File wireshark.changes of Package wireshark.SUSE_SLE-11_Update
-------------------------------------------------------------------
Wed Aug 29 20:29:12 UTC 2018 - astieger@suse.com
- Update to 2.2.17 (bsc#1106514):
* CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
* CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
* CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.17.html
- packaging change: temporarily disable upstream tarball signature
verification, use hashes from signed release announcement e-mail
-------------------------------------------------------------------
Wed Jul 25 09:04:11 UTC 2018 - lszhu@suse.com
- Update to wireshark 2.2.16, fix such issues:
* bsc#1101804 - VUL-1: CVE-2018-14340: wireshark: dissectors
that support zlib decompression could crash
* bsc#1101802 - VUL-1: CVE-2018-14370: wireshark: IEEE 802.11
protocol dissector could crash
* bsc#1101788 - VUL-1: CVE-2018-14344: wireshark: ISMP dissector
could crash
* bsc#1101777 - VUL-1: CVE-2018-14342: wireshark: BGP protocol
dissector could go into a large loop
* bsc#1101810 - VUL-1: CVE-2018-14339: wireshark: MMSE dissector
could go into an infinite loop
* bsc#1101800 - VUL-1: CVE-2018-14369: wireshark: HTTP2 dissector
could crash
* bsc#1101794 - VUL-1: CVE-2018-14368: wireshark: Bazaar
protocol dissector could go into an infinite loop
* bsc#1101791 - VUL-1: CVE-2018-14367: wireshark: CoAP protocol
dissector could crash
* bsc#1101786 - VUL-1: CVE-2018-14343: wireshark: ASN.1 BER
dissector could crash
* bsc#1101776 - VUL-1: CVE-2018-14341: wireshark: DICOM dissector
could go into a large or infinite loop
* bsc#1094301 - VUL-0: wireshark: multiple vulnerabilities fixed
in 2.6.1, 2.4.7, 2.2.15
* CVE-2018-11359: wnpa-sec-2018-33: Multiple dissectors could
crash
* CVE-2018-11361: wnpa-sec-2018-32: IEEE 802.11 dissector crash
* CVE-2018-11358: wnpa-sec-2018-31: Q.931 dissector crash
* CVE-2018-11360: wnpa-sec-2018-30: GSM A DTAP dissector crash
* CVE-2018-11356: wnpa-sec-2018-29: DNS dissector crash
* CVE-2018-11357: wnpa-sec-2018-28: Multiple dissectors could
consume excessive memory
* CVE-2018-11355: wnpa-sec-2018-27: RTCP dissector crash
* CVE-2018-11354: wnpa-sec-2018-26: IEEE 1905.1a dissector crash
* CVE-2018-11362: wnpa-sec-2018-25: LDSS dissector crash
-------------------------------------------------------------------
Fri Apr 13 08:05:08 UTC 2018 - lszhu@suse.com
- Update to wireshark 2.2.14, fix such issues:
* bsc#1088200 VUL-0: wireshark: multiple vulnerabilities
fixed in 2.2.14, 2.4.6
* CVE-2018-9256: LWAPP dissector crash
* CVE-2018-9260: IEEE 802.15.4 dissector crash
* CVE-2018-9261: NBAP dissector crash
* CVE-2018-9262: VLAN dissector crash
* CVE-2018-9263: Kerberos dissector crash
* CVE-2018-9264: ADB dissector crash
* CVE-2018-9265: tn3270 dissector has a memory leak
* CVE-2018-9266: ISUP dissector memory leak
* CVE-2018-9267: LAPD dissector memory leak
* CVE-2018-9268: SMB2 dissector memory leak
* CVE-2018-9269: GIOP dissector memory leak
* CVE-2018-9270: OIDS dissector memory leak
* CVE-2018-9271: multipart dissector memory leak
* CVE-2018-9272: h223 dissector memory leak
* CVE-2018-9273: pcp dissector memory leak
* CVE-2018-9274: failure message memory leak
* CVE-2018-9259: MP4 dissector crash
-------------------------------------------------------------------
Tue Mar 13 03:04:46 UTC 2018 - lszhu@suse.com
- to wireshark 2.2.13, fix such issues:
* bsc#1082692 - VUL-0: wireshark: mutiple vulnerabilities
fixed in 2.2.13, 2.4.5
* CVE-2018-7335: The IEEE 802.11 dissector could crash
(wnpa-sec-2018-05)
* CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324,
* CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328,
* CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332,
* CVE-2018-7333, CVE-2018-7421: Multiple dissectors could go
into large infinite loops (wnpa-sec-2018-06)
* CVE-2018-7334: The UMTS MAC dissector could crash
(wnpa-sec-2018-07)
* CVE-2018-7337: The DOCSIS dissector could crash
(wnpa-sec-2018-08)
* CVE-2018-7336: The FCP dissector could crash
(wnpa-sec-2018-09)
* CVE-2018-7320: The SIGCOMP dissector could crash
(wnpa-sec-2018-10)
* CVE-2018-7420: The pcapng file parser could crash
(wnpa-sec-2018-11)
* CVE-2018-7417: The IPMI dissector could crash
(wnpa-sec-2018-12)
* CVE-2018-7418: The SIGCOMP dissector could crash
(wnpa-sec-2018-13)
* CVE-2018-7419: The NBAP disssector could crash
(wnpa-sec-2018-14)
-------------------------------------------------------------------
Fri Jan 19 03:02:03 UTC 2018 - lszhu@suse.com
- Update to wireshark 2.2.12, fix such issues:
*bsc#1075748 - VUL-1: wireshark: activation of the kernel BPF JIT
compiler makes system more vulnerable to Spectre variant 1
(CVE-2017-5753)
*bsc#1075739 - (CVE-2018-5336) VUL-0: CVE-2018-5336:
wireshark: Multiple dissectors could crash
*bsc#1075738 - (CVE-2018-5335) VUL-0: CVE-2018-5335:
wireshark: WCP dissector crash
*bsc#1075737 - (CVE-2018-5334) VUL-0: CVE-2018-5334:
wireshark: IxVeriWave file parser crash
*bsc#1074171 - (CVE-2017-17935) VUL-0: CVE-2017-17935: wireshark:
File_read_line function bad '\n' handling could lead to denial
of service
*bsc#1077080 - (CVE-2017-17997) VUL-0: CVE-2017-17997: wireshark:
Misuse of NULL pointer in MRDISC dissector
-------------------------------------------------------------------
Mon Dec 4 05:42:31 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.2.11, fix such issues:
fate#324095 - [ECO] Update wireshark to 2.2.x release for
SLE11 Update
bsc#1070727 - wireshark: Version 2.2.11 fixes three crashes
* CVE-2017-17084: IWARP_MPA dissector crash (wnpa-sec-2017-47)
* CVE-2017-17083: NetBIOS dissector crash (wnpa-sec-2017-48)
* CVE-2017-17085: CIP Safety dissector crash (wnpa-sec-2017-49)
Added patch:
* wireshark-1.10.0-authors-pod2man.patch
* wireshark-1.10.0-enable_lua.patch
* wireshark-1.2.0-disable-warning-dialog.patch
* wireshark-1.2.0-geoip.patch
Added signature file:
* SIGNATURES-2.2.11.txt
Added keyring file:
*SIGNATURES-2.2.11.txt
Removed patch:
*wireshark-disable-warning-dialog.patch
-------------------------------------------------------------------
Mon Oct 16 03:17:59 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.2.10, fix such issues:
bsc#1062645 - VUL-0: wireshark: release 2.2.10 and 2.4.2
*wnpa-sec-2017-42: BT ATT dissector crash (CVE-2017-15192)
*wnpa-sec-2017-43: MBIM dissector crash (CVE-2017-15193)
*wnpa-sec-2017-44: DMP dissector crash (CVE-2017-15191)
-------------------------------------------------------------------
Tue Sep 19 07:53:01 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.2.9, fix such issues:
*bsc#1056248: VUL-1: CVE-2017-13767: wireshark: MSDP dissector
infinite loop
*bsc#1056249: VUL-1: CVE-2017-13766: wireshark: Profinet I/O
buffer overrun
*bsc#1056251: VUL-1: CVE-2017-13765: wireshark: IrCOMM dissector
buffer overrun
*bsc#1045341: VUL-1: CVE-2017-9766: wireshark: PROFINET IO data
with a high recursion depth allows to cause a denial of service
in thedissect_IODWriteReq
*bsc#1044417: VUL-0: CVE-2017-9617: wireshark: in version 2.2.7
deeply nested DAAP data may cause stack exhaustion
-------------------------------------------------------------------
Tue Jul 25 10:53:56 UTC 2017 - abergmann@suse.com
- Library files are only included in the main package and not inside
the -devel rpm.
-------------------------------------------------------------------
Fri Jul 21 08:10:04 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.0.14, such issues fixed:
*bsc#1049621: CVE-2017-11411: wireshark: The openSAFETY dissector
could crash or exhaust system memory because of missing length
validation
*bsc#1049255: CVE-2017-11410: The WBXML dissector could go into
an infinite loop.
*bsc#1049255: CVE-2017-11408: The AMQP dissector could crash.
*bsc#1049255: CVE-2017-11407: The MQ dissector could crash.
*bsc#1049255: CVE-2017-11406: The DOCSIS dissector could go
into an infinite loop.
