commit b9a4a25020eabf5a36601a4d768ca85578bf8af3 Author: MSVSphere Packaging Team Date: Tue Nov 26 19:41:52 2024 +0300 import wireshark-4.2.6-1.el10 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ec67ab7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/wireshark-4.2.6.tar.xz diff --git a/.wireshark.metadata b/.wireshark.metadata new file mode 100644 index 0000000..5aa22f5 --- /dev/null +++ b/.wireshark.metadata @@ -0,0 +1 @@ +db0374dce360b99d8abb9a3f3471f3fc98d6d099 SOURCES/wireshark-4.2.6.tar.xz diff --git a/SOURCES/90-wireshark-usbmon.rules b/SOURCES/90-wireshark-usbmon.rules new file mode 100644 index 0000000..10a127c --- /dev/null +++ b/SOURCES/90-wireshark-usbmon.rules @@ -0,0 +1 @@ +SUBSYSTEM=="usbmon", GROUP="usbmon", MODE="640" diff --git a/SOURCES/SIGNATURES-4.2.6.txt b/SOURCES/SIGNATURES-4.2.6.txt new file mode 100644 index 0000000..67420f8 --- /dev/null +++ b/SOURCES/SIGNATURES-4.2.6.txt @@ -0,0 +1,53 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +wireshark-4.2.6.tar.xz: 45015272 bytes +SHA256(wireshark-4.2.6.tar.xz)=5ec6028df29068d889c98489bf194a884b00831106fea1e921fea3c65f2003f5 +SHA1(wireshark-4.2.6.tar.xz)=db0374dce360b99d8abb9a3f3471f3fc98d6d099 + +Wireshark-4.2.6-arm64.exe: 67985184 bytes +SHA256(Wireshark-4.2.6-arm64.exe)=602b5b95249f8955c5a6dbc41b2012c3b06a26daafbb07ed5ea66fa43c7a6574 +SHA1(Wireshark-4.2.6-arm64.exe)=4ee9ec6fc05a0d63f0f3d7110964689ab9f4f122 + +Wireshark-4.2.6-x64.exe: 86491216 bytes +SHA256(Wireshark-4.2.6-x64.exe)=ba679117304718a009092a5327abfdbc559031d9216512fc7540cb03d30a5545 +SHA1(Wireshark-4.2.6-x64.exe)=129df64c8aa44d9ce2ad191fa783faffd71301ae + +Wireshark-4.2.6-x64.msi: 62926848 bytes +SHA256(Wireshark-4.2.6-x64.msi)=cf8399afd61f2cadefd73b46dc9a206186502d30f6867457fe163a94574c1214 +SHA1(Wireshark-4.2.6-x64.msi)=825e5d80806f2e613373255c1e3fd3d6d280e9f6 + +WiresharkPortable64_4.2.6.paf.exe: 53648680 bytes +SHA256(WiresharkPortable64_4.2.6.paf.exe)=5924198bbbcd75f8f4709799b5185be1a5c20f08f678534ed00675842bcbc5d9 +SHA1(WiresharkPortable64_4.2.6.paf.exe)=dde23431f3878cafa6fb5f43e461259960b4f990 + +Wireshark 4.2.6 Arm 64.dmg: 65590940 bytes +SHA256(Wireshark 4.2.6 Arm 64.dmg)=11fc3f8b12b8369398e373058f9b8f0730e3228611ecf3d7ecc63c5f1855241e +SHA1(Wireshark 4.2.6 Arm 64.dmg)=57ef4f0600644c15566a9b6e9e2e71a1d2735b66 + +Wireshark 4.2.6 Intel 64.dmg: 69344904 bytes +SHA256(Wireshark 4.2.6 Intel 64.dmg)=41601877fa5294ec7c20f8d81c799612c6bca7fa689f237fdbf6595b5fc22071 +SHA1(Wireshark 4.2.6 Intel 64.dmg)=391319afa4bd74af89baf3d73d820ab0171da0ac + +You can validate these hashes using the following commands (among others): + + Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 + Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz + macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg" + Other: openssl sha256 wireshark-x.y.z.tar.xz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmaO0uIACgkQgiRKeOb+ +ruo+eQ//TQBxIVPnBX2isKfGpngWQ+e75/2Xk/00173P0lIiuV3x5gtRQ7SiVh5H +qC1bb6bbcD0+wK6BDU/K15eMQ30ODI0BdbQSElH9CaZZ6w84gAK2x+iJFy/kQl/O +3FQMM8v2MYMlN1Algs/czKDBK0Bbex/hCuIARMn60Z+35MEZvJqraY4aMTkBQ94t +uaJM2rZPq1kCU+eeX+KqRwJMvd11Re850j/YdzWPEvu9k1+isbB7drZKTmI9d1HT +HUIWpjYJDhJ2hFFamXHkY/OR/UVVTBfAJMSZ/nodHa2WKX2u76CnESqNTrFelUZs +jdtSTUA/S3DfcVvhx4FTWmwRmSgzAnauYwanFW9Zd+KuEKmPQA6JKBW4niUS11g8 +Luj+bPG9rJwPfiwbTl1VtS9DiMrm6hWnmvzySqQ3PhyDIBXT/2tx6SQhcK2u2/Vk +LtIGBDqjGltaagex8zm89HBgp3ByDy1Jh2yOaC2cHdidrkL9Wqo8bniA58Dt5jZS +0hHrAg+tT65sLVd2huHAX6yHzgbWtFp4F6N3pKPE4OY9rBbkVA/oQqiYGTWK0eaP +FQfg3yWWRV159xbDl/DnfnJ6T9puKk1/u+bMwfmjRMr+CJFAe0c1qYn/t/eP7oKl +mm3hd2NmhFG5RFRCGTArl6IkCHSyV6GuUkgUPfRqyCt6rLZishs= +=t1tY +-----END PGP SIGNATURE----- diff --git a/SOURCES/wireshark-0002-Customize-permission-denied-error.patch b/SOURCES/wireshark-0002-Customize-permission-denied-error.patch new file mode 100644 index 0000000..5c9d237 --- /dev/null +++ b/SOURCES/wireshark-0002-Customize-permission-denied-error.patch @@ -0,0 +1,22 @@ +diff --git a/capture/capture_sync.c b/capture/capture_sync.c +index af08b32..2e0fcb7 100644 +--- a/capture/capture_sync.c ++++ b/capture/capture_sync.c +@@ -1825,8 +1832,16 @@ sync_pipe_input_cb(GIOChannel *pipe_io, capture_session *cap_session) + if (!ws_strtoi32(buffer, NULL, &exec_errno)) { + ws_warning("Invalid errno: %s", buffer); + } +- primary_msg = ws_strdup_printf("Couldn't run dumpcap in child process: %s", ++ if (exec_errno == EPERM || exec_errno == EACCES) { ++ const char *securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root."; ++ primary_msg = ws_strdup_printf("Couldn't run dumpcap in child process: %s%s", ++ g_strerror(exec_errno), securitymsg); ++ } ++ else { ++ primary_msg = ws_strdup_printf("Couldn't run dumpcap in child process: %s", + g_strerror(exec_errno)); ++ } ++ + cap_session->error(cap_session, primary_msg, NULL); + /* the capture child will close the sync_pipe, nothing to do for now */ + /* (an error message doesn't mean we have to stop capturing) */ diff --git a/SOURCES/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch b/SOURCES/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch new file mode 100644 index 0000000..b71f99c --- /dev/null +++ b/SOURCES/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch @@ -0,0 +1,18 @@ +From: Peter Hatina +Date: Wed, 4 Sep 2013 10:03:57 +0200 +Subject: [PATCH] fix string overrun in plugins/profinet + + +diff --git a/plugins/epan/profinet/packet-dcom-cba.c b/plugins/epan/profinet/packet-dcom-cba.c +index 52c5017e1f..fb980269db 100644 +--- a/plugins/epan/profinet/packet-dcom-cba.c ++++ b/plugins/epan/profinet/packet-dcom-cba.c +@@ -543,7 +543,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset, + packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) + { + guint32 u32Pointer; +- gchar szStr[1000]; ++ gchar szStr[1000] = ""; + guint32 u32MaxStr = sizeof(szStr); + gchar *call; + diff --git a/SOURCES/wireshark-0004-Restore-Fedora-specific-groups.patch b/SOURCES/wireshark-0004-Restore-Fedora-specific-groups.patch new file mode 100644 index 0000000..53e62dc --- /dev/null +++ b/SOURCES/wireshark-0004-Restore-Fedora-specific-groups.patch @@ -0,0 +1,15 @@ +From: Peter Lemenkov +Date: Fri, 13 Sep 2013 14:36:55 +0400 +Subject: [PATCH] Restore