File wireshark.changes of Package wireshark.690

Tue Jul 24 19:56:59 UTC 2012 -

- update to upstream 1.4.14 (bnc#772738)
  - security fixes:
    - The PPP dissector could crash.
      CVE-2012-4048 wnpa-sec-2012-11
      It may have been possible to make Wireshark crash by 
      injecting a malformed packet onto the wire or by convincing 
      someone to read a malformed packet trace file.
    - The NFS dissector could use excessive amounts of CPU.
      CVE-2012-4049 wnpa-sec-2012-12
      It may have been possible to make Wireshark consume excessive 
      CPU resources by injecting a malformed packet onto the wire or
      by convincing someone to read a malformed packet trace file.
  - bug fixes:
    - Cannot run tshark under tcp using decode-as format for syslog.
    - Problem with Floating point (double-precision).
    - Netscreen - can't parse packet-header.
    - Wireshark fails to link because of missing @GLIB_LIBS@ 
      reference in
- adjust wireshark-nfsv4-opts.patch for moved source lines

Tue May 22 19:20:17 UTC 2012 -

- update to upstream 1.4.13 (bnc#763634)
  - security fixes:
     - wnpa-sec-2012-08 / CVE-2012-2392
       Infinite and large loops in the ANSI MAP, BACapp, Bluetooth
       HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed.
       Discovered by Laurent Butti. (Bugs 7118, 7119, 7121, 7122,
       7124, 7125)
     - wnpa-sec-2012-09 / CVE-2012-2393
       The DIAMETER dissector could try to allocate memory improperly
       and crash. (Bug 7138)
     - wnpa-sec-2012-10 / CVE-2012-2394
       Wireshark could crash on SPARC processors due to misaligned
       memory. Discovered by Klaus Heckelmann. (Bug 7221)
  - bug fixes:
     - User-Password - PAP decoding passwords longer than 16 bytes.
       (Bug 6779)
     - Wireshark error message for failure to open an rpcap: URL for
       a remote device is malformed. (Bug 6922)
     - Wireshark doesn't calculate the right IPv4 destination using
       source routing options when bad options precede them. (Bug
     - Wrong values in DNS CERT RR. (Bug 7130)
  - Updated Protocol Support
       ANSI MAP, BACapp, Bluetooth HCI, DIAMETER, DNS, IPv4, RADIUS
  - New and Updated Capture File Support
       5View, pcap-ng

- adjust wireshark-1.2.0-disable-warning-dialog.patch for moved lines
- adjust wireshark-corosync-packet-dissector.patch for moved lines
- adjust wireshark-nfsv4-opts.patch for moved lines

Mon Apr 16 07:16:00 UTC 2012 -

- update to 1.4.12
  - fix bnc#754474(CVE-2012-1596), bnc#754476(CVE-2012-1593), bnc#754477(CVE-2012-1595)(fixed upstream)
  - Security fixes:
    - wnpa-sec-2012-04 The ANSI A dissector could dereference a NULL pointer 
      and crash. (Bug 6823)
    - wnpa-sec-2012-06 The pcap and pcap-ng file parsers could crash trying to
      read ERF data. (Bug 6804)
    - wnpa-sec-2012-07 The MP2T dissector could try to allocate too much memory
      and crash. (Bug 6804)
    - The Windows installers now include GnuTLS 1.12.18, which fixes
      several vulnerabilities.
  - Bug fixes:
    - Some PGM options are not parsed correctly. (Bug 5687)
    - dumpcap crashes when capturing from pipe to a pcap-ng file
      (e.g., when passing data from CACE Pilot to Wireshark). (Bug
    - No error for UDP/IPv6 packet with zero checksum. (Bug 6232)
    - packetBB dissector bug: More than 1000000 items in the tree --
      possible infinite loop. (Bug 6687)
    - Ethernet traces in K12 text format sometimes give bogus
      "malformed frame" errors and other problems. (Bug 6735)
    - non-IPP packets to or from port 631 are dissected as IPP. (Bug
    - IAX2 dissector reads past end of packet for unknown IEs. (Bug
    - Pcap-NG files with SHB options longer than 100 bytes aren't
      recognized as pcap-NG files, and options longer than 100 bytes
      in other blocks aren't handled either. (Bug 6846)
    - Patch to fix DTLS decryption. (Bug 6847)
    - Expression... dialog is crash. (Bug 6891)
    - ISAKMP : VendorID CheckPoint : Malformed Packet. (Bug 6972)
    - Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
      (Bug 7000)
    - MySQL dissector assertion. (Ask 8649)
  Updated Protocol Support
  New and Updated Capture File Support
   Endace ERF, Pcap-NG.

Mon Jan 16 04:03:51 UTC 2012 -

- update to 1.4.11
  - fix bnc#741187, bnc#741188, bnc#741190 (fixed upstream)
  - Security fixes:
    - wnpa-sec-2012-01 Laurent Butti discovered that Wireshark failed to
      properly check record sizes for many packet capture file formats. 
      (Bug 6663, bug 6666, bug 6667, bug 6668, bug 6669, bug 6670)
    - wnpa-sec-2012-02 Wireshark could dereference a NULL pointer and 
      crash. (Bug 6634)
    - wnpa-sec-2012-03 The RLC dissector could overflow a buffer. (Bug 6391)
  - Bug fixes:
    - "Closing File!" Dialog Hangs. (Bug 3046)
    - Sub-fields of data field should appear in exported PDML as children
      of the data field instead of as siblings to it. (Bug 3809)
    - Patch to fix memory leaks/errors in Lua plugin. (Bug 5575)
    - Incorrect time differences displayed with time reference set. (Bug 5580)
    - Wrong packet type association of SNMP trap after TFTP transfer. (Bug 5727)
    - Export HTTP Objects -> save all crashes Wireshark. (Bug 6250)
    - Wireshark crashes if a field of type BASE_CUSTOM is applied as a column.
      (Bug 6503)
    - Filter Expression dialog can only be opened once. (Bug 6537)
    - 80211 QoS Control: Add Raw TID. (Bug 6548)
    - CAPWAP dissector tries to allocate -1 bytes of memory during reassembly.
      (Bug 6555)
    - IPv6 frame containing routing header with 0 segments left calculates wrong
      UDP checksum. (Bug 6560)
    - IPv4 UDP/TCP Checksum incorrect if routing header present. (Bug 6561)
    - Incorrect Parsing of SCPS Capabilities Option introduced in response to bug
      6194. (Bug 6562)
    - Add more length checks for integer values in SNMP variable bindings. 
      (Bug 6564)
    - UCP dissector bug of operation 61. (Bug 6570)
    - Various crashes after loading NetMon2.x capture file. (Bug 6578)
    - SIGSEGV in SVN 40046. (Bug 6634)
    - Wireshark dissects TCP option 25 as an "April 1" option. (Bug 6643)
    - ZigBee ZCL Dissector reports invalid status. (Bug 6649)
    - Large packet length crashes Wireshark. (Bug 6663)
    - 5views capture file that crashes wireshark. (Bug 6666)
    - i4b capture file that crashes wireshark. (Bug 6667)
    - iptrace capture file that crashes wireshark. (Bug 6668)
    - netmon2 capture file that crashes wireshark. (Bug 6669)
    - novell capture file that crashes wireshark. (Bug 6670)
    - [UDP] - Length Field of Pseudo Header while computing CheckSum is not
      correct. (Bug 6711)
    - pcapio.c: bug in libpcap_write_interface_description_block. (Bug 6719)  
  - Updated Protocol Support
    - CAPWAP, HTTP, IEEE 802.11, IPv4, IPv6, RLC, SNMP, TCP, TFTP, ZigBee ZCL 
  - New and Updated Capture File Support
    - Accellent 5Views, AIX iptrace, HP-UX nettl, I4B, Microsoft Network 
      Monitor, Novell LANalyzer, PacketLogger, Pcap-ng, Sniffer, Tektronix K12,
      WildPackets {Airo,Ether}Peek. 

Tue Nov  8 03:46:43 UTC 2011 -

- update to 1.4.10
  - Security fixes:
    - wnpa-sec-2011-18 Huzaifa Sidhpurwala of Red Hat Security 
      Response Team discovered that the Infiniband dissector could 
      dereference a NULL pointer. (Bug 6476) 
    - wnpa-sec-2011-19 Huzaifa Sidhpurwala of Red Hat Security 
      Response Team discovered a buffer overflow in the ERF file 
      reader. (Bug 6479) 
  - Bug fixes:
    - Assertion failed when doing File->Quit->Save during live 
      capture. (Bug 1710) 
    - Wrong PCEP XRO sub-object decoding. (Bug 3778)
    - Decoding [Status Records] Timestamp Sequence Field in Bundle 
      Protocol fails if over 32 bits. (Bug 4109) 
    - wireshark-1.4.2 crashes when testing the example python 
      dissector because of a dissector count assertion. (Bug 5431) 
    - Wireshark crashes when attempting to open a file via drag & drop
      when there's already a file open. (Bug 5987) 
    - Add the ability to save filters from the Filter Toolbar into buttons 
      on the Filter Toolbar. (Bug 6207) 
    - Adding and removing custom HTTP headers requires a restart. (Bug 6241)
    - Can't read full 64-bit SNMP values. (Bug 6295) 
    - BACnet property time-synchronization-interval (204) name shown 
      incorrectly as time-synchronization-recipients. (Bug 6336) 
    - [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347) 
    - Export->Object->HTTP-> save all: Error on saving files. (Bug 6362) 
    - Incorrect identification of UDP-encapsulated NAT-keepalive 
      packets. (Bug 6414) 
    - S1AP protocol can't decode IPv6 transportLayerAddress. (Bug 6435)
    - RTPS2 dissector doesn't handle 0 in the octestToNextHeader field. 
      (Bug 6449) 
    - packet-ajp13 fix, cleanup, and enhancement. (Bug 6452) 
    - Network Instruments Observer file format bugs. (Bug 6453) 
    - Wireshark crashes when using "Open Recent" 2 times in a row. (Bug 6457)
    - Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data
      Header. (Bug 6469) 
    - wireshark unable to decode NetFlow options which have system scope 
      size != 4 bytes. (Bug 6471) 
    - Display filter Expression Dialog Box Error. (Bug 6472) 
  - Updated protocol support:
    - AJP13, ASN.1 PER, BACapp, DTN, GSM SMS, Infiniband, IPsec, NetFlow, 
      PCEP, RTPS2

- update to 1.4.9
  - Security fixes:
    - wnpa-sec-2011-13 A malformed IKE packet could consume excessive 
    - wnpa-sec-2011-14 A malformed capture file could result in an invalid 
      root tvbuff and cause a crash. (Bug 6135) CVE-2011-3266
    - wnpa-sec-2011-15 Wireshark could run arbitrary Lua scripts. (Bug 6136)
  - Bug fixes:
    - Unable to configure zero length SNMP Engine ID. (Bug 5731)
    - H.323 RAS packets missing from packet counts in "Telephony->VoIP 
      Calls" and the "Flow Graph" for the call. (Bug 5848)
    - Malformed Packet in decode for BGP-AD update. (Bug 6122) 
    - BGP : AS_PATH attribute was decode wrong. (Bug 6188)
    - Fixes for SCPS TCP option. (Bug 6194) 
    - Offset calculated incorrectly for sFlow extended data. (Bug 6219) 
    - [Enter] key behavior varies when manually typing display filters. 
      (Bug 6228) 
    - Contents of pcapng EnhancedPacketBlocks with comments aren't 
      displayed. (Bug 6229) 
    - Misdecoding 3G Neighbour Cell Information Element in SI2quater 
      message due to a coding typo. (Bug 6237) 
    - Mis-spelled word "unknown" in assorted files. (Bug 6244)
    - btl2cap extended window shows wrong bit. (Bug 6257) 
    - NDMP dissector incorrectly represents "ndmp.bytes_left_to_read"
      as signed. (Bug 6262) 
    - ERF records with extension headers not written out correctly to 
      pcap or pcap-ng files. (Bug 6265) 
    - RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276) 
    - Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
    - File types with no snaplen written out with a zero snaplen in pcap-ng 
      files. (Bug 6289)
    - MEGACO context tracking fix - context id reuse. (Bug 6311)
  - Updated protocol support:
    - BGP, Bluetooth L2CAP, GSM A RR, H.225, IKE, MEGACO, NDMP, RTPS2, SCPS, 
      sFlow, SNMP
  - New and Updated capture file suppport:
    - CommView, pcap-ng. 

- update to 1.4.8
  - Security fixes:
    - CVE-2011-2597 The Lucent/Ascend file parser was susceptible to an 
      infinite loop. 
    - The ANSI MAP dissector was susceptible to an infinite loop. (Bug 6044) 
  - Bug fixes:
    - TCP dissector doesn't decode TCP segments of length 1. (Bug 4716) 
    - Wireshark 1.4.0rc1 and python - spurious message. (Bug 4878) 
    - Missing LUA function. (Bug 5006) 
    - Lua API description about creating a new Tvb from a bytearray is not 
      correct in wireshark's user guide. (Bug 5199)  
    - sflow decode error for some extended formats. (Bug 5379)
    - White space in protocol field abbreviation causes runtime failure 
      while registering Lua dissector. (Bug 5569) 
    - "File not found" box uses wrong filename encoding. (Bug 5715) 
    - capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many. 
      (Bug 5803) 
    - Wireshark crashes if Lua contains "Pref.range()" with missing
      arguments. (Bug 5895)
    - The "range" field in Lua's "Pref.range()" serves as default while 
      the "default" field does nothing. (Bug 5896) 
    - Wireshark crashes when calling TreeItem:set_len() on TreeItem 
      without tvb. (Bug 5941) 
    - TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
    - VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966) 
    - H323 rate multiplier wrong. (Bug 6009)
    - tshark crashes when loading Lua script that contains GUI function. 
      (Bug 6018) 
    - 802.11 Disassociation Packet's "Reason Code" field is imprecisely
      decoded/described. (Bug 6022) 
    - Wireshark crashes when setting custom column's field name with 
      conditional. (Bug 6028) 
    - GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
    - The SSL dissector can not resemble correctly the frames after TCP 
      zero window probe packet. (Bug 6059) 
    - Packet parser takes too long for this trace. (Bug 6073)
    - 802.11 Association Response Packet's "Status Code" field is 
      imprecisely decoded/described. (Bug 6093) 
    - Wireshark 1.6.0 and Python support: installer fails to create the 
      wspy_dissectors subdirectory and . (Bug 6110)
    - Wireshark crash during RTP stream analysis. (Bug 6120)
    - Tshark custom columns: Why don't I get an error message? (Bug 6131) 
  - Updated protocol support:
    - ANSI MAP, GIOP, H.323, IEEE 802.11, MSRP, RPCAP, sFlow, TCP
  - New and Updated capture file suppport:
    - Lucent/Ascend

- update to 1.4.7
  - Security fixes:
    - Large/infinite loop in the DICOM dissector. (Bug 5876)
    - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered 
      that a corrupted Diameter dictionary file could crash Wireshark. 
    - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered 
      that a corrupted snoop file could crash Wireshark. (Bug 5912)
    - David Maciejak of Fortinet's FortiGuard Labs discovered that malformed 
      compressed capture data could crash Wireshark. (Bug 5908)
    - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered 
      that a corrupted Visual Networks file could crash Wireshark. (Bug 5934) 
  - Bug fixes:
    - AIM dissector has some endian issues. (Bug 5464)
    - Telephony->MTP3->MSUS doesn't display window. (Bug 5605)
    - Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7")
      packets. (Bug 5817) 
    - Service Indicator in M3UA protocol data. (Bug 5834) 
    - IEC60870-5-104 protocol, incorrect decoding of timestamp type 
      CP56Time2a. (Bug 5889) 
    - DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF 
      _FDCTR_16NF. (Bug 5920)
    - 3GPP QoS: Traffic class is not decoded properly. (Bug 5928)
    - Wireshark crashes when creating ProtoField.framenum in Lua. (Bug 5930)
    - Fix a wrong mask to extract FMID from DECT packets dissector. (Bug 5947) 
    - Incorrect DHCPv6 remote identifier option parsing. (Bug 5962) 
  - Updated protocol support:
    - DICOM, IEC104, M3UA, TCP
  - New and Updated capture file suppport:
    - Network Monitor

- update to 1.4.6
  - Security fixes:
    - The NFS dissector could crash on Windows.
    - The X.509if dissector could crash
  - Bug fixes:
    - Cygwin make fails after updating to bash v
    - Export HTTP > All - System Appears Hung (but isn't).
    - Some HTTP responses don't decode with TCP reassembly on.
    - Wireshark crashes when cancelling a large sort operation.
    - Wireshark crashes if SSL preferences RSA key is actually a
      DSA key.
    - tshark incorrectly calculates TCP stream for some syn packets
    - Wireshark not able to decode the PPP frame in a sflow
      (RFC3176) flow sample packet because Wireshark incorrectly
      read the protocol in PPP frame header. (Bug 5746)
    - Mysql protocol dissector: all fields should be little endian.
    - Error when opening snoop from Juniper SSG-140.
    - svnversion: command not found.
    - Value of TCP segment data cannot be copied.
    - proto_field_is_referenced() is not exported in
    - Wireshark ver. 1.4.4 not displayed "Granted QoS" field in a
      A11 packet.
  - Updated protocol support:
    - HTTP, LDAP, MySQL, NFS, sFlow, SSL, TCP

- update to 1.4.5
  - Security fixes:
    - The NFS dissector could crash on Windows. (Bug 5209) 
    - The X.509if dissector could crash. (Bug 5754, Bug 5793) 
    - DECT dissector could overflow a buffer. This could allow
      remote code execution on many platforms. 
  - Bug fixes:
    - Export HTTP > All - System Appears Hung (but isn't). (Bug 1671)
    - Some HTTP responses don't decode with TCP reassembly on. (Bug 3785)
    - Wireshark crashes when cancelling a large sort operation. (Bug 5189)
    - Wireshark crashes if SSL preferences RSA key is actually a 
      DSA key. (Bug 5662)
    - wireshark incorrectly calculates TCP stream for some syn 
      packets. (Bug 5743)
    - Wireshark not able to decode the PPP frame in a sflow (RFC3176) flow 
      sample packet because Wireshark incorrectly read the protocol in
      PPP frame header. (Bug 5746)
    - Mysql protocol dissector: all fields should be little endian. (Bug 5759)
    - Error when opening snoop from Juniper SSG-140. (Bug 5762)
    - svnversion: command not found. (Bug 5798)
    - capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many. (Bug 5803)
    - Value of TCP segment data cannot be copied. (Bug 5811)
    - proto_field_is_referenced() is not exported in libwireshark.dll. (Bug 5816)
    - Wireshark ver. 1.4.4 not displayed "Granted QoS" field in a
      A11 packet. (Bug 5822) 
  - Updated Protocol Support
    - HTTP, LDAP, MySQL, NFS, sFlow, SSL, TCP 

- Drop patches (fixed upstream):
  + wireshark-1.6.2-CVE-2011-3483.patch
  + wireshark-1.6.2-CVE-2011-3360.patch
  + wireshark-1.6.2-CVE-2011-3266.patch
  + wireshark-1.4.8-CVE-2011-2698.patch
  + wireshark-1.4.8-CVE-2011-2597.patch
  + wireshark-1.2.17-CVE-2011-2175.patch
  + wireshark-1.2.17-CVE-2011-2174.patch
  + wireshark-1.2.17-CVE-2011-1959.patch
  + wireshark-1.2.17-CVE-2011-1958.patch
  + wireshark-1.2.17-CVE-2011-1957.patch
  + wireshark-1.4.4-CVE-2011-1590.patch
  + wireshark-1.4.4-CVE-2011-1591.patch
  + wireshark-1.4.4-CVE-2011-1592.patch  

Mon Sep 26 14:07:31 CST 2011 -

- security fixes (#bnc 718032)
  * CVE-2011-3266: Wireshark IKE dissector vulnerability
  * CVE-2011-3360: Wireshark Lua script execution vulnerability
  * CVE-2011-3483: Wireshark buffer exception handling vulnerability     

Wed Aug 10 06:25:28 UTC 2011 -

- security fixes (#bnc 706728)
  * CVE-2011-2597: Lucent/Ascend file parser susceptible to infinite loop
  * CVE-2011-2698: ANSI MAP dissector susceptible to infinite loop

Mon Jul 18 07:43:08 UTC 2011 -

- security fixes [#bnc 697516] 
  * CVE-2011-1957: Large/infinite loop in the DICOM dissector
  * CVE-2011-1959: A corrupted snoop file could crash Wireshark
  * CVE-2011-2174: Malformed compressed capture data could crash Wireshark
  * CVE-2011-2175: A corrupted Visual Networks file could crash Wireshark
  * CVE-2011-1958: dereferene a NULL pointer if we had a corrupted Diameter

Tue Apr 26 09:11:54 UTC 2011 -

- security fixes [#bnc 688109]
  * CVE-2011-1590: Use of un-initialised variables
  * CVE-2011-1592: Crash in NFS dissector on Windows 
  * CVE-2011-1591: Buffer overflow in DECT dissector

Tue Mar 8 10:59:35 CST 2011 -

- updated to 1.4.4
  * security fixes
    o The DOCSIS dissector could crash (CVE-2010-1455, bnc#603251)
    o Crash when receiving a malformed SNMP packet 
      (CVE-2010-3445, bnc#643078)
    o Multiple buffer overflow and dereference vulnerabilities 
    o LDSS dissector overflow (CVE-2010-4300, bnc#655448)
    o ZCL dissector infinite loop (CVE-2010-4301, bnc#655448)
    o Buffer overflows in ENTTEC DMX Data RLE and others 
      (CVE-2010-4538, bnc#662029)
    o Freeing uninitialized pointer (CVE-2011-0538, bnc#669908)
    o dct3trace buffer overflow (CVE-2011-0713, bnc#672916)
    o Off-by-one in dissect_6lowpan_iphc (CVE-2011-1138, bnc#678567)
    o Crash via corrupted pcap file (CVE-2011-1139, bnc#678568)
    o Crash via SMB or CLDAP packet (CVE-2011-1140, bnc#678569)
    o Crash in NTLMSSP via crafted pcap file (CVE-2011-1143, bnc#678571)
    o Wireshark pcap buffer overflow (CVE-2011-0024, bnc#683335)
  * Updated Protocol Support
    ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM 
    Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, 
    NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
  * New and Updated Capture File Support
    LANalyzer, Nokia DCT3, Pcap-ng
Tue Feb 15 12:52:45 UTC 2011 -

- updated to 1.4.3
  - security fixes:
     o MAC-LTE dissector could overflow a buffer
     o ENTTEC dissector could overflow a buffer
     o ASN.1 BER dissector could assert and make Wireshark exit prematurely
  - bug fixes:
     o AMQP failed assertion
     o Reassemble.c leaks memory for GLIB > 2.8
     o Fuzz testing reports possible dissector bug: TCP
     o Wrong length calculation in new_octet_aligned_subset_bits()
     o Function dissect_per_bit_string_display might read more bytes
       than available
     o Wireshark crashes with Copy -> Description on date/time fields
     o DHCPv6 OPTION_CLIENT_FQDN parse error
     o Information element Error for supported channels
     o Assert when using ASN.1 dissector with loading a 'type table'
     o Bug with RWH parsing in Infiniband dissector
     o Help->About Wireshark mis-reports OS
     o Delegated-IPv6-Prefix(123) is shown incorrect as
     o "tshark -r file -T fields" is truncating exported data
     o gsm_a_dtap: incorrect "Extraneous Data" when decoding Packet
       Flow Identifier
     o Improper decode of TLS 1.2 packet containing both
       CertificateRequest and ServerHelloDone messages
     o LTE-PDCP UL and DL problem
     o CIGI 3.2/3.3 support broken
     o Prepare Filter in RTP Streams dialog does not work correctly.
     o Wrong decode at ethernet OAM Y.1731 ETH-CC
     o WPS: RF bands decryption
     o Incorrect LTP SDNV value handling
     o LTP bug found by randpkt
     o Buffer overflow in SNMP EngineID preferences
  - updated protocol support:
       AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC,
       GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T,
  - new and updated capture file support:
      Endace ERF, Microsoft Network Monitor, VMS TCPtrace

Wed Dec  8 16:15:13 UTC 2010 -

- updated to 1.4.2
  - security fixes:
    * Nephi Johnson of BreakingPoint discovered that the LDSS
      dissector could overflow a buffer. (Bug 5318)
    * The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
  - bug fixes:
    * File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
    * Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off
      the end of the line" if click on last PDU. (Bug 5285)
    * GTK-ERROR can occur in packets when there are multiple
      Netbios/SMB headers in a single frame. (Bug 5289)
    * "Tshark -G values" crashes on Windows. (Bug 5296)
    * PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
    * PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
    * [lua] Dumper:close() will cause a segfault due later GC of
      the Dumper. (Bug 5320)
    * Network Instruments' trace files sometimes cannot be read with
      an error message of "Observer: bad record: Invalid magic number". (Bug 5330)
    * IO Graph Time of Day times incorrect for filtered data. (Bug 5340)
    * Wireshark tools do not detect and read some ERF files correctly. (Bug 5344)
    * "editcap -h" sends some lines to stderr and others to stdout. (Bug 5353)
    * IP Timestamp Option: "flag=3" variant (prespecified) not displayed
      correctly. (Bug 5357)
    * AgentX PDU Header 'hex field highlighting' incorrectly spans
      extra bytes. (Bug 5364)
    * AgentX dissector cannot handle null OID in Open-PDU. (Bug 5368)
    * Crash with "Gtk-ERROR **: Byte index 6 is off the end of the line". (Bug 5374)
    * ANCP Portmanagment TLV wrong decoded. (Bug 5388)
    * Crash during startup because of Python SyntaxError in (Bug 5389)
  - Updated Protocol Support
      SIP, TCP, Telnet, ZigBee
  - New and Updated Capture File Support
    * Endace ERF, Network Instruments Observer
- fix lua error at startup (enable_lua.patch) [bnc#650434]
- apply nfsv4 patch from Fedora (nfsv4-opts.patch)

Wed Nov 10 15:36:51 UTC 2010 -

- updated to 1.4.1
  * security fixes:
    o stack overflow in ASN.1 BER dissector
  * bug fixes:
    o Incorrect behavior using sorting in the packet list
    o Cooked-capture dissector should omit the source address field if empty
    o MySQL dissector doesn't dissect MySQL stream
    o Wireshark crashes if active display filter macro is renamed
    o Incorrect dissection of MAP V2 PRN_ACK
    o TCP bytes_in_flight becomes inflated with lost packets
    o GTP header is exported in PDML with an incorrect size
    o Packet list hidden columns will not be parsed correctly from preferences file
    o Wireshark does not display the t.38 graph
    o Wireshark don't show mgcp calls in "Telephony → VoIP calls"
    o Wireshark 1.4.0 & VoIP calls "Prepare Filter" problem
    o GTPv2: IMSI is decoded improperly
    o EPS Quality of Service IE decoding is wrong
    o Wireshark mistakenly writes "not all data available" for IPv4 checksum
    o GSM: Cell Channel Description, range 1024 format
    o Wrong SDP interpretation on VoIP call flow chart
    o The CLDAP attribute value on a CLDAP reply is no longer being decoded
    o [NAS EPS] Traffic Flow Template IE dissection bugs
    o [NAS EPS] Use Request Type IE defined in 3GPP 24.008
    o NTLMSSP_AUTH domain and username truncated to first letter with IE8/Windows7
    o IPv6 RH0: dest addr is to be used i.s.o. last RH address when 0 segments remain
    o EIGRP dissection error in Flags field in external route TLVs.
    o MRP packet is not correctly parsed in PROFINET multiple write record request
    o MySQL Enhancement: support of Show Fields and bug fix
    o [NAS EPS] Fix TFT decoding when having several Packet Filters defined
    o Crash if using ssl.debug.file with no password for ssl.keys_list
  * updated protocol support
      ASN.1 BER, ASN.1 PER, EIGRP, GSM A RR, GSM Management, GSM MAP,
      GTP, GTPv2, ICMPv6, Interlink, IPv4, IPv6, IPX, LDAP, LLC, MySQL,

Thu Sep  9 18:34:09 CEST 2010 -

- Update to version 1.4.0:
  + The packet list internals have been rewritten and are now more
  + Columns are easier to use. You can add a protocol field as a
    column by right-clicking on its packet detail item, and you
    can adjust some column preferences by right-clicking the
    column header.
  + Preliminary Python scripting support has been added.
  + Many memory leaks have been fixed.
  + Packets can now be ignored (excluded from dissection), similar
    to the way they can be marked.
  + Manual IP address resolution is now supported.
  + Columns with seconds can now be displayed as hours, minutes
    and seconds.
  + You can now set the capture buffer size on UNIX and Linux if
    you have libpcap 1.0.0 or greater.
  + TShark no longer needs elevated privileges on UNIX or Linux to
    list interfaces. Only dumpcap requires privileges now.
  + Wireshark and TShark can enable 802.11 monitor mode directly
    if you have libpcap 1.0.0 or greater.
  + You can play RTP streams directly from the RTP Analysis
  + Capinfos and editcap now respectively support time order
    checking and forcing.
  + Wireshark now has a "jump to timestamp" command-line option.
  + You can open JPEG files directly in Wireshark.
  + Many new and updated protocols.
  + See NEWS for a full list of changes.
- Drop wireshark-1.2.0-asneeded.patch, fixed upstream.
- Rebase wireshark-corosync-packet-dissector.patch.