-------------------------------------------------------------------
Tue Jun 13 15:50:25 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.0.13, such issues fixed:
* bsc#1042304: CVE-2017-9352: Bazaar dissector infinite loop (wnpa-sec-2017-22)
* bsc#1042303: CVE-2017-9348: DOF dissector read overflow (wnpa-sec-2017-23)
* bsc#1042302: CVE-2017-9351: DHCP dissector read overflow (wnpa-sec-2017-24)
* bsc#1042301: CVE-2017-9346: SoulSeek dissector infinite loop (wnpa-sec-2017-25)
* bsc#1042300: CVE-2017-9345: DNS dissector infinite loop (wnpa-sec-2017-26)
* bsc#1042305: CVE-2017-9349: DICOM dissector infinite loop (wnpa-sec-2017-27)
* bsc#1042299: CVE-2017-9350: openSAFETY dissector memory exh.. (wnpa-sec-2017-28)
* bsc#1042298: CVE-2017-9344: BT L2CAP dissector divide by zero (wnpa-sec-2017-29)
* bsc#1042309: CVE-2017-9343: MSNIP dissector crash (wnpa-sec-2017-30)
* bsc#1042308: CVE-2017-9347: ROS dissector crash (wnpa-sec-2017-31)
* bsc#1042307: CVE-2017-9354: RGMP dissector crash (wnpa-sec-2017-32)
* bsc#1042306: CVE-2017-9353: wireshark: IPv6 dissector crash (wnpa-sec-2017-33)
-------------------------------------------------------------------
Tue Apr 18 08:48:30 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.0.12, such issues fixed:
* bsc#1033936: CVE-2017-7700: NetScaler file parser could go into an infinite loop (wnpa-sec-2017-14)
* bsc#1033937: CVE-2017-7701: BGP dissector could go into an infinite loop (wnpa-sec-2017-16)
* bsc#1033938: CVE-2017-7702: WBXML dissector could go into an infinite loop (wnpa-sec-2017-13)
* bsc#1033939: CVE-2017-7703: IMAP dissector could crash (wnpa-sec-2017-12)
* bsc#1033940: CVE-2017-7704: DOF dissector could go into an infinite loop (wnpa-sec-2017-17)
* bsc#1033941: CVE-2017-7705: RPC over RDMA dissector could go into an infinite loop (wnpa-sec-2017-15)
* bsc#1033942: CVE-2017-7745: SIGCOMP dissector could go into an infinite loop (wnpa-sec-2017-20)
* bsc#1033943: CVE-2017-7746: SLSK dissector could go into an infinite loop (wnpa-sec-2017-19)
* bsc#1033944: CVE-2017-7747: PacketBB dissector could crash (wnpa-sec-2017-18)
* bsc#1033945: CVE-2017-7748: WSP dissector could go into an infinite loop (wnpa-sec-2017-21)
-------------------------------------------------------------------
Wed Mar 29 06:14:43 UTC 2017 - lszhu@suse.com
- Update to wireshark 2.0.11 (fate#321770)
* CVE-2016-7179: Catapult DCT2000 dissector crash (bsc#998963)
* CVE-2016-9376: OpenFlow dissector crash (bsc#1010735)
* CVE-2016-9375: DTN dissector could go into an infinite loop (bsc#1010740)
* CVE-2016-9374: The AllJoyn dissector could crash (bsc#1010752)
* CVE-2016-9373: The DCERPC dissector could crash (bsc#1010754)
* CVE-2016-7175: QNX6 QNET dissector crash (bsc#998761)
* CVE-2016-7176: H.225 dissector crash (bsc#998762)
* CVE-2016-7177: Catapult DCT2000 dissector crash (bsc#998763)
* CVE-2016-7180: IPMI Trace dissector crash (bsc#998800)
* CVE-2016-7178: UMTS FP dissector crash (bsc#998964)
* CVE-2017-6014: Crafted or malformed STANAG 4607 capture file will
cause an infinite loop (bsc#1025913)
* CVE-2017-5596, CVE-2017-5597: Two dissector infinite/large
loops fixed in 2.2.4, 2.0.10 (bsc#1021739)
* Multiple dissector crashes and infinite loops fixed.
-------------------------------------------------------------------
Mon Aug 22 15:03:14 UTC 2016 - lszhu@suse.com
- Wireshark 1.12.13 (bnc#991012, bnc#991013, bnc#991015,
bnc#991016, bnc#991017, bnc#991018, bnc#991019,bnc991020)
In this release, the following CVEs have been fixed:
*CVE-2016-6504: wireshark: NDS dissector crash
*CVE-2016-6505: wireshark: PacketBB dissector could divide
by zero
*CVE-2016-6506: wireshark: WSP infinite loop
*CVE-2016-6507: wireshark: MMSE infinite loop
*CVE-2016-6508: wireshark: RLC long loop
*CVE-2016-6509: wireshark: LDSS dissector crash
*CVE-2016-6510: wireshark: RLC dissector crash
*CVE-2016-6511: wireshark: OpenFlow long loop
https://www.wireshark.org/docs/relnotes/wireshark-1.12.13.html
-------------------------------------------------------------------
Tue Jun 21 14:55:46 UTC 2016 - lszhu@suse.com
- Wireshark 1.12.12 (bnc#983671)
In this release, the following CVEs have been fixed:
* CVE-2016-5350: SPOOLS infinite loop
* CVE-2016-5351: IEEE 802.11 dissector crash
* CVE-2016-5352: IEEE 802.11 dissector crash, different
from wpna-sec-2016-30
* CVE-2016-5353: UMTS FP crash
* CVE-2016-5354: USB dissector crash
* CVE-2016-5355: Toshiba file parser cras
* CVE-2016-5356: CoSine file parser crash
* CVE-2016-5357: NetScreen file parser crash
* CVE-2016-5358: Ethernet dissector crash
* CVE-2016-5359: WBXML infinite loop
https://www.wireshark.org/docs/relnotes/wireshark-1.12.12.html
-------------------------------------------------------------------
Tue Apr 26 05:40:16 UTC 2016 - cyliu@suse.com
- Wireshark 1.12.11 (bnc#976944)
This release fixes a number issues in protocol dissectors that
could have allowed a remote attacker to crash Wireshark or cause
excessive CPU usage through specially crafted packages inserted
into the network or a capture file.
* The PKTC dissector could crash (wnpa-sec-2016-22)
* The PKTC dissector could crash (wnpa-sec-2016-23)
* The IAX2 dissector could go into an infinite loop (wnpa-sec-2016-24)
* Wireshark and TShark could exhaust the stack (wnpa-sec-2016-25)
* The GSM CBCH dissector could crash (wnpa-sec-2016-26)
* The NCP dissector could crash (wnpa-sec-2016-28)
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.11.html
-------------------------------------------------------------------
Wed Mar 2 06:59:26 UTC 2016 - cyliu@suse.com
- Wireshark 1.12.10 [bnc#968565]
The following vulnerabilities have been fixed:
* CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03)
* CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
* CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
* CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
* GSM A-bis OML dissector crash (wnpa-sec-2016-14)
* ASN.1 BER dissector crash (wnpa-sec-2016-15)
* ASN.1 BER dissector crash (wnpa-sec-2016-18)
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.10.html
-------------------------------------------------------------------
Thu Dec 31 07:25:56 UTC 2015 - cyliu@suse.com
- Wireshark 1.12.9 [bnc#960382]
The following vulnerabilities have been fixed:
* NBAP dissector crashes.
wnpa-sec-2015-31 CVE-2015-8711
* UMTS FP dissector crashes.
wnpa-sec-2015-32 CVE-2015-8712 CVE-2015-8713
* DCOM dissector crash.
wnpa-sec-2015-33 CVE-2015-8714
* AllJoyn dissector infinite loop.
wnpa-sec-2015-34 CVE-2015-8715
* T.38 dissector crash.
wnpa-sec-2015-35 CVE-2015-8716
* SDP dissector crash.
wnpa-sec-2015-36 CVE-2015-8717
* NLM dissector crash.
wnpa-sec-2015-37 CVE-2015-8718
* DNS dissector crash.
wnpa-sec-2015-38 CVE-2015-8719
* BER dissector crash.
wnpa-sec-2015-39 CVE-2015-8720
* Zlib decompression crash.
wnpa-sec-2015-40 CVE-2015-8721
* SCTP dissector crash.
wnpa-sec-2015-41 CVE-2015-8722
* 802.11 decryption crash.
wnpa-sec-2015-42 CVE-2015-8723 CVE-2015-8724
* DIAMETER dissector crash.
wnpa-sec-2015-43 CVE-2015-8725
* VeriWave file parser crashes.
wnpa-sec-2015-44 CVE-2015-8726
* RSVP dissector crash.
wnpa-sec-2015-45 CVE-2015-8727
* ANSI A & GSM A dissector crashes.
wnpa-sec-2015-46 CVE-2015-8728
* Ascend file parser crash.
wnpa-sec-2015-47 CVE-2015-8729
* NBAP dissector crash.
npa-sec-2015-48 CVE-2015-8730
* RSL dissector crash.
wnpa-sec-2015-49 CVE-2015-8731
* ZigBee ZCL dissector crash.
wnpa-sec-2015-50 CVE-2015-8732
* Sniffer file parser crash
wnpa-sec-2015-51 CVE-2015-8733
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.9.html
-------------------------------------------------------------------
Tue Oct 27 06:18:57 UTC 2015 - cyliu@suse.com
- Wireshark 1.12.8 [bnc#950437]
The following vulnerabilities have been fixed:
* pcapng file parser could crash while copying an interface filter.
wnpa-sec-2015-30 CVE-2015-7830
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.8.html
-------------------------------------------------------------------
Wed Aug 19 02:42:30 UTC 2015 - cyliu@suse.com
- Wireshark 1.12.7 [bnc#941500]
The following vulnerabilities have been fixed:
* Wireshark could crash when adding an item to the protocol tree.
wnpa-sec-2015-21
* Wireshark could attempt to free invalid memory.
wnpa-sec-2015-22
* Wireshark could crash when searching for a protocol dissector.
wnpa-sec-2015-23
* The ZigBee dissector could crash.
wnpa-sec-2015-24
* The GSM RLC/MAC dissector could go into an infinite loop.
wnpa-sec-2015-25
* The WaveAgent dissector could crash.
wnpa-sec-2015-26
* The OpenFlow dissector could go into an infinite loop.
wnpa-sec-2015-27
* Wireshark could crash due to invalid ptvcursor length checking.
wnpa-sec-2015-28
* The WCCP dissector could crash.
wnpa-sec-2015-29
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
- Delete some backported patches which is already included in 1.12.7
- wireshark-CVE-2015-3813.patch
- wireshark-1.12-gsm-dtap.patch
- wireshark-1.10.12-fix-wmem-headers.patch
-------------------------------------------------------------------
Wed Jul 1 08:30:14 UTC 2015 - cyliu@suse.com
- Backport fix from 1.12.6 [bnc#935158]
wireshark-1.12-gsm-dtap.patch
-------------------------------------------------------------------
Tue Jun 2 05:45:26 UTC 2015 - cyliu@suse.com
- Backport some security fixes from 1.12.5 [bnc#930689]
*CVE-2015-3813
wireshark-CVE-2015-3813.patch
-------------------------------------------------------------------
Mon Jun 1 09:12:37 UTC 2015 - cyliu@suse.com
- Wireshark 1.10.14 [bnc#930691]
- The following vulnerabilities have been fixed:
* The WCP dissector could crash while decompressing data.
CVE-2015-3811 wnpa-sec-2015-14
* The X11 dissector could leak memory.
CVE-2015-3812 wnpa-sec-2015-15
* The IEEE 802.11 dissector could go into an infinite loop.
CVE-2015-3814 wnpa-sec-2015-17
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.14.html
-------------------------------------------------------------------
Wed Mar 11 14:53:07 CST 2015 - cyliu@suse.com
- Wireshark 1.10.13
- The following security issues were fixed:
* The WCP dissector could crash.
wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696]
* The pcapng file parser could crash.
wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697]
* The TNEF dissector could go into an infinite loop.
wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699]
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html
-------------------------------------------------------------------
Fri Jan 16 07:40:24 UTC 2015 - cyliu@suse.com
- Wireshark 1.10.12
- The following vulnerabilities allowed Wireshark to be crashed by
injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.
+ The WCCP dissector could crash
wnpa-sec-2015-01 CVE-2015-0559 CVE-2015-0560 [boo#912365]
+ The LPP dissector could crash.
wnpa-sec-2015-02 CVE-2015-0561 [boo#912368]
+ The DEC DNA Routing Protocol dissector could crash.
wnpa-sec-2015-03 CVE-2015-0562 [boo#912369]
+ The SMTP dissector could crash.
wnpa-sec-2015-04 CVE-2015-0563 [boo#912370]
+ Wireshark could crash while decypting TLS/SSL sessions.
wnpa-sec-2015-05 CVE-2015-0564 [boo#912372]
- wireshark-1.10.12-fix-wmem-headers.patch
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.12.html
-------------------------------------------------------------------
Fri Nov 14 06:14:14 UTC 2014 - cyliu@suse.com
- update to 1.10.11
- The following vulnerabilities have been fixed.