Fedora-specific groups + +Signed-off-by: Peter Lemenkov +diff --git a/resources/freedesktop/org.wireshark.Wireshark.desktop b/resources/freedesktop/org.wireshark.Wireshark.desktop +index a880a50a33..a25d67d99b 100644 +--- a/resources/freedesktop/org.wireshark.Wireshark.desktop ++++ b/resources/freedesktop/org.wireshark.Wireshark.desktop +@@ -108,4 +108,4 @@ Terminal=false + MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr; + # Category entry according to: + # https://specifications.freedesktop.org/menu-spec/1.0/ +-Categories=Network;Monitor;Qt; ++Categories=Application;Network;Monitor;Qt; diff --git a/SOURCES/wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch b/SOURCES/wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch new file mode 100644 index 0000000..325afe2 --- /dev/null +++ b/SOURCES/wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch @@ -0,0 +1,20 @@ +From: Kenneth Soerensen +Date: Wed, 29 Jan 2014 16:04:12 +0400 +Subject: [PATCH] Fix paths in a org.wireshark.Wireshark.desktop file + + +diff --git a/resources/freedesktop/org.wireshark.Wireshark.desktop b/resources/freedesktop/org.wireshark.Wireshark.desktop +index a880a50a33..54b3595d55 100644 +--- a/resources/freedesktop/org.wireshark.Wireshark.desktop ++++ b/resources/freedesktop/org.wireshark.Wireshark.desktop +@@ -102,8 +102,8 @@ Comment[tr]=Ağ trafiği çözümleyicisi + Comment[vi]=Trình phân tích giao thông mạng + Comment[uk]=Аналізатор мережевого трафіку + Icon=org.wireshark.Wireshark +-TryExec=wireshark +-Exec=wireshark %f ++TryExec=/usr/bin/wireshark ++Exec=/usr/bin/wireshark %f + Terminal=false + MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr; + # Category entry according to: diff --git a/SOURCES/wireshark-0006-Move-tmp-to-var-tmp.patch b/SOURCES/wireshark-0006-Move-tmp-to-var-tmp.patch new file mode 100644 index 0000000..f7a1637 --- /dev/null +++ b/SOURCES/wireshark-0006-Move-tmp-to-var-tmp.patch @@ -0,0 +1,274 @@ +From cb54210f7f02b07768cfbf49ae266d487f580e1b Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Thu, 29 Jun 2017 15:32:58 +0200 +Subject: [PATCH] Move /tmp to /var/tmp + +Fedora is using tmpfs which is limited by the size of RAM, thus we need +to use different directory on different filesystem. + +--- + ui/qt/about_dialog.cpp | 3 +- + ui/qt/iax2_analysis_dialog.cpp | 5 ++- + ui/qt/utils/rtp_audio_file.cpp | 3 +- + wsutil/tempfile.c | 18 +++++++- + wsutil/tempfile.h | 2 +- + wsutil/wstmpdir.c | 71 ++++++++++++++++++++++++++++++++++ + wsutil/wstmpdir.h | 39 +++++++++++++++++++ + 7 files changed, 134 insertions(+), 7 deletions(-) + create mode 100644 wsutil/wstmpdir.c + create mode 100644 wsutil/wstmpdir.h + +diff --git a/ui/qt/about_dialog.cpp b/ui/qt/about_dialog.cpp +index 752b669ac4..42c2be0fca 100644 +--- a/ui/qt/about_dialog.cpp ++++ b/ui/qt/about_dialog.cpp +@@ -14,6 +14,7 @@ + + #include "main_application.h" + #include ++#include /* for get_tmp_dir() */ + + #include + #include +@@ -185,7 +186,7 @@ FolderListModel::FolderListModel(QObject * parent): + appendRow(QStringList() << tr("\"File\" dialogs") << get_open_dialog_initial_dir() << tr("capture