diff options
| -rw-r--r-- | ChangeLog | 724 | ||||
| -rw-r--r-- | NEWS | 151 | ||||
| -rw-r--r-- | docbook/release-notes.asciidoc | 14 | ||||
| -rw-r--r-- | version.conf | 12 |
4 files changed, 813 insertions, 88 deletions
@@ -0,0 +1,724 @@ +commit 1816c75478 +Author: Gerald Combs <gerald@wireshark.org> +Date: Fri Apr 5 16:01:36 2019 -0700 + + Prep for 2.4.14. + + Change-Id: I1df1cc6e3c634aae1a6c001af8a2d0849f9ad9e2 + +commit 7a347fb25c +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Apr 7 19:56:22 2019 -0700 + + If you use data_file_url(), you must first call init_progfile_dir(). + + And if you call init_progfile_dir(), you must call + init_process_policies() before that. + + And even if you *don't* use data_file_url(), you might use it in the + future, or you might use other calls to get data file paths, so make + *all* the extcap programs make those calls. + + (Yes, this is important on macOS, for example; it may also be important + on Windows. On other UN*Xes we may just compile in the data file path, + but that's not true on *all* our platforms.) + + Change-Id: I99265ed69ec24096884ec067feddd7d7f3855436 + Reviewed-on: https://code.wireshark.org/review/32775 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (backported from commit bbc8cbfb9c0f4b43834af43e518de085cc39fd6b) + Reviewed-on: https://code.wireshark.org/review/32778 + +commit ceef63fa52 +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun Apr 7 09:06:16 2019 +0000 + + [Automatic update for 2019-04-07] + + Update manuf, services enterprise numbers, translations, and other items. + + Change-Id: I3bbfed0a32276eb3cd5a552f6fe6f28749910ccc + Reviewed-on: https://code.wireshark.org/review/32771 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit 6e9562d710 +Author: Gerald Combs <gerald@wireshark.org> +Date: Fri Apr 5 10:01:56 2019 -0700 + + Make call_dissector assertions non-fatal. + + Replace g_assert in our call_dissector* routines with DISSECTOR_ASSERT. + + Change-Id: I76104ba09e272ff34e3eaa958c7f711e27e4a3b5 + Reviewed-on: https://code.wireshark.org/review/32741 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + Petri-Dish: Gerald Combs <gerald@wireshark.org> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 98bcda594ecbe3de891bf78cfb262986d1e2b8d6) + Reviewed-on: https://code.wireshark.org/review/32757 + +commit fb8252b26b +Author: Gerald Combs <gerald@wireshark.org> +Date: Fri Apr 5 11:52:02 2019 -0700 + + Release note updates. + + Change-Id: I7c3d114af267c3a8bc32b899bc2338de9a3dc529 + Reviewed-on: https://code.wireshark.org/review/32753 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit eafdcfa4b6 +Author: Dario Lombardo <lomato@gmail.com> +Date: Sun Mar 17 00:47:02 2019 +0100 + + dcerpc: ensure the length in the packet doesn't overcome the boundaries. + + The spoolss dissector creates a new source using the length from the packet + data. If it overcomes the ends of the packet we hit a crash. In this case + add an expert info and stop the dissection + + Bug: 15568 + Change-Id: Idfb0b54c1f41842170d3d03c80897a3b7edc9400 + Reviewed-on: https://code.wireshark.org/review/32449 + Petri-Dish: Anders Broman <a.broman58@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 5aba3ed0cdebc1ec960261e3e9eda87c8408259f) + Reviewed-on: https://code.wireshark.org/review/32750 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit 1132941c44 +Author: Gerald Combs <gerald@wireshark.org> +Date: Fri Apr 5 10:39:40 2019 -0700 + + Prep for 2.4.14. + + Change-Id: I026600d763ef46985e804006ef778b08ba8bf9c9 + Reviewed-on: https://code.wireshark.org/review/32744 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit 441b6d9071 +Author: Gerald Combs <gerald@wireshark.org> +Date: Wed Apr 3 09:41:36 2019 -0700 + + DOF: Fix alias binding dissection. + + When adding generated IID and OID bytes to the tree, use a zero offset + and length like we do elsewhere in the dissector. + + Bug: 15617 + Change-Id: Id900f2aeeef7926706b417622d452ffa72949e8a + (cherry picked from commit ecf03bb37b3345e684890f7eee031cb17a247939) + Reviewed-on: https://code.wireshark.org/review/32723 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + (cherry picked from commit 651cd91b16b01e3da698b04542da376d946bc54b) + Reviewed-on: https://code.wireshark.org/review/32725 + +commit b16fea2f17 +Author: Dario Lombardo <lomato@gmail.com> +Date: Fri Mar 1 11:18:53 2019 +0100 + + srvloc: check buffer index to prevent heap overflow. + + Bug: 15546 + Change-Id: I35eee1f6e1127db74339ec7218d7681bd93de59c + Reviewed-on: https://code.wireshark.org/review/32285 + Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 8f15ebed65ceea5c856fce055b5d83fb0c4b597b) + Reviewed-on: https://code.wireshark.org/review/32340 + Petri-Dish: Dario