshark?expand=0&rev=46
This commit is contained in:
Stephan Kulow 2011-11-07 13:34:59 +00:00 committed by Git OBS Bridge
commit 74f64e11e0
18 changed files with 435 additions and 397 deletions

View File

@ -1,24 +1,20 @@
Index: gtk/main.c
===================================================================
--- gtk/main.c.orig
+++ gtk/main.c
@@ -1421,13 +1421,13 @@ set_display_filename(capture_file *cf)
}
--- gtk/main.c.orig 2011-11-03 03:42:21.018970202 -0400
+++ gtk/main.c 2011-11-03 03:45:09.134971896 -0400
@@ -1382,11 +1382,13 @@
static GtkWidget *close_dlg = NULL;
GtkWidget *close_dlg = NULL;
-
+/*
static void
priv_warning_dialog_cb(gpointer dialog, gint btn _U_, gpointer data _U_)
{
recent.privs_warn_if_elevated = !simple_dialog_check_get(dialog);
}
-
+*/
#ifdef _WIN32
static void
npf_warning_dialog_cb(gpointer dialog, gint btn _U_, gpointer data _U_)
@@ -1997,9 +1997,10 @@ check_and_warn_user_startup(gchar *cf_na
@@ -1967,9 +1969,10 @@
#endif
{
gchar *cur_user, *cur_group;
@ -30,12 +26,11 @@ Index: gtk/main.c
if (running_with_special_privs() && recent.privs_warn_if_elevated) {
cur_user = get_cur_username();
cur_group = get_cur_groupname();
@@ -2011,7 +2012,7 @@ check_and_warn_user_startup(gchar *cf_na
@@ -1981,6 +1984,7 @@
simple_dialog_check_set(priv_warning_dialog, "Don't show this message again.");
simple_dialog_set_cb(priv_warning_dialog, priv_warning_dialog_cb, NULL);
}
-
+*/
#ifdef _WIN32
/* Warn the user if npf.sys isn't loaded. */
if (!stdin_capture && !cf_name && !npf_sys_is_running() && recent.privs_warn_if_no_npf && get_os_major_version() >= 6) {

View File

@ -1,8 +1,6 @@
Index: epan/geoip_db.c
===================================================================
--- epan/geoip_db.c.orig
+++ epan/geoip_db.c
@@ -161,6 +161,9 @@ geoip_db_init(void) {
--- epan/geoip_db.c.orig 2011-11-03 03:52:16.118977107 -0400
+++ epan/geoip_db.c 2011-11-03 03:56:23.711016549 -0400
@@ -165,6 +165,9 @@
geoip_dat_scan_dir(geoip_db_paths[i].path);
}
}

View File

@ -1,24 +0,0 @@
--- trunk/epan/dissectors/packet-dcm.c 2011/04/30 08:36:00 36957
+++ trunk/epan/dissectors/packet-dcm.c 2011/04/30 17:43:05 36958
@@ -6519,6 +6519,7 @@
/* Process all PDUs in the buffer */
while (pdu_start < tlen) {
+ guint32 old_pdu_start;
if ((pdu_len+6) > (tlen-offset)) {
@@ -6539,7 +6540,13 @@
offset=dissect_dcm_pdu(tvb, pinfo, tree, pdu_start);
/* Next PDU */
+ old_pdu_start = pdu_start;
pdu_start = pdu_start + pdu_len + 6;
+ if (pdu_start <= old_pdu_start) {
+ expert_add_info_format(pinfo, NULL, PI_MALFORMED, PI_ERROR,
+ "Invalid PDU length (%u)", pdu_len);
+ THROW(ReportedBoundsError);
+ }
if (pdu_start < tlen - 6) {
/* we got at least 6 bytes of the next PDU still in the buffer */

View File

@ -1,29 +0,0 @@
--- trunk/epan/diam_dict.l 2011/05/06 15:05:51 37010
+++ trunk/epan/diam_dict.l 2011/05/06 19:39:47 37011
@@ -269,9 +269,6 @@
yyterminate();
}
- include_stack[include_stack_ptr++] = YY_CURRENT_BUFFER;
-
-
for (e = ents.next; e; e = e->next) {
if (strcmp(e->name,yytext) == 0) {
yyin = ddict_open(sys_dir,e->file);
@@ -282,6 +279,7 @@
yyterminate();
}
} else {
+ include_stack[include_stack_ptr++] = YY_CURRENT_BUFFER;
yy_switch_to_buffer(yy_create_buffer( yyin, YY_BUF_SIZE ) );
BEGIN LOADING;
}
@@ -290,7 +288,7 @@
}
if (!e) {
- fprintf(stderr, "Could not find entity: '%s'", e->name );
+ fprintf(stderr, "Could not find entity: '%s'\n", yytext );
yyterminate();
}

