Navigation:
Browse pkgsrc
(this page)
net wireshar..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2013-06-22 14:52:34 by S.P.Zeidler | Files touched by this commit (2) |  |
Log message:
Pullup ticket #4159 - requested by tron
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.103
- net/wireshark/distinfo 1.66
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jun 11 22:57:59 UTC 2013
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log message:
Update "wireshark" package to version 1.8.8. Changes since 1.8.7:
- Bug Fixes
The following vulnerabilities have been fixed.
o wnpa-sec-2013-32
The CAPWAP dissector could crash. Discovered by Laurent Butti.
(Bug 8725)
Versions affected: 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
o wnpa-sec-2013-33
The GMR-1 BCCH dissector could crash. Discovered by Sylvain
Munaut and Laurent Butti. (Bug 7664, Bug 8726 )
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-34
The PPP dissector could crash. Discovered by Laurent Butti.
(Bug 7880, Bug 8727 )
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-35
The NBAP dissector could crash. (Bug 8697)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-36
The RDP dissector could crash. Discovered by Laurent Butti
(Bug 8729)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-37
The GSM CBCH dissector could crash. Discovered by Laurent
Butti (Bug 8730)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-38
The Assa Abloy R3 dissector could consume excessive memory and
CPU. (Bug 8764)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-39
The HTTP dissector could overrun the stack. (Bug 8733)
Versions affected: 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
o wnpa-sec-2013-40
The Ixia IxVeriWave file parser could overflow the heap.
Discovered by Sachin Shinde. (Bug 8760)
Versions affected: 1.8.0 to 1.8.7.
o wnpa-sec-2013-41
The DCP ETSI dissector could crash. (Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
The following bugs have been fixed:
o TRY_TO_FAKE_THIS_ITEM disables bounds errors. (Bug 3290)
o Multiple expert info in a packet does not cause the most
"severe" to be displayed in expert column. (Bug 7733)
o tshark -z io,stat reports bad byte counts if filter doesn't
match anything. (Bug 8066)
o Add decryption for WPA eapol 4-way handshake. (Bug 8680)
o wireshark is crashing while attempting to use 'SCTP' ->
'Prepare Filter for this Association'. (Bug 8731)
o Crash analyzing VoIP Calls (T38). (Bug 8736)
o IMAP Dissector, Missing byte. (Bug 8739)
o C12.22 Invocation Id shows negative sometimes. (Bug 8744)
o gsm_a_dtap dissector (SMS): under certain conditions fillbits
may be displayed for an alphanumeric TP-Originating-Address.
(Bug 8756)
o TETRA dissector assertion. (Bug 8768)
o Mark retransmitted SYN and FIN packets as retransmissions.
- Updated Protocol Support
Bittorrent DHT, C12.22, CAPWAP, DCP ETSI, EAPOL, GMR-1 BCCH, GSM
CBCH, GSM SMS, HTTP, IMAP, NBAP, PPP, R3, RDP, SGsAP, T.38, TETRA
- New and Updated Capture File Support
Ixia IxVeriWave.
To generate a diff of this commit:
cvs rdiff -u -r1.102 -r1.103 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/wireshark/distinfo
|
| 2013-05-20 15:24:24 by S.P.Zeidler | Files touched by this commit (2) | |
Log message:
Pullup ticket #4139 - requested by tron
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.98
- net/wireshark/distinfo 1.64
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun May 19 15:47:29 UTC 2013
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log message:
Update "wireshark" package to version 1.8.7. Changes since 1.8.6:
- Bug Fixes
The following vulnerabilities have been fixed.
o wnpa-sec-2013-23
The RELOAD dissector could go into an infinite loop.
Discovered by Evan Jensen. (Bug 8364, (Bug 8546)
Versions affected: 1.8.0 to 1.8.6.
CVE-2013-2486
CVE-2013-2487
o wnpa-sec-2013-24
The GTPv2 dissector could crash. (Bug 8493)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-25
The ASN.1 BER dissector could crash. (Bug 8599)
Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14.
o wnpa-sec-2013-26
The PPP CCP dissector could crash. (Bug 8638)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-27
The DCP ETSI dissector could crash. Discovered by Evan Jensen.
(Bug 8231, bug 8540, bug 8541)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-28
The MPEG DSM-CC dissector could crash. (Bug 8481)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-29
The Websocket dissector could crash. Discovered by Moshe
Kaplan. (Bug 8448, Bug 8499)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-30
The MySQL dissector could go into an infinite loop. Discovered
by Moshe Kaplan. (Bug 8458)
Versions affected: 1.8.0 to 1.8.6.
o wnpa-sec-2013-31
The ETCH dissector could go into a large loop. Discovered by
Moshe Kaplan. (Bug 8464)
Versions affected: 1.8.0 to 1.8.6.
The following bugs have been fixed:
o The Windows installer and uninstaller does a better job of
detecting running executables.
o Library mismatch when compiling on a system with an older
Wireshark version. (Bug 6011)
o SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO. (Bug 7359)
o A console window is never opened. (Bug 7755)
o GSM_MAP show malformed Packets when two IMSI. (Bug 7882)
o Fix include and libs search path when cross compiling. (Bug
7926)
o PER dissector crash. (Bug 8197)
o pcap-ng: name resolution block is not written to file on save.
(Bug 8317)
o Incorrect RTP statistics (Lost Packets indication not ok).
(Bug 8321)
o Decoding of GSM MAP E164 Digits. (Bug 8450)
o Silent installer and uninstaller not silent. (Bug 8451)
o Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to
placate recent autotools. (Bug 8452)
o Wifi details are not stored in the Decryption Key Management
dialog (post 1.8.x). (Bug 8446)
o IO Graph should not be limited to 100k points (NUM_IO_ITEMS).
(Bug 8460)
o geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit
field truncated to 23 bits. (Bug 8532)
o IRC message with multiple params causes malformed packet
exception. (Bug 8548)
o Part of Ping Reply Message in ICMPv6 Reply Message is marked
as "Malformed Packet". (Bug 8554)
o MP2T wiretap heuristic overriding ERF. (Bug 8556)
o Cannot read content of Ran Information Application Error Rim
Container. (Bug 8559)
o Endian error and IP:Port error when decoding BT-DHT response
message. (Bug 8572)
o "ACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY" should be
"ACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY". (Bug 8575)
o wireshark crashes while displaying I/O Graph. (Bug 8583)
o GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded)
incorrectly. (Bug 8596)
o DTLS 1.2 uses wrong PRF. (Bug 8608)
o RTP DTMF digits are no longer displayed in VoIP graph
analysis. (Bug 8610)
o Universal port not accepted in RSA Keys List window. (Bug
8618)
o Wireshark Dissector bug with HSRP Version 2. (Bug 8622)
o LISP control packet incorrectly identified as LISP data based
when UDP source port is 4341. (Bug 8627)
o Bad tcp checksum not detected. (Bug 8629)
o AMR Frame Type uses wrong Value String. (Bug 8681)
- Updated Protocol Support
AMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson
A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave,
IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP,
SIP, SSL/TLS, TCP, UA3G
- New and Updated Capture File Support
Endace ERF, NetScreen snoop.
To generate a diff of this commit:
cvs rdiff -u -r1.97 -r1.98 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.63 -r1.64 pkgsrc/net/wireshark/distinfo
|
New packages: