|
|
|
|
Changelog for libpcap-devel-1.10.5-99.2.x86_64.rpm :
* Wed Sep 25 2024 Marcus Meissner - enable rdma support (bsc#1230894) * Mon Sep 02 2024 Pedro Monreal - Update to 1.10.5: * Security fixes: - [bsc#1230020, CVE-2023-7256] double free via addrinfo in sock_initaddress() - [bsc#1230034, CVE-2024-8006] null pointer derefence in pcap_findalldevs_ex() * Thread safety: Make some static variables thread-local * Packet filtering: - Return an error from pcap_compile() if the scanner fails to initialize. - Optimizer fix from Archit Shah to recompute dominators after moving code; (although the resulting filter isn\'t empty). - Optimizer fix from Archit Shah to mark value as unknown when store of that value is deleted. * Linux: - Don\'t use DLT_LINUX_SLL2 for anything other than the \"any\" device. - Avoid 32-bit unsigned integer overflow in USB captures. - Fix a file descriptor leak. - Fix DLT_CAN_SOCKETCAN handling of CAN FD. - Add CAN XL support to DLT_CAN_SOCKETCAN. - Clean up the code that sets the \"real\" (\"original\") length for isochronous USB transfers. - Avoid unnecessary blocking on recvmsg() in the Bluetooth monitor and Bluetoth modules. * Haiku: - Report non-existent devices correctly. - Fix handling of packet statistics. - Fix packet timestamping. - Fix packet filtering with low snaplen. - Improve connection status reporting. - Add support for promiscuous mode. - Detect DLTs and loopback capture support at run time. - Report IEEE 802.11 as PCAP_IF_WIRELESS. * BSD, macOS, AIX, Solaris 11, Linux: - Add a new error PCAP_ERROR_CAPTURE_NOTSUP, for use if a capture mechanism is not present, in the hopes that, for example, attempts to capture on Windows Services for Linux 1, in which the NT kernel attempts to simulate Linux system calls but does not support packet sockets, can get an error that better indicates the underlying problem. * AirPcap: Format an error message if we run out of memory. * nflog: Make sure we don\'t overflow when rounding up the TLV length. * rpcap: - Handle routines removed in at least some OpenSSL libraries. - CVE-2023-7256: Clean up sock_initaddress() and its callers to avoid double frees in some cases. - Don\'t define SOCKET ourselves; instead, define PCAP_SOCKET as int on UN *Xes and as SOCKET on Windows. - CVE-2024-8006: Fix pcap_findalldevs_ex() not to crash if passed a file:// URL with a path to a directory that cannot be opened. * Savefiles: - Handle DLT_/LINKTYPE_ mapping better, to handle some OpenBSD-specific link types better. - Treat if_tsoffset as signed in pcapng files, as the spec says. - Don\'t try to fix the \"real\" length for isochronous USB transfers if the number of USB descriptors is too large. - Reject pcap files where one of the reserved fields in the \"link-layer type plus other stuff\" is non-zero. * Rebase libpcap-1.0.0-s390.patch * Thu Feb 29 2024 pgajdosAATTsuse.com- Use %patch -P N instead of deprecated %patchN. * Sat Apr 08 2023 Andreas Stieger - update to 1.10.4: * rpcap: Fix name of launchd service. * documentation updates and build system tweaks * Wed Jan 18 2023 Dirk Müller - update to 1.10.3: * Sort the PUBHDR variable in Makefile.in in \"ls\" order. * Fix typo in comment in pflog.h. * Remove two no-longer-present files from .gitignore. * Update code and comments for handling failure to set promiscuous mode based on new information. * Sun Jan 01 2023 Andreas Stieger - update to 1.10.2: * Build system updates * Developer visible fixes * Fix some formatting string issues found by cppcheck * \"Dead\" pcap_ts from pcap_open_dead() and ..._with_tstamp_precision(): Don\'t crash if pcap_breakloop() is called. * Savefiles: multiple bug fixes handling files * Capture: Never process more than INT_MAX packets in a pcap_dispatch() call, to avoid integer overflow * Packet filtering: PFLOG bug fixes and improvements * Fix memory leak in capture device open * Fix detection of CAN/CAN FD packets in direction check * Fix double-free crashes on errors such as running on a kernel with CONFIG_PACKET_MMAP not configured * Multiple CANbus bug fixes * Fix pcap_findalldevs() to find usbmon devices * Fix handling of VLAN tagged packets if the link-layer type is changed from DLT_LINUX_SLL to DLT_LINUX_SLL2 * Always turn on PACKET_AUXDATA * Correctly compute the \"real\" length for isochronous USB transfers * Fri Jun 11 2021 Paolo Stivanin - Update to 1.10.1 * Fix \"type XXX subtype YYY\" giving a parse error * Add PCAP_AVAILABLE_1_11. * Rename struct bpf_aux_data to avoid NetBSD compile errors * Fix cross-builds with older kernels lacking BPF_MOD and BPF_XOR * Fix Bison detection for minor version 0. * Fix parallel build with FreeBSD make. * Get DLT_MATCHING_MAX right in gencode.c on NetBSD. * Define timeradd() and timersub() if necessary. * Fix Cygwin/MSYS target directories. * Fix symlinking with DESTDIR. * Fix generation of libpcap.pc with CMake when not building a shared library. * Support reading version 1.2, which some writers produce, and which is the same as 1.0 * Drop support for text-mode USB captures, as we require a 2.6.27 or later kernel * Bluetooth: fix non-blocking mode. Don\'t assume that all compilers used to build for Linux support the __atomic builtins * Sun Feb 14 2021 Pedro Monreal - Update to 1.10.0 * Require, and assume, some level of C99 support in the C compiler * Add support for capturing on DPDK devices * rpcap: support rpcap-over-TLS * Fix some memory leaks, including in