View File

@ -1,19 +0,0 @@
--- trunk/wiretap/snoop.c 2011/05/11 20:40:14 37067
+++ trunk/wiretap/snoop.c 2011/05/11 22:36:59 37068
@@ -473,6 +473,16 @@
rec_size = g_ntohl(hdr.rec_len);
orig_size = g_ntohl(hdr.orig_len);
packet_size = g_ntohl(hdr.incl_len);
+ if (orig_size > WTAP_MAX_PACKET_SIZE) {
+ /*
+ * Probably a corrupt capture file; don't blow up trying
+ * to allocate space for an immensely-large packet.
+ */
+ *err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup_printf("snoop: File has %u-byte original length, bigger than maximum of %u",
+ orig_size, WTAP_MAX_PACKET_SIZE);
+ return FALSE;
+ }
if (packet_size > WTAP_MAX_PACKET_SIZE) {
/*
* Probably a corrupt capture file; don't blow up trying

View File

@ -1,13 +0,0 @@
--- trunk/epan/tvbuff.c 2011/05/12 15:48:51 37080
+++ trunk/epan/tvbuff.c 2011/05/12 16:31:42 37081
@@ -3425,9 +3425,9 @@
inflateEnd(strm);
g_free(strm);
g_free(strmbuf);
- g_free(compr);
if (uncompr == NULL) {
+ g_free(compr);
return NULL;
}

View File

@ -1,18 +0,0 @@
--- trunk/wiretap/visual.c 2011/05/13 17:05:05 37127
+++ trunk/wiretap/visual.c 2011/05/13 17:12:44 37128
@@ -420,6 +420,15 @@
break;
}
+ if (wth->phdr.len > WTAP_MAX_PACKET_SIZE) {
+ /* Check if wth->phdr.len is sane, small values of wth.phdr.len before
+ the case loop above can cause integer underflows */
+ *err = WTAP_ERR_BAD_RECORD;
+ *err_info = g_strdup_printf("visual: File has %u-byte original packet, bigger than maximum of %u",
+ wth->phdr.len, WTAP_MAX_PACKET_SIZE);
+ return FALSE;
+ }
+
/* Sanity check */
if (wth->phdr.len < wth->phdr.caplen)
{

View File

@ -1,7 +1,7 @@
Index: wireshark-1.4.3/epan/wslua/template-init.lua
Index: epan/wslua/template-init.lua
===================================================================
--- wireshark-1.4.3.orig/epan/wslua/template-init.lua
+++ wireshark-1.4.3/epan/wslua/template-init.lua
--- epan/wslua/template-init.lua
+++ epan/wslua/template-init.lua
@@ -42,7 +42,7 @@ if running_superuser then
local disabled_lib = {}
setmetatable(disabled_lib,{ __index = function() error("this package has been disabled") end } );

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f923f1e923dcb479b7fdb9bc6d4ce4c27ae8ac1f0148f2820bece476872df1d7
size 20496268

View File

@ -1,120 +0,0 @@
--- trunk/wiretap/ascend_scanner.l 2011/06/08 18:26:50 37624
+++ trunk/wiretap/ascend_scanner.l 2011/06/08 20:58:44 37625
@@ -16,17 +16,17 @@
*
* Wiretap Library
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
- *
+ *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
@@ -55,7 +55,7 @@
extern char *ascend_ra_ptr;
extern char *ascend_ra_last;
#define YY_INPUT(buf,result,max_size) { int c = file_getc(yy_fh); \
-result = (c==EOF) ? YY_NULL : (buf[0] = c, 1); }
+result = (c==EOF) ? YY_NULL : (buf[0] = c, 1); }
int at_eof;
int mul, scratch;
@@ -159,17 +159,17 @@
return WDS_PREFIX;
}
-<sc_ether_direction>[^\(]+ {
+<sc_ether_direction>[^\(]{2,20} {
BEGIN(sc_gen_task);
- return STRING;
+ return STRING;
}
-<sc_isdn_call>[^\/\(:]+ {
+<sc_isdn_call>[^\/\(:]{2,20} {
BEGIN(sc_gen_task);
return DECNUM;
}
-<sc_wds_user>[^:]+ {
+<sc_wds_user>[^:]{2,20} {
char *atcopy = g_strdup(ascendtext);
char colon = input();
char after = input();
@@ -200,7 +200,7 @@
return DECNUM;
}
-<sc_gen_task>(0x|0X)?{H}+ {
+<sc_gen_task>(0x|0X)?{H}{2,8} {
BEGIN(sc_gen_time_s);
ascendlval.d = strtoul(ascendtext, NULL, 16);
return HEXNUM;
@@ -210,13 +210,13 @@
return STRING;
}
-<sc_gen_time_s>{D}+ {
+<sc_gen_time_s>{D}{1,10} {
BEGIN(sc_gen_time_u);
ascendlval.d = strtol(ascendtext, NULL, 10);
return DECNUM;
}
-<sc_gen_time_u>{D}+ {
+<sc_gen_time_u>{D}{1,6} {
char *atcopy = g_strdup(ascendtext);
BEGIN(sc_gen_octets);
/* only want the most significant 2 digits. convert to usecs */
@@ -227,7 +227,7 @@
return DECNUM;
}
-<sc_gen_octets>{D}+ {
+<sc_gen_octets>{D}{1,10} {
BEGIN(sc_gen_counter);
ascendlval.d = strtol(ascendtext, NULL, 10);
return DECNUM;
@@ -243,11 +243,11 @@
return HEXBYTE;
}
-<sc_gen_byte>" "{4} {
+<sc_gen_byte>" "{4} {
BEGIN(sc_chardisp);
}
-<sc_chardisp>.* {
+<sc_chardisp>.* {
BEGIN(sc_gen_byte);
}
@@ -315,7 +315,7 @@
return WDD_CHUNK;
}
-<sc_wdd_chunknum>{H}+ {
+<sc_wdd_chunknum>{H}{1,8} {
BEGIN(sc_wdd_type);
ascendlval.d = strtoul(ascendtext, NULL, 16);
return HEXNUM;
@@ -349,7 +349,7 @@
/*
* We want to stop processing when we get to the end of the input.
- * (%option noyywrap is not used because if used then
+ * (%option noyywrap is not used because if used then
* some flex versions (eg: 2.5.35) generate code which causes
* warnings by the Windows VC compiler).
*/

