SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for wireshark-4.2.4-lp155.450.3.x86_64.rpm :

* Thu Mar 28 2024 Robert Frohl - Wireshark 4.2.4:
* CVE-2024-2955: T.38 dissector crash (boo#1222030).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.2.4.html
* Thu Feb 15 2024 Robert Frohl - Wireshark 4.2.3:
* Capture start fails when file set enabled and file extension not supplied if directory contains a period.
* Cannot drag and move custom filter buttons in toolbar.
* Not equal won’t work when used with wlan.addr.
* sshdump fails to connect with private key (ssh-rsa)
* ChmodBPF installation fails on macOS Sonoma 14.1.2.
* Windows installers should check for Windows 8.1.
* Fuzz job crash output: fuzz-2024-01-05-7725.pcap.
* Fuzz job crash output: fuzz-2024-01-06-7734.pcap.
* Incorrect recursion depth assert failure when dissecting a legitimate GOOSE message.
* OPC UA - large read request is reported as malformed in 4.2.1 but not in 4.0.12.
* TFTP dissector bug type listed as netscii instead of netascii doesn’t show all TFTP packets including TFTP blocks.
* SMB1 replies from LAN Drive app only show up as NBSS Continuation Message.
* ciscodump - older SSH key exchange algorithms not supported.
* Problem decoding LAPB/X.25/FTAM after adding X.75 decoding.
* Wireshark Filter not working.
* CFLOW: failure to decode 0 length data fields of
* Copy ...as Printable Text Feature Missing in 4.1/4.2.
* Export Objects - HTTP is missing some HTTP/2 files in a two-pass analysis.
* ASAM-CMP Plugin: Malformed message, length mismatch if vendor defined data of status messages has odd length.
* OSS-Fuzz 66561: wireshark:fuzzshark_ip_proto-udp: Null-dereference READ in wmem_map_lookup.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.2.3.html
* Mon Feb 12 2024 Dirk Müller - handle one more mismatch in docdir handling
* Mon Jan 29 2024 Dirk Müller - handle different CMAKE_INSTALL_DOCDIR setting between tumbleweed and leap
* Fri Jan 05 2024 Robert Frohl - Wireshark 4.2.2:
* minor bug fix release- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html
* Thu Jan 04 2024 Robert Frohl - Wireshark 4.2.1:
* CVE-2024-0207: HTTP3 dissector crash (boo#1218503).
* CVE-2024-0208: GVCP dissector crash (boo#1218504).
* CVE-2024-0209: IEEE 1609.2 dissector crash (boo#1218505).
* CVE-2024-0210: Zigbee TLV dissector crash (boo#1218506).
* CVE-2024-0211: DOCSIS dissector crash (boo#1218507).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.2.1.html
* Wed Nov 29 2023 Dominique Leuenberger - Install SDK using cmake --install --component Development instead of manually copying. This brings back the .pc file and simplifies the spec file.
* Fri Nov 24 2023 Robert Frohl - Wireshark 4.2.0:
* Packet list sorting has been improved.
* Wireshark and TShark are now better about generating valid UTF-8 output.
* A new display filter feature for filtering raw bytes has been added.
* Display filter autocomplete is smarter about not suggesting invalid syntax.
* Tools › MAC Address Blocks can lookup a MAC address in the IEEE OUI registry.
* The installation target no longer installs development headers by default.
* The Wireshark installation is relocatable on Linux (and other ELF platforms with support for relative RPATHs).
* Tools › Browser (SSL Keylog) can launch your web browser with the SSLKEYLOGFILE environment variable set to the appropriate value.
* Wireshark now supports the Korean language.
* Many other improvements have been made. See the “New and Updated Features” section below for more details.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html- Updated patches wireshark-0000-wsutil-implicit_declaration_memcpy.patch wireshark-0010-dumpcap-permission-denied.patch
* Thu Nov 16 2023 Robert Frohl - Wireshark 4.0.11:
* CVE-2023-6174: SSH dissector crash (boo#1217247).
* CVE-2023-6175: NetScreen file parser crash (boo#1217272).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.11.html
* Thu Oct 05 2023 Andreas Stieger - Wireshark 4.0.10:
* CVE-2023-5371: RTPS dissector memory leak (wnpa-sec-2023-27, boo#1215959)
* Fix a number of bugs in protocol parsers, including:
* RTP/RFC 4571: Wrong desegmentation/reassembly in RTP over TCP packets
* Incorrect bit values and namings in BSS Configuration Report TLV
* Wireshark 4.0.9 contained a bug affecting other platforms
* Wed Aug 23 2023 Robert Frohl - Wireshark 4.0.8:
* CVE-2023-4512: CBOR dissector crash (boo#1214561).
* CVE-2023-4511: BT SDP dissector infinite loop (boo#1214560).
* CVE-2023-4513: BT SDP dissector memory leak (boo#1214562).
* CVE-2023-2906: CP2179 dissector crash (boo#1214652).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.8.html
* Thu Jul 13 2023 Robert Frohl - Wireshark 4.0.7:
* CVE-2023-3648: Kafka dissector crash (boo#1213319).
* CVE-2023-3649: iSCSI dissector crash (boo#1213318).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.7.html
* Thu May 25 2023 Robert Frohl - Wireshark 4.0.6:
* CVE-2023-2854: BLF file parser crash (boo#1211708).
* CVE-2023-2855: Candump log file parser crash (boo#1211703).
* CVE-2023-2856: VMS TCPIPtrace file parser crash (boo#1211707).
* CVE-2023-2857: BLF file parser crash (boo#1211705).
* CVE-2023-2858: NetScaler file parser crash (boo#1211706).
* CVE-2023-0666: RTPS dissector crash (boo#1211709).
* CVE-2023-0668: IEEE C37.118 Synchrophasor dissector crash (boo#1211710).
* CVE-2023-2879: GDSDB dissector infinite loop (boo#1211793).
* CVE-2023-2952: XRA dissector infinite loop (boo#1211844).
* CVE-2023-0667: MS-MMS: failure to validate packet length (bsc#1212084).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html
* Thu Apr 13 2023 Robert Frohl - Wireshark 4.0.5:
* CVE-2023-1992: RPCoRDMA dissector crash (boo#1210405).
* CVE-2023-1993: LISP dissector large loop (boo#1210404).
* CVE-2023-1994: GQUIC dissector crash (boo#1210403).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.5.html
* Fri Mar 03 2023 Robert Frohl - Wireshark 4.0.4:
* CVE-2023-1161: ISO 15765 and ISO 10681 dissector crash (boo#1208914).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.4.html
* Thu Jan 19 2023 Robert Frohl - Wireshark 4.0.3 (boo#1207447):
* CVE-2023-0414: EAP dissector crash (boo#1207666).
* CVE-2023-0417: NFS dissector memory leak (boo#1207669).
* CVE-2023-0413: Dissection engine crash (boo#1207665).
* CVE-2023-0416: GNW dissector crash (boo#1207668).
* CVE-2023-0415: iSCSI dissector crash (boo#1207667).
* CVE-2023-0411: Multiple dissector excessive loops (boo#1207663).
* CVE-2023-0412: TIPC dissector crash (boo#1207664).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.3.html
* Thu Dec 08 2022 Robert Frohl - Wireshark 4.0.2:
* CVE-2022-4345: Multiple dissector infinite loops (boo#1206189).
* Kafka dissector memory exhaustion (boo#1206190).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.2.html
* Thu Oct 27 2022 Robert Frohl - Wireshark 4.0.1:
* Comparing a boolean field against 1 always succeeds on big-endian machines.
* Qt: MaxMind GeoIP columns not added to Endpoints table.
* Fuzz job crash output: fuzz-2022-10-04-7131.pcap.
* The RTP player might not play audio on Windows.
* Wireshark 4.0 breaks display filter expression with > sign.
* Capture filters not working when using SSH capture and dumpcap.
* Packet diagram field values are not terminated.
* Packet bytes not displayed completely if scrolling.
* Fuzz job crash output: fuzz-2022-10-13-7166.pcap.
* Decoding bug H.245 userInput Signal.