Lombardo <lomato@gmail.com> + Reviewed-by: Dario Lombardo <lomato@gmail.com> + (cherry picked from commit f43ac1291b80bbccdd1ef3e6118f72e08dc8beac) + Reviewed-on: https://code.wireshark.org/review/32722 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit cf801a2507 +Author: Dario Lombardo <lomato@gmail.com> +Date: Wed Apr 3 09:10:38 2019 +0200 + + ldss: add checks on file digest. + + Bug: 15620 + Change-Id: I600c262f42414dd50c0cf4c1230acfb2a8042212 + Reviewed-on: https://code.wireshark.org/review/32520 + Petri-Dish: Dario Lombardo <lomato@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Gerald Combs <gerald@wireshark.org> + (cherry picked from commit 6c3467945cd9bf1242a2dcd4a8fbff32b885391e) + Reviewed-on: https://code.wireshark.org/review/32697 + +commit 24483e4f80 +Author: Pascal Quantin <pascal@wireshark.org> +Date: Mon Apr 1 09:47:57 2019 +0200 + + HL7: do not call proto_reg_handoff_hl7() when changing a preference + + None of the preference require this function to be called again and it + it not designed to be called several times (systematically adds the + dissector handle). + + Change-Id: I0aca361902e65668c991e26025236c7ebb0fe946 + Reviewed-on: https://code.wireshark.org/review/32666 + Reviewed-by: Pascal Quantin <pascal@wireshark.org> + Petri-Dish: Pascal Quantin <pascal@wireshark.org> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 2f09f6aba4c6bc31fc3330d3e25e54c6fdef8309) + Reviewed-on: https://code.wireshark.org/review/32671 + +commit fb3db8c701 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Mar 31 20:28:20 2019 -0700 + + On Windows, don't do console stuff unless we're on a terminal. + + Clean up some code where that was already the case, to make it clearer + that it is the case. + + Make that be the case in print_stream_text_alloc(). + + Change-Id: If6ef1ded9dad94ffaccb5d214f70c7e4d0844e8a + Reviewed-on: https://code.wireshark.org/review/32660 + Petri-Dish: Guy Harris <guy@alum.mit.edu> + Tested-by: Petri Dish Buildbot + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 2dfb2067d86ee80e420da8c414bfa1edfc39cf1a) + Reviewed-on: https://code.wireshark.org/review/32663 + +commit 1d7ce92f9c +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Mar 31 18:17:57 2019 -0700 + + Only put generic values into the print_stream_t structure. + + Put values used only by particular subclasses into the subclass data + structure. + + Change-Id: Ibb995ebf18ba24449467e932084fbeef03ad1abf + Reviewed-on: https://code.wireshark.org/review/32653 + Petri-Dish: Guy Harris <guy@alum.mit.edu> + Tested-by: Petri Dish Buildbot + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 8b0615de3b747f588387b64d2b7c05e7f6f51487) + Reviewed-on: https://code.wireshark.org/review/32659 + +commit 3c5c17e6a1 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Mar 31 12:52:27 2019 -0700 + + Don't draw the taps if we never got a capture file. + + There's nothing to draw. + + Maybe we should also avoid it if we didn't get any packets. + + Change-Id: If76f7909f78e66b7302d0ab2caa284ca36c43bfb + Reviewed-on: https://code.wireshark.org/review/32649 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 511867cdf4a56da9a261cd57e75873ae89a21d8e) + Reviewed-on: https://code.wireshark.org/review/32652 + +commit 52d34c39d3 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Mar 31 12:27:24 2019 -0700 + + Fix -z hosts output if it's from a live capture. + + Giving the pathname of a temporary file that will be deleted once TShark + exits isn't useful; just refer to "the temporary capture file". + + Change-Id: I7333ac3cef4e4ae1076a5b0e3c46a04e0328d505 + Reviewed-on: https://code.wireshark.org/review/32645 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 666d77db4540a2520608a2a410532c57b6efab85) + Reviewed-on: https://code.wireshark.org/review/32648 + +commit f1bff6b251 +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun Mar 31 09:09:17 2019 +0000 + + [Automatic update for 2019-03-31] + + Update manuf, services enterprise numbers, translations, and other items. + + Change-Id: I1f456c606fb616665c36517555746f9dd112ed75 + Reviewed-on: https://code.wireshark.org/review/32644 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit b20e5d8aae +Author: Gerald Combs <gerald@wireshark.org> +Date: Mon Mar 25 09:56:56 2019 -0700 + + GSS-API: Make sure we call a valid dissector. + + Make our unknown dissector handle logic conistent with other parts of + the code. + + Conflicts: + epan/dissectors/packet-gssapi.c + + Bug: 15613 + Change-Id: Id0daf9bf0be14b99ec592f4f561cc8935d5cb4a6 + Reviewed-on: https://code.wireshark.org/review/32576 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + Petri-Dish: Gerald Combs <gerald@wireshark.org> + Tested-by: Petri Dish Buildbot + Reviewed-by: Dario Lombardo <lomato@gmail.com> + (cherry picked from commit 8cdc95842687feee32856afba8e7087396082158) + Reviewed-on: https://code.wireshark.org/review/32586 + (cherry picked from commit ea75daa28bd6bd6911fd14a8b1734004269a18b8) + Reviewed-on: https://code.wireshark.org/review/32588 + +commit 39199def60 +Author: Anders Broman <anders.broman@ericsson.com> +Date: Tue Mar 26 17:00:31 2019 +0100 + + iso14443: Initialize iso14443_trans->cmd. + + Conflicts: + epan/dissectors/packet-iso14443.c + + Bug: 15634 + Change-Id: Ibaeb063db74055e26805db21875b9085b45c3ebe + Reviewed-on: https://code.wireshark.org/review/32581 + Petri-Dish: Anders Broman <a.broman58@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com> + Reviewed-on: https://code.wireshark.org/review/32585 + Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com> + +commit 1d77c81810 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Mar 24 21:23:32 2019 +0000 + + Revert "iseries: stop scanning a unicode string when the null terminator is hit." + + This reverts commit c599e490281b523df23010ae25307ff002068e17. + + Reason for revert: This completely fails to recognize Unicode iSeries dumps. + + Change-Id: Ie31141879b1bc3608a5dfdcba6887bb6f0018a47 + Reviewed-on: https://code.wireshark.org/review/32568 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit c1fd0194f42d04c771e38c680b1fde51760233b9) + Reviewed-on: https://code.wireshark.org/review/32571 + +commit dadcd022ba +Author: Dario Lombardo <lomato@gmail.com> +Date: Sun Mar 24 16:01:22 2019 +0100 + + iseries: stop scanning a unicode string when the null terminator is hit. + + Bug: 15614 + Change-Id: I1df4992dcd10e7d9a66fc88a0269b70fc065b079 + Reviewed-on: https://code.wireshark.org/review/32514 + Reviewed-by: Peter Wu <peter@lekensteyn.nl> + Petri-Dish: Peter Wu <peter@lekensteyn.nl> + Tested-by: Petri Dish Buildbot + Reviewed-by: Dario Lombardo <lomato@gmail.com> + (cherry picked from commit c599e490281b523df23010ae25307ff002068e17) + Reviewed-on: https://code.wireshark.org/review/32564 + Petri-Dish: Dario Lombardo <lomato@gmail.com> + +commit e5aed6ea17 +Author: Dario Lombardo <lomato@gmail.com> +Date: Fri Mar 15 15:00:10 2019 +0100 + + dof: don't use src/dst addresses if they don't exist. + + Bug: 15617 + Change-Id: I1177e704d33626d126b7e835e5a8db3162847fbf + Reviewed-on: https://code.wireshark.org/review/32442 + Petri-Dish: Peter Wu <peter@lekensteyn.nl> + Petri-Dish: Dario Lombardo <lomato@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Peter Wu <peter@lekensteyn.nl> + (cherry picked from commit 1ce2918fc885df36293992c27dce34e40d7260f1) + Reviewed-on: https://code.wireshark.org/review/32560 + +commit 43c23fc22c +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun Mar 24 09:07:18 2019 +0000 + + [Automatic update for 2019-03-24] + + Update manuf, services enterprise numbers, translations, and other items. + + Change-Id: Ic82c8453cb2b97f74a73cdbdab0e8523440bb85c + Reviewed-on: https://code.wireshark.org/review/32555 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit ab8d15f072 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sat Mar 23 12:05:22 2019 -0700 + + Restore pinfo->match_uint after the topmost dissector returns. + + That's what dissector_try_uint_new() does, and some tests depend on it. + + Bug: 15630 + Change-Id: I57934a5e90f83ee6ea0eb539a91826c950530ad3 + Reviewed-on: https://code.wireshark.org/review/32542 + Petri-Dish: Guy Harris <guy@alum.mit.edu> + Tested-by: Petri Dish Buildbot + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 80d96e91d248af40b50969702a0e5aafb7132376) + Reviewed-on: https://code.wireshark.org/review/32545 + +commit 6a1301cb83 +Author: Peter Wu <peter@lekensteyn.nl> +Date: Sat Mar 16 19:15:22 2019 +0000 + + TLS: fix potential buffer overflow with a malicious SSL 3.0 session + + If a TLS 1.2 cipher suite with SHA384 was in use for a SSL 3.0 session, + then the "dgst" buffer in ssl3_check_mac could be overwritten with 24 + bytes past the end of the buffer. To prevent this issue, restrict the + cipher suites that can be used with SSL 3.0. + + I did not verify this theory with an actual capture since it is hard to + do so. An attacker would have to (1) create a malicious, non-compliant + implementation that (2) creates a network trace, and (3) convince the + user to install the required decryption secrets. + + Bug: 15599 + Change-Id: I2204f10f46209f9473e7f2003bda8aaac634e2e2 + Reviewed-on: https://code.wireshark.org/review/32441 + Petri-Dish: Peter Wu <peter@lekensteyn.nl> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit f73a6b4f7692700bec7da297dd425c34c6f8d081) + Reviewed-on: https://code.wireshark.org/review/32537 + Reviewed-by: Peter Wu <peter@lekensteyn.nl> + +commit 0f0400610f +Author: Guy Harris <guy@alum.mit.edu> +Date: Fri Mar 22 12:50:54 2019 -0700 + + Don't use dissector_try_uint_new() to call the subdissector. + + See bug 15630 for details. + + Bug: 15630 + Change-Id: Ib7c9defae77ef8901ff2c8ef91dc50761f6924f2 + Reviewed-on: https://code.wireshark.org/review/32527 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 2182d9d29421945f99fef15eed1ca080d9d3722f) + Reviewed-on: https://code.wireshark.org/review/32530 + +commit 9484ca3216 +Author: Dario Lombardo <lomato@gmail.com> +Date: Thu Mar 21 18:25:50 2019 +0100 + + randpkt: restore produce_filename in random generation. + + Bug: 15627 + Change-Id: Iac267a679ca3f935f0e165880bb3127a8715b81c + Reviewed-on: https://code.wireshark.org/review/32503 + Petri-Dish: Dario Lombardo <lomato@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 64e02c943a07749af30ceeae7ffc6c88183316fe) + Reviewed-on: https://code.wireshark.org/review/32510 + Reviewed-by: Dario Lombardo <lomato@gmail.com> + +commit 5bddde830e +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun Mar 17 09:11:08 2019 +0000 + + [Automatic update for 2019-03-17] + + Update manuf, services enterprise numbers, translations, and other items. + + Change-Id: Ib5bbacacfa35ee4f5cbae4435bf3dd260d849cf3 + Reviewed-on: https://code.wireshark.org/review/32453 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit bfeb259946 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sat Mar 16 11:47:45 2019 -0700 + + Remove incorrectly-inserted "return FALSE;". + + That made PACKET_DESCRIBE() do nothing, causing warnings from the Clang + Static Humiliator. + + Change-Id: I6f433cd193b6398d89038e95c7bf5deb24aa186d + Reviewed-on: https://code.wireshark.org/review/32437 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 1660f7437198113c0c90cec22daa6abcd3af22cc) + Reviewed-on: https://code.wireshark.org/review/32440 + +commit 842d333ea6 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sat Mar 16 00:19:17 2019 -0700 + + Fix up the checks in nspm_signature_version(). + + Move the read out of nspm_signature_version(), to make it a bit clearer + what file I/O we do in the open process; have nspm_signature_version() + just look for a signature in a single page. + + In the loop in nspm_signature_version(), make sure we have enough of the + record header to look at the type and length fields in that header + before looking at them and, when we can look at them, make sure the + length of the record 1) fits in what remains of the page we're looking + at and 2) is big enough to be the length of a signature record. + + Change-Id: I7d625859136e6f39c40b166067fc7efea806d9b0 + Reviewed-on: https://code.wireshark.org/review/32426 + Petri-Dish: Guy Harris <guy@alum.mit.edu> + Tested-by: Petri Dish Buildbot + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit c0839e2e2ae347483ad96e8b86ddfe8f2ab95bc0) + Reviewed-on: https://code.wireshark.org/review/32431 + +commit 2fbbde780e +Author: Dario Lombardo <lomato@gmail.com> +Date: Tue Mar 5 17:25:24 2019 +0100 + + netscaler: add more sanity checks. + + Fix more crashes found in the provided bug report. + + Bug: 15497 + Change-Id: If84498fa879ad56c8677f8c1442a8dc0e5906003 + Reviewed-on: https://code.wireshark.org/review/32333 + Petri-Dish: Dario Lombardo <lomato@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 134a513dd59315d67866f238459fdee6347f1055) + Reviewed-on: https://code.wireshark.org/review/32422 + (cherry picked from commit fc8367a50516e832be960a9001ccdb09ced9b27f) + Reviewed-on: https://code.wireshark.org/review/32430 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + +commit 6c61cc4f07 +Author: Dario Lombardo <lomato@gmail.com> +Date: Thu Mar 14 18:30:54 2019 +0100 + + wmem: fix a comment. + + Change-Id: Ie8e4eac95a4db64c376c38c2207667c38788dac5 + Reviewed-on: https://code.wireshark.org/review/32411 + Reviewed-by: Dario Lombardo <lomato@gmail.com> + Petri-Dish: Dario Lombardo <lomato@gmail.com> + Tested-by: Petri Dish Buildbot + Reviewed-by: Anders Broman <a.broman58@gmail.com> + (cherry picked from commit 3b2204e1274c0075da9948573d5b65d60971a8a5) + Reviewed-on: https://code.wireshark.org/review/32418 + +commit fae702c8f2 +Author: Guy Harris <guy@alum.mit.edu> +Date: Thu Mar 14 03:51:07 2019 -0700 + + Ask, in a comment, whether we should do an exact match on signatures. + + Change-Id: I3c6e904a2e8cc843687b69f633fd0dfbf0ec7937 + Reviewed-on: https://code.wireshark.org/review/32407 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit 306ead40b60b7762eacff6bf5aa1c52ec41fb62c) + Reviewed-on: https://code.wireshark.org/review/32410 + +commit d08085753b +Author: Guy Harris <guy@alum.mit.edu> +Date: Thu Mar 14 03:12:07 2019 -0700 + + Fix the test for a NetScaler trace