View File

@ -1,15 +0,0 @@
--- trunk/epan/dissectors/packet-ansi_a.c 2011/07/07 13:57:08 37929
+++ trunk/epan/dissectors/packet-ansi_a.c 2011/07/07 16:37:33 37930
@@ -2682,10 +2682,10 @@
break;
default:
- proto_tree_add_text(tree, tvb, curr_offset, len - 1,
+ proto_tree_add_text(tree, tvb, curr_offset, len,
"Cell ID - Non IOS format");
- curr_offset += (len - 1);
+ curr_offset += len;
break;
}

View File

@ -1,19 +0,0 @@
--- trunk/epan/dissectors/packet-isakmp.c 2011/07/28 18:17:16 38246
+++ trunk/epan/dissectors/packet-isakmp.c 2011/07/28 22:19:46 38247
@@ -3880,12 +3880,13 @@
offset += 2;
length -= 2;
-
- while (length > 0) {
+ if (spi_size > 0) {
+ while (length > 0) {
proto_tree_add_item(tree, hf_isakmp_delete_spi, tvb, offset, spi_size, FALSE);
offset+=spi_size;
length-=spi_size;
- }
+ }
+ }
}

View File

@ -1,10 +0,0 @@
--- trunk/epan/wslua/template-init.lua 2011/08/08 17:59:32 38413
+++ trunk/epan/wslua/template-init.lua 2011/08/08 19:10:19 38414
@@ -73,5 +73,5 @@
DATA_DIR = datafile_path()
USER_DIR = persconffile_path()
-dofile("console.lua")
---dofile("dtd_gen.lua")
+dofile(DATA_DIR.."console.lua")
+--dofile(DATA_DIR.."dtd_gen.lua")

View File

@ -1,12 +0,0 @@
Index: wireshark-1.4.4/epan/packet.c
===================================================================
--- wireshark-1.4.4.orig/epan/packet.c
+++ wireshark-1.4.4/epan/packet.c
@@ -321,6 +321,7 @@ dissect_packet(epan_dissect_t *edt, unio
edt->pi.annex_a_used = MTP2_ANNEX_A_USED_UNKNOWN;
edt->pi.dcerpc_procedure_name="";
edt->pi.link_dir = LINK_DIR_UNKNOWN;
+ edt->tvb = NULL;
/* to enable decode as for ethertype=0x0000 (fix for bug 4721) */
edt->pi.ethertype = G_MAXINT;

3
wireshark-1.6.3.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:07084c9e0f0a8acefe9fbe860762d2b323b4867e7202d6146f5c581d1d5303e0
size 21468737

