Build: 3.6.1wireshark-3.6.1v3.6.1

[skip ci]

4 files changed, 180 insertions, 15 deletions

diff --git a/ChangeLog b/ChangeLog
index e69de29bb2..627cf4b29c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -0,0 +1,70 @@
+288c508986 Build: 3.6.1
+c5ca067fa6 Kafka: Add back some code.
+c95f6ec5ac Kafka: Be more strict when dissecting varints.
+cae11551c7 Update model list based on libgphoto2 repo dated 27 dec 2021
+b54062071b The macro 'va_copy' is C99, use that
+4a04e41418 Update the release notes.
+1018db4f7e Prep for 3.6.1.
+3545c67667 Docbook: Make our prefaces self-contained.
+d40addfa14 [Automatic update for 2021-12-26]
+918ca332e8 rfc7468: don't use for (;;) for tvb_find_line_end() loops.
+0005d4d0a7 Documentation: simplify protocol tree function documentation intro
+f51ae84877 IEC101/104: 101 Fixed frame len depends on address length
+e420b8d793 [Automatic update for 2021-12-19]
+f930474c1e text_import: Fix direction detection in Import from Hexdump
+d34cb2d4fa text_import: Time delta between packets without timestamp
+075d7a83d9 ieee80211-radiotap: Fix a problem with S1G 0-length PPDUS.
+c26dd5c80d Add removal of 'console.log.level' pref to the release notes
+a0e190b81b text_import: Parse entire timestamp from hex dumps
+9a85fa3179 wiretap: have dummy IDBs set OPT_IDB_TSRESOL if needed
+51c6d3691b blf: Set OPT_IDB_TSRESOL
+94b521faa6 Remove some lingering uses of g_assert()
+66b7eed171 dfilter: Fix failed assertion using "not in"
+16e28ecf2c Fix Debian symbols
+e3af8960f2 wslog: Avoid logging any output to stdout
+eb9b93dbcc wslog: Add backward compatibility with 'console.log.level'
+fbedf0adbb GUI: Lower log level of "up and ready" message
+535548abbd wslog: Use stdout for debug messages
+0dfeea8408 ieee802-radiotap: Fix a silly issue with the S1G radiotap dissector.
+e31aa46959 dissectors: re-generated sysdig events using provided tool.
+e83a677ba3 tools: updated generate-sysdig-event python script.
+a09a47036b dissectors: various fixes to sysdig packet dissector.
+61cf139bde proto: Don't crash on adding 64 bit BASE_CUSTOM column
+21800a373c [Automatic update for 2021-12-12]
+b464df622b GitLab CI: Simplify some checks.
+79c0e15f07 IEC101/104: Support different link address sizes
+7bfaf02d00 doc: Update tshark manual for undocumented -z statistics
+b829968cc9 RTSP: Parse the status code correctly for taps
+3ca62cf4b1 RTSP: Fix segault of cli tap with no filter set
+b154965ce0 Fix maybe-uninitialized warnings
+6674c3a271 Qt: Collapse/Expand context menu for StatsTreeDlg
+78b1c7229b QUIC: fix visualization of some (rare) versions
+cb90f79cdb CLI: Use a better error message for obsolete preferences
+2fc34b85a0 ieee80211: Pass association_sanity_check to dissect_mgt_action
+b1c83b2aaa CMake: Remove the update_tools_help target.
+28e72d0af1 SRVLOC: Remove final sscanf
+1575e3a60a ANSI A I/F: Retrieve stats correctly
+fffabf9d03 c-ares: move domain from haxx.se to its own .org
+708c92296c LTE RLC graph: plug possible memory leak
+8a77066c4a [Automatic update for 2021-12-05]
+5866bce57d Fix capture with WIRESHARK_LOG_LEVEL=debug
+e6273caa5b Fix logging with extcaps
+550d5e8ad3 IPsec: fix display of ESP padding, protocol and ICV when using NULL heuristic
+05cda2ad64 wiretap: Fix an underflow in pcapng.
+f51ff0db82 TECMP: LIN Payload was cut 1 byte short (BUGFIX)
+d4b3e741db Packaging: Remove a macOS notarization wait.
+6f90eb902e BT-DHT: Fix endless loop
+e9924aef35 Packaging: Specify host architectures in our macOS Extras packages.
+e8e6f99e4f Foundation Fieldbus: handle multiple PDUs per UDP payload
+960bb56f3b [Automatic update for 2021-11-28]
+1e7e35eea4 at: Fix typo in cme_error_vals
+97cc1d2432 wustil: Fix timezone handling in iso8601_to_nstime
+614184a7df RTMPT: Fix infinite loops harder.
+8f4457ad85 wsutil: Prevent buffer overflow in iso8601_to_nstime
+26fd01ee33 Websocket: do not register proto_reg_handoff_websocket() for preference change
+d178ed8fbe grpc: do not dissect empty grpc message body
+47a1efa8ce Tools: Add our branch name to fuzz error reports.
+cb33686438 RTMPT: Fix infinite loop
+c4e5101ac5 Add missing "config.h" includes
+680805c120 GitLab CI: Add a dfilter-list artifact.
+2d0ba2bec2 Version: 3.6.0 → 3.6.1
diff --git a/NEWS b/NEWS
index bd36d59ba2..1d894d4366 100644
--- a/NEWS
+++ b/NEWS
@@ -9,8 +9,58 @@ Wireshark 3.6.1 Release Notes
 