+ SigComp UDVM buffer overflow
wnpa-sec-2014-20 CVE-2014-8710 bnc#905246
+ AMQP crash
wnpa-sec-2014-21 CVE-2014-8711 bnc#905245
+ NCP crashes
wnpa-sec-2014-22 CVE-2014-8712 CVE-2014-8713 bnc#905248
+ TN5250 infinite loops
wnpa-sec-2014-23 CVE-2014-8714 bnc#905247
- Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
- enable zlib [bnc#899303]
-------------------------------------------------------------------
Mon Sep 22 06:24:51 UTC 2014 - cyliu@suse.com
- update to 1.10.10 [bnc#897055]
Package upgraded to 1.10.x from 1.8.x as it was discontinued.
This update fixes vulnerabilities in Wireshark that could allow
an attacker to crash Wireshark or make it become unresponsive by
sending specific packages onto the network or have it loaded via
a capture file while the dissectors are running. It also contains
a number of other bug fixes.
* RTP dissector crash
wnpa-sec-2014-12 CVE-2014-6421 CVE-2014-6422
* MEGACO dissector infinite loop
wnpa-sec-2014-13 CVE-2014-6423
* Netflow dissector crash
wnpa-sec-2014-14 CVE-2014-6424
* RTSP dissector crash
wnpa-sec-2014-17 CVE-2014-6427
* SES dissector crash
wnpa-sec-2014-18 CVE-2014-6428
* Sniffer file parser crash
wnpa-sec-2014-19 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431
CVE-2014-6432
- Further bug fixes as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html
- includes changes from 1.10.9:
fixes several crashes triggered by malformed protocol packages
- vulnerabilities fixed:
* The Catapult DCT2000 and IrDA dissectors could underrun a buffer
wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162 (bnc#889901)
* The GSM Management dissector could crash
wnpa-sec-2014-09 CVE-2014-5163 (bnc#889906)
* The RLC dissector could crash
wnpa-sec-2014-10 CVE-2014-5164 (bnc#889900)
* The ASN.1 BER dissector could crash
wnpa-sec-2014-11 CVE-2014-5165 (bnc#889899)
- Further bug fixes as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html
-------------------------------------------------------------------
Thu Sep 18 05:50:25 UTC 2014 - cyliu@suse.com
- bnc#889854 - VUL-0: Wireshark 1.10.9 fixes several crashes
triggered by malformed protocol packages
* The Catapult DCT2000 and IrDA dissectors could underrun a buffer.
wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162
* The GSM Management dissector could crash.
wnpa-sec-2014-09 CVE-2014-5163
* The RLC dissector could crash.
wnpa-sec-2014-10 CVE-2014-5164
* The ASN.1 BER dissector could crash.
wnpa-sec-2014-11 CVE-2014-5165
wireshark-1.10.9-fix.patch
-------------------------------------------------------------------
Mon Mar 24 06:02:30 UTC 2014 - cyliu@suse.com
- update to 1.8.13 [bnc#867485]
+ vulnerabilities fixed:
* The NFS dissector could crash
wnpa-sec-2014-01 CVE-2014-2281
* The RLC dissector could crash
wnpa-sec-2014-03 CVE-2014-2283
* The MPEG file parser could overflow a buffer
wnpa-sec-2014-04 CVE-2014-2299
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.13.html
- remove patch for CVE-2013-7113, already included in 1.8.13
- wireshark-CVE-2013-7113.patch
-------------------------------------------------------------------
Tue Mar 4 06:13:54 UTC 2014 - cyliu@suse.com
- CVE-2013-7113 [bnc#856495]
wireshark-CVE-2013-7113.patch
-------------------------------------------------------------------
Thu Dec 20 06:26:37 UTC 2013 - cyliu@suse.com
- update to 1.8.12 [bnc#855980, bnc#856496, bnc#856498]
+ vulnerabilities fixed:
* The SIP dissector could go into an infinite loop.
wnpa-sec-2013-66 CVE-2013-7112
* The NTLMSSP v2 dissector could crash. Discovered by Garming Sam.
wnpa-sec-2013-68 CVE-2013-7114
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html
-------------------------------------------------------------------
Tue Nov 5 05:34:43 UTC 2013 - cyliu@suse.com
- update to 1.8.11 [bnc#848738]
+ vulnerabilities fixed:
* The IEEE 802.15.4 dissector could crash.
wnpa-sec-2013-61 CVE-2013-6336
* The NBAP dissector could crash. Discovered by Laurent Butti.
wnpa-sec-2013-62 CVE-2013-6337
* The SIP dissector could crash.
wnpa-sec-2013-63 CVE-2013-6338
* The OpenWire dissector could go into a large loop. Discovered by Murali.
wnpa-sec-2013-64 CVE-2013-6339
* The TCP dissector could crash.
wnpa-sec-2013-65 CVE-2013-6340
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.11.html
- update to 1.8.10 [bnc#839607]
+ vulnerabilities fixed:
* The NBAP dissector could crash.
wnpa-sec-2013-55 CVE-2013-5718
* The ASSA R3 dissector could go into an infinite loop.
wnpa-sec-2013-56 CVE-2013-5719
* The RTPS dissector could overflow a buffer.
wnpa-sec-2013-57 CVE-2013-5720
* The MQ dissector could crash.
wnpa-sec-2013-58 CVE-2013-5721
* The LDAP dissector could crash.
wnpa-sec-2013-59 CVE-2013-5722
* The Netmon file parser could crash.
wnpa-sec-2013-60
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.10.html
-------------------------------------------------------------------
Tue Aug 6 18:28:23 UTC 2013 - cyliu@suse.com
- update to 1.8.9 [bnc#831718]
+ vulnerabilities fixed:
* The Bluetooth SDP dissector could go into a large loop
CVE-2013-4927 wnpa-sec-2013-45
* The DIS dissector could go into a large loop
CVE-2013-4929 wnpa-sec-2013-47
* The DVB-CI dissector could crash
CVE-2013-4930 wnpa-sec-2013-48
* The GSM RR dissector (and possibly others) could go into a large loop
CVE-2013-4931 wnpa-sec-2013-49
* The GSM A Common dissector could crash
CVE-2013-4932 wnpa-sec-2013-50
* The Netmon file parser could crash
CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-51
* The ASN.1 PER dissector could crash
CVE-2013-4935 wnpa-sec-2013-52
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html
-------------------------------------------------------------------
Fri Jun 21 21:58:21 UTC 2013 - cyliu@suse.com
- update to 1.8.8 [bnc#824900]
+ vulnerabilities fixed:
* The CAPWAP dissector could crash.
wnpa-sec-2013-32 CVE-2013-4074
* The GMR-1 BCCH dissector could crash.
wnpa-sec-2013-33 CVE-2013-4075
* The PPP dissector could crash.
wnpa-sec-2013-34 CVE-2013-4076
* The NBAP dissector could crash.
wnpa-sec-2013-35 CVE-2013-4077
* The RDP dissector could crash.
wnpa-sec-2013-36 CVE-2013-4078
* The GSM CBCH dissector could crash.
wnpa-sec-2013-37 CVE-2013-4079
* The Assa Abloy R3 dissector could consume excessive memory and CPU.
wnpa-sec-2013-38 CVE-2013-4080
* The HTTP dissector could overrun the stack.
wnpa-sec-2013-39 CVE-2013-4081
* The Ixia IxVeriWave file parser could overflow the heap.
wnpa-sec-2013-40 CVE-2013-4082
* The DCP ETSI dissector could crash.
wnpa-sec-2013-41 CVE-2013-4083
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
-------------------------------------------------------------------
Mon May 27 20:31:04 UTC 2013 - cyliu@suse.com
- update to 1.8.7 [bnc#813217, bnc#820973]
+ vulnerabilities fixed:
* The RELOAD dissector could go into an infinite loop.
wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487
* The GTPv2 dissector could crash.
wnpa-sec-2013-24
* The ASN.1 BER dissector could crash.
wnpa-sec-2013-25
* The PPP CCP dissector could crash.
wnpa-sec-2013-26
* The DCP ETSI dissector could crash.
wnpa-sec-2013-27
* The MPEG DSM-CC dissector could crash.
wnpa-sec-2013-28
* The Websocket dissector could crash.
wnpa-sec-2013-29
* The MySQL dissector could go into an infinite loop.
wnpa-sec-2013-30
* The ETCH dissector could go into a large loop.
wnpa-sec-2013-31
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
- bug fixes
- bnc#816517: 'Save As' Nokia libpcap corrupting the file
wireshark-nokia.patch
- bnc#816887: wireshark crashed in 'SCTP' -> 'Prepare Filter for this
Association'
wireshark-sctp.patch
-------------------------------------------------------------------
Mon Mar 11 06:55:32 UTC 2013 - cyliu@suse.com
- update to 1.8.6 [bnc#807942]
+ vulnerabilities fixed:
* The TCP dissector could crash.
wnpa-sec-2013-10 CVE-2013-2475
* The HART/IP dissectory could go into an infinite loop.
wnpa-sec-2013-11 CVE-2013-2476
* The CSN.1 dissector could crash.
wnpa-sec-2013-12 CVE-2013-2477
* The MS-MMS dissector could crash.
wnpa-sec-2013-13 CVE-2013-2478
* The MPLS Echo dissector could go into an infinite loop.
wnpa-sec-2013-14 CVE-2013-2479
* The RTPS and RTPS2 dissectors could crash.
wnpa-sec-2013-15 CVE-2013-2480
* The Mount dissector could crash.
wnpa-sec-2013-16 CVE-2013-2481
* The AMPQ dissector could go into an infinite loop.
wnpa-sec-2013-17 CVE-2013-2482
* The ACN dissector could attempt to divide by zero.
wnpa-sec-2013-18 CVE-2013-2483
* The CIMD dissector could crash.
wnpa-sec-2013-19 CVE-2013-2484
* The FCSP dissector could go into an infinite loop.
wnpa-sec-2013-20 CVE-2013-2485
* The RELOAD dissector could go into an infinite loop.
wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487
* The DTLS dissector could crash.
wnpa-sec-2013-22 CVE-2013-2488
+ Further bug fixes and updated protocol support as listed in:
http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
-------------------------------------------------------------------
Fri Feb 1 14:46:25 UTC 2013 - cyliu@suse.com
- update to 1.8.5 [bnc#801131]
+ vulnerabilities fixed:
* Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI
DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS,
SDP, and SIP dissectors
wnpa-sec-2013-01 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574
CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578
CVE-2013-1579 CVE-2013-1580 CVE-2013-1581
* The CLNP dissector could crash
wnpa-sec-2013-02 CVE-2013-1582
* The DTN dissector could crash
wnpa-sec-2013-03 CVE-2013-1583 CVE-2013-1584
* The MS-MMC dissector (and possibly others) could crash
wnpa-sec-2013-04 CVE-2013-1585
* The DTLS dissector could crash
wnpa-sec-2013-05 CVE-2013-1586
* The ROHC dissector could crash
wnpa-sec-2013-06 CVE-2013-1587
* The DCP-ETSI dissector could corrupt memory
wnpa-sec-2013-07 CVE-2013-1588
* The Wireshark dissection engine could crash
wnpa-sec-2013-08 CVE-2013-1589
* The NTLMSSP dissector could overflow a buffer
wnpa-sec-2013-09 CVE-2013-1590
+ Further bug fixes and updated protocol support as listed in:
http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html
-------------------------------------------------------------------
Wed Dec 5 03:15:01 UTC 2012 - cyliu@suse.com
- update to 1.8.4 [bnc#792005]
+ vulnerabilities fixed:
* Wireshark could leak potentially sensitive host name
resolution information when working with multiple pcap-ng
files.
wnpa-sec-2012-30 CVE-2012-5592
* The USB dissector could go into an infinite loop.
wnpa-sec-2012-31 CVE-2012-5593
* The sFlow dissector could go into an infinite loop.
wnpa-sec-2012-32 CVE-2012-5594
* The SCTP dissector could go into an infinite loop.
wnpa-sec-2012-33 CVE-2012-5595
* The EIGRP dissector could go into an infinite loop.
wnpa-sec-2012-34 CVE-2012-5596
* The ISAKMP dissector could crash.
wnpa-sec-2012-35 CVE-2012-5597
* The iSCSI dissector could go into an infinite loop.
wnpa-sec-2012-36 CVE-2012-5598
* The WTP dissector could go into an infinite loop.
wnpa-sec-2012-37 CVE-2012-5599
* The RTCP dissector could go into an infinite loop.
wnpa-sec-2012-38 CVE-2012-5600
* The 3GPP2 A11 dissector could go into an infinite loop.
wnpa-sec-2012-39 CVE-2012-5601
* The ICMPv6 dissector could go into an infinite loop.
wnpa-sec-2012-40 CVE-2012-5602
+ Further bug fixes and updated protocol support as listed in:
http://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html
-------------------------------------------------------------------
Fri Aug 31 03:24:32 UTC 2012 - bjzhang@suse.com
- update to 1.4.15
- fix bnc#776038(CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296,
CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290), bnc#772738
(CVE-2012-4048, CVE-2012-4049)(fixed upstream)
- Security fixes:
- wnpa-sec-2012-13 The DCP ETSI dissector could trigger a zero division.
Reported by Laurent Butti. (Bug 7566)
- wnpa-sec-2012-15 The XTP dissector could go into an infinite loop.
Reported by Ben Schmidt. (Bug 7571)
- wnpa-sec-2012-17 The AFP dissector could go into a large loop. Reported by
Stefan Cornelius. (Bug 7603)
- wnpa-sec-2012-18 The RTPS2 dissector could overflow a buffer. Reported by
Laurent Butti. (Bug 7568)
- wnpa-sec-2012-20 The CIP dissector could exhaust system memory. Reported by
Ben Schmidt. (Bug 7570)
- wnpa-sec-2012-21 The STUN dissector could crash. Reported by Laurent Butti.
(Bug 7569)
- wnpa-sec-2012-22 The EtherCAT Mailbox dissector could abort. Reported by
Laurent Butti. (Bug 7562)
- wnpa-sec-2012-23 The CTDB dissector could go into a large loop. Reported by
Ben Schmidt. (Bug 7573)
- Bug fixes:
- Wireshark crashes on opening very short NFS pcap file. (Bug 7498)
- Updated Protocol Support
- AFP, Bluetooth L2CAP, CIP, CTDB, DCP ETSI, EtherCAT Mailbox, FC Link Control
LISP, NFS, RTPS2, SCTP, STUN, XTP
-------------------------------------------------------------------
Mon May 28 09:11:24 UTC 2012 - bjzhang@suse.com
- update to 1.4.13
- fix bnc#763855(CVE-2012-2392), bnc#763857(CVE-2012-2393), bnc#763859(CVE-2012-2394)(fixed upstream)
- Security fixes:
- wnpa-sec-2012-08 Infinite and large loops in the ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed. Discovered by Laurent Butti. (Bugs 7118, 7119, 7121, 7122, 7124, 7125)
- wnpa-sec-2012-09 The DIAMETER dissector could try to allocate memory improperly and crash. (Bug 7138)
- wnpa-sec-2012-10 Wireshark could crash on SPARC processors due to misaligned memory. Discovered by Klaus Heckelmann. (Bug 7221)
- Bug fixes:
- User-Password - PAP decoding passwords longer than 16 bytes. (Bug 6779)
- Wireshark error message for failure to open an rpcap: URL for a remote device is malformed. (Bug 6922)
- Wireshark doesn't calculate the right IPv4 destination using source routing options when bad options precede them. (Bug 7043)
- Wrong values in DNS CERT RR. (Bug 7130)
- Updated Protocol Support
- ANSI MAP, BACapp, Bluetooth HCI, DIAMETER, DNS, IPv4, RADIUS
- New and Updated Capture File Support
- 5View, pcap-ng
-------------------------------------------------------------------
Mon Apr 16 07:16:00 UTC 2012 - bjzhang@suse.com
- update to 1.4.12
- fix bnc#754474(CVE-2012-1596), bnc#754476(CVE-2012-1593), bnc#754477(CVE-2012-1595)(fixed upstream)
- Security fixes:
- wnpa-sec-2012-04 The ANSI A dissector could dereference a NULL pointer
and crash. (Bug 6823)
- wnpa-sec-2012-06 The pcap and pcap-ng file parsers could crash trying to
read ERF data. (Bug 6804)
- wnpa-sec-2012-07 The MP2T dissector could try to allocate too much memory
and crash. (Bug 6804)
- The Windows installers now include GnuTLS 1.12.18, which fixes
several vulnerabilities.
- Bug fixes:
- Some PGM options are not parsed correctly. (Bug 5687)
- dumpcap crashes when capturing from pipe to a pcap-ng file
(e.g., when passing data from CACE Pilot to Wireshark). (Bug
5939)
- No error for UDP/IPv6 packet with zero checksum. (Bug 6232)
- packetBB dissector bug: More than 1000000 items in the tree --
possible infinite loop. (Bug 6687)
- Ethernet traces in K12 text format sometimes give bogus
"malformed frame" errors and other problems. (Bug 6735)
- non-IPP packets to or from port 631 are dissected as IPP. (Bug
6765)
- IAX2 dissector reads past end of packet for unknown IEs. (Bug
6815)
- Pcap-NG files with SHB options longer than 100 bytes aren't
recognized as pcap-NG files, and options longer than 100 bytes
in other blocks aren't handled either. (Bug 6846)
- Patch to fix DTLS decryption. (Bug 6847)
- Expression... dialog is crash. (Bug 6891)
- ISAKMP : VendorID CheckPoint : Malformed Packet. (Bug 6972)
- Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
(Bug 7000)
- MySQL dissector assertion. (Ask 8649)
Updated Protocol Support
HTTP, ISAKMP, MySQL, PacketBB, PGM, TCP, UDP
New and Updated Capture File Support
Endace ERF, Pcap-NG.
-------------------------------------------------------------------
Mon Jan 16 04:03:51 UTC 2012 - cyliu@suse.com
- update to 1.4.11
- fix bnc#741187, bnc#741188, bnc#741190 (fixed upstream)
- Security fixes:
- wnpa-sec-2012-01 Laurent Butti discovered that Wireshark failed to
properly check record sizes for many packet capture file formats.
(Bug 6663, bug 6666, bug 6667, bug 6668, bug 6669, bug 6670)
- wnpa-sec-2012-02 Wireshark could dereference a NULL pointer and
crash. (Bug 6634)
- wnpa-sec-2012-03 The RLC dissector could overflow a buffer. (Bug 6391)
- Bug fixes:
- "Closing File!" Dialog Hangs. (Bug 3046)
- Sub-fields of data field should appear in exported PDML as children
of the data field instead of as siblings to it. (Bug 3809)
- Patch to fix memory leaks/errors in Lua plugin. (Bug 5575)
- Incorrect time differences displayed with time reference set. (Bug 5580)
- Wrong packet type association of SNMP trap after TFTP transfer. (Bug 5727)
- Export HTTP Objects -> save all crashes Wireshark. (Bug 6250)
- Wireshark crashes if a field of type BASE_CUSTOM is applied as a column.
(Bug 6503)
- Filter Expression dialog can only be opened once. (Bug 6537)
- 80211 QoS Control: Add Raw TID. (Bug 6548)
- CAPWAP dissector tries to allocate -1 bytes of memory during reassembly.
(Bug 6555)
- IPv6 frame containing routing header with 0 segments left calculates wrong
UDP checksum. (Bug 6560)
- IPv4 UDP/TCP Checksum incorrect if routing header present. (Bug 6561)
- Incorrect Parsing of SCPS Capabilities Option introduced in response to bug
6194. (Bug 6562)
- Add more length checks for integer values in SNMP variable bindings.
(Bug 6564)
- UCP dissector bug of operation 61. (Bug 6570)
- Various crashes after loading NetMon2.x capture file. (Bug 6578)
- SIGSEGV in SVN 40046. (Bug 6634)
- Wireshark dissects TCP option 25 as an "April 1" option. (Bug 6643)
- ZigBee ZCL Dissector reports invalid status. (Bug 6649)
- Large packet length crashes Wireshark. (Bug 6663)
- 5views capture file that crashes wireshark. (Bug 6666)
- i4b capture file that crashes wireshark. (Bug 6667)
- iptrace capture file that crashes wireshark. (Bug 6668)
- netmon2 capture file that crashes wireshark. (Bug 6669)
- novell capture file that crashes wireshark. (Bug 6670)
- [UDP] - Length Field of Pseudo Header while computing CheckSum is not
correct. (Bug 6711)
- pcapio.c: bug in libpcap_write_interface_description_block. (Bug 6719)
- Updated Protocol Support
- CAPWAP, HTTP, IEEE 802.11, IPv4, IPv6, RLC, SNMP, TCP, TFTP, ZigBee ZCL
-------------------------------------------------------------------
Tue Nov 8 03:46:43 UTC 2011 - cyliu@suse.com
- update to 1.4.10
- Security fixes:
- wnpa-sec-2011-18 Huzaifa Sidhpurwala of Red Hat Security
Response Team discovered that the Infiniband dissector could
dereference a NULL pointer. (Bug 6476)
- wnpa-sec-2011-19 Huzaifa Sidhpurwala of Red Hat Security
Response Team discovered a buffer overflow in the ERF file
reader. (Bug 6479)
- Bug fixes:
- Assertion failed when doing File->Quit->Save during live
capture. (Bug 1710)
- Wrong PCEP XRO sub-object decoding. (Bug 3778)
- Decoding [Status Records] Timestamp Sequence Field in Bundle
Protocol fails if over 32 bits. (Bug 4109)
- wireshark-1.4.2 crashes when testing the example python
dissector because of a dissector count assertion. (Bug 5431)
- Wireshark crashes when attempting to open a file via drag & drop
when there's already a file open. (Bug 5987)
- Add the ability to save filters from the Filter Toolbar into buttons
on the Filter Toolbar. (Bug 6207)
- Adding and removing custom HTTP headers requires a restart. (Bug 6241)
- Can't read full 64-bit SNMP values. (Bug 6295)
- BACnet property time-synchronization-interval (204) name shown
incorrectly as time-synchronization-recipients. (Bug 6336)
- [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347)
- Export->Object->HTTP-> save all: Error on saving files. (Bug 6362)
- Incorrect identification of UDP-encapsulated NAT-keepalive
packets. (Bug 6414)
- S1AP protocol can't decode IPv6 transportLayerAddress. (Bug 6435)
- RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
(Bug 6449)
- packet-ajp13 fix, cleanup, and enhancement. (Bug 6452)
- Network Instruments Observer file format bugs. (Bug 6453)
- Wireshark crashes when using "Open Recent" 2 times in a row. (Bug 6457)
- Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data
Header. (Bug 6469)
- wireshark unable to decode NetFlow options which have system scope
size != 4 bytes. (Bug 6471)
- Display filter Expression Dialog Box Error. (Bug 6472)
- Updated protocol support:
- AJP13, ASN.1 PER, BACapp, DTN, GSM SMS, Infiniband, IPsec, NetFlow,
PCEP, RTPS2
- update to 1.4.9
- Security fixes:
- wnpa-sec-2011-13 A malformed IKE packet could consume excessive
resources.