Wed Aug 25 16:53:31 UTC 2010 -

- updated to 1.2.10 [bnc#630599]
  * Security fixes:
    o The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4867)
    o The GSM A RR dissector could crash. (Bug 4897)
    o Due to a regression the ASN.1 BER dissector could overrun the stack.
    o The IPMI dissector could go into an infinite loop.
    o CVE-2010-2993
  * Bug fixes:
    o Wireshark crashes after configuring new Information column. (Bug 4854)
    o Crash triggered when changing display filter from right-mouse pop-up menu via packet-list. (Bug 4860)
    o Wireshark crash selecting Inter-Asterisk exchange v2 packet data. (Bug 4868)
    o zlib-1.2.5 cause tshark to stop live capture. (Bug 4916)
    o Crash when adding SNMP users. (Bug 4926)
    o Wireshark via ssh -X on ipv6 link-local address fails to allow capture. (Bug 4945)
    o OMAPI dissector fails to parse combined initialization messages. (Bug 4982)
    o QUERY_FS_INFO for Macintosh level 0x301 - MacSupportFlags decodes wrong. (Bug 4993)
    o SCSI dissector misidentifies ATA PASSTHROUGH command as ACCESS CONTROL IN. (Bug 5037)
    o Wrong decoding of GTP Prime (GTP') packets. (Bug 5055)
  * Updated Protocol Support

Wed Aug 25 16:53:31 UTC 2010 -

- updated to 1.2.9 [bnc#613487]
  * Security fixes:
    o The SMB dissector could dereference a NULL pointer. (Bug 4734)
    o J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack.
    o The SMB PIPE dissector could dereference a NULL pointer on some platforms.
    o The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. (Bug 4826)
    o The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4837)
  * Bug fixes:
    o Cannot open file with File -> Open. (Bug 1791)
    o Application crash when changing real-time option. (Bug 4035)
    o Crash in filter autocompletion. (Bug 4306)
    o The XML dissector doesn't allow dots (".") in tags. (Bug 4405)
    o Live capture stops when using zlib 1.2.5. (Bug 4708)
    o Want to be able to apply decode as to Data Portion of Lan Trace. (Bug 4721)
    o SABP short pdu (packet_per.c). (Bug 4743)
    o Kerberos pre-auth type constants - MS extensions are wrong. (Bug 4752)
    o Check HTTP Content-Length parsing for overflow. (Bug 4758)
    o Wrong variable used for proto_tree_add_text() in ptp dissector. (Bug 4773)
    o Crash when close window frame of gtk file chooser. (Bug 4778)
    o text2pcap expects \n delimited text (instead of \r\n) on win32. (Bug 4780)
    o Wrong decoding for BGP ORF. (Bug 4782)
    o Crash when Ctrl-Backspacing the display filter. (Bug 4797)
    o Acker AFI field incorrect size in PGM dissector. (Bug 4798)
    o Fedora 13: wireshark fails to build (linking problem). (Bug 4815)
    o The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles. (Bug 4839)
    o AES-CTR decoding not working, (dissectors/packet_ipsec.c using gcrypt). (Bug 4838)
  * Updated Protocol Support
    ASN.1 BER, BGP, HTTP, IGMP, IPsec, Kerberos, NFS, PGM, PTP, SABP, SigComp, SMB, TCAP, XML,
  * Updated Capture File Support
    ERF, PacketLogger.

Thu Jun  3 06:41:23 UTC 2010 -

- Added corosync packet dissector (patch 4724 from,
  minus "private key" setting, which doesn't work with
  nice random binary keys in /etc/corosync/authkey)

Fri May 14 12:48:53 CEST 2010 -

- updated to 1.2.8
  * Security Fixes:
    o The DOCSIS dissector could crash. (Bug 4644), (bug 4646)
  * Bug Fixes:
    o HTTP parser limits with Content-Length. (Bug 1958)
    o MATE dissector bug with GOGs. (Bug 3010)
    o Changing fonts and deleting system time from preferences,
      results in wireshark crash. (Bug 3387)
    o ERF file starting with record with timestamp=0,1 or 2 not
      recognized as ERF file. (Bug 4503)
    o The SSL dissector can not correctly resemple SSL records when
      the record header is spit between packets. (Bug 4535)
    o TCP reassembly can call subdissector with incorrect TCP
      sequence number. (Bug 4624)
    o PTP dissector displays big correction field values wrong. (Bug
    o MSF is at Anthorn, not Rugby. (Bug 4678)
    o ProtoField __tostring() description is missing in Wireshark's
      Lua API Reference Manual. (Bug 4695)
    o EVRC packet bundling not handled correctly. (Bug 4718)
    o Completely unresponsive when run very first time by root user.
      (Bug 4308)
  * Updated Protocol Support
  * Updated Capture File Support
    ERF, PacketLogger.

Wed May  5 16:29:26 EST 2010 -

- updated to new stable upstream version 1.2.7
  * Bug Fixes:
    o SNMPv3 Engine ID registration. (Bug 2426)
    o Open file dialog always displayed when clicking anywhere on Wireshark. (Bug 2478)
    o tshark reports wrong number of bytes on big dumpfiles with -z io,stat. (Bug 3205)
    o Negative INTEGER number displayed as positive number in SNMP dissector. (Bug 3230)
    o Add support for FT_BOOLEAN fields to wslua FieldInfo. (Bug 4049)
    o Wireshark crashes w/ GLib error when trying to play RTP stream. (Bug 4119)
    o Windows 2000 support has been restored. (Bug 4176)
    o Wrong dissection on be_cell_id_list for bssmap. (Bug 4437)
    o I/O Graph dropdown boxes not working correctly. (Bug 4487)
    o Runtime Error when right-clicking field and selecting "Filter Field Reference". (Bug 4522)
    o In GSM SMS PDU TPVPF showing wrong. (Bug 4524)
    o Profinet: May be wrong defined byte meaning. (Bug 4525)
    o GLib-CRITICAL ** Message. (Bug 4547)
    o Certain EDP display filters trigger Wireshark/tshark runtime error. (Bug 4563)
    o Some NCP frames trigger "Dissector bug, protocol NCP". (Bug 4565)
    o The encapsulation abbreviation "bluetooth-h4" is ambiguous. (Bug 4613) 
  * Updated Protocol Support:

Mon Feb  1 14:29:26 CET 2010 -

- update desktop file to use xdg-su [bnc#540627]

Mon Feb  1 14:26:27 CET 2010 -

- updated to 1.2.6
  * Security Fixes:
    o Babi discovered several buffer overflows in the LWRES
  * Bug Fixes:
    o Wireshark could crash while decrypting Kerberos data.
    o Address display filters hang Wireshark. (Bug 658)
    o PSML - structure context node missing. (Bug 1564)
    o Wireshark doesn't dynamically update the packet list. (Bug 1605)
     o LUA: There's no tvb_get_stringz() equivalent. (Bug 2244)
     o tvb_new_real_data is prone to memory leak. (Bug 3917)
     o Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986)
     o Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177)
     o Wireshark can't decrypt WPA(2)-PSK when passphrase is 63 bytes. (Bug 4183)
     o RTP stream analysis: Wrong jitter values after clicking the refresh button. (Bug 4340)
     o Wireshark decodes bootp option 2 incorrectly. (Bug 4342)
     o Deleting SMI modules causes Wireshark to crash. (Bug 4354)
     o Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363)
     o PDML output from TShark includes invalid characters. (Bug 4402)
     o Empty GPRS LLC S frames cause truncated data exception. (Bug 4417)
  * Updated Protocol Support
      Kerberos, OPCUA, SCTP, SSL, ZRTP

Mon Feb  1 13:36:40 CET 2010 -

- updated to 1.2.5
  * Security Fixes:
    o The Daintree SNA file parser could overflow a buffer. (Bug 4294)
    o The SMB and SMB2 dissectors could crash. (Bug 4301)
  * Bug Fixes:
    o Wireshark does not graph rtp streams. (Bug 3801)
    o Wireshark showing extraneous data in a TCP stream. (Bug 3955)
    o Wrong decoding of identification. (Bug 3974)
    o TTE dissector bug. (Bug 4247)
    o Upper case in Lua pref symbol causes Wireshark to crash. (Bug 4255)
    o Incorrect display of stream data using "Follow tcp stream" option. (Bug 4288)
    o Custom RADIUS dictionary can cause a crash. (Bug 4316)
  * Updated Protocol Support
      TTE, VNC, X.509sat
  * Updated Capture File Support
      Daintree SNA

Mon Nov 23 16:02:25 UTC 2009 -

- updated to 1.2.4
  * Bug Fixes
    - Can't save RTP stream in both directions. (Bug 4120)
  * Updated Protocol Support

Fri Oct 30 15:47:50 CET 2009 -

- updated to 1.2.3
  * Security fixes:
    - The Paltalk dissector could crash on alignment-sensitive processors.
    - The DCERPC/NT dissector could crash.
    - The SMB dissector could crash.
  * Bug fixes:
    - Wireshark memory leak with each file open and/or display filter change.
    - DHCP Dissector displays negative lease time.
    - Invalid advertised window line on tcptrace style graph.
    - SMB get_dfs_referral referral entry is not dissected correctly.
    - Error dissecting eMule sourceOBFU message.
    - Typos in Diameter XML files.
    - RSL dissector for MS Power IE is broken.
    - FIP dissector throws assertion.
    - TCAP problem with indefinite length 'components' SEQ OF.
    - GSM MAP: an-APDU not decoded.
    - Add "Drag and Drop entries..." message on Columns preferences page.
    - Editcap -t and -w option parses fractional digits incorrectly.
  * Updated Protocol Support
    - DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP,
      Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS

- updated to 1.2.2
  * Security fixes:
    - The GSM A RR dissector could crash. (Bug 3893)
    - The OpcUa dissector could use excessive CPU and memory. (Bug 3986)
    - The TLS dissector could crash on some platforms. (Bug 4008)
  * Bug fixes:
    - The "Capture->Interfaces" window can't be closed.
    - tshark-1.0.2 (dumpcap) signal abort core saved.
    - Memory leak fixes.
    - Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields.
    - Wireshark Portable includes wrong WinPcap installer.
    - Crash when loading a profile.
    - The proto,colinfo tap doesn't work if the INFO column isn't being printed.
    - Flow Graph adds too much unnecessary garbage.
    - The EAP Diameter dictionary file was missing in the distribution.
    - Graph analysis window is behind other window.
    - IKEv2 Cert Request payload dissection error.
    - DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name.
    - Malformed RTCP Packet error while sending Payload specific RTCP feedback packet (as per RFC 4585).
    - 802.11n Block Ack packet Bitmap field missing.
    - Wireshark doesn't decode WBXML/ActiveSync information correctly.
    - Malformed packet when IPv6 packet has Next Header == 59.
    - Wireshark could crash while reading an ERF file.
    - Minor errors in gsm rr dissectors.
    - WPA Decryption Issues.
    - GSM A RR sys info dissection problem.
    - GSM A RR inverts MEAS-VALID values.
    - PDML output leaks ~300 bytes / packet.
    - Incorrect station identifier parsing in Kingfisher dissector.
    - DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect.
    - Wireshark could leak memory while analyzing SSL.
    - Wireshark could crash while updating menu items after reading a file in some cases.
  * Updated Protocol Support
    - DCERPC, DHCPv6, DNS, E.212, GSM A RR, GTPv2, H.248, IEEE 802.11,
  * Updated Capture File Support
    - ERF

- dropped obsoleted 3 CVE patches (see previous entry)

Fri Oct  2 18:19:09 CEST 2009 -

- fix CVE-2009-3241 (CVE-2009-3241.patch) [bnc#541654]
- fix CVE-2009-3242 (CVE-2009-3242.patch) [bnc#541659]
- fix CVE-2009-3243 (CVE-2009-3243.patch) [bnc#541655]

Wed Aug  5 12:45:38 CEST 2009 -

- updated to 1.2.1
  * Bug Fixes
    - The IPMI dissector could overrun a buffer.
    - The AFS dissector could crash.
    - The Infiniband dissector could crash on some platforms.
    - The Bluetooth L2CAP dissector could crash.
    - The RADIUS dissector could crash.
    - The MIOP dissector could crash.
    - The sFlow dissector could use excessive CPU and memory.
    - Wireshark could crash while reading a pcap-ng file.
    - Wireshark could crash while reading a PacketLogger file.
    - CFLOW decoding is wrong for IPv6 fields (Bug 3328)
    - Buildbot crash output: fuzz-2009-04-24-2891.pcap (Bug 3438)
    - packet-dcm, corrupt DICOM export files (Bug 3493)
    - GeoIP map should use random temporary file name (Bug 3530)
    - Wireshark crashes when range_string is the data type (Bug 3536)
    - Pcap-ng breaks VoIP call data (Bug 3539)
    - ANSI MAP legInformation BER Error (Bug 3541)
    - Starting Wireshark Portable 1.2.0 gives error message. (Bug 3547)
    - The title in the TCP sequence graphs is too short. (Bug 3556)
    - USB Packets in pcap-ng Files Not Dissected Properly (Bug 3560)
    - 802.11 decryption is broken (Bug 3590)
    - SMB2 Error Response doesn't decode properly (Bug 3609)
    - uses deprecated autoconf test for gnutls detection (Bug 3627)
    - Radius Malformed Packet error message (Bug 3635)
    - Wireshark could crash when loading a profile. (Bug 3640)
    - Analyze->Decode as... menu item becomes unavailable (Bug 3642)
    - btsnoop: Incorrect error message for not supported datalink type (Bug 3645)
    - Decode error for network-id in BICC BCU-ID (Bug 3648)
    - IEC 60870-5-104 dissector decodes nothing (Bug 3650)
    - radius_register_avp_dissector() can stop RADIUS dissector from working correctly (Bug 3651)
    - ANSI ISUP Cause indicators with coding standard=ANSI fail to dissect. (Bug 3654)
    - Wrong field position in PacketCable Multimedia Extended Classifier (Bug 3656)
    - FF Protocol "FMS Initiate - Version OD Calling" field packet data not unpacked properly (Bug 3694)
    - hci_h4: Optimize column/field handling (Bug 3703)
    - BSSLAP Protocol Not Decoded In BSSMAP-LE Messages (Bug 3711)
    - Description of tshark -t dd missing from tshark.pod (Bug 3723)
    - Problem in packet-per.c for ASN.1 PER Encoding (Bug 3733)
    - [SNMP] Crash when dissecting packet (custom MIB) (Bug 3746)
  * Updated Protocol Support
    - AFS, ANSI ISUP, ANSI MAP, ASN.1 PER, Bluetooth HCI H4, Bluetooth L2CAP,
      BSS CFLOW, COPS, Diameter, DICOM, FF-HSE, ICMPv6, IEC-60870-5-104,
      IEEE 802.11, Infiniband, IPMI, MIOP, RADIUS, RSVP, sFlow, SNMP, SMB2, ZIOP
  * New Capture File Support
    - Btsnoop, DCT3, Packetlogger, pcap-ng

Wed Jul 15 14:06:19 CEST 2009 -

- fix asneeded.patch (patch files also)

Wed Jun 17 17:13:53 CEST 2009 -

- search in /var/lib/GeoIP if user hasn't set any GeoIP folders

Wed Jun 17 12:36:52 CEST 2009 -

- updated to 1.2.0
  Bug Fixes
   Too many bugs have been fixed since the 1.0 release to list here.
   Some notable fixes are:
     o Type-ahead search now works properly.
     o Several bugs that affected capture from pipes have been fixed.
     o Many Lua-related bugs have been fixed.
     o Several memory leaks have been found and fixed.
     o The "Follow TCP Stream" feature could show two streams at the
       same time The hex dump view has been narrowed.
     o WPA and SSL decryption bugs have been fixed.
     o Readability problems on 256-color displays on Windows have
       been fixed.
  New and Updated Features
   The following features are new (or have been significantly
   updated) since version 1.0:
     o Wireshark has a spiffy new start page.
     o Display filters now autocomplete.
     o A 64-bit Windows (x64) installer is now provided.
     o Support for the c-ares resolver library has been added. It has
       many advantages over ADNS.
     o Many new protocol dissectors and capture file formats have
       been added (see below for a complete list).
     o Macintosh OS X support has been improved.
     o GeoIP database lookups.
     o OpenStreetMap + GeoIP integration.
     o Improved Postscript(R) print output.
     o The preference handling code is now much smarter about
     o Support for Pcap-ng, the next-generation capture file format.
     o Support for process information correlation via IPFIX.
     o Column widths are now saved.
     o The last used configuration profile is now saved.
     o Protocol preferences are changeable from the packet details
       context menu.
     o Support for IP packet comparison.
     o Capinfos now shows the average packet rate.
     o GTK1 is no longer supported. (Yes, this is a feature.)
     o Official Windows packages are now built using Microsoft Visual
       C++ 2008 SP1.
  New Protocol Support
   Anything in Anything Protocol, ATM PW, N-to-one Cell Mode,
   B.A.T.M.A.N. Layer 3 Protocol, BACnet MS/TP, BSS LCS Assistance
   Protocol, Canon BJNP, CESoPSN basic NxDS0 mode (no RTP support),
   Charging ASE, Cimetrics MS/TP, DECT Protocol, Digital Private
   Signalling System No 1 Link Layer, DOCSIS Mac Domain Description,
   DOCSIS Registration Request Multipart, DOCSIS Registration
   Response Multipart, DOCSIS Synchronisation Message, E100
   Encapsulation, EHS, Enhanced Variable Rate Codec, Ethernet Global
   Data, Ethernet PW, Exchange 2003 Directory Request For Response,
   Far End Failure Detection, FCoE Initialization Protocol, GOOSE,
   GPEF, GPRS Tunneling Protocol V2, GSM A-I/F COMMON, GSM A-I/F GPRS
   Mobility and Session Management, GSM SACCH, GSM Um Interface, HDLC
   PW, FR port mode (no CW), HDLC-like framing for PPP, IEC
   60870-5-104,Apci, IEC 60870-5-104,Asdu, IEEE 802.15.4 Low-Rate
   Wireless PAN non-ASK PHY, IEEE C37.118 Synchrophasor Protocol,
   Intelligent Platform Management Interface (Session Wrapper),
   Inter-Integrated Circuit, Internal TDM, IPSICTL, ISMACryp
   Protocol, iWARP Direct Data Placement and Remote Direct Memory
   Access Protocol, iWARP Marker Protocol data unit Aligned framing,
   Kontiki Delivery Protocol, LANforge Traffic Generator, Layer 1
   Event Messages, Lb-I/F BSSMAP LE, LeCroy VICP, Link Access
   Procedure, Channel Dm (LAPDm), Local Download Sharing Service, LTE
   Radio Resource Control (RRC) protocol, MAC-LTE, Memcache Protocol,
   Mesh Header, MP4V-ES, Nasdaq TotalView-ITCH, Nasdaq-SoupTCP
   version 2.0, NAT Port Mapping Protocol, Netdump Protocol,
   Non-Access-Stratum (NAS)PDU, PacketLogger, Paltalk Messenger
   Protocol, PDCP-LTE, PW Associated Channel Header, PW Ethernet
   Control Word, PW Frame Relay DLCI Control Word, PW MPLS Control
   Word (generic/preferred), Real-Time Publish-Subscribe Wire
   Protocol 2.x, Remote Packet Capture, RLC-LTE, SAToP (no RTP
   support), SERCOS III V1.1, SIMULCRYPT Protocol, Subnetwork
   Dependent Convergence Protocol XID, Teamspeak2 Protocol,
   TTEthernet, TTEthernet Protocol Control Frame, Turbocell Aggregate
   Data, Turbocell Header, TURN Channel, Unreliable Multicast
   Inter-ORB Protocol, VCDU, Wave Short Message Protocol(IEEE
   P1609.3), Wireless Access Station Session Protocol, Wireshark
   Expert Info, World of Warcraft, Xpress Transport Protocol, ZigBee
   Application Framework, ZigBee Application Support Layer, ZigBee
   Device Profile, ZigBee Encapsulation Protocol, ZigBee Network
   Layer, Zipped Inter-ORB Protocol, ZRTP
  Updated Protocol Support
   There are too many updates to list here.
  New Capture File Support
   Apple Bluetooth PacketLogger, Daintree's Sensor Network Analyzer,
   dct3trace, Pcap-NG, TNEF (yes, those silly winmail.dat

