./net/wireshark, Network protocol analyzer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.6.7nb1, Package name: wireshark-2.6.7nb1, Maintainer: pkgsrc-users

Wireshark is a network traffic analyzer, or "sniffer", for Unix and
Unix-like operating systems. It uses GTK+, a graphical user interface
library, and libpcap, a packet capture and filtering library.

The Wireshark distribution also comes with TShark, which is a
line-oriented sniffer (similar to Sun's snoop, or tcpdump) that uses the
same dissection, capture-file reading and writing, and packet filtering
code as Wireshark, and with editcap, which is a program to read capture
files and write the packets from that capture file, possibly in a
different capture file format, and with some packets possibly removed
from the capture.

This package tracks version 2 stable branch.


Required to run:
[sysutils/desktop-file-utils] [textproc/libxml2] [graphics/hicolor-icon-theme] [net/libcares] [security/gnutls] [security/libgcrypt] [security/libssh] [devel/glib2] [devel/libsmi] [devel/pcre] [devel/snappy] [lang/lua52] [x11/qt5-qtx11extras] [x11/qt5-qttools] [archivers/lz4]

Required to build:
[pkgtools/x11-links] [x11/xcb-proto] [x11/fixesproto4] [lang/python27] [pkgtools/cwrappers] [x11/xorgproto]

Package options: lua, qt5

Master sites:

SHA1: 6d601a140b369618e5ac3acab736a1b8de8d5432
RMD160: 4d27f7d67a9b8d11270c6fcf135eb5ad7648d462
Filesize: 27753.965 KB

Version history: (Expand)


CVS history: (Expand)


   2019-04-03 02:33:20 by Ryo ONODERA | Files touched by this commit (748)
Log message:
Recursive revbump from textproc/icu
   2019-03-07 11:39:52 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
wireshark: updated to 2.6.7

Wireshark 2.6.7 Release Notes
The following vulnerabilities have been fixed:

  • wnpa-sec-2019-06[1] ASN.1 BER and related dissectors crash.
    15447[2]. CVE-2019-9209[3].

  • wnpa-sec-2019-07[4] TCAP dissector crash.
    CVE-2019-9208[6].

  • wnpa-sec-2019-08[7] RPCAP dissector crash.

The following bugs have been fixed:

  • Alignment Lost after Editing Column.

  • Crash on applying display filters or coloring rules on capture
    files containing non-UTF-8 data.

  • tshark outputs debug information.

  • Feature request - HTTP, add the field "request URI" to response.

  • randpkt should be distributed with the Windows installer.

  • Memory leak with "-T ek" output format option.

  • Display error in negative response time stats (gint displayed as
    unsigned).

  • _epl_xdd_init not found.

  • Decoding of MEGACO/H.248 request shows the Remote descriptor as
    "Local descriptor".

  • Repeated NFS in Protocol Display field.

  • RBM file dissector adds too many items to the tree, resulting in
    aborting the program.

  • Wireshark heap out-of-bounds read in infer_pkt_encap.

  • Column width and hidden issues when switching profiles.

  • GTPv1-C SGSN Context Response / Forward Relocation Request decode
    GGSN address IPV6 issue.

  • Lua Error on startup: init.lua: dofile has been disabled due to
    running Wireshark as superuser.

  • DICOM ASSOCIATE Accept: Protocol Version.

  • Multiple out-of-bounds reads in NetScaler trace handling
    (wiretap/netscaler.c).

  • Wrong endianess when dissecting the "chain offset" in SMB2
    protocol header.

  • Memory leak in mate_grammar.lemon’s recolonize function.
   2019-01-15 23:09:36 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
wireshark: updated to 2.6.6

Wireshark 2.6.6 Release Notes

 What is Wireshark?
  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New
    • The Windows installers now ship with Qt 5.9.7. Previously they
      shipped with Qt 5.9.5.

  Bug Fixes
   The following vulnerabilities have been fixed:
     • wnpa-sec-2019-01[1] The 6LoWPAN dissector could crash.
     • wnpa-sec-2019-02[4] The P_MUL dissector could crash.
     • wnpa-sec-2019-03[7] The RTSE dissector and other dissectors could
       crash.
     • wnpa-sec-2019-04[10] The ISAKMP dissector could crash.

