./net/wireshark, Network protocol analyzer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.0.5nb1, Package name: wireshark-2.0.5nb1, Maintainer: pkgsrc-users

Wireshark is a network traffic analyzer, or "sniffer", for Unix and
Unix-like operating systems. It uses GTK+, a graphical user interface
library, and libpcap, a packet capture and filtering library.

The Wireshark distribution also comes with TShark, which is a
line-oriented sniffer (similar to Sun's snoop, or tcpdump) that uses the
same dissection, capture-file reading and writing, and packet filtering
code as Wireshark, and with editcap, which is a program to read capture
files and write the packets from that capture file, possibly in a
different capture file format, and with some packets possibly removed
from the capture.

This package tracks version 2 stable branch.

Required to run:
[sysutils/desktop-file-utils] [graphics/hicolor-icon-theme] [security/gnutls] [security/libgcrypt] [devel/glib2] [devel/libsmi] [devel/pcre] [x11/gtk3] [lang/lua52]

Required to build:
[pkgtools/x11-links] [x11/compositeproto] [x11/glproto] [x11/renderproto] [x11/xproto] [x11/xf86vidmodeproto] [x11/xf86driproto] [x11/damageproto] [x11/inputproto] [x11/xextproto] [x11/randrproto] [x11/dri2proto] [x11/xcb-proto] [x11/fixesproto4] [lang/python27]

Package options: gtk3, lua

Master sites:

SHA1: ab77c632d8babf731bf0ecac0876fe3ff2923d04
RMD160: 6b6755986c23fd195ddda9344d340a132439420c
Filesize: 30395.497 KB

Version history: (Expand)

CVS history: (Expand)

   2016-08-03 12:23:40 by Adam Ciarcinski | Files touched by this commit (1248) | Package updated
Log message:
Revbump after graphics/gd update
   2016-07-28 16:33:20 by Thomas Klausner | Files touched by this commit (2)
Log message:
Add upstream bug report.
   2016-07-28 15:22:15 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated wireshark to 2.0.5.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2016-39
       CORBA IDL dissector crash on 64-bit Windows. ([2]Bug 12495)
     * [3]wnpa-sec-2016-41
       PacketBB crash. ([4]Bug 12577)
     * [5]wnpa-sec-2016-42
       WSP infinite loop. ([6]Bug 12594)
     * [7]wnpa-sec-2016-44
       RLC long loop. ([8]Bug 12660)
     * [9]wnpa-sec-2016-45
       LDSS dissector crash. ([10]Bug 12662)
     * [11]wnpa-sec-2016-46
       RLC dissector crash. ([12]Bug 12664)
     * [13]wnpa-sec-2016-47
       OpenFlow long loop. ([14]Bug 12659)
     * [15]wnpa-sec-2016-48
       MMSE, WAP, WBXML, and WSP infinite loop. ([16]Bug 12661)
     * [17]wnpa-sec-2016-49
       WBXML crash. ([18]Bug 12663)

   The following bugs have been fixed:
     * T30 FCF byte decoding masks DTC, CIG and NCS. ([19]Bug 1918)
     * TShark crashes with option "-z io,stat,..." in the presence of
       negative relative packet timestamps. ([20]Bug 9014)
     * Packet size limited during capture msg is repeated in the Info
       column. ([21]Bug 9826)
     * Wireshark loses windows decorations on second screen when
       restarting maximized using GNOME. ([22]Bug 11303)
     * Cannot launch GTK+ version of wireshark as a normal user. ([23]Bug
     * Restart current capture fails with "no interface selected" error
       when capturing in promiscuous mode. ([24]Bug 11834)
     * Add field completion suggestions when adding a Display filter or Y
       Field to the IO Graph. ([25]Bug 11899)
     * Wireshark Qt always indicates locale as "C". ([26]Bug 11960)
     * Wireshark crashes every time open Statistics -> Conversations |
       Endpoints. ([27]Bug 12288)
     * Find function within the conversations window does not work.
       ([28]Bug 12363)
     * Invalid values for USB SET_REQUEST packets. ([29]Bug 12511)
     * Display filter dropdown hides cursor. ([30]Bug 12520)
     * Filter for field name tcp.options.wscale.multiplier cannot exceed
       255. ([31]Bug 12525)
     * Ctrl+ shortcuts that are not text-related do not work when focus is
       on display filter field. ([32]Bug 12533)
     * Closing Statistics window results in black screen. ([33]Bug 12544)
     * OSPF: Incorrect description of N/P-bit in NSSA LSA. ([34]Bug 12555)
     * Inconsistent VHT data rate. ([35]Bug 12558)
     * DCE/RPC malformed error when stub-data is missing but a
       sub-dissector has been registered. ([36]Bug 12561)
     * Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length
       is larger than 239 bytes. ([37]Bug 12568)
     * "Edit Resolved Name" is not saved in current pcapng file. ([38]Bug
     * MPTCP: MP_JOIN B bit not decoded correctly. ([39]Bug 12635)
     * MPTCP MP_PRIO header with AddrID: incorrect AddrID. ([40]Bug 12641)