file. + + When testing the signature field against a given version's signature: + + we require that the signature field's size (size, not C + null-terminated string length) be at least the size of the + signature string (otherwise, it can't possibly match); + + we check to make sure that the first N bytes of the signature + field, where N is the size of the version's signature string + (not including any terminating '\0' in that string), match the + version's signature string. + + I.e., we require that the version's signature string is a prefix of the + signature string in the file. + + This does not require that the signature string in the file be + null-terminated. + + It also doesn't allow the file's signature string to be a substring of + the version's signature string, as that's *NOT* sufficient to identify + the file as a NetScaler trace file, especially if we forcibly + null-terminate the file's signature string and we trucate it to be + zero-length, as, in that case, it's *always* a prefix of the version's + signature string, and the file is incorrectly identified as a NetScaler + trace file. + + (While we're at it, we make the nspm_signature_isvXXX() routines return + true if it *is* and false if it *isn't*, rather than the reverse; having + a routine with a name containing "is", and not "isnt", return true if it + *isn't* is confusing.) + + Change-Id: I3694773a71b8b63d280e42f146698c82a0f0c332 + Ping-Bug: 15601 + Reviewed-on: https://code.wireshark.org/review/32403 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit f18bd4bd68e950a22baa9d7d4f1ed9236b410f68) + Reviewed-on: https://code.wireshark.org/review/32406 + +commit a0b91cd37b +Author: Michael McTernan <mike.mcternan@wavemobile.com> +Date: Sun Mar 10 18:25:01 2019 +0100 + + GSM A RR: fix Frequency List Variable Bitmap IE dissection + + Bug: 15549 + Change-Id: Iacd69b718cef2a26084fbb3e34c1e51f7424cf2b + Reviewed-on: https://code.wireshark.org/review/32377 + Petri-Dish: Pascal Quantin <pascal@wireshark.org> + Tested-by: Petri Dish Buildbot + Reviewed-by: Pascal Quantin <pascal@wireshark.org> + (cherry picked from commit e901d722e06a6568f0f8a88ae08290ecb0d63927) + Reviewed-on: https://code.wireshark.org/review/32380 + +commit c424bf2f23 +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun Mar 10 09:07:56 2019 +0000 + + [Automatic update for 2019-03-10] + + Update manuf, services enterprise numbers, translations, and other items. + + Change-Id: Ib62f7671b3b7acdfab4bbdb5d9a7834925b9be7e + Reviewed-on: https://code.wireshark.org/review/32375 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit 23b83a2fb7 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sun Mar 3 15:45:59 2019 -0800 + + Discard the upper bits of the "network" field in the file header. + + Libpcap's done that for a while; we should do so as well. + + (Ideally, we should use those bits, but there's an issue with pcapng, + where the FCS length in the IDB is described as being in units of bits, + but where we're treating it as being in units of bytes, that I'd like to + resolve first.) + + Change-Id: Ibcb82f1dcaa8baae5bba55636cea8852a6af814e + Reviewed-on: https://code.wireshark.org/review/32303 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit c84f69f7482fea6eb1b86f08811cc2b4547fe05f) + Reviewed-on: https://code.wireshark.org/review/32306 + +commit c526bd6990 +Author: Gerald Combs <gerald@wireshark.org> +Date: Sun Mar 3 09:07:48 2019 +0000 + + [Automatic update for 2019-03-03] + + Update manuf, services enterprise numbers, translations, and other items. + + Change-Id: I36a6c4f0f839de9fb7aefd8e4dc273152d0155ea + Reviewed-on: https://code.wireshark.org/review/32298 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit ddbd0c6c09 +Author: Guy Harris <guy@alum.mit.edu> +Date: Sat Mar 2 20:14:44 2019 -0800 + + Say what short name already exists, to help the developer somewhat. + + That tells then what name they *can't* use for their file-type plugin, + because it's already a built-in file type name in Wireshark. + + Change-Id: Ibbbfda21e1109cf46275008a46b8ea65c8fcf4b5 + Reviewed-on: https://code.wireshark.org/review/32291 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit a5b5f649ffaba29cef89b4968635dd919f1e0204) + Reviewed-on: https://code.wireshark.org/review/32294 + +commit b2fe8a4fc9 +Author: Guy Harris <guy@alum.mit.edu> +Date: Thu Feb 28 10:52:41 2019 -0800 + + Fix backport. + + Change-Id: I69b3ff4268c3e4db2264467ce4105e399cf58bdb + Reviewed-on: https://code.wireshark.org/review/32272 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + +commit 1125ece806 +Author: Gerald Combs <gerald@wireshark.org> +Date: Thu Feb 28 10:44:31 2019 -0800 + + Fix our version. + + Change-Id: I4be13eeeb8297620f6b2bff0b310021b2c677a46 + Reviewed-on: https://code.wireshark.org/review/32270 + Reviewed-by: Gerald Combs <gerald@wireshark.org> + +commit 883ab43d56 +Author: Gerald Combs <gerald@wireshark.org> +Date: Wed Feb 27 16:20:01 2019 -0800 + + CMake: Don't build Windows package targets by default. + + Explicitly exclude our various Windows package targets from the Visual + Studio default build. This will hopefully keep the 32-bit Windows builder + from trying to build the portableapps_runtime target when it shouldn't. + + Conflicts: + packaging/nsis/CMakeLists.txt + packaging/wix/CMakeLists.txt + + Change-Id: Id8481e92abda9b1a4784b8c8e8b5a1b3f1b4647e + Reviewed-on: https://code.wireshark.org/review/32256 + Petri-Dish: Gerald Combs <gerald@wireshark.org> + Tested-by: Petri Dish Buildbot + Reviewed-by: Gerald Combs <gerald@wireshark.org> + (cherry picked from commit a0c93f426b0bb3510af3e4657d95bd64e46ed5f8) + Reviewed-on: https://code.wireshark.org/review/32266 + +commit 34ed0bad67 +Author: Guy Harris <guy@alum.mit.edu> +Date: Wed Feb 27 13:19:37 2019 -0800 + + Fix a comment. + + There's no MIC at the end of an unencrypted packet, and thus we're not + removing any MIC. + + Change-Id: Ie19790afc573b66f5dd09a4f8afc0fe69895eabe + Reviewed-on: https://code.wireshark.org/review/32249 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (cherry picked from commit a4c8b2d4e6656606961f3c4f7ae31fed906915c1) + Reviewed-on: https://code.wireshark.org/review/32252 + +commit 8e19cd1786 +Author: Guy Harris <guy@alum.mit.edu> +Date: Wed Feb 27 13:09:09 2019 -0800 + + Fix subset-tvbuff creation. + + Use tvb_new_subset_length(), rather than (incorrectly) attempting to + calculate the captured length ourselves. + + Update a comment while we're at it. + + Change-Id: I9f608ee5bf59f261111b2a75900dddad12fb5554 + Reviewed-on: https://code.wireshark.org/review/32245 + Reviewed-by: Guy Harris <guy@alum.mit.edu> + (backported from commit 179d872565be0c7b265397ec639d49aec4e23511) + Reviewed-on: https://code.wireshark.org/review/32248 + +commit 603c31e040 +Author: Gerald Combs <gerald@wireshark.org> +Date: Wed Feb 27 12:23:08 2019 -0800 + + 2.4.13 → 2.4.14. + + Change-Id: Ic463880ad448ee2665c0133656dc5c0afe0bb2d2 + Reviewed-on: https://code.wireshark.org/review/32244 + Reviewed-by: Gerald Combs <gerald@wireshark.org> @@ -1,4 +1,4 @@ - Wireshark 2.4.13 Release Notes + Wireshark 2.4.14 Release Notes __________________________________________________________________ What is Wireshark? @@ -12,33 +12,30 @@ What's New Bug Fixes The following vulnerabilities have been fixed: - * [1]wnpa-sec-2019-06 ASN.1 BER and related dissectors crash. [2]Bug - 15447. [3]CVE-2019-9209. - * [4]wnpa-sec-2019-07 TCAP dissector crash. [5]Bug 15464. - [6]CVE-2019-9208. - * [7]wnpa-sec-2019-08 RPCAP dissector crash. [8]Bug 15536. + * [1]wnpa-sec-2019-09 NetScaler file parser crash. [2]Bug 15497. + [3]CVE-2019-10895. + * [4]wnpa-sec-2019-10 SRVLOC dissector crash. [5]Bug 15546. + [6]CVE-2019-10899. + * [7]wnpa-sec-2019-14 GSS-API dissector crash. [8]Bug 15613. + [9]CVE-2019-10894. + * [10]wnpa-sec-2019-15 DOF dissector crash. [11]Bug 15617. + [12]CVE-2019-10896. + * [13]wnpa-sec-2019-17 LDSS dissector crash. [14]Bug 15620. + [15]CVE-2019-10901. + * [16]wnpa-sec-2019-18 DCERPC SPOOLSS dissector crash. [17]Bug 15568. + [18]CVE-2019-10903. The following bugs have been fixed: - * dftest should be distributed with the Windows installer. [9]Bug - 13825. - * Alignment Lost after Editing Column. [10]Bug 14177. - * Crash on applying display filters or coloring rules on capture - files containing non-UTF-8 data. [11]Bug 14905. - * Decoding of MEGACO/H.248 request shows the Remote descriptor as - "Local descriptor". [12]Bug 15430. - * Repeated NFS in Protocol Display field. [13]Bug 15443. - * Wireshark heap out-of-bounds read in infer_pkt_encap. [14]Bug - 15463. - * Column width and hidden issues when switching profiles. [15]Bug - 15466. - * GTPv1-C SGSN Context Response / Forward Relocation Request decode - GGSN address IPV6 issue. [16]Bug 15485. - * Lua Error on startup: init.lua: dofile has been disabled due to - running Wireshark as superuser. [17]Bug 15489. - * Multiple out-of-bounds reads in NetScaler trace handling - (wiretap/netscaler.c). [18]Bug 15497. - * Wrong endianess when dissecting the "chain offset" in SMB2 protocol - header. [19]Bug 15524. + * GSM-A-RR variable bitmap decoding may report ARFCNs > 1023. [19]Bug + 15549. + + * Possible buffer overflow in function ssl_md_final for crafted SSL + 3.0 sessions. [20]Bug 15599. + * randpkt -r causes segfault when count > 1. [21]Bug 15627. + * Packets with metadata but no data get the Protocol Info column + overwritten. [22]Bug 15630. + + * Buildbot crash output: fuzz-2019-03-23-1789.pcap. [23]Bug 15634. New and Updated Features @@ -50,12 +47,12 @@ What's New Updated Protocol Support - ASN.1 BER, BSSAP, DNP3, ETSI CAT, GTP, MEGACO, MPLS Echo, RPC, RPCAP, - SMB2, and TCAP + DCERPC SPOOLSS, DOF, GSM A RR, GSS-API, HL7, IEEE 802.15.4, ISO 14443, + LDSS, SRVLOC, and TLS New and Updated Capture File Support - NetScaler, and Sniffer + NetScaler, and pcap New and Updated Capture Interfaces support @@ -66,14 +63,14 @@ What's New Getting Wireshark Wireshark source code and installation packages are available from - [20]https://www.wireshark.org/download.html. + [24]https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be - found on the [21]download page on the Wireshark web site. + found on the [25]download page on the Wireshark web site. __________________________________________________________________ File Locations @@ -86,73 +83,77 @@ File Locations Known Problems - Dumpcap might not quit if Wireshark or TShark crashes. ([22]Bug 1419) + Dumpcap might not quit if Wireshark or TShark crashes. ([26]Bug 1419) - The BER dissector might infinitely loop. ([23]Bug 1516) + The BER dissector might infinitely loop. ([27]Bug 1516) Capture filters aren't applied when capturing from named pipes. - ([24]Bug 1814) + ([28]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. - ([25]Bug 2234) + ([29]Bug 2234) - Application crash when changing real-time option. ([26]Bug 4035) + Application crash when changing real-time option. ([30]Bug 4035) Wireshark and TShark will display incorrect delta times in some cases. - ([27]Bug 4985) + ([31]Bug 4985) - Wireshark should let you work with multiple capture files. ([28]Bug + Wireshark should let you work with multiple capture files. ([32]Bug 10488) __________________________________________________________________ Getting Help - Community support is available on [29]Wireshark's Q&A site and on the + Community support is available on [33]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for - all of Wireshark's mailing lists can be found on [30]the web site. + all of Wireshark's mailing lists can be found on [34]the web site. Official Wireshark training and certification are available from - [31]Wireshark University. + [35]Wireshark University. __________________________________________________________________ Frequently Asked Questions - A complete FAQ is available on the [32]Wireshark web site. + A complete FAQ is available on the [36]Wireshark web site. __________________________________________________________________ - Last updated 2019-02-27 17:41:14 UTC + Last updated 2019-04-08 18:22:29 UTC References - 1. https://www.wireshark.org/security/wnpa-sec-2019-06.html - 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447 - 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9209 - 4. https://www.wireshark.org/security/wnpa-sec-2019-07.html - 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464 - 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9208 - 7. https://www.wireshark.org/security/wnpa-sec-2019-08.html - 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536 - 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13825 - 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14177 - 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14905 - 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15430 - 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15443 - 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15463 - 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15466 - 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15485 - 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15489 - 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497 - 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15524 - 20. https://www.wireshark.org/download.html - 21. https://www.wireshark.org/download.html#thirdparty - 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 - 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 - 24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 - 25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 - 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 - 27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 - 28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 - 29. https://ask.wireshark.org/ - 30. https://www.wireshark.org/lists/ - 31. http://www.wiresharktraining.com/ - 32. https://www.wireshark.org/faq.html + 1. https://www.wireshark.org/security/wnpa-sec-2019-09.html + 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497 + 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10895 + 4. https://www.wireshark.org/security/wnpa-sec-2019-10.html + 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15546 + 