- Wireshark 2.6.5 (bsc#1117740):
* CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)
* CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)
* CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)
* CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)
* CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)
* CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)
* CVE-2018-19628: The ZigBee ZCL dissector could crash (wnpa-sec-2018-57)
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html (forwarded request 652577 from AndreasStieger)
OBS-URL: https://build.opensuse.org/request/show/652578
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wireshark?expand=0&rev=141
- Wireshark 2.6.5 (bsc#1117740):
* CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)
* CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)
* CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)
* CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)
* CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)
* CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)
* CVE-2018-19628: The ZigBee ZCL dissector could crash (wnpa-sec-2018-57)
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html
OBS-URL: https://build.opensuse.org/request/show/652577
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=265
- update to 2.6.0
* Bug Fixes
- The following bugs have been fixed:
- Dumpcap might not quit if Wireshark or TShark crashes.
(Bug 1419)
* New and Updated Features
The following features are new (or have been significantly
updated) since version 2.5.0:
- HTTP Request sequences are now supported.
- Wireshark now supports MaxMind DB files. Support for GeoIP
and GeoLite Legacy databases has been removed.
- The Windows packages are now built using Microsoft Visual
Studio 2017.
- The IP map feature (the “Map” button in the “Endpoints”
dialog) has been removed.
The following features are new (or have been
significantly updated) since version 2.4.0:
- Display filter buttons can now be edited, disabled, and
removed via a context menu directly from the toolbar
- Drag & Drop filter fields to the display filter toolbar or
edit to create a button on the fly or apply the filter as
a display filter.
- Application startup time has been reduced.
- Some keyboard shortcut mix-ups have been resolved by
assigning new shortcuts to Edit → Copy methods.
- TShark now supports color using the --color option.
- The "matches" display filter operator is now case-insensitive.
- Display expression (button) preferences have been converted
to a UAT. This puts the display expressions in their own file.
Wireshark still supports preference files that contain the
old preferences, but new preference files will be written
without the old fields.
- SMI private enterprise numbers are now read from the
“enterprises.tsv” configuration file.
- The QUIC dissector has been renamed to Google QUIC
(quic → gquic).
- The selected packet number can now be shown in the Status Bar
by enabling Preferences → Appearance → Layout → Show selected
packet number.
- File load time in the Status Bar is now disabled by default
and can be enabled in
Preferences → Appearance → Layout → Show file load time.
- Support for the G.729A codec in the RTP Player is now added
via the bcg729 library.
- Support for hardware-timestamping of packets has been added.
- Improved NetMon .cap support with comments, event tracing,
network filter, network info types and some Message Analyzer
exported types.
- The personal plugins folder on Linux/Unix is now
~/.local/lib/wireshark/plugins.
- TShark can print flow graphs using -z flow…
- Capinfos now prints SHA256 hashes in addition to RIPEMD160
and SHA1. MD5 output has been removed.
- The packet editor has been removed. (This was a GTK+ only
experimental feature.)
- Support BBC micro:bit Bluetooth profile
- The Linux and UNIX installation step for Wireshark will now
install headers required to build plugins. A pkg-config file
is provided to help with this (see “doc/plugins.example” for
details). Note you must still rebuild all plugins between
minor releases (X.Y).
- The Windows installers and packages now ship with Qt 5.9.4.
- The generic data dissector can now uncompress zlib compressed
data.
- DNS Stats now supports service level statistics.
- DNS filters for retransmissions and unsolicited responses
have been added.
- The “tcptrace” TCP Stream graph now shows duplicate ACKS and
zero window advertisements.
- The membership operator now supports ranges, allowing display
filters such as tcp.port in {4430..4434} to be expressed.
See the User’s Guide, chapter Building display filter
expressions for details.
* New Protocol Support
* Updated Protocol Support
- Too many protocols have been updated to list here.
* New and Updated Capture File Support
- Microsoft Network Monitor
* New and Updated Capture Interfaces support
- LoRaTap
- drop patch wireshark-1.2.0-geoip.patch, because file to patch
no more exists
OBS-URL: https://build.opensuse.org/request/show/603740
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=246
- Wireshark 2.4.4:
* fixes for dissector crashes:
+ CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
+ CVE-2018-5335: WCP dissector could crash (bsc#1075738)
+ CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
* No longer enable the Linux kernel BPF JIT compiler via the
net.core.bpf_jit_enable sysctl, as this would make systems
more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753)
* Further bug fixes and updated protocol support as listed in:
ittps://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html
OBS-URL: https://build.opensuse.org/request/show/563929
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=238
This release fixes minor vulnerabilities that could be used to
trigger dissector crashes or infinite loops by making Wireshark
read specially crafted packages from the network or a capture
file (boo#1062645):
* CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42)
* CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43)
* CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44)
* CVE-2017-15190: RTSP dissector crash (wnpa-sec-2017-45)
* CVE-2017-15189: DOCSIS infinite loop (wnpa-sec-2017-46)
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=232