View File

@ -1,65 +0,0 @@
Index: wireshark-1.4.3/epan/dissectors/packet-nfs.c
===================================================================
--- wireshark-1.4.3.orig/epan/dissectors/packet-nfs.c
+++ wireshark-1.4.3/epan/dissectors/packet-nfs.c
@@ -8795,6 +8795,8 @@ dissect_nfs_argop4(tvbuff_t *tvb, int of
ftree = proto_item_add_subtree(fitem, ett_nfs_argop4);
}
+ proto_item_append_text(tree, ", Ops(%d):", ops);
+
for (ops_counter=0; ops_counter<ops; ops_counter++)
{
opcode = tvb_get_ntohl(tvb, offset);
@@ -8824,6 +8826,15 @@ dissect_nfs_argop4(tvbuff_t *tvb, int of
break;
}
+ if (opcode != NFS4_OP_PUTFH) {
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_append_fstr(pinfo->cinfo, COL_INFO, " %s",
+ names_nfsv4_operation[opcode - 3].strptr);
+ }
+ }
+ proto_item_append_text(tree, " %s",
+ names_nfsv4_operation[opcode - 3].strptr);
+
switch(opcode)
{
case NFS4_OP_ACCESS:
@@ -9290,6 +9301,8 @@ dissect_nfs_resop4(tvbuff_t *tvb, int of
ftree = proto_item_add_subtree(fitem, ett_nfs_resop4);
}
+ proto_item_append_text(tree, ", Ops(%d):", ops);
+
for (ops_counter = 0; ops_counter < ops; ops_counter++)
{
opcode = tvb_get_ntohl(tvb, offset);
@@ -9321,6 +9334,17 @@ dissect_nfs_resop4(tvbuff_t *tvb, int of
offset = dissect_nfs_nfsstat4(tvb, offset, newftree, &status);
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ if (status != NFS4_OK) {
+ col_append_fstr(pinfo->cinfo, COL_INFO, " %s(%d)",
+ names_nfsv4_operation[opcode - 3].strptr, status);
+ } else if (opcode != NFS4_OP_PUTFH) {
+ col_append_fstr(pinfo->cinfo, COL_INFO, " %s",
+ names_nfsv4_operation[opcode - 3].strptr);
+ }
+ }
+ proto_item_append_text(tree, " %s(%d)",
+ names_nfsv4_operation[opcode - 3].strptr, status);
/*
* With the exception of NFS4_OP_LOCK, NFS4_OP_LOCKT, and
* NFS4_OP_SETATTR, all other ops do *not* return data with the
@@ -9665,7 +9689,7 @@ static const value_string nfsv3_proc_val
static const vsff nfs4_proc[] = {
{ 0, "NULL",
dissect_nfs3_null_call, dissect_nfs3_null_reply },
- { 1, "COMPOUND",
+ { 1, "COMP",
dissect_nfs4_compound_call, dissect_nfs4_compound_reply },
{ 0, NULL, NULL, NULL }
};

