diff options
| -rw-r--r-- | ChangeLog | 76 | ||||
| -rw-r--r-- | NEWS | 184 | ||||
| -rw-r--r-- | docbook/release-notes.asciidoc | 17 | ||||
| -rw-r--r-- | version.conf | 12 |
4 files changed, 177 insertions, 112 deletions
@@ -1,10 +1,84 @@ -commit 99ce339 +commit 4889c92 +Author: Gerald Combs <gerald@wireshark.org> +Date: Tue May 12 10:16:11 2015 -0700 + + Build 1.10.14. + + Change-Id: Ie49aa687f217c085b1143b0929104732fd413250 + +commit ae21717 +Author: Guy Harris <guy@alum.mit.edu> +Date: Mon May 11 16:55:55 2015 -0700 + + Fix typo. + + Change-Id: I4331892aa9af044954e06e7504dfc65fd6afcfde + Reviewed-on: https://code.wireshark.org/review/8419 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + +commit a1e1017 +Author: Guy Harris <guy@alum.mit.edu> +Date: Mon May 11 15:10:54 2015 -0700 + + Do not assume the data field of an address structure is an aligned pointer. + + There is *no* guarantee that it's aligned on a 4-byte boundary, and + there is *no* guarantee that you can safely dereference an unaligned + pointer. See bug 11172 for a crash on Solaris/SPARC caused by those + assumptions both being false. + + Change-Id: I69da64824c4fb45d084411d62e99b4673f8aa703 + Reviewed-on: https://code.wireshark.org/review/8416 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + +commit 0c968f5 +Author: Michael Mann <mmann78@netscape.net> +Date: Sun May 10 12:53:10 2015 -0400 + + MEGACO - remember "short form" format and don't recheck it. + + Bug: 10909 + Change-Id: I21eb0f520029fd8f84e6bef63dddeddd9df2f799 + Reviewed-on: https://code.wireshark.org/review/8384 + Reviewed-by: Michael Mann <mmann78@netscape.net> + +commit 2af9f28 +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun May 10 08:15:13 2015 -0700 + + [Automatic update for 2015-05-10] + + Update manuf, services enterprise-numbers, translations, and other items. + + Change-Id: I02f3ee56b86253ad0b107c2fe0279956bf3592b5 + Reviewed-on: https://code.wireshark.org/review/8378 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit 404c816 +Author: Michael Mann <mmann78@netscape.net> +Date: Tue May 5 07:54:25 2015 -0400 + + Set tap filter when WLAN "Limit to display filter" option is checked. + + Bug: 11160 + Change-Id: Ic2f1475a3b51eb8919435f1064fc0faf3c4da3eb + Reviewed-on: https://code.wireshark.org/review/8296 + Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> + Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 050de6aa2ff73e3c4ac8041703ffd8437912ab1f) + Reviewed-on: https://code.wireshark.org/review/8316 + Reviewed-by: Michael Mann <mmann78@netscape.net> + +commit 486735d Author: Gerald Combs <gerald@wireshark.org> Date: Wed May 6 09:45:25 2015 -0700 Prep for 1.10.14. Change-Id: Id98909b1fe760dbefdabd9f0f41e445c41e3ce79 + Reviewed-on: https://code.wireshark.org/review/8314 + Reviewed-by: Gerald Combs <gerald@wireshark.org> commit 44a5cc5 Author: Gerald Combs <gerald@wireshark.org> @@ -1,4 +1,4 @@ - Wireshark 1.10.13 Release Notes + Wireshark 1.10.14 Release Notes __________________________________________________________________ What is Wireshark? @@ -12,39 +12,39 @@ What's New Bug Fixes The following vulnerabilities have been fixed. - * [1]wnpa-sec-2015-07 - The WCP dissector could crash. ([2]Bug 10844) [3]CVE-2015-2188 - * [4]wnpa-sec-2015-08 - The pcapng file parser could crash. ([5]Bug 10895) [6]CVE-2015-2189 - * [7]wnpa-sec-2015-10 - The TNEF dissector could go into an infinite loop. Discovered by - Vlad Tsyrklevich. ([8]Bug 11023) [9]CVE-2015-2190 + * [1]wnpa-sec-2015-14 + The WCP dissector could crash while decompressing data. ([2]Bug + 10978) [3]CVE-2015-3811 + * [4]wnpa-sec-2015-15 + The X11 dissector could leak memory. ([5]Bug 11088) + [6]CVE-2015-3812 + * [7]wnpa-sec-2015-17 + The IEEE 802.11 dissector could go into an infinite loop. ([8]Bug + 11110) [9]CVE-2015-3814 The following bugs have been fixed: - * IPv6 AUTH mobility option parses Mobility SPI and Authentication - Data incorrectly. ([10]Bug 10626) - * DHCP Option 125 Suboption: (1) option-len always expects 1 but - specification allows for more. ([11]Bug 10784) - * Little-endian OS X Bluetooth PacketLogger files aren't handled. - ([12]Bug 10861) - * X.509 certificate serial number incorrectly interpreted as negative - number. ([13]Bug 10862) - * H.248 "ServiceChangeReasonStr" messages are not shown in text - generated by tshark. ([14]Bug 10879) - * Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI. - ([15]Bug 10897) - * MEGACO wrong decoding on media port. ([16]Bug 10898) - * Wrong media format. ([17]Bug 10899) - * BSSGP Status PDU decoding fault (missing Mandatory element (0x04) - BVCI for proper packet). ([18]Bug 10903) - * Packets on OpenBSD loopback decoded as raw not null. ([19]Bug - 10956) - * Display Filter Macro unable to edit. ([20]Bug 10957) - * IPv6 Local Mobility Anchor Address mobility option code is treated - incorrectly. ([21]Bug 10961) - * Juniper Packet Mirror dissector expects ipv6 flow label = 0. - ([22]Bug 10976) - * Infinite loop DoS in TNEF dissector. ([23]Bug 11023) + * Wireshark crashes if "Update list of packets in real time" is + disabled and a display filter is applied while capturing. ([10]Bug + 6217) + * Wireshark