* CFDP dissector doesn’t handle \\\"destination filename\\\" only.
* Home page capture button doesn’t pop up capture options dialog.
* Missing dot in H.248 protocol name.
* Missing dot for protocol H.264 in protocol column.
* Fuzz job crash output: fuzz-2022-10-23-7240.pcap.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.1.html
* Fri Oct 07 2022 ecsos - Added an additional desktopfile to start wireshark which asks for the super user password.
* Thu Oct 06 2022 ecsos - Fix build error for Leap.
* Wed Oct 05 2022 Robert Frohl - Wireshark 4.0.0:
* The display filter syntax is more powerful with many new extensions.
* The Conversation and Endpoint dialogs have been redesigned.
* The default main window layout has been changed so that the Packet Detail and Packet Bytes are side by side underneath the Packet List pane.
* Hex dump imports from Wireshark and from text2pcap have been improved.
* Speed when using MaxMind geolocation has been greatly improved.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-4.0.0.html- updated wireshark-0010-dumpcap-permission-denied.patch- dropped wireshark-0001-pkgconfig.patch which was accepted upstream
* Thu Sep 08 2022 Robert Frohl - Wireshark 3.6.8:
* CVE-2022-3190: F5 Ethernet Trailer dissector infinite loop (boo#1203388).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.8.html
* Thu Jul 28 2022 Robert Frohl - Wireshark 3.6.7:
* Multiple Files preference \"Create new file automatically… after\" [time] working incorrectly.
* get_filter Lua function doesn’t return the filter.
* Dissector bug, protocol HTTP failed assertion \"saved_layers_len < 500\" with chunked/multipart.
* Wrong EtherCAT bit label (possible dissector bug).
* UDP packets falsely marked as \"malformed packet\".
* TLS certificate parser with filter crash.
* Incorrect type for the IEC 60870 APDU appears in packet details pane.
* NHRP Problem.
* EtherCAT CoE header unknown type.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.7.html
* Mon Jun 20 2022 Robert Frohl - Wireshark 3.6.6:
* TLS: RSA decryption fails with Extended Master Secret and renegotiation.
* \"dfilter\" file on Windows adds carriage returns, and requires line feeds.
* \"Browse\" button in Prefs/Name Resolution/MaxMind crashes Wireshark on macOS.
* TFTP: some packets are not recognized as TFTP packets with 3.6.5.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.6.html
* Thu May 05 2022 Robert Frohl - Wireshark 3.6.5 and 3.6.4:
* The 3.6.5 release fixes an installation issue on Windows which was introduced in the 3.6.4 release
* Build failure with GCC 7.5, Linux.
* RDP dissected as SSL.
* IPFIX/cflow dissector asserts when varlen field length is zero.
* 802.11ax HE PHY \"Device Class\" dissected incorrectly.
* DHCPv6 Option 15 User-Class incorrectly parsed in Wireshark.
* ICMPv6 dissector: PREF64 option parsing only works for prefix length 96.
* Switch macOS updater to Sparkle 2.
* CQL timestamp dissector displays the wrong timestamp.
* Unable to dissect 802.11ax Target Wake Time (TWT) packets.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.4.html
* Thu Mar 24 2022 Robert Frohl - Wireshark 3.6.3:
* Fuzz job crash output: fuzz-2021-01-19-7399.pcap.
* TLS dissector incorrectly reports JA3 values.
* \"Wiki Protocol page\" in packet details menu is broken - wiki pages not migrated to GitLab?.
* Dissector bug, protocol PFCP display Flow Description IE value error in Additional Flow Description of PFD Management Request Message.
* Bluetooth: Fails to open Log file for SCO connection.
* Fuzz job crash output: fuzz-2022-03-07-10896.pcap.
* libwiretap: Save as ERF causes segmentation fault.
* HTTP server returning multiple early hints shows too many responses in \"Follow HTTP Stream\".- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.3.html
* Fri Feb 11 2022 Robert Frohl - Wireshark 3.6.2:
* CVE-2022-0586: RTMPT dissector infinite loop (boo#1195866)
* CVE-2022-0585: Large loops in multiple dissectors (boo#1195867)
* CVE-2022-0583: PVFS dissector crash (boo#1195868)
* CVE-2022-0582: CSN.1 dissector crash (boo#1195869)
* CVE-2022-0581: CMS dissector crash (boo#1195870)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.2.html
* Tue Jan 18 2022 Robert Frohl - Fix wireshark-plugin-libvirt build after wmem_alloc() moved from libwireshark.so to libwsutil.so (bsc#1194780)
* Added wireshark-0001-pkgconfig.patch- Renamed wireshark-0001-dumpcap-permission-denied.patch to wireshark-0010-dumpcap-permission-denied.patch
* Mon Jan 10 2022 Robert Frohl - Fix SLE15 build issue added wireshark-0000-wsutil-implicit_declaration_memcpy.patch
* Thu Dec 30 2021 Robert Frohl - Wireshark 3.6.1:
* CVE-2021-4185: RTMPT dissector infinite loop (boo#1194166)
* CVE-2021-4184: BitTorrent DHT dissector infinite loop (boo#1194167)
* CVE-2021-4183: pcapng file parser crash (boo#1194168)
* CVE-2021-4182: RFC 7468 file parser infinite loop (boo#1194169)
* CVE-2021-4181: Sysdig Event dissector crash (boo#1194170)
* CVE-2021-4190: Kafka dissector infinite loop (boo#1194171)
* Add \'-o console.log.level:\' transitional option for backward- compatibilty replacing the \'console.log.level\' preference removed in 3.6.0. Only avoids cli failures and will be removed in the future.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.1.html
* Mon Dec 20 2021 Robert Frohl - Wireshark 3.6.0:
* CVE-2021-4186: Gryphon dissector crash (boo#1194165).
* Several changes have been made to the display filter syntax: - The expression \"a != b\" now always has the same meaning as \"!(a == b)\". In particular this means filter expressions with multi-value fields like \"ip.addr != 1.1.1.1\" will work as expected (the result is the same as typing \"ip.src != 1.1.1.1 and ip.dst != 1.1.1.1\"). This avoids the contradiction (a == b and a!= b) being true. - It is possible to use the syntax \"a ~= b\" or \"a any_ne b\" to recover the previous (inconsistent with \"==\") logic for not equal. - Literal strings can now be specified using raw string syntax, identical to raw strings in the Python programming language. This can be used to avoid the complexity of using two levels of character escapes with regular expressions. - Set elements must now be separated using a comma. A filter such as http.request.method in {\"GET\" \"HEAD\"} must be written as ... in {\"GET\", \"HEAD\"}. Whitespace is not significant. The previous use of whitespace as separator is deprecated and will be removed in a future version. - Support for the syntax \"a not in b\" with the same meaning as \"not a in b\" has been added.
* TCP conversations now support a completeness criteria, which facilitates the identification of TCP streams having any of opening or closing handshakes, a payload, in any combination. It can be accessed with the new tcp.completeness filter.
* Protobuf fields that are not serialized on the wire or otherwise missing in capture files can now be displayed with default values by setting the new \"add_default_value\" preference. The default values might be explicitly declared in \"proto2\" files, or false for bools, first value for enums, zero for numeric types.
* Wireshark now supports reading Event Tracing for Windows (ETW). A new extcap named ETW reader is created that now can open an etl file, convert all events in the file to DLT_ETW packets and write to a specified FIFO destination. Also, a new packet_etw dissector is created to dissect DLT_ETW packets so Wireshark can display the DLT_ETW packet header, its message and packet_etw dissector calls packet_mbim sub_dissector if its provider matches the MBIM provider GUID.
* \"Follow DCCP stream\" feature to filter for and extract the contents of DCCP streams.
* Wireshark now supports dissecting RTP packets with OPUS payloads.
* Added support for Shared Memory Communications (SMC) (jsc#SLE-18727)- Further features, bug fixes and new and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.0.html- updated patch to work with upstream changes wireshark-0001-dumpcap-permission-denied.patch
* Thu Nov 18 2021 Paolo Stivanin - Wireshark 3.4.10 (bsc#1192830):
* CVE-2021-39929: Bluetooth DHT dissector crash.