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10899 + 7. https://www.wireshark.org/security/wnpa-sec-2019-14.html + 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15613 + 9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10894 + 10. https://www.wireshark.org/security/wnpa-sec-2019-15.html + 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15617 + 12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10896 + 13. https://www.wireshark.org/security/wnpa-sec-2019-17.html + 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15620 + 15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10901 + 16. https://www.wireshark.org/security/wnpa-sec-2019-18.html + 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15568 + 18. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10903 + 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15549 + 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15599 + 21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15627 + 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15630 + 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15634 + 24. https://www.wireshark.org/download.html + 25. https://www.wireshark.org/download.html#thirdparty + 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 + 27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 + 28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 + 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 + 30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 + 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 + 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 + 33. https://ask.wireshark.org/ + 34. https://www.wireshark.org/lists/ + 35. http://www.wiresharktraining.com/ + 36. https://www.wireshark.org/faq.html diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc index 3f679c3126..d08cd8117c 100644 --- a/docbook/release-notes.asciidoc +++ b/docbook/release-notes.asciidoc @@ -17,7 +17,7 @@ The following vulnerabilities have been fixed: * wssalink:2019-09[] NetScaler file parser crash. wsbuglink:15497[]. -// cveidlink:2019-xxxx[]. +cveidlink:2019-10895[]. // Fixed in master: efe920af3a, 07bb974bcd, 134a513dd5 // Fixed in master-3.0: 490b381729, b759633425, 3ced6f5b05 // Fixed in master-2.6: dedcdbcdc4, 213c2c9afb, fc8367a505 @@ -26,7 +26,7 @@ wsbuglink:15497[]. * wssalink:2019-10[] SRVLOC dissector crash. wsbuglink:15546[]. -// cveidlink:2019-xxxx[]. +cveidlink:2019-10899[]. // Fixed in master: 8f15ebed65 // Fixed in master-3.0: fb94bfef5f // Fixed in master-2.6: f43ac1291b @@ -35,7 +35,7 @@ wsbuglink:15546[]. * wssalink:2019-14[] GSS-API dissector crash. wsbuglink:15613[]. -// cveidlink:2019-xxxx[]. +cveidlink:2019-10894[]. // Fixed in master: 8cdc958426 // Fixed in master-3.0: ea75daa28b // Fixed in master-2.6: a9c0287976 @@ -44,7 +44,7 @@ wsbuglink:15613[]. * wssalink:2019-15[] DOF dissector crash. wsbuglink:15617[]. -// cveidlink:2019-xxxx[]. +cveidlink:2019-10896[]. // Fixed in master: b572b65e51 // Fixed in master-3.0: 651cd91b16 // Fixed in master-2.6: a35c64380b @@ -53,7 +53,7 @@ wsbuglink:15617[]. * wssalink:2019-17[] LDSS dissector crash. wsbuglink:15620[]. -// cveidlink:2019-xxxx[]. +cveidlink:2019-10901[]. // Fixed in master: 6c3467945c // Fixed in master-3.0: 1cf349ddb2 // Fixed in master-2.6: d368eed192 @@ -62,7 +62,7 @@ wsbuglink:15620[]. * wssalink:2019-18[] DCERPC SPOOLSS dissector crash. wsbuglink:15568[]. -// cveidlink:2019-xxxx[]. +cveidlink:2019-10903[]. // Fixed in master: 5aba3ed0cd // Fixed in master-3.0: 2f529f8acf // Fixed in master-2.6: 85499cde33 @@ -74,7 +74,7 @@ The following bugs have been fixed: //* wsbuglink:6000[Wireshark bug] //* cveidlink:2014-2486[] //* Wireshark keeps leaving voicemails advertising timeshare condominiums in Fresno. (wsbuglink:0000[]) -// cp /dev/null /tmp/buglist.txt ; for bugnumber in `git log --stat v2.4.14rc0..| grep ' Bug:' | awk '{print $2}' | sort -n -u ` ; do "$(git rev-parse --show-toplevel)/tools/gen-bugnote" $bugnumber; pbpaste >> /tmp/buglist.txt; done +// cp /dev/null /tmp/buglist.txt ; for bugnumber in `git log --stat v2.4.15rc0..| grep ' Bug:' | awk '{print $2}' | sort -n -u ` ; do "$(git rev-parse --show-toplevel)/tools/gen-bugnote" $bugnumber; pbpaste >> /tmp/buglist.txt; done * GSM-A-RR variable bitmap decoding may report ARFCNs > 1023. wsbuglink:15549[]. diff --git a/version.conf b/version.conf index b999997703..cc8d9d1108 100644 --- a/version.conf +++ b/version.conf @@ -1,9 +1,9 @@ # Interim releases: Enable packaging, add an "rc" to the version. -enable: 1 -pkg_format: rc0-%# -pkg_enable: 1 +#enable: 1 +#pkg_format: rc0-%# +#pkg_enable: 1 # Final release: Disable package version stamps. -#enable: 1 -#pkg_format: -#pkg_enable: 0 +enable: 1 +pkg_format: +pkg_enable: 0 |