   Bug Fixes
 
+   The following vulnerabilities have been fixed:
+
+     • wnpa-sec-2021-17[1] RTMPT dissector infinite loop. Issue
+       17745[2]. CVE-2021-4185[3].
+
+     • wnpa-sec-2021-18[4] BitTorrent DHT dissector infinite loop. Issue
+       17754[5]. CVE-2021-4184[6].
+
+     • wnpa-sec-2021-19[7] pcapng file parser crash. Issue 17755[8].
+       CVE-2021-4183[9].
+
+     • wnpa-sec-2021-20[10] RFC 7468 file parser infinite loop. Issue
+       17801[11]. CVE-2021-4182[12].
+
+     • wnpa-sec-2021-21[13] Sysdig Event dissector crash.
+       CVE-2021-4181[14].
+
+     • wnpa-sec-2021-22[15] Kafka dissector infinite loop. Issue
+       17811[16].
+
    The following bugs have been fixed:
 
+     • Allow sub-second timestamps in hexdumps Issue 15562[17].
+
+     • GRPC: An unnecessary empty Protobuf tree item is displayed if the
+       GRPC message body length is 0 Issue 17675[18].
+
+     • Can’t install "ChmodBPF.pkg" or "Add Wireshark to the system
+       path.pkg" on M1 MacBook Air Monterey without Rosetta 2 Issue
+       17757[19].
+
+     • TECMP: LIN Payload is cut off by 1 byte Issue 17760[20].
+
+     • Wireshark crashes if a 64 bit field of type BASE_CUSTOM is
+       applied as a column Issue 17762[21].
+
+     • Command line option "-o console.log.level" causes wireshark and
+       tshark to exit on start Issue 17763[22].
+
+     • Setting WIRESHARK_LOG_LEVEL=debug breaks interface capture Issue
+       17764[23].
+
+     • Unable to build without tshark Issue 17766[24].
+
+     • IEEE 802.11 action frames are not getting parsed and always seen
+       as malformed Issue 17767[25].
+
+     • IEC 60870-5-101 link address field is 1 byte, but should have
+       configurable length of 0,1 or 2 bytes Issue 17775[26].
+
+     • dfilter: 'tcp.port not in {1}' crashes Wireshark Issue 17785[27].
+
   New and Updated Features
 
      • The 'console.log.level' preference was removed in Wireshark
@@ -29,9 +79,13 @@ Wireshark 3.6.1 Release Notes
 
   Updated Protocol Support
 
+   ANSI A I/F, AT, BitTorrent DHT, FF, GRPC, IEC 101/104, IEEE 802.11,
+   IEEE 802.11 Radiotap, IPsec, Kafka, QUIC, RTMPT, RTSP, SRVLOC, Sysdig
+   Event, and TECMP
+
   New and Updated Capture File Support
 
-   There is no new or updated capture file support in this release.
+   BLF and RFC 7468
 
   New File Format Decoding Support
 
@@ -47,7 +101,7 @@ Wireshark 3.6.1 Release Notes
    Most Linux and Unix vendors supply their own Wireshark packages. You
    can usually install or upgrade Wireshark using the package management
    system specific to that platform. A list of third-party packages can
-   be found on the download page[1] on the Wireshark web site.
+   be found on the download page[28] on the Wireshark web site.
 
  File Locations
 
@@ -62,22 +116,49 @@ Wireshark 3.6.1 Release Notes
   The User’s Guide, manual pages and various other documentation can be
   found at https://www.wireshark.org/docs/
 
-  Community support is available on Wireshark’s Q&A site[2] and on the
+  Community support is available on Wireshark’s Q&A site[29] and on the
   wireshark-users mailing list. Subscription information and archives
-  for all of Wireshark’s mailing lists can be found on the web site[3].
+  for all of Wireshark’s mailing lists can be found on the web site[30].
 
-  Bugs and feature requests can be reported on the issue tracker[4].
+  Bugs and feature requests can be reported on the issue tracker[31].
 
  Frequently Asked Questions
 
-  A complete FAQ is available on the Wireshark web site[5].
+  A complete FAQ is available on the Wireshark web site[32].
 