* CVE-2021-39926: Bluetooth HCI_ISO dissector crash.
* CVE-2021-39925: Bluetooth SDP dissector crash.
* CVE-2021-39924: Bluetooth DHT dissector large loop.
* CVE-2021-39922: C12.22 dissector crash.
* CVE-2021-39928: IEEE 802.11 dissector crash.
* CVE-2021-39921: Modbus dissector crash.
* CVE-2021-39920: IPPUSB dissector crash.
* PNRP dissector large loop.
* Fix forward compatibility issue with the I/O Graphs preferences.
* OSS-Fuzz: Heap-use-after-free in ROS.
* Allow for \'\\0\' (NULL) character as filter instead of requiring 0x00 for the character match.
* Dumpcap with threads reports double received count vs captured.
* HTTP2 dissector reports an assertion error on large data frames.
* Shark stops capturing when capturing with multiple files and packet printing enabled.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.4.10.html
* Thu Oct 07 2021 Robert Frohl - Wireshark 3.4.9:
* TShark PDML output embeds \"proto\" elements within other \"proto\" elements.
* Filter expressions comparing against single-octet hex strings where the hex digit string equals a protocol name don’t work.
* AMQP 0.9: dissector fails to handle Content-Body frame split across TCP packets.
* IEEE 802.15.4: Missing check on \"PAN ID Present\" bit of the Multipurpose Frame Control field.
* Wireshark ignored some character in filename when exporting SMB objects.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.4.9.html
* Thu Aug 26 2021 Robert Frohl - Wireshark 3.4.8:
* Dissector bug reported for Bluetooth Cycling Power Measurement characteristic for extreme angles value
* Raknet Addresses are incorrectly identified.
* Editcap saving files as ethernet when specifying \'-T ieee-802-11-
*\'
* CoAP dissector confuses Content-Format with Accept- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.4.8.html
* Fri Jul 16 2021 Robert Frohl - Wireshark 3.4.7:
* CVE-2021-22235: Fix DNP dissector crash (boo#1188375, wnpa-sec-2021-06)
* Fix TCP dissector - Erroneous DSACK reporting
* Fix No wlan_radio.duration calculated for PHY type: 802.11ac (VHT)
* Fix NAN Dissector has wrong minimum length for availability attribute
* Thu Jun 03 2021 Andreas Stieger - Wireshark 3.4.6:
* Fix DVB-S2-BB dissector infinite loop (boo#1186790, wnpa-sec-2021-04)
* Fix Macro filters handling of escaped characters
* Fix Display filter crash
* Fix IEEE-1588 Signalling Unicast TLV incorrectly reported as being malformed
* Fix IETF QUIC TLS decryption error with extraneous packets during the handshake
* Fix Statistics - Resolved Addresses: multi-protocol (TCP/UDP/...) ports not displayed
* Thu Apr 22 2021 Andreas Stieger - Wireshark 3.4.5:
* CVE-2021-22207: MS-WSP dissector excessive memory consumption (boo#1185128, wnpa-sec-2021-04)
* Fix TShark not printing GeoIP information
* FIx TShark error when piping to \"head\"
* Fix missing parts of ASCII representation in Packet Bytes pane
* Fix dissection of NDPE attribute of NAN packet
* Fix TECMP: reserved flag interpreted as part of timestamp
* Fix DNS IXFR/AXFR multiple response
* Fix File too large issue- drop patches:
* cmake_3-20_compatibility_1.patch
* cmake_3-20_compatibility_2.patch
* wireshark-0008-move-glib.patch
* Wed Mar 31 2021 Robert Frohl - cmake 3.20 compatibility (boo#1184110) add cmake_3-20_compatibility_1.patch and cmake_3-20_compatibility_2.patch
* Tue Mar 30 2021 Neal Gompa - Add patch from Fedora to fix build with glib2-2.68 + Patch: wireshark-0008-move-glib.patch
* Thu Mar 11 2021 Robert Frohl - Wireshark 3.4.4:
* CVE-2021-22191: Wireshark could open unsafe URLs (boo#1183353).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.4.4.html
* Fri Feb 19 2021 Robert Frohl - Enable ITU G.729 Annex A/B speech codec for Tumbleweed only
* Sat Jan 30 2021 Andreas Stieger - Wireshark 3.4.3:
* CVE-2021-22173: fix USB HID dissector memory leak (wnpa-sec-2021-01, boo#1181598)
* CVE-2021-22174: fix USB HID dissector crash (wnpa-sec-2021-02, boo#1181599)
* Fix bugs in SIP, Telephony, QUIC, SOMEIP-SD, SRv6, TECMP, AUTOSAR-NM, Fibre Channel, f5ethtrailer, ZVT dissectors.
* fix TShark crashes with -T ek option
* Fri Jan 22 2021 Robert Frohl - Disable ITU G.729 Annex A/B speech codec for SUSE based distros, but keep enabled for openSUSE.
* Wed Jan 13 2021 Robert Frohl - provide helpful error message if user doesn\'t have permissions to run dumpcap (bsc#1180102) add wireshark-0001-dumpcap-permission-denied.patch
* Sat Dec 19 2020 Andreas Stieger - Wireshark 3.4.2
* CVE-2020-26422: QUIC dissector crash (boo#1180232)
* Fix IETF QUIC TLS decryption errors when packets are coalesced with random data
* QUIC: missing dissection of some coalesced SH packets
* Fix false expect error seen on FCoE frames
* Updated Protocol Support DOCSIS, FC-dNS, FC-SWILS, FCoE, QUIC, SNMP, and USBHID
* Fri Dec 11 2020 Andreas Stieger - Wireshark 3.4.1:
* CVE-2020-26418: Kafka dissector memory leak (wnpa-sec-2020-16, boo#1179930)
* CVE-2020-26419: Multiple dissector memory leaks (wnpa-sec-2020-19, boo#1179931)
* CVE-2020-26420: RTPS dissector memory leak (wnpa-sec-2020-18, boo#1179932)
* CVE-2020-26421: USB HID dissector crash (wnpa-sec-2020-17, boo#1179933)
* Fix IETF QUIC TLS decryption errors
* Fix failures or crashes in various dissectors
* Fri Oct 30 2020 Andreas Stieger - Wireshark 3.4.0:
* Save RTP stream to .au supports any codec with 8000 Hz rate supported by Wireshark (shown in RTP player). If save of audio is not possible (unsupported codec or rate), silence of same length is saved and warning is shown.
* Asynchronous DNS resolution is always enabled
* Protobuf fields can be dissected as Wireshark (header) fields that allows user input the full names of Protobuf fields or messages in Filter toolbar for searching.
* Dissectors based on Protobuf can register themselves to a new \'protobuf_field\' dissector table, which is keyed with the full names of fields, for further parsing fields of BYTES or STRING type.
* UI improvements
* sshdump can now be copied to multiple instances. Each instance will show up a different interface and will have its own
* decode, play, and save opus payloads- features not enabled in the openSUSE package:
* decode, play, and save iLBC payloads
* Fri Oct 30 2020 Robert Frohl - wireshark 3.2.8:
* CVE-2020-26575: FBZERO dissector crash (boo#1177406)
* CVE-2020-28030: GQUIC dissector crash (boo#1178291)
* Infinite memory allocation while parsing this tcp packet- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.8.html
* Thu Sep 24 2020 Robert Frohl - wireshark 3.2.7:
* CVE-2020-25863: MIME Multipart dissector crash (boo#1176908)
* CVE-2020-25862: TCP dissector crash (boo#1176909)
* CVE-2020-25866: BLIP dissector crash (boo#1176910)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html
* Wed Aug 12 2020 Andreas Stieger - Wireshark 3.2.6:
* CVE-2020-17498: Kafka dissector crash (boo#1175204)
* Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.6.html
* Wed Jul 01 2020 Andreas Stieger - Wireshark 3.2.5:
* CVE-2020-15466: GVCP dissector infinite loop (boo#1173606)
* Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html- make verification of package source signatures compatible with source_validator
* Fri Jun 05 2020 Michel Normand - Add _constraints for ppc/ppc64le that need more than 3GB to build
* Wed May 20 2020 Robert Frohl - wireshark 3.2.4
* CVE-2020-13164: NFS dissector crash (boo#1171899)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.4.html
* Thu Apr 09 2020 Robert Frohl - wireshark 3.2.3 (boo#1169063)
* CVE-2020-11647: The BACapp dissector could crash- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.3.html
* Fri Mar 06 2020 Robert Frohl - Remove dependency on brotli, only the library is needed.