- wnpa-sec-2011-14 A malformed capture file could result in an invalid
root tvbuff and cause a crash. (Bug 6135) CVE-2011-3266
- wnpa-sec-2011-15 Wireshark could run arbitrary Lua scripts. (Bug 6136)
- Bug fixes:
- Unable to configure zero length SNMP Engine ID. (Bug 5731)
- H.323 RAS packets missing from packet counts in "Telephony->VoIP
Calls" and the "Flow Graph" for the call. (Bug 5848)
- Malformed Packet in decode for BGP-AD update. (Bug 6122)
- BGP : AS_PATH attribute was decode wrong. (Bug 6188)
- Fixes for SCPS TCP option. (Bug 6194)
- Offset calculated incorrectly for sFlow extended data. (Bug 6219)
- [Enter] key behavior varies when manually typing display filters.
(Bug 6228)
- Contents of pcapng EnhancedPacketBlocks with comments aren't
displayed. (Bug 6229)
- Misdecoding 3G Neighbour Cell Information Element in SI2quater
message due to a coding typo. (Bug 6237)
- Mis-spelled word "unknown" in assorted files. (Bug 6244)
- btl2cap extended window shows wrong bit. (Bug 6257)
- NDMP dissector incorrectly represents "ndmp.bytes_left_to_read"
as signed. (Bug 6262)
- ERF records with extension headers not written out correctly to
pcap or pcap-ng files. (Bug 6265)
- RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276)
- Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
- File types with no snaplen written out with a zero snaplen in pcap-ng
files. (Bug 6289)
- MEGACO context tracking fix - context id reuse. (Bug 6311)
- Updated protocol support:
- BGP, Bluetooth L2CAP, GSM A RR, H.225, IKE, MEGACO, NDMP, RTPS2, SCPS,
sFlow, SNMP
- New and Updated capture file suppport:
- CommView, pcap-ng.
- update to 1.4.8
- Security fixes:
- CVE-2011-2597 The Lucent/Ascend file parser was susceptible to an
infinite loop.
- The ANSI MAP dissector was susceptible to an infinite loop. (Bug 6044)
- Bug fixes:
- TCP dissector doesn't decode TCP segments of length 1. (Bug 4716)
- Wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
- Missing LUA function. (Bug 5006)
- Lua API description about creating a new Tvb from a bytearray is not
correct in wireshark's user guide. (Bug 5199)
- sflow decode error for some extended formats. (Bug 5379)
- White space in protocol field abbreviation causes runtime failure
while registering Lua dissector. (Bug 5569)
- "File not found" box uses wrong filename encoding. (Bug 5715)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many.
(Bug 5803)
- Wireshark crashes if Lua contains "Pref.range()" with missing
arguments. (Bug 5895)
- The "range" field in Lua's "Pref.range()" serves as default while
the "default" field does nothing. (Bug 5896)
- Wireshark crashes when calling TreeItem:set_len() on TreeItem
without tvb. (Bug 5941)
- TvbRange_string(lua_State* L) call a wrong function. (Bug 5960)
- VoIP call flow graph displays BICC APM as a BICC ANM. (Bug 5966)
- H323 rate multiplier wrong. (Bug 6009)
- tshark crashes when loading Lua script that contains GUI function.
(Bug 6018)
- 802.11 Disassociation Packet's "Reason Code" field is imprecisely
decoded/described. (Bug 6022)
- Wireshark crashes when setting custom column's field name with
conditional. (Bug 6028)
- GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
- The SSL dissector can not resemble correctly the frames after TCP
zero window probe packet. (Bug 6059)
- Packet parser takes too long for this trace. (Bug 6073)
- 802.11 Association Response Packet's "Status Code" field is
imprecisely decoded/described. (Bug 6093)
- Wireshark 1.6.0 and Python support: installer fails to create the
wspy_dissectors subdirectory and . (Bug 6110)
- Wireshark crash during RTP stream analysis. (Bug 6120)
- Tshark custom columns: Why don't I get an error message? (Bug 6131)
- Updated protocol support:
- ANSI MAP, GIOP, H.323, IEEE 802.11, MSRP, RPCAP, sFlow, TCP
- New and Updated capture file suppport:
- Lucent/Ascend
- update to 1.4.7
- Security fixes:
- Large/infinite loop in the DICOM dissector. (Bug 5876)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Diameter dictionary file could crash Wireshark.
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark. (Bug 5912)
- David Maciejak of Fortinet's FortiGuard Labs discovered that malformed
compressed capture data could crash Wireshark. (Bug 5908)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
- Bug fixes:
- AIM dissector has some endian issues. (Bug 5464)
- Telephony->MTP3->MSUS doesn't display window. (Bug 5605)
- Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7")
packets. (Bug 5817)
- Service Indicator in M3UA protocol data. (Bug 5834)
- IEC60870-5-104 protocol, incorrect decoding of timestamp type
CP56Time2a. (Bug 5889)
- DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF
_FDCTR_16NF. (Bug 5920)
- 3GPP QoS: Traffic class is not decoded properly. (Bug 5928)
- Wireshark crashes when creating ProtoField.framenum in Lua. (Bug 5930)
- Fix a wrong mask to extract FMID from DECT packets dissector. (Bug 5947)
- Incorrect DHCPv6 remote identifier option parsing. (Bug 5962)
- Updated protocol support:
- DICOM, IEC104, M3UA, TCP
- New and Updated capture file suppport:
- Network Monitor
- update to 1.4.6
- Security fixes:
- The NFS dissector could crash on Windows.
- The X.509if dissector could crash
- Bug fixes:
- Cygwin make fails after updating to bash v 4.1.9.2
- Export HTTP > All - System Appears Hung (but isn't).
- Some HTTP responses don't decode with TCP reassembly on.
- Wireshark crashes when cancelling a large sort operation.
- Wireshark crashes if SSL preferences RSA key is actually a
DSA key.
- tshark incorrectly calculates TCP stream for some syn packets
- Wireshark not able to decode the PPP frame in a sflow
(RFC3176) flow sample packet because Wireshark incorrectly
read the protocol in PPP frame header. (Bug 5746)
- Mysql protocol dissector: all fields should be little endian.
- Error when opening snoop from Juniper SSG-140.
- svnversion: command not found.
- Value of TCP segment data cannot be copied.
- proto_field_is_referenced() is not exported in
libwireshark.dll
- Wireshark ver. 1.4.4 not displayed "Granted QoS" field in a
A11 packet.
- Updated protocol support:
- HTTP, LDAP, MySQL, NFS, sFlow, SSL, TCP
- update to 1.4.5
- Security fixes:
- The NFS dissector could crash on Windows. (Bug 5209)
- The X.509if dissector could crash. (Bug 5754, Bug 5793)
- DECT dissector could overflow a buffer. This could allow
remote code execution on many platforms.
- Bug fixes:
- Export HTTP > All - System Appears Hung (but isn't). (Bug 1671)
- Some HTTP responses don't decode with TCP reassembly on. (Bug 3785)
- Wireshark crashes when cancelling a large sort operation. (Bug 5189)
- Wireshark crashes if SSL preferences RSA key is actually a
DSA key. (Bug 5662)
- wireshark incorrectly calculates TCP stream for some syn
packets. (Bug 5743)
- Wireshark not able to decode the PPP frame in a sflow (RFC3176) flow
sample packet because Wireshark incorrectly read the protocol in
PPP frame header. (Bug 5746)
- Mysql protocol dissector: all fields should be little endian. (Bug 5759)
- Error when opening snoop from Juniper SSG-140. (Bug 5762)
- svnversion: command not found. (Bug 5798)
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many. (Bug 5803)
- Value of TCP segment data cannot be copied. (Bug 5811)
- proto_field_is_referenced() is not exported in libwireshark.dll. (Bug 5816)
- Wireshark ver. 1.4.4 not displayed "Granted QoS" field in a
A11 packet. (Bug 5822)
- Updated Protocol Support
- HTTP, LDAP, MySQL, NFS, sFlow, SSL, TCP
- Drop patches (fixed upstream):
+ wireshark-1.6.2-CVE-2011-3483.patch
+ wireshark-1.6.2-CVE-2011-3360.patch
+ wireshark-1.6.2-CVE-2011-3266.patch
+ wireshark-1.4.8-CVE-2011-2698.patch
+ wireshark-1.4.8-CVE-2011-2597.patch
+ wireshark-1.2.17-CVE-2011-2175.patch
+ wireshark-1.2.17-CVE-2011-2174.patch
+ wireshark-1.2.17-CVE-2011-1959.patch
+ wireshark-1.2.17-CVE-2011-1958.patch
+ wireshark-1.2.17-CVE-2011-1957.patch
+ wireshark-1.4.4-CVE-2011-1590.patch
+ wireshark-1.4.4-CVE-2011-1591.patch
+ wireshark-1.4.4-CVE-2011-1592.patch
-------------------------------------------------------------------
Mon Sep 26 14:07:31 CST 2011 - cyliu@novell.com
- security fixes (#bnc 718032)
* CVE-2011-3266: Wireshark IKE dissector vulnerability
* CVE-2011-3360: Wireshark Lua script execution vulnerability
* CVE-2011-3483: Wireshark buffer exception handling vulnerability
-------------------------------------------------------------------
Wed Aug 10 06:25:28 UTC 2011 - cyliu@novell.com
- security fixes (#bnc 706728)
* CVE-2011-2597: Lucent/Ascend file parser susceptible to infinite loop
* CVE-2011-2698: ANSI MAP dissector susceptible to infinite loop
-------------------------------------------------------------------
Mon Jul 18 07:43:08 UTC 2011 - cyliu@novell.com
- security fixes [#bnc 697516]
* CVE-2011-1957: Large/infinite loop in the DICOM dissector
* CVE-2011-1959: A corrupted snoop file could crash Wireshark
* CVE-2011-2174: Malformed compressed capture data could crash Wireshark
* CVE-2011-2175: A corrupted Visual Networks file could crash Wireshark
* CVE-2011-1958: dereferene a NULL pointer if we had a corrupted Diameter
dictionary
-------------------------------------------------------------------
Tue Apr 26 09:11:54 UTC 2011 - cyliu@novell.com
- security fixes [#bnc 688109]
* CVE-2011-1590: Use of un-initialised variables
* CVE-2011-1592: Crash in NFS dissector on Windows
* CVE-2011-1591: Buffer overflow in DECT dissector
-------------------------------------------------------------------
Tue Mar 8 10:59:35 CST 2011 - cyliu@novell.com
- updated to 1.4.4
* security fixes
o The DOCSIS dissector could crash (CVE-2010-1455, bnc#603251)
o The SigComp Universal Decompressor Virtual Machine could
overrun a buffer. (CVE-2010-2995, bnc#630599)
o The GSM A RR dissector could crash. (CVE-2010-2992, bnc#630599)
o ASN.1 BER dissector could overrun the stack.