View File

@ -1,3 +1,415 @@
-------------------------------------------------------------------
Wed Nov 2 15:07:21 UTC 2011 - tabraham@novell.com
- update to 1.6.3
- Security fixes:
- wnpa-sec-2011-17 The CSN.1 dissector could crash. (Bug 6351)
- Bug fixes:
- Wireshark window takes very long time to show up if invalid
network file path is at recent file list (Bug 3810)
- ISUP party number dissection. (Bug 5221)
- Ethernet packets with both VLAN tag and LLC header no longer
displayed correctly. (Bug 5645)
- SLL encapsuled 802.1Q VLAN is not dissected. (Bug 5680)
- Dissection fails for frames with Gigamon Header and VLAN. (Bug 6305)
- RTP Stream Analysis does not work for TURN-encapsulated RTP. (Bug 6322)
- packet-csn1.c doesn't process CSN_CHOICE entries properly. (Bug 6328)
- GUI crash on invalid IEEE 802.11 GAS frame. (Bug 6345)
- ICMPv6 router advertisement Prefix Information Flag R "Router
Address" missing. (Bug 6350)
- Inner tag of 802.1ad frames not parsed properly. (Bug 6366)
- Added cursor type decoding to MySQL dissector. (Bug 6396)
- WPA IE pairwise cipher suite dissector uses incorrect value_string
list. (Bug 6420)
- text_import_scanner.l missing. (Bug 6531)
- Updated protocol support:
- AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11,
IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL
- New and Updated capture file suppport:
- Endace ERF.
- update to 1.6.2
- Security fixes:
- wnpa-sec-2011-12 A large loop in the OpenSafety dissector could
cause a crash. (Bug 6138)
- wnpa-sec-2011-16 The CSN.1 dissector could crash. (Bug 6139)
- Bug fixes:
- configure ignores (partially) LDFLAGS. (Bug 5607)
- Build fails when it tries to #include <getopt.h>, not present in
Solaris 9. (Bug 5608)
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
- BACnet who-is request device range values are not decoded correctly
in the packet details window. (Bug 5769)
- Wireshark crashes if sercosiii module isn't installed. (Bug 6006)
- Editcap could create invalid pcap files when converting from JPEG.
(Bug 6010)
- Timestamp is incorrectly decoded for ICMP Timestamp Response packets
from MS Windows. (Bug 6114)
- Wrong display of CSN_BIT in CSN.1. (Bug 6151)
- Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c. (Bug 6166)
- Wireshark cannot display Reachable time & Retrans timer in IPv6 RA
messages. (Bug 6168)
- ReadPropertyMultiple-ACK not correctly dissected. (Bug 6178)
- GTPv2 dissectors should treat gtpv2_ccrsi as optional. (Bug 6183)
- tshark run with -Tpdml makes a seg fault. (Bug 6245)
- TShark/dumpcap skips capture duration flag occasionally. (Bug 6280)
- Wireshark improperly parsing 802.11 Beacon Country Information
tag. (Bug 6264)
- Wrong display of CSN_BIT under CSN_UNION. (Bug 6287)
- Updated protocol support:
- BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP,
ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP
- New and Updated capture file suppport:
- CommView, pcap-ng, JPEG.
- update to 1.6.1
- Security fixes:
- Bug fixes:
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
- wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
- Missing LUA function. (Bug 5006)
- Lua API description about creating a new Tvb from a bytearray is
not correct in wireshark's user guide. (Bug 5199)
- Character echo pauses in Capture Filter field in Capture Options.
(Bug 5356)
- White space in protocol field abbreviation causes runtime failure
while registering Lua dissector. (Bug 5569)
- "File not found" box uses wrong filename encoding. (Bug 5715)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many .
(Bug 5803)
- Wireshark crashes if Lua contains "Pref.range()" with missing arguments.
(Bug 5895)
- The "range" field in Lua's "Pref.range()" serves as default while the
"default" field does nothing . (Bug 5896)
- Wireshark crashes when calling TreeItem:set_len() on TreeItem without
tvb. (Bug 5941)
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
- Cannot Live-capture VirtualBox network packets with Wireshark; pipe
problem. (Bug 6002)
- Interface list in Capture Options isn't cleared when selecting other
host. (Bug 6008)
- H323 rate multiplier wrong. (Bug 6009)
- Inclusion of config.h is too late in lex-files resulting in wrong
definition of _FILE_OFFSET_BITS. (Bug 6012)
- tshark crashes when loading Lua script that contains GUI function.
(Bug 6018)
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
decoded/described. (Bug 6022)
- Wireshark crashes when setting custom column's field name with
conditional. (Bug 6028)
- Crash after applying "expert.severity" field as column. (Bug 6035)
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
- The SSL dissector can not resemble correctly the frames after TCP
zero window probe packet. (Bug 6059)
- Packet parser takes too long for this trace. (Bug 6073)
- Wireshark crashes after repeating "File -> Import -> Cancel". (Bug 6080)
- Decoding of MQ ASCII and EBCDIC Traffic Flow - ASCII shows fine,
EBCDIC does not. (Bug 6084)
- 802.11 Association Response Packet's "Status Code" field is imprecisely
decoded/described. (Bug 6093)
- Abis interface not correctly handled in gsmtap dissector. (Bug 6097)
- Wrong decoding of RLC/MAC EGPRS Packet Downlink Ack/Nack (3GPP TS
44.060). (Bug 6098)
- CSN Ack/Nack Description wrongly handled in gsm_rlcmac_dl dissector
(3GPP TS 44.060). (Bug 6101)
- wireshark 1.6.0 and python support: installer fails to create the
wspy_dissectors subdirectory and . (Bug 6110)
- Wireshark crash during RTP stream analysis. (Bug 6120)
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
- New and Updated capture file suppport:
- Network Monitor.
- update to 1.6.0
- Security fixes:
- Bug fixes:
- Wireshark is unresponsive when capturing from named pipes on Windows.
(Bug 1759)
- Crash when sorting column while capturing. (Bug 4273)
- Ring buffers are no longer turned on by default when using multiple
capture files.
- New and updated features:
- Large file (greater than 2 GB) support has been improved.
- Wireshark and TShark can import text dumps, similar to text2pcap
- You can now view Wireshark's dissector tables (for example the TCP
port to dissector mappings) from the main window.
- Wireshark can export SSL session keys via File->Export->SSL Session
Keys...
- You can hide columns in the packet list.
- Wireshark can now export SMB objects.
- dftest and randpkt now have manual pages.