* Thu Feb 27 2020 Robert Frohl - wireshark 3.2.2 (boo#1165241)
* CVE-2020-9431: LTE RRC dissector memory leak.
* CVE-2020-9430: WiMax DLMAP dissector crash.
* CVE-2020-9428: EAP dissector crash.
* CVE-2020-9429: WireGuard dissector crash.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.2.html
* Thu Jan 23 2020 Robert Frohl - Fixed build against SLE flavors
* Thu Jan 16 2020 Robert Frohl - wireshark 3.2.1
* CVE-2020-7044: WASSP dissector crash (boo#1161052)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.1.html
* Thu Dec 19 2019 Robert Frohl - wireshark 3.2.0
* Brotli decompression support in HTTP/HTTP2 (requires the brotli library).
* You can now follow HTTP/2 and QUIC streams.
* HTTP2 support streaming mode reassembly. To use this feature, subdissectors can register itself to \"streaming_content_type\" dissector table and return pinfo→desegment_len and pinfo→desegment_offset to tell HTTP2 when to start and how many additional bytes requires when next called.
* IOGraph automatically adds a graph for the selected display filter if no previous graph exists
* WireGuard decryption can now be enabled through keys embedded in a pcapng in addition to the existing key log preference (Bug 15571).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.2.0.html
* Thu Dec 05 2019 seanlewAATTopensuse.org- wireshark 3.0.7:
* CVE-2019-19553: CMS dissector crash (boo#1158505).
* ws_pipe_wait_for_pipe() can wait on closed handles
* suport for 11ax in PEEKREMOTE
* reassembling of the two TLS records not working correctly- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.7.html
* Tue Dec 03 2019 Marcus Rueckert - since we only have one gui package now move the gui related files to that package, which in turn reduces the requires in the main package for headless installations.
* Thu Oct 24 2019 Robert Frohl - wireshark 3.0.6:
* extcap: Several issues when capturing from multiple extcap interfaces.
* Expert Infos Incorrectly Displays Info Column instead of comment.
* Wireshark does not support USB packets with size greater than 256 KiB.
* IS-IS: add support for decoding TE TLV Type 138 as per RFC 5307.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.6.html
* Sat Sep 21 2019 Andreas Stieger - wireshark 3.0.5:
* Fix Qt interface crashes on a profile with packet list only
* NET-SNMP EngineID Length handling Warning
* fix Crash SIGSEGV when decrypting IEEE 802.11 EAP re-authentications
* Mon Sep 16 2019 Robert Frohl - wireshark 3.0.4
* CVE-2019-16319: Fixed an infinite loop in the Gryphon dissector (boo#1150690).- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.4.html
* Tue Jul 23 2019 Johannes Segitz - Added BuildRequires for spandsp-devel to enable decoding of various VoIP codecs
* Thu Jul 18 2019 Robert Frohl - wireshark 3.0.3
* CVE-2019-13619: ASN.1 BER and related dissectors crash. (bsc#1141980)- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.3.html
* Wed Jun 12 2019 Dominique Leuenberger - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini
* Thu May 23 2019 Robert Frohl - Wireshark 3.0.2 (bsc#1136021)
* Wireshark dissection engine crash.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.2.html
* Wed Apr 17 2019 Robert Frohl - Added config.h again, which got lost during the wireshark 3 update.
* Tue Apr 09 2019 Robert Frohl - Wireshark 3.0.1 (bsc#1131941)
* CVE-2019-10895: NetScaler file parser crash.
* CVE-2019-10899: SRVLOC dissector crash.
* CVE-2019-10897: IEEE 802.11 dissector infinite loop.
* CVE-2019-10898: GSUP dissector infinite loop.
* CVE-2019-10900: Rbm dissector infinite loop.
* CVE-2019-10894: GSS-API dissector crash.
* CVE-2019-10896: DOF dissector crash.
* CVE-2019-10902: TSDNS dissector crash.
* CVE-2019-10901: LDSS dissector crash.
* CVE-2019-10903: DCERPC SPOOLSS dissector crash.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.1.html
* Thu Mar 21 2019 Robert Frohl - Wireshark 3.0.0
* The IP map feature (the \"Map\" button in the \"Endpoints\" dialog) has been added back in a modernized form.
* Initial support for using PKCS #11 tokens for RSA decryption in TLS. This can be configured at Preferences, RSA Keys.
* Conversation timestamps are supported for UDP/UDP-Lite protocols.
* TShark now supports the -G elastic-mapping option which generates an ElasticSearch mapping file.
* The Ethernet and IEEE 802.11 dissectors no longer validate the frame check sequence (checksum) by default.
* The TCP dissector gained a new \"Reassemble out-of-order segments\" preference to fix dissection and decryption issues in case TCP segments are received out-of-order.
* Decryption support for the new WireGuard dissector.
* The BOOTP dissector has been renamed to DHCP. With the exception of \"bootp.dhcp\", the old \"bootp.
*\" display filter fields are still supported but may be removed in a future release.
* The SSL dissector has been renamed to TLS. As with BOOTP the old \"ssl.
*\" display filter fields are supported but may be removed in a future release.- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.0.0.html- removed wireshark-1.10.0-enable_lua.patch, because LUA is enabled by default.
* Thu Feb 28 2019 Robert Frohl - Wireshark 2.6.7
* CVE-2019-9214: RPCAP dissector could crash (bnc#1127367)
* CVE-2019-9209: ASN.1 BER and related dissectors could crash (bnc#1127369)
* CVE-2019-9208: TCAP dissector could crash (bnc#1127370)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.7.html
* Wed Jan 09 2019 Robert Frohl - Wireshark 2.6.6
* CVE-2019-5716: The 6LoWPAN dissector could crash (bsc#1121231)
* CVE-2019-5717: The P_MUL dissector could crash (bsc#1121232)
* CVE-2019-5718: The RTSE dissector and other dissectors could crash (bsc#1121233)
* CVE-2019-5719: The ISAKMP dissector could crash (bsc#1121234)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.6.html
* Thu Nov 29 2018 astiegerAATTsuse.com- Wireshark 2.6.5 (bsc#1117740):
* CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)
* CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)
* CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)
* CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)
* CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)
* CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)
* CVE-2018-19628: The ZigBee ZCL dissector could crash (wnpa-sec-2018-57)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html
* Fri Oct 12 2018 astiegerAATTsuse.com- Wireshark 2.6.4 (bsc#1111647):
* CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)
* CVE-2018-18226: Steam IHS Discovery dissector memory leak (wnpa-sec-2018-48)
* CVE-2018-18225: CoAP dissector crash (wnpa-sec-2018-49)
* CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html
* Wed Aug 29 2018 astiegerAATTsuse.com- Update to 2.6.3 (boo#1106514):
* CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
* CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
* CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.3.html
* Fri Jul 20 2018 astiegerAATTsuse.com- update to 2.6.2:
* CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, boo#1101777)
* CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, boo#1101788)
* CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, boo#1101804)
* CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, boo#1101786)
* CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, boo#1101810)
* CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, boo#1101776)
* CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, boo#1101794)
* CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, boo#1101800)
* CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, boo#1101791)
* CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, boo#1101802)- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.2.html- drop wireshark-2.6.1-fix-Qt-5.11.patch, upstream
* Wed May 23 2018 astiegerAATTsuse.com- Fix build with Qt 5.11 (boo#1093733) add wireshark-2.6.1-fix-Qt-5.11.patch
* Wed May 23 2018 astiegerAATTsuse.com- update to 2.6.1: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1094301):
* CVE-2018-11354: IEEE 1905.1a dissector crash
* CVE-2018-11355: RTCP dissector crash
* CVE-2018-11356: DNS dissector crash
* CVE-2018-11357: Multiple dissectors could consume excessive memory
* CVE-2018-11358: Q.931 dissector crash
* CVE-2018-11359: The RRC dissector and other dissectors could crash
* CVE-2018-11360: GSM A DTAP dissector crash
* CVE-2018-11361: IEEE 802.11 dissector crash
* CVE-2018-11362: LDSS dissector crash- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.6.1.html
* Mon May 07 2018 astiegerAATTsuse.com- Turn on ssh, maxminddb, c-ares, snappy, lz4, HTTP2 support- Use capabilities to be able to run capture as a non-root user. In easy system permissions mode all users can capture traffic. In secure system permissions mode, must be added to the wireshark group to capture. bsc#957624 Drop wireshark-1.2.0-disable-warning-dialog.patch
* Tue May 01 2018 ecsosAATTopensuse.org- update to 2.6.0
* Bug Fixes - The following bugs have been fixed: - Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