- removed obsoleted patches:
  * help.patch (not needed anymore)
  * sigpipe-block.patch (not needed anymore)

Tue May 26 15:49:43 CEST 2009 -

- made it compile with --as-needed

Fri May 22 13:36:43 CEST 2009 -

- updated to 1.0.8
  * bug fixes
    o The PCNFSD dissector could crash.
  * the following bugs have been fixed:
    o Lua integration could crash (Bug 2453)
    o The SCCP dissector could crash when loading more than one file
      in a single session. (Bug 3409)
    o The NDMP dissector could crash if reassembly was enabled. (Bug 3470)
  * updated protocol support
    o All ASN.1 protocols, DICOM, NDMP, PCNFSD, RTCP, SCCP, SSL, STANAG 5066

Fri Apr 17 21:27:27 CEST 2009 -

- removing --with-ssl and adding --with-gnutls
  * per Wireshark documentation "The SSL dissector is fully functional and even supports
    advanced features such as decryption of SSL if the encryption key can be provided and
    WireShark is compiled against Gnu-TLS (rather than openssl or bsafe)."

Wed Apr 15 23:43:32 CEST 2009 -

- updated to 1.0.7
  o security fixes
    * The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382)
      Versions affected: 0.99.6 to 1.0.6
    * The LDAP dissector could crash on Windows. (Bug 3262)
      Versions affected: 0.99.2 to 1.0.6
    * The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269)
      Versions affected: 0.9.6 to 1.0.6
    * Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366)
      Versions affected: 0.99.6 to 1.0.6
  o bug fixes
    * Correct use of proto_tree_add_int_format() (Bug 3048)
    * RTP dynamic payload clock rates incorrectly determined (Bug 3067)
    * TShark fails to properly close capture files when opening new ones (Bug 3172)
    * ANSI MAP digits type decode and bitmask corrections (Bug 3233)
    * Two small patches for ipvs-syncd dissector (Bug 3236)
    * BGP capability dissection failure (Bug 3247)
    * ANSI MAP fix for missing MEID/MSC ID number in RegNot (Bug 3255)
    * BACnet PrivateTransferError shows malformed packet (Bug 3257)
    * Windows silent installer is not that silent (Bug 3260)
    * Crash in ASN.1 dissector when using 'type table' (Bug 3271)
    * 802.11n SM Power save mode value 0x3 label is incorrect (Bug 3276)
    * 802.11 WME ie displayed incorrectly (Bug 3284)
    * "Copy as filter" from the packet list has been fixed.
  o updated protocol support

Mon Feb 16 15:11:00 CET 2009 -

- updated to 1.0.6
  o security fixes
    * possible crash if the HOME environment variable contained
      sprintf-style string formatting characters
    * possible crash while reading a malformed NetScreen snoop file
    * possible crash while reading a Tektronix K12 text capture file
  o bug fixes
    * Crash when loading capture file and Preferences: NO Info column
    * Some Lua scripts may lead to corruption via out of bounds stack
    * Build with GLib 1.2 fails with error: 'G_MININT32' undeclared
    * Wrong decoding IMSI with GSM MAP protocol
    * Segmentation fault for "Follow TCP stream"
    * SMPP optional parameter 'network_error_code' incorrectly decoded
    * DHCPv6 dissector doesn't handle malformed FQDN
    * WCCP overrides CFLOW as decoded protocol
    * Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object
    * ANSI MAP fix for TRN digits/SMS and OTA subdissection
  o updated protocol support
    * AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS
  o New and Updated Capture File Support
    * NetScreen snoop

Wed Dec 17 15:22:40 CET 2008 -

- updated to 1.0.5
  * security fixes
    o The SMTP dissector could consume excessive amounts of CPU
      and memory
    o The WLCCP dissector could go into an infinite loop
  * bug fixes
    o Missing CRLF during HTTP POST in the "packet details" window
      (Bug 2534)
    o Memory assertion in time_secs_to_str_buf() when compiled
      with GCC 4.2.3 (Bug 2777)
    o Diameter dissector fails RFC 4005 compliance (Bug 2828)
    o LDP vendor private TLV type is not correctly shown (Bug 2832)
    o Wireshark on MacOS does not run when there are spaces in
      its path (Bug 2844)
    o OS X Intel package incorrectly claims to be Universal (Bug 2979)
    o Compilation broke when compiling without zlib (Bug 2993)
    o Memory leaks (Bugs 3017 ... 3022, 3079)
    o Incorrect address structure assigned for find_conversation()
      in WSP (Bug 3071)
    o Error parsing the BSSGP protocol (Bug 3085)
    o Assertion thrown in fvalue_get_uinteger when decoding TIPC
      (Bug 3086)
    o LUA script : Wireshark crashes after closing and opening again
      a window used by a listener.draw() function. (Bug 3090)
  * Updated Protocol Support
    ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP,
    MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066,

Mon Nov 24 16:13:47 CET 2008 -

- fix wireshark freeze when closing capture window [bnc#417850]
- don't show warning when running as root [bnc#349782]
- altered .desktop file to run wireshark gui as root automatically

Tue Nov  4 14:04:16 CET 2008 -

- updated to 1.0.4
  * security fixes
     o Florent Drouin and David Maciejak found that the Bluetooth ACL
       dissector could crash or abort. (Bug 1513)
     o The Q.931 dissector could crash or abort. (Bug 2870)
     o Wireshark could abort while reading Tamos CommView capture
       files. (Bug 2926)
     o David Maciejak found that the USB dissector could crash or
       abort. This led to the disovery of a similar problem in the
       Bluetooth RFCOMM dissector. (Bug 2922)
     o Vivek Gupta and David Maciejak found that the PRP and MATE
       dissectors could make Wireshark crash. (Neither PRP nor MATE
       are enabled by default.) (Bug 2549)
  * bug fixes
     o Let MP2T call its subdissectors, even without tree (Bug 2627)
     o Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
       (Bug 2685)
     o Failure to dissect long SASL wrapped LDAP response (Bug 2687)
     o Fix compiler warnings (Bug 2823)
     o Homeplug dissection bugs (Bug 2859)
     o Malformed Packet DCP ETSI error (Bug 2860)
     o Wrong size of selected_registrar in WPS dissector (Bug 2865)
     o Dissector assertion displaying cookies in DTLS frames (Bug
     o Missing field type in documentation (Bug 2889)
     o Wireshark -p switch seems to have no effect to PROMISCUOUS
       mode (Bug 2891)
     o Misspelled PPI error vector magnitude filter (Bug 2903)
     o Modbus Function 43 Encapsulated Interface Transport decoding
       (Bug 2917)
     o Crash when printing or exporting some protocol data (Bug 2934)
     o Crash when selecting "Export Selected Packet Bytes" (Bug 2964)
  * updated protocol support
      AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug,
      IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL,
      SNMP, USB, WPS
  * new and updated capture file support
      AiroPeek, CommView

Thu Sep  4 17:58:51 CEST 2008 -

- updated to 1.0.3 - bug fixes:
  o The NCP dissector was susceptible to a number of problems,
    including buffer overflows and an infinite loop.
  o Wireshark could crash while uncompressing zlib-compressed
    packet data.
  o Wireshark could crash while reading a Tektronix .rf5 file.
  o 802.11 WPA/WPA2-PSK Unable to decode Group Keys. (Bug 1420)
  o Packets could wrongly be dissected as "Redback Lawful
    Intercept" (Bug 2376)
  o MIKEY dissector improvements (Bug 2400)
  o tvb_get_bits{16|32} could read past the end of a tvbuff (Bug
  o Incorrect wslua function names. (Bug 2448)
  o Memory corruption in wslua. (Bug 2453)
  o Unknown PPPoE TAGs which are present in a PPPoE discovery
    packet are not displayed under "PPPoE Tags" subtree/section.
    (Bug 2458)
  o Following a TCP stream could incorrectly reassemble packets.
    (Bug 2606)
  o SIP decode shows fully expanded "Content-Length" header
    instead of compact form. (Bug 2635)
  o Segmentation fault loading trace containing NCP packets. (Bug
  o SIP packets might incorrectly be displayed as malformed. (Bug
  o RTCP BYE padding interpreted incorrectly. (Bug 2778)
  o Reversed RTP stream is saved as silent .au file, forward
    stream saves correctly. (Bug 2780)
  o Fix some lint warnings. (Bug 2822)
  o Setting a duration on a capture file would capture for an
    extra second.

Wed Apr  2 11:30:51 CEST 2008 -

- updated to 1.0.0 \o/
  * setcurity fixes:
    o the X.509sat dissector could crash
    o the Roofnet dissector could crash
    o the LDAP dissector could crash
    o the SCCP dissector could crash while using the "decode as" feature
  * buf fixes:
    o several SNMP-related bugs have been fixed
    o several memory-related bugs have been fixed
  * new protocol support:
      IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol, RedBack
      Lawful Intercept, Xcsl
  * updated protocol support:
      AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP
      (renamed from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay,
      EtherCAT, FIX, GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS,
      JXTA, NCP, P_Mul, PCAP, PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP,
      TIPC, TPNCP, UNISTIM, X.25, X.509sat, XML
  *  new and updated capture file support:
     Hilscher Analyzer
- dropped patches:
  * strncat.patch (obsoleted by update)

Thu Feb 28 11:38:06 CET 2008 -

- updated to 0.99.8
  * security fixes
     o fixed crash in SCTP, SNMP and TFTP dissectors
   The following bugs have been fixed:
     o Wireshark could crash when:
       - saving I/O graphs
       - editing table-based preferences
       - trying to play RTP streams.
       - trying to apply a display filter macro
       - using Turkish and other locales.
  * new features:
     o multiple configuration profiles
     o temporary coloring rules (let you color or filter on a conversation)
     o I/O graphs have been improved
     o Wireshark now has WLAN traffic statistics
     o the Wireshark GUI now supports RPCAP
     o conversations and endopoints can now be limited to the current display filter
     o experimental support for the NTAR/PcapNG file format
  * new protocol support:
      AiroPeek Remote Capture, China Mobile Point to Point, Distributed
      Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
      Foundation, International Passenger Airline Reservation
      System/Airline Link Control, Microsoft DirectPlay, Path
      Computation Element communication Protocol, Real Time Messaging
      Protocol, S1 Application Protocol, Scripting Service Protocol,
      Societe Internationale de Telecommunications Aeronautiques, Unisys
      Transmittal System, Wi-fi Protected Setup,
  * updated protocol support:
      3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI
      MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL,
      DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet,
      H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE
      802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP,
      MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM,
      PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT
      TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420,
      X.509if, X.509sat
  * new and updated capture file support:
      Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
      Visual Networks
- removed obsolete patch:
  * strptime.patch (included in update)
- added bison and flex to BuildRequires

Thu Feb 21 04:51:57 CET 2008 -

- fix -devel package dependencies

Wed Jan  9 13:20:10 CET 2008 -

- fix strptime function inclusion (strptime.patch)
- do not package non linux READMEs

Wed Dec 19 13:34:17 CET 2007 -

- updated to 0.99.7
  * security fixes
    o Wireshark could crash when reading an MP3 file.
    o Beyond Security discovered that Wireshark could loop
      excessively while reading a malformed DNP packet.
    o Stefan Esser discovered a buffer overflow in the SSL
    o The ANSI MAP dissector could be susceptible to a buffer
      overflow on some platforms.
    o The Firebird/Interbase dissector could go into an infinite
      loop or crash.
    o The NCP dissector could cause a crash.
    o The HTTP dissector could crash on some systems while decoding
      chunked messages.
    o The MEGACO dissector could enter a large loop and consume
      system resources.
    o The DCP ETSI dissector could enter a large loop and consume
      system resources.
    o Fabiodds discovered a buffer overflow in the iSeries (OS/400)
      Communication trace file parser.
    o The PPP dissector could overflow a buffer.
    o The Bluetooth SDP dissector could go into an infinite loop.
    o A malformed RPC Portmap packet could cause a crash.
    o The IPv6 dissector could loop excessively.
    o The USB dissector could loop excessively or crash.
    o The SMB dissector could crash.
    o The RPL dissector could go into an infinite loop.
    o The WiMAX dissector could crash due to unaligned access on
      some platforms.
    o The CIP dissector could attempt to allocate a huge amount of
      memory and crash.
  * bug fixes
    o Handling of non-ASCII file names and paths has been improved.
    o Wireshark could crash while editing a coloring rule or a UAT
    o The display filter code could crash while bitwise ANDing an
      IPv4 address.
  * news and updates
    o Most of the capture code has been moved out of the GUI, which
      means that Wireshark no longer needs to be run as root.
    o Many display filter names have been cleaned up. If your
      favorite display filter just went missing, please consult the
      display filter reference to find out where it ended up.
    o You can now filter directly on SNMP OIDs.
    o IO graphs have more display options, and you can now export
    o You can now follow UDP streams in addition to TCP and SSL
    o You can now disable coloring rules without deleting them.
    o Main window toolbar buttons are now available even when the
      window is small.
    o Optimizations have been applied in some places to make
      Wireshark start up and run faster.
  * new protocol support
      ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS,
      EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and
      802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM,
      Wake on LAN, WiMAX ASN Control Plane, X.224,
  * updated protocol support
      3Com XNS, 3G A11, ACN, ACP123, ACSE, AIM, ANSI IS-637-A, ANSI MAP,
      Armagetronad, BACapp, BACnet, BER, BFD, BGP, Bluetooth, CAMEL,
      DNS, DOP, DTLS, DUA, eDonkey, ELSM, ESL, Ethernet, FC ELS, FC,
      HTTP, IAX2, ICMPv6, IEEE 802.11, INAP, IP, IPMI, IPv6, ISAKMP,
      ISIS, iSNS, ISUP, IUUP, JXTA, K12, Kerberos, L2TP, LAPD, LDAP,
      PES, MPEG, MTP2, MySQL, NBAP, NetFlow, nettl, NFS, NSIP, OSPF,
      PRES, PROFINET, PTP, Q.932 ROS, Q.932, QSIG, Radiotap, RADIUS,
      SIGCOMP, SIP, Slow Protocols, SMB, SMPP, SMTP, SNDCP, SNMP, SRP,
      SSL, STANAG 4406, STUN2, TCAP, TCP, text/media, TIPC, ULP, UMA,
      UMTS FP, V5UA, VNC, WiMAX M2M, WiMAX, WLCCP, X.411, X.420, X.509
      SAT, XML
  * new and updated capture file support
      Catapult DCT 2000, Endace ERF, Juniper NetScreen snoop, Visual
      Networks, Windows Sniffer (NetXRay)
- removed fwrite_unused_result.patch

Tue Sep  4 00:24:50 CEST 2007 -

- disable -Werror for now

Thu Jul 26 16:58:58 CEST 2007 -

- changed libpcap to libpcap-devel in BuildRequires

Tue Jul 10 11:22:31 CEST 2007 -

- updated to 0.99.6
  * security fixes:
    * crash when dissecting an HTTP chunked response
    * crash while reading iSeries capture files
    * exhaust system memory while reading a malformed DCP ETSI packet
    * loop excessively while reading a malformed SSL packet
    * DHCP/BOOTP dissector susceptible to an off-by-one error
    * loop excessively while reading a malformed MMS packet
  * bug fixes:
    * WEP decryption would only work for the first key specified
    * WEP and WPA decryption didn't work for QoS frames
    * WPA decryption failed if EAPOL handshake packets contained extra data
    * Wireshark failed to parse colon-separated WEP keys
    * merging files in Wireshark now appends files properly
    * hang while saving an RTP stream with bad timestamp data
    * frame.time_delta display filter now works as expected
  * for full information see:
- added fwrite_unused_result.patch (fixes warn_unused_result warnings in fwrite calls)
- dropped obsolete patches:
  * dissectors.patch (included in update)

Wed Mar  7 13:48:57 CET 2007 -

- added [t]ethereal symlinks [#252117]
- cleaned spec file

Wed Feb  7 10:56:50 CET 2007 -

- fix SSL support [#242738]
- fix build warnings in dissector's code (dissectors.patch)

Tue Feb  6 09:38:41 CET 2007 -

- update to 0.99.5
  * security fixes [#237246]
    - CVE-2007-0459 The TCP dissector could hang or crash
    - CVE-2007-0458 The HTTP dissector could crash
    - CVE-2007-0457 The IEEE 802.11 dissector could crash
    - CVE-2007-0456 The LLT dissector could crash
  * various bug fixes, added new protocols, see
    for full information
- dropped obsoleted patches:
  * wireshark-0.99.4-printf.diff (included in update)

Thu Dec  7 10:30:28 CET 2006 -

- fixed libdir path in spec file

Mon Nov 13 16:29:07 CET 2006 -

- update to 0.99.4
  * final 0.99.4 release

Tue Nov  7 14:33:33 CET 2006 -

- fix manpage permissions

Mon Oct 30 11:19:14 CET 2006 -

- update to 0.99.4pre1
  * security fixes (#213226)

Thu Aug 24 13:31:08 CEST 2006 -

- updated to version 0.99.2 [#201437]
  * security bugfixes
  * the packet list context menu now includes a conversation filter
  * now generate ACL rules for several popular firewall products
  * new protocols: Daytime, JPEG (RTP payload), Pegasus Lightweight
    Stream Control, Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport
- removed oblsoleted patch buffer_overflow_fix.patch

Tue Jul 25 15:34:04 CEST 2006 -

- project Ethereal moved to Wireshark project (renamed)
- updated to version 0.99.2
  * security bugfixes
  * multicast stream analysis
  * you can now find next/previous marked frames
  * the SMB dissector tracks filenames and share names
  * added reading support of BER-encoded files
  * new protocols: Bluetooth HCI (ACL, Command, Event, L2CAP, H4,
    RFCOMM, SCO, SDP), Cisco WIDS, DTLS, Ether-S-Bus, OMA ULP,
    PN-MRP, PN-MRRT, REXEC (yes, that REXEC), RRLP, RSerPool
    (CalcAppProtocol, ComponentStatusProtocol, FractalGeneratorProtocol,
    PingPongProtocol), Telkonet, TiVoConnect Discovery Protocol
- fixed buffer overflow in nettl.c [wireshark#1015] (buffer_overflow_fix.patch)
- removed obsoleted patches (CVE-2006-1932-40.patch, hash_returnval.patch,

Mon Jun 12 16:19:16 CEST 2006 -

- fixed forgoten return value (hash_retval.patch) [#183696]

Wed May  3 09:01:49 CEST 2006 -

- fixed security bugs [#167928] (CVE-2006-1932 - CVE-2006-1940)

Wed Jan 25 21:35:45 CET 2006 -

- converted neededforbuild to BuildRequires

Sat Jan  7 18:27:16 CET 2006 -

- updated to version 0.10.14

Wed Dec 21 13:02:50 CET 2005 -

- added -fstack-protector
- add pcre/pcre-devel to get regexp support.