- TShark can now display iSCSI, ICMP and ICMPv6 service response times.
- Dumpcap can now save files with a user-specified group id.
- Syntax checking is done for capture filters.
- You can display the compiled BPF code for capture filters in the
Capture Options dialog.
- You can now navigate backwards and forwards through TCP and UDP
sessions using Ctrl+, and Ctrl+. .
- Packet length is (finally) a default column.
- TCP window size is now avaiable both scaled and unscaled. A TCP window
scaling graph is available in the GUI.
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree
instead of a separate tree
- Various dissectors now display some UTF-16 strings as proper Unicode
including the DCE/RPC and SMB dissectors.
- The RTP player now has an option to show the time of day in the graph
in addition to the seconds since beginning of capture.
- The RTP player now shows why media interruptions occur.
- Graphs now save as PNG images by default.
- TShark can read and write host name information from and to pcapng
formatted files. Wireshark can read it. TShark can dump host name
information via [-z hosts]
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of
[-z <proto>,rtt] for all protocols that support service response
time statistics. This matches Wireshark's syntax for this option.
- Wireshark and TShark can now read compressed Windows Sniffer files.
- New protocol support:
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol,
Broadcast/Multicast Control, Constrained Application Protocol (COAP),
Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre
Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband
Socket Direct Protocol (SDP), JSON, LISP Control, LISP Data, LISP,
MikroTik MAC-Telnet, MRP Multiple Mac Registration Protocol (MMRP) Mongo
Wire Protocol, MUX27010, Network Monitor 802.11 radio header, OPC UA
ExtensionObjects, openSAFETY, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD
Framing, RObust Header Compression (ROHC), RSIP, SAMETIME, SCoP, SGSAP,
Tektronix Teklink, USB/AT Commands, uTorrent Transport Protocol, WAI
authentication, Wi-Fi P2P (Wi-Fi Direct)
- New and Updated capture file suppport:
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments,
TamoSoft CommView
- update to 1.5.1
- Security fixes:
- Bug fixes:
- Wireshark is unresponsive when capturing from named pipes on Windows.
(Bug 1759)
- Ring buffers are no longer turned on by default when using multiple
capture files.
- New and updated features:
- Wireshark and TShark can import text dumps, similar to text2pcap
- You can now view Wireshark's dissector tables (for example the TCP
port to dissector mappings) from the main window.
- TShark can show a specific occurrence of a field when using '-T fields'.
- Custom columns can show a specific occurrence of a field.
- You can hide columns in the packet list.
- Wireshark can now export SMB objects.
- dftest and randpkt now have manual pages.
- TShark can now display iSCSI service response times.
- Dumpcap can now save files with a user-specified group id.
- Syntax checking is done for capture filters
- You can display the compiled BPF code for capture filters in the
Capture Options dialog.
- You can now navigate backwards and forwards through TCP and UDP
sessions using Ctrl+, and Ctrl+. .
- Packet length is (finally) a default column.
- TCP window size is now avaiable both scaled and unscaled. A TCP window
scaling graph is available in the GUI.
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree
- Various dissectors now display some UTF-16 strings as proper Unicode
including the DCE/RPC and SMB dissectors
- The RTP player now has an option to show the time of day in the graph
in addition to the seconds since beginning of capture.
- The RTP player now shows why media interruptions occur.
- Graphs now save as PNG images by default
- TShark can read and write host name information from and to pcapng
formatted files. Wireshark can read it. TShark can dump host name
information via [-z hosts]
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of
[-z <proto>,rtt] for all protocols that support service response
time statistics. This matches Wireshark's syntax for this option.
- New protocol support:
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol,
Constrained Application Protocol (COAP), Digium TDMoE, Erlang
Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over
InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket
Direct Protocol (SDP), JSON, LISP Data, MikroTik MAC-Telnet, Mongo Wire
Protocol, Network Monitor 802.11 radio header, OPC UA ExtensionObjects,
PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RSIP, SAMETIME, SCoP, SGSAP,
Tektronix Teklink, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)
- New and Updated capture file suppport:
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments,
TamoSoft CommView
- update to 1.4.10
- Security fixes:
- wnpa-sec-2011-18 Huzaifa Sidhpurwala of Red Hat Security
Response Team discovered that the Infiniband dissector could
dereference a NULL pointer. (Bug 6476)
- wnpa-sec-2011-19 Huzaifa Sidhpurwala of Red Hat Security
Response Team discovered a buffer overflow in the ERF file
reader. (Bug 6479)
- Bug fixes:
- Assertion failed when doing File->Quit->Save during live
capture. (Bug 1710)
- Wrong PCEP XRO sub-object decoding. (Bug 3778)
- Decoding [Status Records] Timestamp Sequence Field in Bundle
Protocol fails if over 32 bits. (Bug 4109)
- wireshark-1.4.2 crashes when testing the example python
dissector because of a dissector count assertion. (Bug 5431)
- Wireshark crashes when attempting to open a file via drag & drop
when there's already a file open. (Bug 5987)
- Add the ability to save filters from the Filter Toolbar into buttons
on the Filter Toolbar. (Bug 6207)
- Adding and removing custom HTTP headers requires a restart. (Bug 6241)
- Can't read full 64-bit SNMP values. (Bug 6295)
- BACnet property time-synchronization-interval (204) name shown
incorrectly as time-synchronization-recipients. (Bug 6336)
- [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347)
- Export->Object->HTTP-> save all: Error on saving files. (Bug 6362)
- Incorrect identification of UDP-encapsulated NAT-keepalive
packets. (Bug 6414)
- S1AP protocol can't decode IPv6 transportLayerAddress. (Bug 6435)
- RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