relative ISN set incorrectly if raw ISN set to 0. + ([11]Bug 10713) + * Buffer overrun in encryption code. ([12]Bug 10849) + * ICMP Parameter Problem message contains Length of original datagram + is treated as the total IPv4 length. ([13]Bug 10991) + * ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. ([14]Bug + 10992) + * Interface Identifier incorrectly represented by Wireshark. ([15]Bug + 11053) + * Annoying popup when trying to capture on bonding devices on Linux. + ([16]Bug 11058) + * CanOpen dissector fails on frames with RTR and 0 length. ([17]Bug + 11083) + * Typo in secp521r1 curve wrongly identified as sect521r1. ([18]Bug + 11106) + * packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn't filter ENUM. ([19]Bug + 11120) + * Typo: "LTE Positioning Protocol" abbreviated as "LPP", not "LLP". + ([20]Bug 11141) New and Updated Features @@ -56,24 +56,25 @@ What's New Updated Protocol Support - ANSI IS-637-A, DHCP, GSM MAP, H.248, IPv6, Juniper Jmirror, and X.509AF + ASN.1 PER, CANopen, GSM RLC/MAC, GSMTAP, ICMP, IEEE 802.11, LPP, + MEGACO, PKCS-1, PPP IPv6CP, SRVLOC, SSL, TCP, WCP, X11, and ZigBee ZCL New and Updated Capture File Support - PacketLogger, and Pcapng + and Savvius OmniPeek Visual Networks __________________________________________________________________ Getting Wireshark Wireshark source code and installation packages are available from - [24]http://www.wireshark.org/download.html. + [21]http://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be - found on the [25]download page on the Wireshark web site. + found on the [22]download page on the Wireshark web site. __________________________________________________________________ File Locations @@ -86,91 +87,88 @@ File Locations Known Problems - Dumpcap might not quit if Wireshark or TShark crashes. ([26]Bug 1419) + Dumpcap might not quit if Wireshark or TShark crashes. ([23]Bug 1419) - The BER dissector might infinitely loop. ([27]Bug 1516) + The BER dissector might infinitely loop. ([24]Bug 1516) Capture filters aren't applied when capturing from named pipes. - ([28]Bug 1814) + ([25]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. - ([29]Bug 2234) + ([26]Bug 2234) The 64-bit Windows installer does not support Kerberos decryption. - ([30]Win64 development page) + ([27]Win64 development page) - Resolving ([31]Bug 9044) reopens ([32]Bug 3528) so that Wireshark no + Resolving ([28]Bug 9044) reopens ([29]Bug 3528) so that Wireshark no longer automatically decodes gzip data when following a TCP stream. - Application crash when changing real-time option. ([33]Bug 4035) + Application crash when changing real-time option. ([30]Bug 4035) - Hex pane display issue after startup. ([34]Bug 4056) + Hex pane display issue after startup. ([31]Bug 4056) - Packet list rows are oversized. ([35]Bug 4357) + Packet list rows are oversized. ([32]Bug 4357) - Summary pane selected frame highlighting not maintained. ([36]Bug 4445) + Summary pane selected frame highlighting not maintained. ([33]Bug 4445) Wireshark and TShark will display incorrect delta times in some cases. - ([37]Bug 4985) + ([34]Bug 4985) __________________________________________________________________ Getting Help - Community support is available on [38]Wireshark's Q&A site and on the + Community support is available on [35]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for - all of Wireshark's mailing lists can be found on [39]the web site. + all of Wireshark's mailing lists can be found on [36]the web site. Official Wireshark training and certification are available from - [40]Wireshark University. + [37]Wireshark University. __________________________________________________________________ Frequently Asked Questions - A complete FAQ is available on the [41]Wireshark web site. + A complete FAQ is available on the [38]Wireshark web site. __________________________________________________________________ - Last updated 2015-03-04 09:06:46 PST + Last updated 2015-05-12 10:25:54 PDT References - 1. https://www.wireshark.org/security/wnpa-sec-2015-07.html - 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844 - 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188 - 4. https://www.wireshark.org/security/wnpa-sec-2015-08.html - 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895 - 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2189 - 7. https://www.wireshark.org/security/wnpa-sec-2015-10.html - 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023 - 9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2190 - 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10626 - 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10784 - 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10861 - 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10862 - 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10879 - 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10897 - 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10898 - 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10899 - 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10903 - 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10956 - 