(CVE-2010-2994, bnc#630599)
o The IPMI dissector could go into an infinite loop.
(CVE-2010-2993, bnc#630599)
o Crash when receiving a malformed SNMP packet
(CVE-2010-3445, bnc#643078)
o Multiple buffer overflow and dereference vulnerabilities
(bnc#655121)
o LDSS dissector overflow (CVE-2010-4300, bnc#655448)
o ZCL dissector infinite loop (CVE-2010-4301, bnc#655448)
o Buffer overflows in ENTTEC DMX Data RLE and others
(CVE-2010-4538, bnc#662029)
o Freeing uninitialized pointer (CVE-2011-0538, bnc#669908)
o dct3trace buffer overflow (CVE-2011-0713, bnc#672916)
o Off-by-one in dissect_6lowpan_iphc (CVE-2011-1138, bnc#678567)
o Crash via corrupted pcap file (CVE-2011-1139, bnc#678568)
o Crash via SMB or CLDAP packet (CVE-2011-1140, bnc#678569)
o Crash in NTLMSSP via crafted pcap file (CVE-2011-1143, bnc#678571)
o Wireshark pcap buffer overflow (CVE-2011-0024, bnc#683335)
* Updated Protocol Support
ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM
Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow,
NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
* New and Updated Capture File Support
LANalyzer, Nokia DCT3, Pcap-ng
-------------------------------------------------------------------
Fri May 14 18:48:54 CEST 2010 - prusnak@suse.cz
- fixed CVE-2010-1455 [bnc#603251]
-------------------------------------------------------------------
Mon Feb 1 14:05:51 CET 2010 - prusnak@suse.cz
- fixed CVE-2009-4377 and CVE-2010-0304 [bnc#565902]
-------------------------------------------------------------------
Wed Nov 25 14:11:32 CET 2009 - prusnak@suse.cz
- fix CVE-2009-3829 (CVE-2009-3829.patch) [bnc#553215]
-------------------------------------------------------------------
Mon Nov 2 15:45:43 CET 2009 - prusnak@suse.cz
- fix CVE-2009-3549 (CVE-2009-2560.patch) [bnc#550320]
- fix CVE-2009-3550 (CVE-2009-3550.patch) [bnc#550320]
-------------------------------------------------------------------
Wed Aug 12 14:06:34 CEST 2009 - prusnak@suse.cz
- fixed CVE-2009-2562 (CVE-2009-2562.patch) [bnc#523718]
-------------------------------------------------------------------
Fri May 22 13:46:27 CEST 2009 - prusnak@suse.cz
- fixed PCNFSD dissector crash (pcnfsd.patch) [bnc#505914]
-------------------------------------------------------------------
Mon Apr 20 17:46:08 CEST 2009 - prusnak@suse.cz
- security fixes [bnc#493584]
* CVE-2009-1210and1266.patch - format string overflow
* CVE-2009-1267 - crash in LDAP dissector
* CVE-2009-1268 - crash in CPHAP dissector
* CVE-2009-1269 - crash while loading Tektronix .rf5 file
-------------------------------------------------------------------
Wed Dec 17 15:22:40 CET 2008 - prusnak@suse.cz
- updated to 1.0.5
* security fixes
o The SMTP dissector could consume excessive amounts of CPU
and memory
o The WLCCP dissector could go into an infinte loop
* bug fixes
o Missing CRLF during HTTP POST in the "packet details" window
(Bug 2534)
o Memory assertion in time_secs_to_str_buf() when compiled
with GCC 4.2.3 (Bug 2777)
o Diameter dissector fails RFC 4005 compliance (Bug 2828)
o LDP vendor private TLV type is not correctly shown (Bug 2832)
o Wireshark on MacOS does not run when there are spaces in
its path (Bug 2844)
o OS X Intel package incorrectly claims to be Universal (Bug 2979)
o Compilation broke when compiling without zlib (Bug 2993)
o Memory leaks (Bugs 3017 ... 3022, 3079)
o Incorrect address structure assigned for find_conversation()
in WSP (Bug 3071)
o Error parsing the BSSGP protocol (Bug 3085)
o Assertion thrown in fvalue_get_uinteger when decoding TIPC
(Bug 3086)
o LUA script : Wireshark crashes after closing and opening again
a window used by a listener.draw() function. (Bug 3090)
* Updated Protocol Support
ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP,
MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066,
TACACS, TIPC, WLCCP, WSP
-------------------------------------------------------------------
Mon Nov 24 16:13:47 CET 2008 - prusnak@suse.cz
- fix wireshark freeze when closing capture window [bnc#417850]
(sigpipe-block.patch)
- don't show warning when running as root [bnc#349782]
- altered .desktop file to run wireshark gui as root automatically
-------------------------------------------------------------------
Tue Nov 4 14:04:16 CET 2008 - prusnak@suse.cz
- updated to 1.0.4
* security fixes
o Florent Drouin and David Maciejak found that the Bluetooth ACL
dissector could crash or abort. (Bug 1513)
o The Q.931 dissector could crash or abort. (Bug 2870)
o Wireshark could abort while reading Tamos CommView capture
files. (Bug 2926)
o David Maciejak found that the USB dissector could crash or
abort. This led to the disovery of a similar problem in the
Bluetooth RFCOMM dissector. (Bug 2922)
o Vivek Gupta and David Maciejak found that the PRP and MATE
dissectors could make Wireshark crash. (Neither PRP nor MATE
are enabled by default.) (Bug 2549)
* bug fixes
o Let MP2T call its subdissectors, even without tree (Bug 2627)
o Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
(Bug 2685)
o Failure to dissect long SASL wrapped LDAP response (Bug 2687)
o Fix compiler warnings (Bug 2823)
o Homeplug dissection bugs (Bug 2859)
o Malformed Packet DCP ETSI error (Bug 2860)
o Wrong size of selected_registrar in WPS dissector (Bug 2865)
o Dissector assertion displaying cookies in DTLS frames (Bug
2876)
o Missing field type in documentation (Bug 2889)
o Wireshark -p switch seems to have no effect to PROMISCUOUS
mode (Bug 2891)
o Misspelled PPI error vector magnitude filter (Bug 2903)
o Modbus Function 43 Encapsulated Interface Transport decoding
(Bug 2917)
o Crash when printing or exporting some protocol data (Bug 2934)
o Crash when selecting "Export Selected Packet Bytes" (Bug 2964)
* updated protocol support
AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug,
IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL,
SNMP, USB, WPS
* new and updated capture file support
AiroPeek, CommView
-------------------------------------------------------------------
Thu Sep 4 17:58:51 CEST 2008 - prusnak@suse.cz
- updated to 1.0.3 - bug fixes:
o The NCP dissector was susceptible to a number of problems,
including buffer overflows and an infinite loop.
o Wireshark could crash while uncompressing zlib-compressed
packet data.
o Wireshark could crash while reading a Tektronix .rf5 file.
o 802.11 WPA/WPA2-PSK Unable to decode Group Keys. (Bug 1420)
o Packets could wrongly be dissected as "Redback Lawful
Intercept" (Bug 2376)
o MIKEY dissector improvements (Bug 2400)
o tvb_get_bits{16|32} could read past the end of a tvbuff (Bug
2439)
o Incorrect wslua function names. (Bug 2448)
o Memory corruption in wslua. (Bug 2453)
o Unknown PPPoE TAGs which are present in a PPPoE discovery
packet are not displayed under "PPPoE Tags" subtree/section.
(Bug 2458)
o Following a TCP stream could incorrectly reassemble packets.
(Bug 2606)
o SIP decode shows fully expanded "Content-Length" header
instead of compact form. (Bug 2635)
o Segmentation fault loading trace containing NCP packets. (Bug
2675)
o SIP packets might incorrectly be displayed as malformed. (Bug
2729)
o RTCP BYE padding interpreted incorrectly. (Bug 2778)
o Reversed RTP stream is saved as silent .au file, forward
stream saves correctly. (Bug 2780)
o Fix some lint warnings. (Bug 2822)
o Setting a duration on a capture file would capture for an
extra second.
-------------------------------------------------------------------
Wed Apr 2 11:30:51 CEST 2008 - prusnak@suse.cz
- updated to 1.0.0 \o/
* setcurity fixes:
o the X.509sat dissector could crash
o the Roofnet dissector could crash
o the LDAP dissector could crash
o the SCCP dissector could crash while using the "decode as" feature
* buf fixes:
o several SNMP-related bugs have been fixed
o several memory-related bugs have been fixed
* new protocol support:
IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol, RedBack
Lawful Intercept, Xcsl
* updated protocol support:
AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP
(renamed from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay,
EtherCAT, FIX, GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS,
JXTA, NCP, P_Mul, PCAP, PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP,
RTMPT, RTP, RX, SABP, SCSI OSD, sFlow, SMPP, SNMP, SSCOP, TAPA,
TIPC, TPNCP, UNISTIM, X.25, X.509sat, XML
* new and updated capture file support:
Hilscher Analyzer
- dropped patches:
* strncat.patch (obsoleted by update)
-------------------------------------------------------------------
Thu Feb 28 11:38:06 CET 2008 - prusnak@suse.cz
- updated to 0.99.8
* security fixes
o fixed crash in SCTP, SNMP and TFTP dissectors
The following bugs have been fixed:
o Wireshark could crash when:
- saving I/O graphs
- editing table-based preferences
- trying to play RTP streams.
- trying to apply a display filter macro
- using Turkish and other locales.