(Bug 6449)
- packet-ajp13 fix, cleanup, and enhancement. (Bug 6452)
- Network Instruments Observer file format bugs. (Bug 6453)
- Wireshark crashes when using "Open Recent" 2 times in a row. (Bug 6457)
- Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data
Header. (Bug 6469)
- wireshark unable to decode NetFlow options which have system scope
size != 4 bytes. (Bug 6471)
- Display filter Expression Dialog Box Error. (Bug 6472)
- Updated protocol support:
- AJP13, ASN.1 PER, BACapp, DTN, GSM SMS, Infiniband, IPsec, NetFlow,
PCEP, RTPS2
- update to 1.4.9
- Security fixes:
- wnpa-sec-2011-13 A malformed IKE packet could consume excessive
resources.
- wnpa-sec-2011-14 A malformed capture file could result in an invalid
root tvbuff and cause a crash. (Bug 6135) CVE-2011-3266
- wnpa-sec-2011-15 Wireshark could run arbitrary Lua scripts. (Bug 6136)
- Bug fixes:
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
- H.323 RAS packets missing from packet counts in "Telephony->VoIP
Calls" and the "Flow Graph" for the call. (Bug 5848)
- Malformed Packet in decode for BGP-AD update. (Bug 6122)
- BGP : AS_PATH attribute was decode wrong. (Bug 6188)
- Fixes for SCPS TCP option. (Bug 6194)
- Offset calculated incorrectly for sFlow extended data. (Bug 6219)
- [Enter] key behavior varies when manually typing display filters.
(Bug 6228)
- Contents of pcapng EnhancedPacketBlocks with comments aren't
displayed. (Bug 6229)
- Misdecoding 3G Neighbour Cell Information Element in SI2quater
message due to a coding typo. (Bug 6237)
- Mis-spelled word "unknown" in assorted files. (Bug 6244)
- btl2cap extended window shows wrong bit. (Bug 6257)
- NDMP dissector incorrectly represents "ndmp.bytes_left_to_read"
as signed. (Bug 6262)
- ERF records with extension headers not written out correctly to
pcap or pcap-ng files. (Bug 6265)
- RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276)
- Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
- File types with no snaplen written out with a zero snaplen in pcap-ng
files. (Bug 6289)
- MEGACO context tracking fix - context id reuse. (Bug 6311)
- Updated protocol support:
- BGP, Bluetooth L2CAP, GSM A RR, H.225, IKE, MEGACO, NDMP, RTPS2, SCPS,
sFlow, SNMP
- New and Updated capture file suppport:
- CommView, pcap-ng.
- update to 1.4.8
- Security fixes:
- CVE-2011-2597 The Lucent/Ascend file parser was susceptible to an
infinite loop.
- The ANSI MAP dissector was susceptible to an infinite loop. (Bug 6044)
- Bug fixes:
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
- Wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
- Missing LUA function. (Bug 5006)
- Lua API description about creating a new Tvb from a bytearray is not
correct in wireshark's user guide. (Bug 5199)
- sflow decode error for some extended formats. (Bug 5379)
- White space in protocol field abbreviation causes runtime failure
while registering Lua dissector. (Bug 5569)
- "File not found" box uses wrong filename encoding. (Bug 5715)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many.
(Bug 5803)
- Wireshark crashes if Lua contains "Pref.range()" with missing
arguments. (Bug 5895)
- The "range" field in Lua's "Pref.range()" serves as default while
the "default" field does nothing. (Bug 5896)
- Wireshark crashes when calling TreeItem:set_len() on TreeItem
without tvb. (Bug 5941)
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
- H323 rate multiplier wrong. (Bug 6009)
- tshark crashes when loading Lua script that contains GUI function.
(Bug 6018)
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
decoded/described. (Bug 6022)
- Wireshark crashes when setting custom column's field name with
conditional. (Bug 6028)
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
- The SSL dissector can not resemble correctly the frames after TCP
zero window probe packet. (Bug 6059)
- Packet parser takes too long for this trace. (Bug 6073)
- 802.11 Association Response Packet's "Status Code" field is
imprecisely decoded/described. (Bug 6093)
- Wireshark 1.6.0 and Python support: installer fails to create the
wspy_dissectors subdirectory and . (Bug 6110)
- Wireshark crash during RTP stream analysis. (Bug 6120)
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
- Updated protocol support:
- ANSI MAP, GIOP, H.323, IEEE 802.11, MSRP, RPCAP, sFlow, TCP
- New and Updated capture file suppport:
- Lucent/Ascend
- update to 1.4.7
- Security fixes:
- Large/infinite loop in the DICOM dissector. (Bug 5876)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Diameter dictionary file could crash Wireshark.
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark. (Bug 5912)
- David Maciejak of Fortinet's FortiGuard Labs discovered that malformed
compressed capture data could crash Wireshark. (Bug 5908)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
- Bug fixes:
- AIM dissector has some endian issues. (Bug 5464)
- Telephony->MTP3->MSUS doesn't display window. (Bug 5605)
- Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7")
packets. (Bug 5817)
- Service Indicator in M3UA protocol data. (Bug 5834)
- IEC60870-5-104 protocol, incorrect decoding of timestamp type
CP56Time2a. (Bug 5889)
- DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF
_FDCTR_16NF. (Bug 5920)
- 3GPP QoS: Traffic class is not decoded properly. (Bug 5928)
- Wireshark crashes when creating ProtoField.framenum in Lua. (Bug 5930)
- Fix a wrong mask to extract FMID from DECT packets dissector. (Bug 5947)
- Incorrect DHCPv6 remote identifier option parsing. (Bug 5962)
- Updated protocol support:
- DICOM, IEC104, M3UA, TCP
- New and Updated capture file suppport:
- Network Monitor
- Drop patches (fixed upstream):
+ wireshark-1.6.2-CVE-2011-3483.patch
+ wireshark-1.6.2-CVE-2011-3360.patch
+ wireshark-1.6.2-CVE-2011-3266.patch
+ wireshark-1.4.8-CVE-2011-2698.patch
+ wireshark-1.4.8-CVE-2011-2597.patch
+ wireshark-1.2.17-CVE-2011-2175.patch
+ wireshark-1.2.17-CVE-2011-2174.patch
+ wireshark-1.2.17-CVE-2011-1959.patch
+ wireshark-1.2.17-CVE-2011-1958.patch
+ wireshark-1.2.17-CVE-2011-1957.patch
+ wireshark-nfsv4-opts.patch
- changed spec to resolve rpmlint warning regarding devel package in
non-devel group
- changed spec to resolve rpmlint warnings regarding macro-in-comment
-------------------------------------------------------------------
Mon Sep 26 14:07:31 CST 2011 - cyliu@novell.com