  Updated Protocol Support

   802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge,

  New and Updated Capture File Support

   and pcapng
   2016-07-09 15:04:18 by Thomas Klausner | Files touched by this commit (599)
Log message:
Remove python33: adapt all packages that refer to it.
   2016-07-09 08:39:18 by Thomas Klausner | Files touched by this commit (1068) | Package updated
Log message:
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.
   2016-06-11 16:40:17 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated wireshark to 2.0.4.

                         Wireshark 2.0.4 Release Notes
What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2016-29
       The SPOOLS dissector could go into an infinite loop. Discovered by
       the CESG.
     * [2]wnpa-sec-2016-30
       The IEEE 802.11 dissector could crash. ([3]Bug 11585)
     * [4]wnpa-sec-2016-31
       The IEEE 802.11 dissector could crash. Discovered by Mateusz
       Jurczyk. ([5]Bug 12175)
     * [6]wnpa-sec-2016-32
       The UMTS FP dissector could crash. ([7]Bug 12191)
     * [8]wnpa-sec-2016-33
       Some USB dissectors could crash. Discovered by Mateusz Jurczyk.
       ([9]Bug 12356)
     * [10]wnpa-sec-2016-34
       The Toshiba file parser could crash. Discovered by iDefense Labs.
       ([11]Bug 12394)
     * [12]wnpa-sec-2016-35
       The CoSine file parser could crash. Discovered by iDefense Labs.
       ([13]Bug 12395)
     * [14]wnpa-sec-2016-36
       The NetScreen file parser could crash. Discovered by iDefense Labs.
       ([15]Bug 12396)
     * [16]wnpa-sec-2016-37
       The Ethernet dissector could crash. ([17]Bug 12440)

   The following bugs have been fixed:
     * Saving pcap capture file with ERF encapsulation creates an invalid
       pcap file. ([18]Bug 3606)
     * Questionable calling of Ethernet dissector by encapsulating
       protocol dissectors. ([19]Bug 9933)
     * Wireshark 1.12.0 does not dissect HTTP correctly. ([20]Bug 10335)
     * Don't copy details of hidden columns. ([21]Bug 11788)
     * RTP audio player crashes. ([22]Bug 12166)
     * Crash when saving RTP audio Telephony->RTP->RTP
       Streams->Analyze->Save->Audio. ([23]Bug 12211)
     * Edit - preferences - add column field not showing dropdown for
       choices. ([24]Bug 12321)
     * Using _ws.expert in a filter can cause a crash. ([25]Bug 12335)
     * Crash in SCCP dissector UAT (Qt UI only). ([26]Bug 12364)
     * J1939 frame without data = malformed packet ? ([27]Bug 12366)
     * The stream number in tshark's "-z follow,tcp,<stream number>"
       option is 0-origin rather than 1-origin. ([28]Bug 12383)
     * IP Header Length display filter should show calculated value.
       ([29]Bug 12387)
     * Multiple file radio buttons should be check boxes. ([30]Bug 12388)
     * Wrong check for getaddrinfo and gethostbyname on Solaris 11.
       ([31]Bug 12391)
     * ICMPv6 dissector doesn't respect actual packet length. ([32]Bug
     * Format DIS header timestamp mm:ss.nnnnnn. ([33]Bug 12402)
     * RTP Stream Analysis can no longer be sorted in 2.0.3. ([34]Bug
     * RTP Stream Analysis fails to complete in 2.0.3 when packets are
       sliced. ([35]Bug 12406)
     * Network-Layer Name Resolution uses first 32-bits of IPv6 DNS
       address as IPv4 address in some circumstances. ([36]Bug 12412)
     * BACnet decoder incorrectly flags a valid APDU as a "Malformed
       Packet". ([37]Bug 12422)
     * Valid ISUP messages marked with warnings. ([38]Bug 12423)
     * Profile command line switch "-C" not working in Qt interface.
       ([39]Bug 12425)
     * MRCPv2: info column not showing info correctly. ([40]Bug 12426)
     * Diameter: Experimental result code 5142. ([41]Bug 12428)
     * Tshark crashes when analyzing RTP due to pointer being freed not
       allocated. ([42]Bug 12430)
     * NFS: missing information in getattr for supported exclusive create
       attributes. ([43]Bug 12435)
     * Ethernet type field with a value of 9100 is shown as "Unknown".
       ([44]Bug 12441)
     * Documentation does not include support for Windows Server 2012 R2.
       ([45]Bug 12455)
     * Column preferences ruined too easily. ([46]Bug 12465)
     * SMB Open andX extended response decoded incorrectly. ([47]Bug
     * SMB NtCreate andX with extended response sometimes incorrect.
       ([48]Bug 12473)
     * Viewing NFSv3 Data, checking SRTs doesn't work. ([49]Bug 12478)
     * Make wireshark with Qt enabled buildable on ARM. ([50]Bug 12483)

  Updated Protocol Support

   AFS, ANSI IS-637 A, BACapp, BT BNEP, Cisco FabricPath MiM, CSN.1,
   DCERPC SPOOLS, DIS, Ethernet, GSM A RR, ICMPv6, IEEE 802.11, IPv4,
   ISUP, J1939, JXTA, LAPSat, LPADm, LTE-RRC, MRCPv2, NFS, OpenFlow,

  New and Updated Capture File Support

   Aethra, Catapult DCT2000, CoSine, DBS Etherwatch, ERF, iSeries, Ixia
   IxVeriWave, NetScreen, Toshiba, and VMS TCPIPtrace
   2016-04-24 12:02:13 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
Updated wireshark to 2.0.3.

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2016-01
       DLL hijacking vulnerability. [2]CVE-2016-2521
     * [3]wnpa-sec-2016-02
       ASN.1 BER dissector crash. ([4]Bug 11828) [5]CVE-2016-2522
     * [6]wnpa-sec-2016-03
       DNP dissector infinite loop. ([7]Bug 11938) [8]CVE-2016-2523
     * [9]wnpa-sec-2016-04
       X.509AF dissector crash. ([10]Bug 12002) [11]CVE-2016-2524
     * [12]wnpa-sec-2016-05
       HTTP/2 dissector crash. ([13]Bug 12077) [14]CVE-2016-2525
     * [15]wnpa-sec-2016-06
       HiQnet dissector crash. ([16]Bug 11983) [17]CVE-2016-2526
     * [18]wnpa-sec-2016-07
       3GPP TS 32.423 Trace file parser crash. ([19]Bug 11982)
     * [21]wnpa-sec-2016-08
       LBMC dissector crash. ([22]Bug 11984) [23]CVE-2016-2528
     * [24]wnpa-sec-2016-09
       iSeries file parser crash. ([25]Bug 11985) [26]CVE-2016-2529
     * [27]wnpa-sec-2016-10
       RSL dissector crash. ([28]Bug 11829) [29]CVE-2016-2530
     * [31]wnpa-sec-2016-11
       LLRP dissector crash. ([32]Bug 12048) [33]CVE-2016-2532
     * [34]wnpa-sec-2016-12
       Ixia IxVeriWave file parser crash. ([35]Bug 11795)
     * [36]wnpa-sec-2016-13
       IEEE 802.11 dissector crash. ([37]Bug 11818)
     * [38]wnpa-sec-2016-14
       GSM A-bis OML dissector crash. ([39]Bug 11825)
     * [40]wnpa-sec-2016-15
       ASN.1 BER dissector crash. ([41]Bug 12106)
     * [42]wnpa-sec-2016-16
       SPICE dissector large loop. ([43]Bug 12151)
     * [44]wnpa-sec-2016-17
       NFS dissector crash.
     * [45]wnpa-sec-2016-18
       ASN.1 BER dissector crash. ([46]Bug 11822)