* new features:
o multiple configuration profiles
o temporary coloring rules (let you color or filter on a conversation)
o I/O graphs have been improved
o Wireshark now has WLAN traffic statistics
o the Wireshark GUI now supports RPCAP
o conversations and endopoints can now be limited to the current display filter
o experimental support for the NTAR/PcapNG file format
* new protocol support:
AiroPeek Remote Capture, China Mobile Point to Point, Distributed
Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
Foundation, International Passenger Airline Reservation
System/Airline Link Control, Microsoft DirectPlay, Path
Computation Element communication Protocol, Real Time Messaging
Protocol, S1 Application Protocol, Scripting Service Protocol,
Societe Internationale de Telecommunications Aeronautiques, Unisys
Transmittal System, Wi-fi Protected Setup,
* updated protocol support:
3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI
MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL,
HCI CMD, HCI EVT, HCI SCO, L2CAP, SDP), CDP, CFM, CMS, COPS,
Camel, Cisco ERSPAN, DAP, DCERPC SPOOLSS, DCERPC, DHCP, DHCPv6,
DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet,
FMP, FTAM, GMRP, GRE, GSM MAP, GSM SMS, GSS-API, GTP, Gryphon,
H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE
802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP,
MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM,
PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT
LCT, ROS, RPC, RPL, RRC, RTCP, RTP, SCCP, SCTP, SDP, SLL, SMB,
SMB2, SMPP, SMTP, SNMP, SRVLOC, SSL, STUN2, T.38, TCAP, TCP, TFTP,
TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420,
X.509if, X.509sat
* new and updated capture file support:
Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
Visual Networks
- removed obsolete patch:
* strptime.patch (included in update)
- added bison and flex to BuildRequires
-------------------------------------------------------------------
Thu Feb 21 04:51:57 CET 2008 - crrodriguez@suse.de
- fix -devel package dependencies
-------------------------------------------------------------------
Wed Jan 9 13:20:10 CET 2008 - prusnak@suse.cz
- fix strptime function inclusion (strptime.patch)
- do not package non linux READMEs
-------------------------------------------------------------------
Wed Dec 19 13:34:17 CET 2007 - prusnak@suse.cz
- updated to 0.99.7
* security fixes
o Wireshark could crash when reading an MP3 file.
o Beyond Security discovered that Wireshark could loop
excessively while reading a malformed DNP packet.
o Stefan Esser discovered a buffer overflow in the SSL
dissector.
o The ANSI MAP dissector could be susceptible to a buffer
overflow on some platforms.
o The Firebird/Interbase dissector could go into an infinite
loop or crash.
o The NCP dissector could cause a crash.
o The HTTP dissector could crash on some systems while decoding
chunked messages.
o The MEGACO dissector could enter a large loop and consume
system resources.
o The DCP ETSI dissector could enter a large loop and consume
system resources.
o Fabiodds discovered a buffer overflow in the iSeries (OS/400)
Communication trace file parser.
o The PPP dissector could overflow a buffer.
o The Bluetooth SDP dissector could go into an infinite loop.
o A malformed RPC Portmap packet could cause a crash.
o The IPv6 dissector could loop excessively.
o The USB dissector could loop excessively or crash.
o The SMB dissector could crash.
o The RPL dissector could go into an infinite loop.
o The WiMAX dissector could crash due to unaligned access on
some platforms.
o The CIP dissector could attempt to allocate a huge amount of
memory and crash.
* bug fixes
o Handling of non-ASCII file names and paths has been improved.
o Wireshark could crash while editing a coloring rule or a UAT
table.
o The display filter code could crash while bitwise ANDing an
IPv4 address.
* news and updates
o Most of the capture code has been moved out of the GUI, which
means that Wireshark no longer needs to be run as root.
o Many display filter names have been cleaned up. If your
favorite display filter just went missing, please consult the
display filter reference to find out where it ended up.
o You can now filter directly on SNMP OIDs.
o IO graphs have more display options, and you can now export
graphs.
o You can now follow UDP streams in addition to TCP and SSL
streams.
o You can now disable coloring rules without deleting them.
o Main window toolbar buttons are now available even when the
window is small.
o Optimizations have been applied in some places to make
Wireshark start up and run faster.
* new protocol support
ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS,
EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and
802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM,
Wake on LAN, WiMAX ASN Control Plane, X.224,
* updated protocol support
3Com XNS, 3G A11, ACN, ACP123, ACSE, AIM, ANSI IS-637-A, ANSI MAP,
Armagetronad, BACapp, BACnet, BER, BFD, BGP, Bluetooth, CAMEL,
CDT, CFM, CIP, Cisco ERSPAN, CLNP, CMIP, CMS, COPS, CTDB, DCCP,
DCERPC ATSVC, DCERPC PNIO, DCERPC SAMR, DCERPC, DCOM CBA-ACCO, DCP
ETSI, DEC DNA, DFS, DHCP/BOOTP, DHCPv6, DIAMETER, DISP, DMP, DNP,
DNS, DOP, DTLS, DUA, eDonkey, ELSM, ESL, Ethernet, FC ELS, FC,
FCOE, FTAM, FTP, GDSDB, GIOP, GPRS-LLC, GSM A, GSM MAP, GTP, HSRP,
HTTP, IAX2, ICMPv6, IEEE 802.11, INAP, IP, IPMI, IPv6, ISAKMP,
ISIS, iSNS, ISUP, IUUP, JXTA, K12, Kerberos, L2TP, LAPD, LDAP,
LINX, LPD, LWAPP, MEGACO, MIKEY, MIME Multipart, MMS, MP2T, MPEG
PES, MPEG, MTP2, MySQL, NBAP, NetFlow, nettl, NFS, NSIP, OSPF,
P_MUL, PANA, PER, PKCS#12, PMIPv6, PN-PTCP, PN-RT, PPI, PPPoE,
PRES, PROFINET, PTP, Q.932 ROS, Q.932, QSIG, Radiotap, RADIUS,
RANAP, RNSAP, ROS, RTCP, RTP, RTSE, RTSP, SCCP, SCTP, SDP,
SIGCOMP, SIP, Slow Protocols, SMB, SMPP, SMTP, SNDCP, SNMP, SRP,
SSL, STANAG 4406, STUN2, TCAP, TCP, text/media, TIPC, ULP, UMA,
UMTS FP, V5UA, VNC, WiMAX M2M, WiMAX, WLCCP, X.411, X.420, X.509
SAT, XML
* new and updated capture file support
Catapult DCT 2000, Endace ERF, Juniper NetScreen snoop, Visual
Networks, Windows Sniffer (NetXRay)
- removed fwrite_unused_result.patch
-------------------------------------------------------------------
Tue Sep 4 00:24:50 CEST 2007 - ro@suse.de
- disable -Werror for now
-------------------------------------------------------------------
Thu Jul 26 16:58:58 CEST 2007 - prusnak@suse.cz
- changed libpcap to libpcap-devel in BuildRequires
-------------------------------------------------------------------
Tue Jul 10 11:22:31 CEST 2007 - prusnak@suse.cz
- updated to 0.99.6
* security fixes:
* crash when dissecting an HTTP chunked response
* crash while reading iSeries capture files
* exhaust system memory while reading a malformed DCP ETSI packet
* loop excessively while reading a malformed SSL packet
* DHCP/BOOTP dissector susceptible to an off-by-one error
* loop excessively while reading a malformed MMS packet
* bug fixes:
* WEP decryption would only work for the first key specified
* WEP and WPA decryption didn't work for QoS frames
* WPA decryption failed if EAPOL handshake packets contained extra data
* Wireshark failed to parse colon-separated WEP keys
* merging files in Wireshark now appends files properly
* hang while saving an RTP stream with bad timestamp data
* frame.time_delta display filter now works as expected
* for full information see:
* http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html
- added fwrite_unused_result.patch (fixes warn_unused_result warnings in fwrite calls)
- dropped obsolete patches:
* dissectors.patch (included in update)
-------------------------------------------------------------------
Wed Mar 7 13:48:57 CET 2007 - prusnak@suse.cz
- added [t]ethereal symlinks [#252117]
- cleaned spec file
-------------------------------------------------------------------
Wed Feb 7 10:56:50 CET 2007 - prusnak@suse.cz
- fix SSL support [#242738]
- fix build warnings in dissector's code (dissectors.patch)
-------------------------------------------------------------------
Tue Feb 6 09:38:41 CET 2007 - prusnak@suse.cz
- update to 0.99.5
* security fixes [#237246]
- CVE-2007-0459 The TCP dissector could hang or crash
- CVE-2007-0458 The HTTP dissector could crash
- CVE-2007-0457 The IEEE 802.11 dissector could crash
- CVE-2007-0456 The LLT dissector could crash
* various bug fixes, added new protocols, see
http://www.wireshark.org/docs/relnotes/wireshark-0.99.5.html
for full information
- dropped obsoleted patches:
* wireshark-0.99.4-printf.diff (included in update)
-------------------------------------------------------------------
Thu Dec 7 10:30:28 CET 2006 - prusnak@suse.cz
- fixed libdir path in spec file
-------------------------------------------------------------------
Mon Nov 13 16:29:07 CET 2006 - mjancar@suse.cz
- update to 0.99.4
* final 0.99.4 release
-------------------------------------------------------------------
Tue Nov 7 14:33:33 CET 2006 - ro@suse.de
- fix manpage permissions
-------------------------------------------------------------------
Mon Oct 30 11:19:14 CET 2006 - mjancar@suse.cz
- update to 0.99.4pre1
* security fixes (#213226)
CVE-2006-4574
CVE-2006-4805
CVE-2006-5468
CVE-2006-5469
CVE-2006-5740
-------------------------------------------------------------------
Thu Aug 24 13:31:08 CEST 2006 - postadal@suse.cz
- updated to version 0.99.2 [#201437]
* security bugfixes
* the packet list context menu now includes a conversation filter
* now generate ACL rules for several popular firewall products
* new protocols: Daytime, JPEG (RTP payload), Pegasus Lightweight
Stream Control, Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport
- removed oblsoleted patch buffer_overflow_fix.patch
-------------------------------------------------------------------
Tue Jul 25 15:34:04 CEST 2006 - postadal@suse.cz
- project Ethereal moved to Wireshark project (renamed)
- updated to version 0.99.2
* security bugfixes
* multicast stream analysis
* you can now find next/previous marked frames
* the SMB dissector tracks filenames and share names
* added reading support of BER-encoded files
* new protocols: Bluetooth HCI (ACL, Command, Event, L2CAP, H4,
RFCOMM, SCO, SDP), Cisco WIDS, DTLS, Ether-S-Bus, OMA ULP,
PN-MRP, PN-MRRT, REXEC (yes, that REXEC), RRLP, RSerPool
(CalcAppProtocol, ComponentStatusProtocol, FractalGeneratorProtocol,
PingPongProtocol), Telkonet, TiVoConnect Discovery Protocol
- fixed buffer overflow in nettl.c [wireshark#1015] (buffer_overflow_fix.patch)
- removed obsoleted patches (CVE-2006-1932-40.patch, hash_returnval.patch,
infinite-loop.patch)
-------------------------------------------------------------------
Mon Jun 12 16:19:16 CEST 2006 - lmichnovic@suse.cz
- fixed forgoten return value (hash_retval.patch) [#183696]
-------------------------------------------------------------------
Wed May 3 09:01:49 CEST 2006 - postadal@suse.cz
- fixed security bugs [#167928] (CVE-2006-1932 - CVE-2006-1940)
(CVE-2006-1932-40.patch)
-------------------------------------------------------------------
Wed Jan 25 21:35:45 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Sat Jan 7 18:27:16 CET 2006 - postadal@suse.cz
- updated to version 0.10.14
-------------------------------------------------------------------
Wed Dec 21 13:02:50 CET 2005 - meissner@suse.de
- added -fstack-protector
- add pcre/pcre-devel to get regexp support.
-------------------------------------------------------------------
Tue Nov 1 16:26:26 CET 2005 - postadal@suse.cz
- fixed infinite loop [#128637] (infinite-loop.patch)
-------------------------------------------------------------------
Fri Oct 21 11:07:07 CEST 2005 - postadal@suse.cz
- updated to version 0.10.13 (a lot of security fixes enpa-sa-00021)
[#128637]
-------------------------------------------------------------------
Tue Sep 6 21:39:28 CEST 2005 - lmuelle@suse.de
- Add kerberos-devel-packages to neededforbuild and --with-krb5=/usr to the
configure arguments; [#115457].