Tue Nov  1 16:26:26 CET 2005 -

- fixed infinite loop [#128637] (infinite-loop.patch)

Fri Oct 21 11:07:07 CEST 2005 -

- updated to version 0.10.13 (a lot of security fixes enpa-sa-00021)

Tue Sep  6 21:39:28 CEST 2005 -

- Add kerberos-devel-packages to neededforbuild and --with-krb5=/usr to the
  configure arguments; [#115457].

Wed Aug 31 09:23:51 CEST 2005 -

- changed category of desktop file from Monitor to System [#114060]

Mon Aug 29 22:33:59 CEST 2005 -

- all data moved from /usr/X11R6 to /usr [#112816]
- branched devel package and packed includes [#112815]

Wed Jul 27 14:43:03 CEST 2005 -

- updated to version 0.10.12 (a lot of security fixes enpa-sa-00020)
- removed obsoleted gcc4 patch
- removed unneeded .la files
- moved /etc/{manuf,diameter} to /usr/X11R6/share/ethereal
  (changed loading data files)
Fri May  6 10:22:44 CEST 2005 -

- updated to version 0.10.11 (a lot of security fixes enpa-sa-00019)

Wed May  4 12:01:42 CEST 2005 -

- fixed segfaults when trying to access help [#81523]

Thu Mar 17 18:04:14 CET 2005 -

- fixed security bugs in Etheric, GPRS-LLC, 3GPP2 A11, IAPP dissectors.
  [#71777] (enpa-sa-00018: CAN-2005-0704, CAN-2005-0705, CAN-2005-0699,
- fixed bugs in JXTA, sFlow

Fri Jan 21 14:08:05 CET 2005 -

- updated to version 0.10.9

Wed Jan 12 18:52:23 CET 2005 -

- updated to version 0.10.8

Wed Dec 08 14:15:58 CET 2004 -

- added new icon

Tue Nov 30 13:46:48 CET 2004 -

- updated to version 0.10.7
- packaged missed pixmap file

Wed Oct 27 11:46:20 CEST 2004 -

- Add rpm-devel, popt-devel and tcpd-devel to #nfb to fix build
- Don't remove buildroot in install

Wed Aug 25 13:57:21 CEST 2004 -

- Add libadns and libadns-devel to BuildRequires, [#43590].

Mon Aug 16 19:00:10 CEST 2004 -

- updated to version 0.10.6
- removed obsoleted patches (ipv6-filter-fix, secfix1)
- merged help-fix patch in config patch

Wed Jul 14 12:33:34 CEST 2004 -

- updated to version 0.10.5 (security update) [#42820]
  * several security fixes; enpa-sa-00015 (CAN-2004-0633, CAN-2004-0634,

Thu Apr 29 13:31:26 CEST 2004 -

- added missing online help [#39518]

Fri Apr 02 13:31:08 CEST 2004 -

- added check for resolved address in default filter
  (modified  previous patch ipv6-filter-fix.diff)

Mon Mar 29 11:59:10 CEST 2004 -

- updated to version 0.10.3 (security update) [#35449]
  * several security fixes; enpa-sa-00013; CAN-2004-0176 CAN-2004-0367,
- fixed lib64 paths
- fixed default filter (ipv6 problem)

Tue Mar 23 16:09:11 CET 2004 -

- fixed locating manuf file in /etc [#34386]

Tue Mar 02 17:07:34 CET 2004 -

- added desktop file with "X-KDE-SubstituteUID=true" (asks for root passwd)

Wed Feb 25 13:16:01 CET 2004 -

- updated to version 0.10.2

Thu Jan 22 23:23:07 CET 2004 -

- Update to 0.10.0a
- Use -fno-strict-aliasing
- Use gtk2

Sat Jan 10 11:02:01 CET 2004 -

- build as user

Thu Dec 18 15:35:19 CET 2003 -

- fixed security bug (in SMB dissectors);[#33650] enpa-sa-00012

Mon Nov 10 13:48:12 CET 2003 -

- use net-snmp instead of ucdsnmp

Thu Nov 06 15:47:43 CET 2003 -

- fixed security bugs (in GTP,ISAKMP,MEGACO,SOCKS dissectors); enpa-sa-00011

Sat Aug 16 16:50:01 CEST 2003 -

- install desktop file

Fri Jul 25 15:19:33 CEST 2003 -

- updated to version 0.9.14
  * support for searching for arbitrary text and binary data in frames
  * new protocols: Echo, eDonkey, Jabber, MS Messenger, sFlow

Thu Jul  3 16:58:59 CEST 2003 -

- update to version 0.9.13
  * support for GNU ADNS library
  * "Decode As..." functionality has been added to Tethereal via the "-d" flag
  * support for a system-wide color filter file
  * several security fixes; enpa-sa-00010; CAN-2003-0428 CAN-2003-0429
    CAN-2003-0431 CAN-2003-0432
- removed gcc patch as included in upstream

Mon Mar 10 16:55:32 CET 2003 -

- update to version 0.9.10 (security fix)
- removed obsoleted unused plugin patch

Fri Mar  7 01:48:07 CET 2003 -

- removed mminimal-toc from CFLAGS (ppc64)

Wed Jan 29 14:08:44 CET 2003 -

- updated to version 0.9.9
  * more statistics have been added
  * the RADIUS dissector can now decrypt user passwords
  * new protocols:  MDSHDR, MEGACO, MySQL, SDLC, X.29

Mon Jan 27 01:56:56 CET 2003 -

- fix build with gcc-3.3

Wed Jan 22 23:10:47 CET 2003 -

- updated to version 0.9.8
  * new protocols:  ARCNET, ClearCase NFS, DCERPC LSA_DS, Fibre Channel,
    HyperSCSI, MDNS, PCLI, RPL,  802.1s MSTP, FIX, GSS-API, Interbase, NDPS,
    Netflow (Cisco and Juniper), SCCP-Management, SPNEGO
- plugin fix (added header file with macros)

Wed Aug 28 14:24:40 CEST 2002 -

- added %config to file list

Fri Aug 23 11:41:00 CEST 2002 -

- update to version 0.9.6 (security fix)

Thu Aug 15 12:52:38 CEST 2002 -

- update to version 0.9.5 (security fix)

Sat Jun 29 21:22:08 CEST 2002 -

- build with -mminimal-toc on ppc64

Wed Jan 16 10:08:21 CET 2002 -

- update to version 0.9.0

Mon Nov 26 10:36:42 CET 2001 -

- update to version 0.8.20

Wed Jul 25 13:40:31 CEST 2001 -

- update to version 0.8.19

Fri Jun 15 10:06:50 CEST 2001 -

- added openssl, openssl-devel to neededforbuild
- run confugure with --with-ssl=/usr
- link against libcrypto (libsnmp needs it)
- fixed to compile with ipv6 support

Fri Jun  8 13:43:21 CEST 2001 -

- fixed to compile with new autoconf

Tue Apr 24 15:15:51 CEST 2001 -

- fixed warnings on ia64

Tue Mar 20 15:27:20 CET 2001 -

- upgrade to version 0.8.16

Tue Mar  6 13:30:03 CET 2001 -

- upgrade to version 0.8.15

Mon Nov  6 02:20:12 CET 2000 -

- fixed neededforbuild

Tue Oct 31 13:57:12 CET 2000 -

- upgrade to version 0.8.13
- bzipped sources

Thu Aug  3 09:18:12 CEST 2000 -

- upgrade to version 0.8.11

Mon Jun 12 10:46:58 CEST 2000 -

- upgrade to version 0.8.9

Wed May 10 15:05:25 CEST 2000 -

- upgrade to version 0.8.8

Thu Apr 13 14:29:50 CEST 2000 -

- upgrade to version 0.8.6
- added BuildRoot

Mon Apr 10 22:06:38 CEST 2000 -

- added suse update config macro

Wed Mar  1 14:20:59 MET 2000 -

- new version, 0.8.3

Wed Jan 19 09:58:05 MET 2000 -

- new version, 0.8.1

Thu Nov 25 12:34:15 CET 1999 -

- new version, 0.7.8

Thu Oct 28 16:55:41 CEST 1999 -

-  new version, 0.7.7

Mon Sep 13 17:23:57 CEST 1999 -

- ran old prepare_spec on spec file to switch to new prepare_spec.

Wed Sep  1 18:04:36 CEST 1999 -

- new version

Tue Jul 13 12:42:22 MEST 1999 -

- use gtk and glib instead of gtkn and glibn

Mon Jul 12 01:48:43 MEST 1999 -

- libpcap is an extra package now

Thu Jul  8 10:43:00 MEST 1999 -

- new version, v0.6.3

Tue Jun  1 16:58:22 MEST 1999 -

- fixed: X11 -> X11R6

Wed May 26 09:39:50 MEST 1999 -

- new package v0.6.2
openSUSE Build Service is sponsored by