-  Last updated 2021-12-26 16:06:38 UTC
+  Last updated 2021-12-29 19:11:55 UTC
 
  References
 
-   1. https://www.wireshark.org/download.html
-   2. https://ask.wireshark.org/
-   3. https://www.wireshark.org/lists/
-   4. https://gitlab.com/wireshark/wireshark/-/issues
-   5. https://www.wireshark.org/faq.html
+   1. https://www.wireshark.org/security/wnpa-sec-2021-17
+   2. https://gitlab.com/wireshark/wireshark/-/issues/17745
+   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4185
+   4. https://www.wireshark.org/security/wnpa-sec-2021-18
+   5. https://gitlab.com/wireshark/wireshark/-/issues/17754
+   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4184
+   7. https://www.wireshark.org/security/wnpa-sec-2021-19
+   8. https://gitlab.com/wireshark/wireshark/-/issues/17755
+   9. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4183
+  10. https://www.wireshark.org/security/wnpa-sec-2021-20
+  11. https://gitlab.com/wireshark/wireshark/-/issues/17801
+  12. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4182
+  13. https://www.wireshark.org/security/wnpa-sec-2021-21
+  14. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4181
+  15. https://www.wireshark.org/security/wnpa-sec-2021-22
+  16. https://gitlab.com/wireshark/wireshark/-/issues/17811
+  17. https://gitlab.com/wireshark/wireshark/-/issues/15562
+  18. https://gitlab.com/wireshark/wireshark/-/issues/17675
+  19. https://gitlab.com/wireshark/wireshark/-/issues/17757
+  20. https://gitlab.com/wireshark/wireshark/-/issues/17760
+  21. https://gitlab.com/wireshark/wireshark/-/issues/17762
+  22. https://gitlab.com/wireshark/wireshark/-/issues/17763
+  23. https://gitlab.com/wireshark/wireshark/-/issues/17764
+  24. https://gitlab.com/wireshark/wireshark/-/issues/17766
+  25. https://gitlab.com/wireshark/wireshark/-/issues/17767
+  26. https://gitlab.com/wireshark/wireshark/-/issues/17775
+  27. https://gitlab.com/wireshark/wireshark/-/issues/17785
+  28. https://www.wireshark.org/download.html
+  29. https://ask.wireshark.org/
+  30. https://www.wireshark.org/lists/
+  31. https://gitlab.com/wireshark/wireshark/-/issues
+  32. https://www.wireshark.org/faq.html
diff --git a/docbook/release-notes.adoc b/docbook/release-notes.adoc
index 60f8e1c261..c21883b768 100644
--- a/docbook/release-notes.adoc
+++ b/docbook/release-notes.adoc
@@ -62,7 +62,7 @@ cveidlink:2021-4183[].
 // * heap-buffer-overflow in pcapng_process_options wsbuglink:17755[].
 
 * wssalink:2021-20[]
-RFC 7468 dissector infinite loop.
+RFC 7468 file parser infinite loop.
 wsbuglink:17801[].
 cveidlink:2021-4182[].
 // Fixed in master: b3215d99ca
@@ -82,6 +82,16 @@ cveidlink:2021-4181[].
 // CVSS AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
 // CWE-126: Buffer Over-read
 
+* wssalink:2021-22[]
+Kafka dissector infinite loop.
+wsbuglink:17811[].
+// cveidlink:2021-xxxx[].
+// Fixed in master: x
+// Fixed in release-3.6: x
+// Fixed in release-3.4: n/a
+// CVSS AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
+// CWE-834: Excessive Iteration
+
 The following bugs have been fixed:
 
 //* wsbuglink:5000[]
@@ -105,7 +115,7 @@ The following bugs have been fixed:
 
 * Unable to build without tshark wsbuglink:17766[].
 
-* For action frames are not getting parsed and always seen as malfiormed wsbuglink:17767[].
+* IEEE 802.11 action frames are not getting parsed and always seen as malformed wsbuglink:17767[].
 
 * IEC 60870-5-101 link address field is 1 byte, but should have configurable length of 0,1 or 2 bytes wsbuglink:17775[].
 
@@ -142,8 +152,8 @@ IEC 101/104
 IEEE 802.11
 IEEE 802.11 Radiotap
 IPsec
+Kafka
 QUIC
-RFC 7468
 RTMPT
 RTSP
 SRVLOC
@@ -158,6 +168,7 @@ TECMP
 [commaize]
 --
 BLF
+RFC 7468
 --
 
 === New File Format Decoding Support
diff --git a/org.wireshark.Wireshark.metainfo.xml b/org.wireshark.Wireshark.metainfo.xml
index f05c524f16..e4e22ac7ce 100644
--- a/org.wireshark.Wireshark.metainfo.xml
+++ b/org.wireshark.Wireshark.metainfo.xml
@@ -48,6 +48,9 @@
     </screenshots>
     <update_contact>wireshark-dev_at_wireshark.org</update_contact>
     <releases>
+        <release version="3.6.1" date="2021-12-29">
+            <url>https://www.wireshark.org/docs/relnotes/wireshark-3.6.1.html</url>
+        </release>
         <release version="3.6.0" date="2021-11-22">
             <url>https://www.wireshark.org/docs/relnotes/wireshark-3.6.0.html</url>
         </release>