   The following bugs have been fixed:
     * HTTP 302 decoded as TCP when "Allow subdissector to reassemble TCP
       streams" option is enabled. ([47]Bug 9848)
     * Questionable calling of ethernet dissector by encapsulating
       protocol dissectors. ([48]Bug 9933)
     * [Qt & Legacy & probably TShark too] Delta Time Conversation column
       is empty. ([49]Bug 11559)
     * extcap: abort when validating capture filter for DLT 147. ([50]Bug
     * Missing columns in Qt Flow Graph. ([51]Bug 11710)
     * Interface list doesn't show well when the list is very long.
       ([52]Bug 11733)
     * Unable to use saved Capture Filters in Qt UI. ([53]Bug 11836)
     * extcap: Capture interface options snaplen, buffer and promiscuous
       not being used. ([54]Bug 11865)
     * Improper RPC reassembly ([55]Bug 11913)
     * GTPv1 Dual Stack with one static and one Dynamic IP. ([56]Bug
     * Wireshark 2.0.1 MPLS dissector not decoding payload when control
       word is present in pseudowire. ([57]Bug 11949)
     * "...using this filter" turns white (not green or red). Plus
       dropdown arrow does nothing. ([58]Bug 11950)
     * EIGRP field eigrp.ipv4.destination does not show the correct
       destination. ([59]Bug 11953)
     * tshark -z conv,type[,filter] swapped frame / byte values from / to
       columns. ([60]Bug 11959)
     * The field name nstrace.tcpdbg.tcpack should be
       nstrace.tcpdbg.tcprtt. ([61]Bug 11964)
     * 6LoWPAN IPHC traffic class not decompressed correctly. ([62]Bug
     * Crash with snooping NFS file handles. ([63]Bug 11972)
     * 802.11 dissector fails to decrypt some broadcast messages. ([64]Bug
     * Wireshark hangs when adding a new profile. ([65]Bug 11979)
     * Issues when closing the application with a running capture without
       packets. ([66]Bug 11981)
     * New Qt UI lacks ability to step through multiple TCP streams with
       Analyze > Follow > TCP Stream. ([67]Bug 11987)
     * GTK: plugin_if_goto_frame causes Access Violation if called before
       capture file is loaded. ([68]Bug 11989)
     * Wireshark 2.0.1 crash on start. ([69]Bug 11992)
     * Wi-Fi 4-way handshake 4/4 is displayed as 2/4. ([70]Bug 11994)
     * ACN: acn.dmx.data has incorrect type. ([71]Bug 11999)
     * editcap packet comment won't add multiple comments. ([72]Bug 12007)
     * DICOM Sequences no longer able to be expanded. ([73]Bug 12011)
     * Wrong TCP stream when port numbers are reused. ([74]Bug 12022)
     * SSL decryption fails in presence of a Client certificate. ([75]Bug
     * LUA: TVBs backing a data source is freed too early. ([76]Bug 12050)
     * PIM: pim.group filter have the same name for IPv4 and IPv6.
       ([77]Bug 12061)
     * Failed to parse M3AP IE (TNL information). ([78]Bug 12070)
     * Wrong interpretation of Instance ID value in OSPFv3 packet.
       ([79]Bug 12072)
     * MP2T Dissector does parse RTP properly in 2.0.1. ([80]Bug 12099)
     * editcap does not adjust time for frames with absolute timestamp 0 <
       t < 1 secs. ([81]Bug 12116)
     * Guard Interval is not consistent between Radiotap & wlan_radio.
       ([82]Bug 12123)
     * Calling dumpcap -i- results in access violation. ([83]Bug 12143)
     * Qt: Friendly Name and Interface Name columns should not be
       editable. ([84]Bug 12146)
     * PPTP GRE call ID not always decoded. ([85]Bug 12149)
     * Interface list does not show device description anymore. ([86]Bug
     * Find Packet does not highlight the matching tree item or packet
       bytes. ([87]Bug 12157)
     * "total block length ... is too large" error when opening pcapng
       file with multiple SHB sections. ([88]Bug 12167)
     * http.request.full_uri is malformed if an HTTP Proxy is used.
       ([89]Bug 12176)
     * SNMP dissector fails at msgSecurityParameters with long length
       encoding. ([90]Bug 12181)

  Updated Protocol Support

   IKEv2, InfiniBand, IPv4, IPv6, LBMC, LLRP, M3AP, MAC LTE, MP2T, MPLS,
   SSL, TCP, TRILL, VXLAN, WaveAgent, and X.509AF

  New and Updated Capture File Support

   3GPP TS 32.423 Trace, iSeries, Ixia IxVeriWave, pcap, and pcapng
   2016-04-11 21:02:08 by Ryo ONODERA | Files touched by this commit (527)
Log message:
Recursive revbump from textproc/icu 57.1