* New and Updated Features The following features are new (or have been significantly updated) since version 2.5.0: - HTTP Request sequences are now supported. - Wireshark now supports MaxMind DB files. Support for GeoIP and GeoLite Legacy databases has been removed. - The Windows packages are now built using Microsoft Visual Studio 2017. - The IP map feature (the “Map” button in the “Endpoints” dialog) has been removed. The following features are new (or have been significantly updated) since version 2.4.0: - Display filter buttons can now be edited, disabled, and removed via a context menu directly from the toolbar - Drag & Drop filter fields to the display filter toolbar or edit to create a button on the fly or apply the filter as a display filter. - Application startup time has been reduced. - Some keyboard shortcut mix-ups have been resolved by assigning new shortcuts to Edit → Copy methods. - TShark now supports color using the --color option. - The \"matches\" display filter operator is now case-insensitive. - Display expression (button) preferences have been converted to a UAT. This puts the display expressions in their own file. Wireshark still supports preference files that contain the old preferences, but new preference files will be written without the old fields. - SMI private enterprise numbers are now read from the “enterprises.tsv” configuration file. - The QUIC dissector has been renamed to Google QUIC (quic → gquic). - The selected packet number can now be shown in the Status Bar by enabling Preferences → Appearance → Layout → Show selected packet number. - File load time in the Status Bar is now disabled by default and can be enabled in Preferences → Appearance → Layout → Show file load time. - Support for the G.729A codec in the RTP Player is now added via the bcg729 library. - Support for hardware-timestamping of packets has been added. - Improved NetMon .cap support with comments, event tracing, network filter, network info types and some Message Analyzer exported types. - The personal plugins folder on Linux/Unix is now ~/.local/lib/wireshark/plugins. - TShark can print flow graphs using -z flow… - Capinfos now prints SHA256 hashes in addition to RIPEMD160 and SHA1. MD5 output has been removed. - The packet editor has been removed. (This was a GTK+ only experimental feature.) - Support BBC micro:bit Bluetooth profile - The Linux and UNIX installation step for Wireshark will now install headers required to build plugins. A pkg-config file is provided to help with this (see “doc/plugins.example” for details). Note you must still rebuild all plugins between minor releases (X.Y). - The Windows installers and packages now ship with Qt 5.9.4. - The generic data dissector can now uncompress zlib compressed data. - DNS Stats now supports service level statistics. - DNS filters for retransmissions and unsolicited responses have been added. - The “tcptrace” TCP Stream graph now shows duplicate ACKS and zero window advertisements. - The membership operator now supports ranges, allowing display filters such as tcp.port in {4430..4434} to be expressed. See the User’s Guide, chapter Building display filter expressions for details.
* New Protocol Support
* Updated Protocol Support - Too many protocols have been updated to list here.
* New and Updated Capture File Support - Microsoft Network Monitor
* New and Updated Capture Interfaces support - LoRaTap- drop patch wireshark-1.2.0-geoip.patch, because file to patch no more exists- accumulating fixes from previous versions:
* wireshark 2.4.16: - CVE-2019-13619: ASN.1 BER and related dissectors crash (bsc#1141980).
* wireshark 2.4.15 (bsc#1136021): - Wireshark dissection engine crash.
* wireshark 2.4.14 (bsc#1131945): - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector crash. - CVE-2019-10903: DCERPC SPOOLSS dissector crash.
* wireshark 2.4.13: - CVE-2019-9214: RPCAP dissector could crash (bsc#1127367) - CVE-2019-9209: ASN.1 BER and related dissectors could crash (bsc#1127369) - CVE-2019-9208: TCAP dissector could crash (bsc#1127370)
* wireshark 2.4.12: - CVE-2019-5717: The P_MUL dissector could crash (bsc#1121232) - CVE-2019-5718: The RTSE dissector and other dissectors could crash (bsc#1121233) - CVE-2019-5719: The ISAKMP dissector could crash (bsc#1121234) - CVE-2019-5721: The ENIP dissector could crash (bsc#1121235)
* wireshark 2.4.11 (bsc#1117740): - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE dissector could go into an infinite loop - CVE-2018-19627: The IxVeriWave file parser could crash - CVE-2018-19624: The PVFS dissector could crash
* wireshark 2.4.10 (bsc#1111647): - CVE-2018-18227: MS-WSP dissector crash - CVE-2018-12086: OpcUA dissector crash
* wireshark 2.4.9 (bsc#1106514): - CVE-2018-16058: Bluetooth AVDTP dissector crash - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash - CVE-2018-16057: Radiotap dissector crash
* wireshark 2.4.8: - CVE-2018-14342: BGP dissector large loop (boo#1101777) - CVE-2018-14344: ISMP dissector crash (boo#1101788) - CVE-2018-14340: Multiple dissectors could crash (boo#1101804) - CVE-2018-14343: ASN.1 BER dissector crash (boo#1101786) - CVE-2018-14339: MMSE dissector infinite loop (boo#1101810) - CVE-2018-14341: DICOM dissector crash (boo#1101776) - CVE-2018-14368: Bazaar dissector infinite loop (boo#1101794) - CVE-2018-14369: HTTP2 dissector crash (boo#1101800) - CVE-2018-14367: CoAP dissector crash (boo#1101791) - CVE-2018-14370: IEEE 802.11 dissector crash (boo#1101802)
* wireshark 2.4.7 (bsc#1094301): - CVE-2018-11356: DNS dissector crash - CVE-2018-11357: Multiple dissectors could consume excessive memory - CVE-2018-11358: Q.931 dissector crash - CVE-2018-11359: The RRC dissector and other dissectors could crash - CVE-2018-11360: GSM A DTAP dissector crash - CVE-2018-11362: LDSS dissector crash
* Wed Apr 04 2018 astiegerAATTsuse.com- Wireshark 2.4.6: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1088200):
* CVE-2018-9264: ADB dissector crash
* CVE-2018-9260: IEEE 802.15.4 dissector crash
* CVE-2018-9261: NBAP dissector crash
* CVE-2018-9262: VLAN dissector crash
* CVE-2018-9256: LWAPP dissector crash
* CVE-2018-9263: Kerberos dissector crash
* CVE-2018-9258: TCP dissector crash
* CVE-2018-9257: CQL infinite loop
* Memory leaks in multiple dissectors: CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html
* Sat Feb 24 2018 astiegerAATTsuse.com- Wireshark 2.4.5: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1082692):
* CVE-2018-7335: The IEEE 802.11 dissector could crash
* CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7421: Multiple dissectors could go into large infinite loops
* CVE-2018-7334: The UMTS MAC dissector could crash
* CVE-2018-7337: The DOCSIS dissector could crash
* CVE-2018-7336: The FCP dissector could crash
* CVE-2018-7320: The SIGCOMP dissector could crash
* CVE-2018-7420: The pcapng file parser could crash
* CVE-2018-7417: The IPMI dissector could crash
* CVE-2018-7418: The SIGCOMP dissector could crash
* CVE-2018-7419: The NBAP disssector could crash
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html
* Fri Jan 12 2018 astiegerAATTsuse.com- Wireshark 2.4.4:
* fixes for dissector crashes: + CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) + CVE-2018-5335: WCP dissector could crash (bsc#1075738) + CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
* No longer enable the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 (bsc#1075748, CVE-2017-5753)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html
* Fri Dec 01 2017 astiegerAATTsuse.com- Wireshark 2.4.3: This release fixes minor vulnerabilities that could be used to trigger dissector crashes by making Wireshark read specially crafted packages from the network or capture files (bsc#1070727):
* CVE-2017-17084: IWARP_MPA dissector crash (wnpa-sec-2017-47)
* CVE-2017-17083: NetBIOS dissector crash (wnpa-sec-2017-48)
* CVE-2017-17085: CIP Safety dissector crash (wnpa-sec-2017-49)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.3.html
* Wed Oct 11 2017 astiegerAATTsuse.com- Wireshark 2.4.2: This release fixes minor vulnerabilities that could be used to trigger dissector crashes or infinite loops by making Wireshark read specially crafted packages from the network or a capture file (boo#1062645):
* CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42)
* CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43)
* CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44)
* CVE-2017-15190: RTSP dissector crash (wnpa-sec-2017-45)
* CVE-2017-15189: DOCSIS infinite loop (wnpa-sec-2017-46)
* Thu Sep 07 2017 jmatejekAATTsuse.com- downgrade to lua51-devel in order to drop Lua 5.2 from Factory (can\'t upgrade to 5.3 because that is still not supported)
* Tue Aug 29 2017 astiegerAATTsuse.com- Wireshark 2.4.1: This release fixes minor vulnerabilities that could be used to trigger dissector crashes, infinite loops, or cause excessive use of memory resources by making Wireshark read specially crafted packages from the network or a capture file:
* CVE-2017-13767: MSDP dissector infinite loop (bsc#1056248)
* CVE-2017-13766: Profinet I/O buffer overrun (bsc#1056249)
* CVE-2017-13764: Modbus dissector crash (bsc#1056250)
* CVE-2017-13765: IrCOMM dissector buffer overrun (bsc#1056251)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.1.html
* Sat Aug 26 2017 jengelhAATTinai.de- Trim filler wording from description.