View File

@ -20,7 +20,7 @@
%define use_caps 0
Name: wireshark
Version: 1.4.6
Version: 1.6.3
Release: 1
License: GPLv2+
Summary: A Network Traffic Analyser
@ -28,7 +28,7 @@ Url: http://www.wireshark.org/
Group: Productivity/Networking/Diagnostic
Source: http://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2
Source1: include.filelist
# PATCH-FIX-OPENSUSE wireshark-1.2.0-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
# PATCH-FIX-OPENSUSE wireshark-1.6.3-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
Patch1: %{name}-1.2.0-disable-warning-dialog.patch
# PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
Patch2: %{name}-1.2.0-geoip.patch
@ -36,18 +36,6 @@ Patch2: %{name}-1.2.0-geoip.patch
Patch3: %{name}-corosync-packet-dissector.patch
# PATCH-FIX-OPENSUSE wireshark-1.2.4-enable_lua.patch bnc#650434
Patch4: %{name}-1.2.4-enable_lua.patch
# PATCH-FEATURE-OPENSUSE wireshark-nfsv4-opts.patch -- add NFSv4 options
Patch5: %{name}-nfsv4-opts.patch
Patch6: %{name}-1.2.17-CVE-2011-1957.patch
Patch7: %{name}-1.2.17-CVE-2011-1959.patch
Patch8: %{name}-1.2.17-CVE-2011-2174.patch
Patch9: %{name}-1.2.17-CVE-2011-2175.patch
Patch10: %{name}-1.2.17-CVE-2011-1958.patch
Patch11: %{name}-1.4.8-CVE-2011-2597.patch
Patch12: %{name}-1.4.8-CVE-2011-2698.patch
Patch13: %{name}-1.6.2-CVE-2011-3266.patch
Patch14: %{name}-1.6.2-CVE-2011-3360.patch
Patch15: %{name}-1.6.2-CVE-2011-3483.patch
BuildRequires: bison
BuildRequires: cairo-devel
BuildRequires: flex
@ -89,7 +77,7 @@ view the reconstructed stream of a TCP session.
%package devel
License: GPLv2+
Summary: A Network Traffic Analyser
Group: Productivity/Networking/Diagnostic
Group: Development/Libraries/C and C++
Requires: %{name} = %{version}
Requires: glibc-devel
Requires: glib2-devel
@ -108,18 +96,7 @@ view the reconstructed stream of a TCP session.
%setup -q
%patch2
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch4
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark.desktop
# run as root on 11.3 and older - bnc#349782
@ -139,7 +116,7 @@ ln -fs wireshark %{buildroot}%{_bindir}/ethereal
ln -fs tshark %{buildroot}%{_bindir}/tethereal
install -d -m 0755 %{buildroot}%{_sysconfdir}
install -d -m 0755 %{buildroot}%{_mandir}/man1/
# install -m 0644 *.1 %{buildroot}%{_mandir}/man1/
# install -m 0644 *.1 %%{buildroot}%%{_mandir}/man1/
install -d -m 0755 %{buildroot}%{_includedir}/wireshark
for i in `cat %{SOURCE1}`; do
install -m 644 $i %{buildroot}%{_includedir}/wireshark