pcap_compile() * Linux: handle systems without AF_INET or AF_UNIX socket support * Catch invalid IPv4 addresses in filters * Show special Linux BPF offsets symbolically in bpf_image() and bpf_dump() * Linux: get rid of Wireless Extensions for turning monitor mode on * Linux: proper memory sync for PACKET_MMAP * Linux: drop support for libnl 1 and 2. * Linux: Require PF_PACKET support, and kernel 2.6.27 or later * Add DLT_LINUX_SLL2 * Add a new filter \"ifindex\" for DLT_LINUX_SLL2 files and live Linux captures * optimizer: add a hack to try to catch certain optimizer loops * Probe CONFIGURATION descriptor of connected USB devices * Linux: return error on interface going away, but not if it just went down * Linux: set socket protocol only after packet ring configured, reducing bogus packet drop reports * Linux: get ifdrop stats from sysfs. * Fix various security issues reported by Charles Smith at Tangible Security * Fix various security issues reported by Include Security * rpcapd: on UN *X, don\'t tell the client why authentication failed * Linux: when adjusting BPF programs, do not subtract the SLL[2]_HDR_LEN if the location is negative (special metadata offset) * Linux: with a timeout of zero, wait indefinitely * Linux: clean up support for some non-GNU libc C libraries * Increase the maximum snaplen for LINKTYPE_USBPCAP/DLT_USBPCAP * Fix handling of some ioctls that fail with \"permission denied\" even when the ioctl isn\'t supported at all * Added support for ICMPv6 types 1-4 as tokens in filters * Report the DLT description in error messages * Linux: Add support for DSA data link types * Linux USB: use the snapshot length to set the buffer size, and set the len field to reflect the length in the URB * rpcapd: allow rpcapd to rebind more rapidly * Add Haiku pcap implementation * rpcap: redo protocol version negotiation to avoid problems with old servers (it still works with servers using the old negotiation, as well as servers not supporting negotiation) * Remove (unused) SITA support here. * Correctly handle pcapng captures with more than one IDB with a snspshot length greater than the supported maximum- Remove libpcap-no-old-socket.patch- Rebase libpcap-1.0.0-s390.patch * Wed Oct 02 2019 Pedro Monreal - Update to 1.9.1 [bsc#1153332] * Five CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165 * Fixes for CVE-2018-16301, errors in pcapng reading. * Mention pcap_get_required_select_timeout() in the main pcap man page * Fix pcap-usb-linux.c build on systems with musl * Fix assorted man page and other documentation issues * Plug assorted memory leaks * Documentation changes to use https: * Changes to how time stamp calculations are done * Lots of tweaks to make newer compilers happier and warning-free and to fix instances of C undefined behavior * Warn if AC_PROG_CC_C99 can\'t enable C99 support * Rename pcap_set_protocol() to pcap_set_protocol_linux(). * Align pcap_t private data on an 8-byte boundary. * Fix various error messages * Use 64-bit clean API in dag_findalldevs() * Fix cleaning up after some errors * Work around some ethtool ioctl bugs in newer Linux kernels * Add backwards compatibility sections to some man pages * Fix autotool configuration on AIX and macOS * Don\'t export bpf_filter_with_aux_data() or struct bpf_aux_data; they\'re internal-only and subject to change * Fix pcapng block size checking * Fix reading of capture statistics for Linux USB * Fix packet size values for Linux USB packets * Check only VID in VLAN test in filterss * Fix pcap_list_datalinks on 802.11 devices on macOS * Fix overflows with very large snapshot length in pcap file * Improve parsing of rpcapd configuration file * Handle systems without strlcpy() or strlcat() better * Fix crashes and other errors with invalid filter expressions * Fix use of uninitialized file descriptor in remote capture * Fix some CMake issues * Fix some divide-by-zero issues with the filter compiler * Work around a GNU libc bug in pcap_nametonetaddr() * Add support for DLT_LINUX_SLL2 * Fix handling of the packet-count argument for Myricom SNF devices * Fix --disable-rdma in configure script * Fix compilation of TurboCap support * Constify first argument to pcap_findalldevs_ex() * Fix a number of issues when running rpcapd as an inetd-style daemon * Fix CMake issues with D-Bus libraries * In rpcapd, clean up termination of a capture session * Redo remote capture protocol negotiation * In rpcapd, report the same error for \"invalid user name\" and \"invalid password\", to make brute-forcing harder * For remote captures, add an error code for \"the server requires TLS\" * Fix building as part of Npcap * Allow rpcapd to rebind more rapidly * Fix building shared libpcap library on midipix (midipix.org) * Fix hack to detect UTF-16LE adapter names on Windows not to go past the end of the string * Have pcap_dump_open_append() create the dump file if it doesn\'t exists * Fix the maxmum snapshot length for DLT_USBPCAP * Use -fPIC when building for 64-bit SPARC on Linux * Fix CMake 64-bit library installation directory on some Linux distributions * Boost the TPACKET_V3 timeout to the maximum if a timeout of 0 was specified * PCAPNG reader applies some sanity checks before doing malloc().- Drop patch fixed upstream: * Check-only-VID-in-VLAN-test-issue-461.patch- Rebase patch: * libpcap-1.0.0-ppp.patch * Fri Aug 02 2019 Martin Liška - Use FAT LTO objects in order to provide proper static library.
|
|
|