* Mon Aug 21 2017 tchvatalAATTsuse.com- Gcrypt is now default- gtk switch was redone to accept value at the end instead of 2 options
* Thu Jul 27 2017 astiegerAATTsuse.com- Wireshark 2.4.0:
* SS7 Point Codes can now be resolved into names with a hosts- like file.
* Wireshark can now go fullscreen to have more room for packets
* TShark can now export objects like the other GUI interfaces.
* Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library)
* You can now choose the output device when playing RTP streams
* Added support for dissectors to include a unit name natively in their hf field. A field can now automatically append \"seconds\" or \"ms\" to its value without additional printf-style APIs
* The Default profile can now be reset to default values.
* You can move back and forth in the selection history in the Qt UI.
* IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original decryption key preference has been obsoleted.
* Extcap utilities can now provide configuration for a GUI interface toolbar to control the extcap utility while capturing.
* Extcap utilities can now validate the capture filter.
* Display filter function len() can now be used on all string and byte fields.
* Added an experimental timeline view for 802.11 wireless packet data which can be enabled via the \"802.11 radio information preferences.
* Added TLS 1.3 (draft 21) dissection and decryption support
* The (D)TLS Application Layer protocol (e.g. HTTP or CoAP) can now be changed via the Decode As dialog.
* The RSA keys dialog for SSL keys has improved feedback for invalid settings and no longer requires the IP address, Port or Protocol fields to be set in addition to the Key File.
* TCP Analysis will detect and flag more spurious retransmissions.
* Many new and updated protocol support
* New and updated Capture File Support: ERF, IxVeriWave, Libpcap, and Pcap-ng
* API changes: IEEE802.11: wlan_mgt display filter element got renamed to wlan.
* Tue Jul 18 2017 astiegerAATTsuse.com- Wireshark 2.2.8 (bsc#1049255): This release fixes minor vulnerabilities that could be used to trigger dissector crashes, infinite loops, or cause excessive use of memory resources by making Wireshark read specially crafted packages from the network or a capture file:
* CVE-2017-7702 CVE-2017-11410: WBMXL dissector infinite loop (wnpa-sec-2017-13)
* CVE-2017-9350 CVE-2017-11411: openSAFETY dissector memory exhaustion (wnpa-sec-2017-28)
* CVE-2017-11408: AMQP dissector crash (wnpa-sec-2017-34)
* CVE-2017-11407: MQ dissector crash (wnpa-sec-2017-35)
* CVE-2017-11406: DOCSIS infinite loop (wnpa-sec-2017-36)
* Fri Jun 02 2017 astiegerAATTsuse.com- Wireshark 2.2.7 (bsc#1042330): This release fixes minor vulnerabilities that could be used to trigger dissector crashes, infinite loops, or cause excessive use of CPU resources by making Wireshark read specially crafted packages from the network or a capture file:
* CVE-2017-9352: Bazaar dissector infinite loop (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exhaustion (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (bsc#1042307)
* CVE-2017-9353: IPv6 dissector crash (bsc#1042306)
* Wed May 17 2017 astiegerAATTsuse.com- Allow opening capture files from desktop without asking for privileged credentials. bsc#1025714
* Fri Apr 14 2017 astiegerAATTsuse.com- Wireshark 2.2.6: This release fixes minor vulnerabilities that could be used to trigger a dissector crash or infinite loops by sending specially crafted packages over the network or into a capture file:
* CVE-2017-7700: NetScaler file parser infinite loop (bsc#1033936)
* CVE-2017-7701: BGP dissector infinite loop (bsc#1033937)
* CVE-2017-7702: WBMXL dissector infinite loop (bsc#1033938)
* CVE-2017-7703: IMAP dissector crash (bsc#1033939)
* CVE-2017-7704: DOF dissector infinite loop (bsc#1033940)
* CVE-2017-7705: RPCoRDMA dissector infinite loop (bsc#1033941)
* CVE-2017-7745: SIGCOMP dissector infinite loop (bsc#1033942)
* CVE-2017-7746: SLSK dissector long loop (bsc#1033943)
* CVE-2017-7747: PacketBB dissector crash (bsc#1033944)
* CVE-2017-7748: WSP dissector infinite loop (bsc#1033945) - Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.6.html
* Sat Mar 04 2017 astiegerAATTsuse.com- Wireshark 2.2.5: boo#1027998 This release fixes minor vulnerabilities that could be used to trigger a dissector crash or infinite loops by sending specially crafted packages over the network or into a capture file:
* CVE-2017-6467: NetScaler file parser infinite loop (wnpa-sec-2017-11)
* CVE-2017-6468: NetScaler file parser crash (wnpa-sec-2017-08)
* CVE-2017-6469: LDSS dissector crash (wnpa-sec-2017-03)
* CVE-2017-6470: IAX2 dissector infinite loop (wnpa-sec-2017-10)
* CVE-2017-6471: WSP dissector infinite loop (wnpa-sec-2017-05)
* CVE-2017-6472: RTMTP dissector infinite loop (wnpa-sec-2017-04)
* CVE-2017-6473: K12 file parser crash (wnpa-sec-2017-09)
* CVE-2017-6474: NetScaler file parser infinite loop (wnpa-sec-2017-07)
* wnpa-sec-2017-06: STANAG 4607 file parser infinite loop- restore license in about dialog boo#1026507
* Tue Feb 14 2017 tchvatalAATTsuse.com- Disable gnutls on SLE11 as we are unable to meet the gnutls requirements there
* Tue Jan 24 2017 astiegerAATTsuse.com- Wireshark 2.2.4: This release fixes two minor vulnerabilities that could be use to cause Wireshark to go into a large or infinite loop by sending specially crafted packages over the network or into a capture file (bsc#1021739)
* The ASTERIX dissector could go into an infinite loop CVE-2017-5596 wnpa-sec-2017-01
* The DHCPv6 dissector could go into a large loop. CVE-2017-5597 wnpa-sec-2017-02
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.4.html
* Wed Jan 04 2017 tchvatalAATTsuse.com- Obsolete the ui-gtk in the ui-qt to ensure clean non-conflicted install
* Tue Dec 27 2016 tchvatalAATTsuse.com- Cleanup a bit with spec-cleaner- Properly set ethereal symlink based on UI and set it to proper subpkg- Update conditionals on wireshark to only build Qt or GTK depending on the interface, because upstream now only supports Qt5- Update the caps code in spec but keep it disabled- Enable geoip only on platforms that support it- Enable libnl only on newer releases- Update desktop file and icon caches- Drop not really needed patch wireshark-1.10.0-authors-pod2man.patch- Use full commands for icon/desktop cache for gtk mode as on sle11 it was not present yet as a macro- Split shared libraries properly to subpackages
* Wed Dec 14 2016 astiegerAATTsuse.com- Wireshark 2.2.3:
* fix export related bugs
* fix UI bugs
* bugfix and corrections updates for dissectors
* updated protocol support for BGP, BOOTP/DHCP, BTLE, DICOM, DOF, Echo, GTP, ICMP, Radiotap, RLC, RPC over RDMA, RTCP, SMB, TCP, UFTP4, and VXLAN
* Thu Nov 17 2016 astiegerAATTsuse.com- Wireshark 2.2.2:
* CVE-2016-9372: Profinet I/O long loop (boo#1010807)
* CVE-2016-9374: AllJoyn crash (boo#1010752)
* CVE-2016-9376: OpenFlow crash (boo#1010735)
* CVE-2016-9373: DCERPC crash (boo#1010754)
* CVE-2016-9375: DTN infinite loop (boo#1010740)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
* Wed Oct 05 2016 astiegerAATTsuse.com- Wireshark 2.2.1: This release fixes a number of issues that made it possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (bsc#1002981)
* wnpa-sec-2016-56: The Bluetooth L2CAP dissector could crash
* wnpa-sec-2016-57: The NCP dissector could crash
* Further bug fixes and updated protocol support as listed in:
* Bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.1.html
* Fri Sep 09 2016 ecsosAATTopensuse.org- Wireshark 2.2.0:
* Bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html
* Drop wireshark-pkg-config.patch because code is now in upstream
* Drop wireshark-1.12.6-fix-QT-PIC-PIE.patch because no more need for build. And create errors at build Tumbleweed.