-------------------------------------------------------------------
Wed Aug 31 09:23:51 CEST 2005 - postadal@suse.cz
- changed category of desktop file from Monitor to System [#114060]
-------------------------------------------------------------------
Mon Aug 29 22:33:59 CEST 2005 - postadal@suse.cz
- all data moved from /usr/X11R6 to /usr [#112816]
- branched devel package and packed includes [#112815]
-------------------------------------------------------------------
Wed Jul 27 14:43:03 CEST 2005 - postadal@suse.cz
- updated to version 0.10.12 (a lot of security fixes enpa-sa-00020)
- removed obsoleted gcc4 patch
- removed unneeded .la files
- moved /etc/{manuf,diameter} to /usr/X11R6/share/ethereal
(changed loading data files)
-------------------------------------------------------------------
Fri May 6 10:22:44 CEST 2005 - postadal@suse.cz
- updated to version 0.10.11 (a lot of security fixes enpa-sa-00019)
-------------------------------------------------------------------
Wed May 4 12:01:42 CEST 2005 - postadal@suse.cz
- fixed segfaults when trying to access help [#81523]
-------------------------------------------------------------------
Thu Mar 17 18:04:14 CET 2005 - postadal@suse.cz
- fixed security bugs in Etheric, GPRS-LLC, 3GPP2 A11, IAPP dissectors.
[#71777] (enpa-sa-00018: CAN-2005-0704, CAN-2005-0705, CAN-2005-0699,
CAN-2005-0739)
- fixed bugs in JXTA, sFlow
-------------------------------------------------------------------
Fri Jan 21 14:08:05 CET 2005 - postadal@suse.cz
- updated to version 0.10.9
-------------------------------------------------------------------
Wed Jan 12 18:52:23 CET 2005 - postadal@suse.cz
- updated to version 0.10.8
-------------------------------------------------------------------
Wed Dec 08 14:15:58 CET 2004 - postadal@suse.cz
- added new icon
-------------------------------------------------------------------
Tue Nov 30 13:46:48 CET 2004 - postadal@suse.cz
- updated to version 0.10.7
- packaged missed pixmap file
-------------------------------------------------------------------
Wed Oct 27 11:46:20 CEST 2004 - mmj@suse.de
- Add rpm-devel, popt-devel and tcpd-devel to #nfb to fix build
- Don't remove buildroot in install
-------------------------------------------------------------------
Wed Aug 25 13:57:21 CEST 2004 - lmuelle@suse.de
- Add libadns and libadns-devel to BuildRequires, [#43590].
-------------------------------------------------------------------
Mon Aug 16 19:00:10 CEST 2004 - postadal@suse.cz
- updated to version 0.10.6
- removed obsoleted patches (ipv6-filter-fix, secfix1)
- merged help-fix patch in config patch
-------------------------------------------------------------------
Wed Jul 14 12:33:34 CEST 2004 - postadal@suse.cz
- updated to version 0.10.5 (security update) [#42820]
* several security fixes; enpa-sa-00015 (CAN-2004-0633, CAN-2004-0634,
CAN-2004-0635)
-------------------------------------------------------------------
Thu Apr 29 13:31:26 CEST 2004 - postadal@suse.cz
- added missing online help [#39518]
-------------------------------------------------------------------
Fri Apr 02 13:31:08 CEST 2004 - postadal@suse.cz
- added check for resolved address in default filter
(modified previous patch ipv6-filter-fix.diff)
-------------------------------------------------------------------
Mon Mar 29 11:59:10 CEST 2004 - postadal@suse.cz
- updated to version 0.10.3 (security update) [#35449]
* several security fixes; enpa-sa-00013; CAN-2004-0176 CAN-2004-0367,
CAN-2004-0365
- fixed lib64 paths
- fixed default filter (ipv6 problem)
-------------------------------------------------------------------
Tue Mar 23 16:09:11 CET 2004 - postadal@suse.cz
- fixed locating manuf file in /etc [#34386]
-------------------------------------------------------------------
Tue Mar 02 17:07:34 CET 2004 - postadal@suse.cz
- added desktop file with "X-KDE-SubstituteUID=true" (asks for root passwd)
[#35118]
-------------------------------------------------------------------
Wed Feb 25 13:16:01 CET 2004 - postadal@suse.cz
- updated to version 0.10.2
-------------------------------------------------------------------
Thu Jan 22 23:23:07 CET 2004 - mmj@suse.de
- Update to 0.10.0a
- Use -fno-strict-aliasing
- Use gtk2
-------------------------------------------------------------------
Sat Jan 10 11:02:01 CET 2004 - adrian@suse.de
- build as user
-------------------------------------------------------------------
Thu Dec 18 15:35:19 CET 2003 - postadal@suse.cz
- fixed security bug (in SMB dissectors);[#33650] enpa-sa-00012
-------------------------------------------------------------------
Mon Nov 10 13:48:12 CET 2003 - ro@suse.de
- use net-snmp instead of ucdsnmp
-------------------------------------------------------------------
Thu Nov 06 15:47:43 CET 2003 - postadal@suse.cz
- fixed security bugs (in GTP,ISAKMP,MEGACO,SOCKS dissectors); enpa-sa-00011
-------------------------------------------------------------------
Sat Aug 16 16:50:01 CEST 2003 - adrian@suse.de
- install desktop file
-------------------------------------------------------------------
Fri Jul 25 15:19:33 CEST 2003 - postadal@suse.cz
- updated to version 0.9.14
* support for searching for arbitrary text and binary data in frames
* new protocols: Echo, eDonkey, Jabber, MS Messenger, sFlow
-------------------------------------------------------------------
Thu Jul 3 16:58:59 CEST 2003 - lmuelle@suse.de
- update to version 0.9.13
* support for GNU ADNS library
* "Decode As..." functionality has been added to Tethereal via the "-d" flag
* support for a system-wide color filter file
* several security fixes; enpa-sa-00010; CAN-2003-0428 CAN-2003-0429
CAN-2003-0431 CAN-2003-0432
- removed gcc patch as included in upstream
-------------------------------------------------------------------
Mon Mar 10 16:55:32 CET 2003 - postadal@suse.cz
- update to version 0.9.10 (security fix)
- removed obsoleted unused plugin patch
-------------------------------------------------------------------
Fri Mar 7 01:48:07 CET 2003 - ro@suse.de
- removed mminimal-toc from CFLAGS (ppc64)
-------------------------------------------------------------------
Wed Jan 29 14:08:44 CET 2003 - postadal@suse.cz
- updated to version 0.9.9
* more statistics have been added
* the RADIUS dissector can now decrypt user passwords
* new protocols: MDSHDR, MEGACO, MySQL, SDLC, X.29
-------------------------------------------------------------------
Mon Jan 27 01:56:56 CET 2003 - ro@suse.de
- fix build with gcc-3.3
-------------------------------------------------------------------
Wed Jan 22 23:10:47 CET 2003 - postadal@suse.cz
- updated to version 0.9.8
* new protocols: ARCNET, ClearCase NFS, DCERPC LSA_DS, Fibre Channel,
HyperSCSI, MDNS, PCLI, RPL, 802.1s MSTP, FIX, GSS-API, Interbase, NDPS,
Netflow (Cisco and Juniper), SCCP-Management, SPNEGO
- plugin fix (added header file with macros)
-------------------------------------------------------------------
Wed Aug 28 14:24:40 CEST 2002 - postadal@suse.cz
- added %config to file list
-------------------------------------------------------------------
Fri Aug 23 11:41:00 CEST 2002 - postadal@suse.cz
- update to version 0.9.6 (security fix)
-------------------------------------------------------------------
Thu Aug 15 12:52:38 CEST 2002 - postadal@suse.cz
- update to version 0.9.5 (security fix)
-------------------------------------------------------------------
Sat Jun 29 21:22:08 CEST 2002 - olh@suse.de
- build with -mminimal-toc on ppc64
-------------------------------------------------------------------
Wed Jan 16 10:08:21 CET 2002 - cihlar@suse.cz
- update to version 0.9.0
-------------------------------------------------------------------
Mon Nov 26 10:36:42 CET 2001 - cihlar@suse.cz
- update to version 0.8.20
-------------------------------------------------------------------
Wed Jul 25 13:40:31 CEST 2001 - cihlar@suse.cz
- update to version 0.8.19
-------------------------------------------------------------------
Fri Jun 15 10:06:50 CEST 2001 - cihlar@suse.cz
- added openssl, openssl-devel to neededforbuild
- run confugure with --with-ssl=/usr
- link against libcrypto (libsnmp needs it)
- fixed to compile with ipv6 support
-------------------------------------------------------------------
Fri Jun 8 13:43:21 CEST 2001 - cihlar@suse.cz
- fixed to compile with new autoconf
-------------------------------------------------------------------
Tue Apr 24 15:15:51 CEST 2001 - cihlar@suse.cz
- fixed warnings on ia64
-------------------------------------------------------------------
Tue Mar 20 15:27:20 CET 2001 - cihlar@suse.cz
- upgrade to version 0.8.16
-------------------------------------------------------------------
Tue Mar 6 13:30:03 CET 2001 - cihlar@suse.cz
- upgrade to version 0.8.15
-------------------------------------------------------------------
Mon Nov 6 02:20:12 CET 2000 - ro@suse.de
- fixed neededforbuild
-------------------------------------------------------------------
Tue Oct 31 13:57:12 CET 2000 - cihlar@suse.cz
- upgrade to version 0.8.13
- bzipped sources
-------------------------------------------------------------------
Thu Aug 3 09:18:12 CEST 2000 - cihlar@suse.cz
- upgrade to version 0.8.11
-------------------------------------------------------------------
Mon Jun 12 10:46:58 CEST 2000 - cihlar@suse.cz
- upgrade to version 0.8.9
-------------------------------------------------------------------
Wed May 10 15:05:25 CEST 2000 - cihlar@suse.cz
- upgrade to version 0.8.8
-------------------------------------------------------------------
Thu Apr 13 14:29:50 CEST 2000 - cihlar@suse.cz
- upgrade to version 0.8.6
- added BuildRoot
-------------------------------------------------------------------
Mon Apr 10 22:06:38 CEST 2000 - bk@suse.de
- added suse update config macro
-------------------------------------------------------------------
Wed Mar 1 14:20:59 MET 2000 - choeger@suse.de
- new version, 0.8.3
-------------------------------------------------------------------
Wed Jan 19 09:58:05 MET 2000 - choeger@suse.de
- new version, 0.8.1
-------------------------------------------------------------------
Thu Nov 25 12:34:15 CET 1999 - choeger@suse.de
- new version, 0.7.8
-------------------------------------------------------------------
Thu Oct 28 16:55:41 CEST 1999 - choeger@suse.de
- new version, 0.7.7
-------------------------------------------------------------------
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
-------------------------------------------------------------------
Wed Sep 1 18:04:36 CEST 1999 - choeger@suse.de
- new version
-------------------------------------------------------------------
Tue Jul 13 12:42:22 MEST 1999 - bs@suse.de
- use gtk and glib instead of gtkn and glibn
-------------------------------------------------------------------
Mon Jul 12 01:48:43 MEST 1999 - ro@suse.de
- libpcap is an extra package now
-------------------------------------------------------------------
Thu Jul 8 10:43:00 MEST 1999 - choeger@suse.de
- new version, v0.6.3
-------------------------------------------------------------------
Tue Jun 1 16:58:22 MEST 1999 - ro@suse.de
- fixed: X11 -> X11R6
-------------------------------------------------------------------
Wed May 26 09:39:50 MEST 1999 - choeger@suse.de
- new package v0.6.2
bnc#493584)