   The following bugs have been fixed:
     • console.lua not found in a folder with non-ASCII characters in
       its name.
     • Disabling Update list of packets in real time. will generally
       trigger crash after three start capture, stop capture cycles.
     • UDP Multicast Stream double counts.
     • text2pcap et al. set snaplength to 64kiB-1, while processing
       frames of 256kiB.
     • Builds without libpcap fail if the libpcap headers aren’t
       installed.
     • TCAP AnalogRedirectRecord parameter incorrectly coded as
       mandatory in QualReq_rr message.
     • macOS DMG appears to have duplicate files.
     • Wireshark jumps behind other windows when opening UAT dialogs.
     • Pathnames containing non-ASCII characters are mangled in error
       dialogs on Windows.
     • Executing -z http,stat -r file.pcapng throws a segmentation
       fault.
     • IS-41 TCAP RegistrationNotification Invoke has borderCellAccess
       parameter coded as tag 50 (as denyAccess) but should be 58.
     • In DNS statistics, response times > 1 sec not included.
     • GTPv2 APN dissect problem.

  New and Updated Features
   There are no new features in this release.

  New Protocol Support
   There are no new protocols in this release.

  Updated Protocol Support
   6LoWPAN, ANSI MAP, DNP3, DNS, GSM A, GTP, GTPv2, IMF, ISAKMP, ISObus
   VT, Kerberos, P_MUL, RTSE, S7COMM, and TCAP
   2018-12-13 20:52:27 by Adam Ciarcinski | Files touched by this commit (668)
Log message:
revbump for boost 1.69.0
   2018-12-09 19:52:52 by Adam Ciarcinski | Files touched by this commit (724)
Log message:
revbump after updating textproc/icu
   2018-12-03 16:35:15 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
wireshark: pkgsrc improvements

- remove unused configure options
- allow newer Python
- depend on: lz4, libssh, libcares, snappy
- add http2 as an option
   2018-12-03 15:19:25 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
wireshark: update to 2.6.5.

Wireshark 2.6.5 Release Notes

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2018-51[1] The Wireshark dissection engine could crash.
       Bug 14466[2]. CVE-2018-19625[3].

     • wnpa-sec-2018-52[4] The DCOM dissector could crash. Bug 15130[5].
       CVE-2018-19626[6].

     • wnpa-sec-2018-53[7] The LBMPDM dissector could crash. Bug
       15132[8]. CVE-2018-19623[9].

     • wnpa-sec-2018-54[10] The MMSE dissector could go into an infinite
       loop. Bug 15250[11]. CVE-2018-19622[12].

     • wnpa-sec-2018-55[13] The IxVeriWave file parser could crash. Bug
       15279[14]. CVE-2018-19627[15].

     • wnpa-sec-2018-56[16] The PVFS dissector could crash. Bug
       15280[17]. CVE-2018-19624[18].

     • wnpa-sec-2018-57[19] The ZigBee ZCL dissector could crash. Bug
       15281[20]. CVE-2018-19628[21].

   The following bugs have been fixed:

     • VoIP Calls dialog doesn’t include RTP stream when preparing a
       filter. Bug 13440[22].

     • Wireshark installs on macOS with permissions for
       /Library/Application Support/Wireshark that are too restrictive.
       Bug 14335[23].

     • Closing Enabled Protocols dialog crashes wireshark. Bug
       14349[24].

     • Unable to Export Objects → HTTP after sorting columns. Bug
       14545[25].

     • DNS Response to NS query shows as malformed packet. Bug
       14574[26].

     • Encrypted Alerts corresponds to a wrong selection in the packet
       bytes pane. Bug 14712[27].

     • Wireshark crashes/asserts with Qt 5.11.1 and assert/debugsymbols
       enabled. Bug 15014[28].

     • ESP will not decode since 2.6.2 - works fine in 2.4.6 or 2.4.8.
       Bug 15056[29].

     • text2pcap generates malformed packets when TCP, UDP or SCTP
       headers are added together with IPv6 header. Bug 15194[30].

     • Wireshark tries to decode EAP-SIM Pseudonym Identity. Bug
       15196[31].

     • Infinite read loop when extcap exits with error and error
       message. Bug 15205[32].