* Rebase wireshark-1.10.0-authors-pod2man.patch
* Fri Sep 09 2016 astiegerAATTsuse.com- Wireshark 2.0.6: This release fixes a number of issues that made it possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (bsc#998099)
* The QNX6 QNET dissector could crash wnpa-sec-2016-50 CVE-2016-7175
* The H.225 dissector could crash wnpa-sec-2016-51 CVE-2016-7176
* The Catapult DCT2000 dissector could crash wnpa-sec-2016-52 CVE-2016-7177
* The UMTS FP dissector could crash wnpa-sec-2016-53 CVE-2016-7178
* The Catapult DCT2000 dissector could crash wnpa-sec-2016-54 CVE-2016-7179
* The IPMI Trace dissector could crash wnpa-sec-2016-55 CVE-2016-7180
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.0.6.html
* Mon Sep 05 2016 astiegerAATTsuse.com- fix permissions warning on appdata, does not need +x
* Thu Jul 28 2016 astiegerAATTsuse.com- Wireshark 2.0.5: This release fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
* PacketBB crash wnpa-sec-2016-41 bsc#991013 CVE-2016-6505
* WSP infinite loop wnpa-sec-2016-42 bsc#991015 CVE-2016-6505
* RLC long loop wnpa-sec-2016-44 bsc#991017 CVE-2016-6508
* LDSS dissector crash wnpa-sec-2016-45 bsc#991018 CVE-2016-6509
* RLC dissector crash wnpa-sec-2016-46 bsc#991019 CVE-2016-6510
* OpenFlow long loop wnpa-sec-2016-47 bsc#991020 CVE-2016-6511
* MMSE, WAP, WBXML, and WSP infinite loop wnpa-sec-2016-48 bsc#991021 CVE-2016-6512
* WBXML crash wnpa-sec-2016-49 bsc#991022 CVE-2016-6513
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.0.5.html
* Fri Jul 15 2016 badshah400AATTgmail.com- Drop external wireshark.appdata.xml file, use the upstream bundled one instead.- Use the bundled appdata file as a template to generate the proper appdata files for both the GTK and QT GUI applications; install separate appdata for both apps.
* Wed Jun 08 2016 astiegerAATTsuse.com- Wireshark 2.0.4 (boo#983671) This release fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
* The SPOOLS dissector could go into an infinite loop wnpa-sec-2016-29 CVE-2016-5350
* The IEEE 802.11 dissector could crash wnpa-sec-2016-30 CVE-2016-5351
* The IEEE 802.11 dissector could crash wnpa-sec-2016-31 CVE-2016-5352
* The UMTS FP dissector could crash wnpa-sec-2016-32 CVE-2016-5353
* Some USB dissectors could crash wnpa-sec-2016-33 CVE-2016-5354
* The Toshiba file parser could crash wnpa-sec-2016-34 CVE-2016-5355
* The CoSine file parser could crash wnpa-sec-2016-35 CVE-2016-5356
* The NetScreen file parser could crash wnpa-sec-2016-36 CVE-2016-5357
* The Ethernet dissector could crash wnpa-sec-2016-37 CVE-2016-5358
* Sat Apr 23 2016 astiegerAATTsuse.com- Wireshark 2.0.3 (boo#976944) This release fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
* The NCP dissector could crash (wnpa-sec-2016-19)
* TShark could crash due to a packet reassembly bug (wnpa-sec-2016-20)
* The IEEE 802.11 dissector could crash (wnpa-sec-2016-21)
* The PKTC dissector could crash (wnpa-sec-2016-22)
* The PKTC dissector could crash (wnpa-sec-2016-23)
* The IAX2 dissector could go into an infinite loop (wnpa-sec-2016-24)
* Wireshark and TShark could exhaust the stack (wnpa-sec-2016-25)
* The GSM CBCH dissector could crash (wnpa-sec-2016-26)
* MS-WSP dissector crash (wnpa-sec-2016-27)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html
* Sat Feb 27 2016 astiegerAATTsuse.com- Wireshark 2.0.2 (boo#968565) This release fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
* CVE-2016-2522: ASN.1 BER dissector crash (wnpa-sec-2016-02)
* CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03)
* CVE-2016-2524: X.509AF dissector crash (wnpa-sec-2016-04)
* CVE-2016-2525: HTTP/2 dissector crash (wnpa-sec-2016-05)
* CVE-2016-2526: HiQnet dissector crash (wnpa-sec-2016-06)
* CVE-2016-2527: 3GPP TS 32.423 Trace file parser crash (wnpa-sec-2016-07)
* CVE-2016-2528: LBMC dissector crash (wnpa-sec-2016-08)
* CVE-2016-2529: iSeries file parser crash (wnpa-sec-2016-09)
* CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
* CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
* CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
* Ixia IxVeriWave file parser crash (wnpa-sec-2016-12)
* IEEE 802.11 dissector crash (wnpa-sec-2016-13)
* GSM A-bis OML dissector crash (wnpa-sec-2016-14)
* ASN.1 BER dissector crash (wnpa-sec-2016-15)
* SPICE dissector large loop (wnpa-sec-2016-16)
* NFS dissector crash (wnpa-sec-2016-17)
* ASN.1 BER dissector crash (wnpa-sec-2016-18)
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.0.2.html
* Sat Feb 13 2016 astiegerAATTsuse.com- Recommend wireshark-ui instead of requiring it (boo#961170) to support text-only use
* Mon Jan 04 2016 astiegerAATTsuse.com- Add CVEs for boo#960382
* Wed Dec 30 2015 astiegerAATTsuse.com- Wireshark 2.0.1 fixing the following dissector crashes boo#960382:
* NBAP dissector crashes. wnpa-sec-2015-31 CVE-2015-8711
* NLM dissector crash. wnpa-sec-2015-37 CVE-2015-8718
* BER dissector crash. wnpa-sec-2015-39 CVE-2015-8720
* Zlib decompression crash. wnpa-sec-2015-40 CVE-2015-8721
* SCTP dissector crash. wnpa-sec-2015-41 CVE-2015-8722
* 802.11 decryption crash. wnpa-sec-2015-42 CVE-2015-8723 CVE-2015-8724
* DIAMETER dissector crash. wnpa-sec-2015-43 CVE-2015-8725
* VeriWave file parser crashes. wnpa-sec-2015-44 CVE-2015-8726
* RSVP dissector crash. wnpa-sec-2015-45 CVE-2015-8727
* ANSI A & GSM A dissector crashes. wnpa-sec-2015-46 CVE-2015-8728
* Ascend file parser crash. wnpa-sec-2015-47 CVE-2015-8729
* NBAP dissector crash. npa-sec-2015-48 CVE-2015-8730
* RSL dissector crash. wnpa-sec-2015-49 CVE-2015-8731
* ZigBee ZCL dissector crash. wnpa-sec-2015-50 CVE-2015-8732
* Sniffer file parser crash wnpa-sec-2015-51 CVE-2015-8733
* NWP dissector crash. wnpa-sec-2015-52 CVE-2015-8734
* BT ATT dissector crash. wnpa-sec-2015-53 CVE-2015-8735
* MP2T file parser crash. wnpa-sec-2015-54 CVE-2015-8736
* MP2T file parser crash. wnpa-sec-2015-55 CVE-2015-8737
* S7COMM dissector crash. wnpa-sec-2015-56 CVE-2015-8738
* IPMI dissector crash. wnpa-sec-2015-57 CVE-2015-8739
* TDS dissector crash. wnpa-sec-2015-58 CVE-2015-8740
* PPI dissector crash. wnpa-sec-2015-59 CVE-2015-8741
* MS-WSP dissector crash. wnpa-sec-2015-60 CVE-2015-8742- adjust wireshark-1.12.6-fix-QT-PIC-PIE.patch for upstream changes
* Sat Dec 12 2015 crrodriguezAATTopensuse.org- BuildRequire pkgconfig(Qt5Multimedia) too.