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10957 - 21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10961 - 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10976 - 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023 - 24. http://www.wireshark.org/download.html - 25. http://www.wireshark.org/download.html#thirdparty - 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 - 27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 - 28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 - 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 - 30. https://wiki.wireshark.org/Development/Win64 - 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044 - 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528 - 33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 - 34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056 - 35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 - 36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445 - 37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 - 38. http://ask.wireshark.org/ - 39. http://www.wireshark.org/lists/ - 40. http://www.wiresharktraining.com/ - 41. http://www.wireshark.org/faq.html + 1. https://www.wireshark.org/security/wnpa-sec-2015-14.html + 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10978 + 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3811 + 4. https://www.wireshark.org/security/wnpa-sec-2015-15.html + 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088 + 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3812 + 7. https://www.wireshark.org/security/wnpa-sec-2015-17.html + 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11110 + 9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3814 + 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6217 + 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10713 + 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10849 + 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10991 + 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10992 + 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11053 + 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11058 + 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11083 + 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11106 + 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11120 + 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11141 + 21. http://www.wireshark.org/download.html + 22. http://www.wireshark.org/download.html#thirdparty + 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 + 24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 + 25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 + 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 + 27. https://wiki.wireshark.org/Development/Win64 + 28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044 + 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528 + 30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 + 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056 + 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 + 33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445 + 34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 + 35. http://ask.wireshark.org/ + 36. http://www.wireshark.org/lists/ + 37. http://www.wiresharktraining.com/ + 38. http://www.wireshark.org/faq.html diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc index c7cd0a7099..08e56150f0 100644 --- a/docbook/release-notes.asciidoc +++ b/docbook/release-notes.asciidoc @@ -13,15 +13,6 @@ used for troubleshooting, analysis, development and education. The following vulnerabilities have been fixed. -* ws-salink:2015-13[] -+ -The WebSocket dissector could recurse excessively. -// Fixed in master: g4ee6bcb -// Fixed in master-1.12: gcdb1fc6 -// Fixed in master-1.10: Unknown -(ws-buglink:10989[]) -//cve-idlink:2015-XXXX[] - * ws-salink:2015-14[] + The WCP dissector could crash while decompressing data. @@ -29,7 +20,7 @@ The WCP dissector could crash while decompressing data. // Fixed in master-1.12: g65db378 // Fixed in master-1.10: ge5a9cf3 (ws-buglink:10978[]) -//cve-idlink:2015-XXXX[] +cve-idlink:2015-3811[] * ws-salink:2015-15[] + @@ -38,7 +29,7 @@ The X11 dissector could leak memory. // Fixed in master-1.12: g7b58f02 // Fixed in master-1.10: g7cb179e (ws-buglink:11088[]) -//cve-idlink:2015-XXXX[] +cve-idlink:2015-3812[] * ws-salink:2015-17[] + @@ -47,7 +38,7 @@ The IEEE 802.11 dissector could go into an infinite loop. // Fixed in master-1.12: gc3bee61 // Fixed in master-1.10: gcd4dd9a (ws-buglink:11110[]) -//cve-idlink:2015-XXXX[] +cve-idlink:2015-3814[] The following bugs have been fixed: @@ -97,9 +88,11 @@ GSMTAP ICMP IEEE 802.11 LPP +MEGACO PKCS-1 PPP IPv6CP SRVLOC +SSL TCP WCP X11 diff --git a/version.conf b/version.conf index 6dedd7c96a..9480b2f829 100644 --- a/version.conf +++ b/version.conf @@ -1,9 +1,9 @@ # Interim releases: Enable packaging, add a "rc" to the version. -enable: 1 -pkg_format: rc0-%# -pkg_enable: 1 +#enable: 1 +#pkg_format: rc0-%# +#pkg_enable: 1 # Final release: Disable package version stamps. -#enable: 1 -#pkg_format: -#pkg_enable: 0 +enable: 1 +pkg_format: +pkg_enable: 0 |