     • MATE unable to extract fields for PDU. Bug 15208[33].

     • Malformed Packet: SV. Bug 15224[34].

     • OPC UA Max nesting depth exceeded for valid packet. Bug
       15226[35].

     • TShark 2.6 does not print GeoIP information. Bug 15230[36].

     • ISUP (ANSI) packets malformed in WS versions later than 2.4.8.
       Bug 15236[37].

     • Handover candidate enquire message not decoded. Bug 15237[38].

     • TShark piping output in a cmd or PowerShell prompt stops working
       when GeoIP is enabled. Bug 15248[39].

     • ICMPv6 with routing header incorrectly placed. Bug 15270[40].

     • IEEE 802.11 Vendor Specific fixed fields display as malformed
       packets. Bug 15273[41].

     • text2pcap -4 and -6 option should require -i as well. Bug
       15275[42].

     • text2pcap direction sensitivity does not affect dummy ethernet
       addresses. Bug 15287[43].

     • MLE security suite display incorrect. Bug 15288[44].

     • Message for incorrect IPv4 option lengths is incorrect. Bug
       15290[45].

     • TACACS+ dissector does not properly reassemble large accounting
       messages. Bug 15293[46].

     • NLRI of S-PMSI A-D BGP route not being displayed. Bug 15307[47].

  Updated Protocol Support

   BGP, DCERPC, DCOM, DNS, EAP, ESP, GSM A BSSMAP, IEEE 802.11, IEEE
   802.11 Radiotap, IPv4, IPv6, ISUP, LBMPDM, LISP, MLE, MMSE, OpcUa,
   PVFS, SLL, SSL/TLS, SV, TACACS+, TCAP, Wi-SUN, XRA, and ZigBee ZCL

  New and Updated Capture File Support

   3GPP TS 32.423 Trace and IxVeriWave

  New and Updated Capture Interfaces support

   sshdump
   2018-12-02 10:06:20 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
wireshark: update to 2.6.4.

Wireshark 2.6.4 Release Notes

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2018-47[1]

     • MS-WSP dissector crash. Bug 15119[2]. CVE-2018-18227[3].

     • wnpa-sec-2018-48[4]

     • Steam IHS Discovery dissector memory leak. Bug 15171[5].
       CVE-2018-18226[6].

     • wnpa-sec-2018-49[7]

     • CoAP dissector crash. Bug 15172[8]. CVE-2018-18225[9].

     • wnpa-sec-2018-50[10]

     • OpcUA dissector crash. CVE-2018-12086[11].

   The following bugs have been fixed:

     • HTTP2 dissector decodes first SSL record only. Bug 11173[12].

     • Undocumented sub-option for -N option in man page and tshark -N
       help. Bug 14826[13].

     • Mishandling of Port Control Protocol option padding. Bug
       14950[14].

     • MGCP: parameter lines are case-insensitive. Bug 15008[15].

     • Details of 2nd sub-VSA in bundled RADIUS VSA are incorrect. Bug
       15073[16].

     • Heuristic DPLAY dissector fails to recognize DPLAY packets. Bug
       15092[17].

     • gsm_rlcmac_dl dissector exception. Bug 15112[18].

     • dfilter_buttons file under user-created profile. Bug 15114[19].

     • Filter buttons disappear when using pre-2.6 profile. Bug
       15121[20].

     • PROFINET Information element AM_DeviceIdentification in Asset
       Management Info block is decoded wrongly. Bug 15140[21].

     • Hw dest addr column shows incorrect address. Bug 15144[22].

     • Windows dumpcap -i TCP@<ip-address> fails on pcapng stream. Bug
       15149[23].

     • Wildcard expansion doesn’t work on Windows 10 for command-line
       programs in cmd.exe or PowerShell. Bug 15151[24].

     • SSL Reassembly Error New fragment past old data limits. Bug
       15158[25].

  Updated Protocol Support

   ASN.1 PER, Bluetooth HCI_SCO, CoAP, DPLAY, IEEE 802.11, Kafka,
   Message Analyzer, MGCP, MS-WSP, Netmon, OpcUa, PCP, PNIO, RADIUS,
   Steam IHS Discovery, and TLS