* Thu Dec 10 2015 crrodriguezAATTopensuse.org- Enable netlink support, requires libnl3.
* Thu Nov 19 2015 astiegerAATTsuse.com- Wireshark 2.0.0:
* Completely new user interface (QT)
* ~/.config/wireshark now used over ~/.wireshark
* File format debugging support for BTSNOOP, PCAP, and PCAPNG
* New and updates support for 3GPP TS 32.423 Trace, Android Logcat text files, Colasoft Capsa files, Netscaler 3.5, and Symbian OS BTSNOOP File Format
* Support nanosecond timestamp resolution in PCAP-NG
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.0.0.html- adjust wireshark-pkg-config.patch for upstream changes
* Fri Oct 16 2015 astiegerAATTsuse.com- Wireshark 1.12.8 [boo#950437] The following vulnerabilities have been fixed:
* pcapng file parser could crash while copying an interface filter. wnpa-sec-2015-30 CVE-2015-7830
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.8.html- drop upstream wireshark-1.12.x-allow-gdk-pixbuf-deprecation.patch
* Wed Aug 12 2015 astiegerAATTsuse.com- Wireshark 1.12.7 [boo#941500] The following vulnerabilities have been fixed:
* Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241
* Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242
* Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243
* The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244
* The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245
* The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246
* The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247
* Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248
* The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249
* Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
* Thu Jul 30 2015 zaitorAATTopensuse.org- Conditionally set lua52-devel BuildRequires for openSUSE versions newer than 13.2. Wireshark does not compile with lua 5.3.
* Mon Jul 13 2015 astiegerAATTsuse.com- Fix Factory with QT (PIE/PIC) adding wireshark-1.12.6-fix-QT-PIC-PIE.patch
* Thu Jun 18 2015 astiegerAATTsuse.com- Wireshark 1.12.6- The following vulnerabilities have been fixed:
* WCCP dissector crash CVE-2015-4651 wnpa-sec-2015-19 boo#935157
* GSM DTAP dissector crash CVE-2015-4652 wnpa-sec-2015-20 boo#935158- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.6.html
* Sat May 23 2015 crrodriguezAATTopensuse.org- force -fPIC build to make QT5 happy.
* Wed May 13 2015 astiegerAATTsuse.com- Wireshark 1.12.5 [boo#930689]- The following vulnerabilities have been fixed:
* The LBMR dissector could go into an infinite loop. CVE-2015-3808 CVE-2015-3809 wnpa-sec-2015-12
* The WebSocket dissector could recurse excessively. CVE-2015-3810 wnpa-sec-2015-13
* The WCP dissector could crash while decompressing data. CVE-2015-3811 wnpa-sec-2015-14
* The X11 dissector could leak memory. CVE-2015-3812 wnpa-sec-2015-15
* The packet reassembly code could leak memory. CVE-2015-3813 wnpa-sec-2015-16
* The IEEE 802.11 dissector could go into an infinite loop. CVE-2015-3814 wnpa-sec-2015-17
* The Android Logcat file parser could crash. CVE-2015-3815 wnpa-sec-2015-18- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html
* Tue Apr 28 2015 crrodriguezAATTopensuse.org- Build the qt frontend against QT5 in Factory (only).
* Thu Apr 09 2015 dimstarAATTopensuse.org- Add wireshark-pkg-config.patch: actually install wireshark.pc, which is part of the tarball. Seems only cmake based setup handles this for upstream.- Add wireshark.appdata.xml in order to show up in AppStream based appstores.
* Wed Mar 04 2015 astiegerAATTsuse.com- Wireshark 1.12.4:- The following security issues were fixed:
* The ATN-CPDLC dissector could crash. wnpa-sec-2015-06 CVE-2015-2187 [bnc#920695]
* The WCP dissector could crash. wnpa-sec-2015-07 CVE-2015-2188 [bnc#920696]
* The pcapng file parser could crash. wnpa-sec-2015-08 CVE-2015-2189 [bnc#920697]
* The LLDP dissector could crash. wnpa-sec-2015-09 CVE-2015-2190 [bnc#920698]
* The TNEF dissector could go into an infinite loop. wnpa-sec-2015-10 CVE-2015-2191 [bnc#920699]
* The SCSI OSD dissector could go into an infinite loop. wnpa-sec-2015-11 CVE-2015-2192 [bnc#920700]- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
* Thu Jan 08 2015 andreas.stiegerAATTgmx.de- Wireshark 1.12.3- The following vulnerabilities allowed Wireshark to be crashed by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. + The WCCP dissector could crash wnpa-sec-2015-01 CVE-2015-0559 CVE-2015-0560 [boo#912365] + The LPP dissector could crash. wnpa-sec-2015-02 CVE-2015-0561 [boo#912368] + The DEC DNA Routing Protocol dissector could crash. wnpa-sec-2015-03 CVE-2015-0562 [boo#912369] + The SMTP dissector could crash. wnpa-sec-2015-04 CVE-2015-0563 [boo#912370] + Wireshark could crash while decypting TLS/SSL sessions. wnpa-sec-2015-05 CVE-2015-0564 [boo#912372]- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
* Sat Jan 03 2015 meissnerAATTsuse.com- build with PIE
* Wed Dec 03 2014 andreas.stiegerAATTgmx.de- Allow build with functions deprecated in gdk-pixbuf 2.31.2, fixing build for openSUSE Factory, add wireshark-1.12.x-allow-gdk-pixbuf-deprecation.patch
* Thu Nov 13 2014 andreas.stiegerAATTgmx.de- Wireshark 1.12.2- The following vulnerabilities have been fixed. + SigComp UDVM buffer overflow wnpa-sec-2014-20 CVE-2014-8710 boo#905246 + AMQP crash wnpa-sec-2014-21 CVE-2014-8711 boo#905245 + NCP crashes wnpa-sec-2014-22 CVE-2014-8712 CVE-2014-8713 boo#905248 + TN5250 infinite loops wnpa-sec-2014-23 CVE-2014-8714 boo#905247- Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html
* Thu Nov 13 2014 andreas.stiegerAATTgmx.de- remove gpg-offline, now part of source-validator, also fixing SLE 12
 
ICM