files")); + + /* temp */ +- appendRow(QStringList() << tr("Temp") << (global_capture_opts.temp_dir && global_capture_opts.temp_dir[0] ? global_capture_opts.temp_dir : g_get_tmp_dir()) << tr("untitled capture files")); ++ appendRow(QStringList() << tr("Temp") << (global_capture_opts.temp_dir && global_capture_opts.temp_dir[0] ? global_capture_opts.temp_dir : get_tmp_dir()) << tr("untitled capture files")); + + /* pers conf */ + appendRow(QStringList() << tr("Personal configuration") +diff --git a/ui/qt/iax2_analysis_dialog.cpp b/ui/qt/iax2_analysis_dialog.cpp +index 07b9b42e01..fb09de989b 100644 +--- a/ui/qt/iax2_analysis_dialog.cpp ++++ b/ui/qt/iax2_analysis_dialog.cpp +@@ -25,6 +25,7 @@ + #include "ui/rtp_stream.h" + #endif + #include ++#include /* for get_tmp_dir() */ + + #include + #include +@@ -255,10 +256,10 @@ Iax2AnalysisDialog::Iax2AnalysisDialog(QWidget &parent, CaptureFile &cf) : + + // We keep our temp files open for the lifetime of the dialog. The GTK+ + // UI opens and closes at various points. +- QString tempname = QString("%1/wireshark_iax2_f").arg(QDir::tempPath()); ++ QString tempname = QString("%1/wireshark_iax2_f").arg(get_tmp_dir()); + fwd_tempfile_ = new QTemporaryFile(tempname, this); + fwd_tempfile_->open(); +- tempname = QString("%1/wireshark_iax2_r").arg(QDir::tempPath()); ++ tempname = QString("%1/wireshark_iax2_r").arg(get_tmp_dir()); + rev_tempfile_ = new QTemporaryFile(tempname, this); + rev_tempfile_->open(); + +diff --git a/ui/qt/utils/rtp_audio_file.cpp b/ui/qt/utils/rtp_audio_file.cpp +index 591a63bbf3..203f5c5286 100644 +--- a/ui/qt/utils/rtp_audio_file.cpp ++++ b/ui/qt/utils/rtp_audio_file.cpp +@@ -31,6 +31,7 @@ + + #include "rtp_audio_file.h" + #include ++#include /* for get_tmp_dir() */ + + RtpAudioFile::RtpAudioFile(bool use_disk_for_temp, bool use_disk_for_frames): + real_pos_(0) +@@ -45,7 +46,7 @@ RtpAudioFile::RtpAudioFile(bool use_disk_for_temp, bool use_disk_for_frames): + + tempname = "memory"; + if (use_disk_for_temp) { +- tempname = QString("%1/wireshark_rtp_stream").arg(QDir::tempPath()); ++ tempname = QString("%1/wireshark_rtp_stream").arg(get_tmp_dir()); + sample_file_ = new QTemporaryFile(tempname, this); + } else { + sample_file_ = new QBuffer(this); +diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c +index 531ed91..bd6fd60 100644 +--- a/wsutil/tempfile.c ++++ b/wsutil/tempfile.c +@@ -10,6 +10,8 @@ + + #include "config.h" + #include "tempfile.h" ++#include ++#include /* for get_tmp_dir() */ + + #include + +@@ -39,7 +41,7 @@ sanitize_prefix(const char *prefix) + + /** + * Create a tempfile with the given prefix (e.g. "wireshark"). The path +- * is created using g_file_open_tmp. ++ * is created using get_tmp_dir. + * + * @param tempdir [in] If not NULL, the directory in which to create the file. + * @param namebuf [in,out] If not NULL, receives the full path of the temp file. +@@ -55,13 +57,25 @@ create_tempfile(const char *tempdir, char **namebuf, const char *pfx, const char + { + int fd; + char *safe_pfx = sanitize_prefix(pfx); ++ gchar *tmp_file; ++ const char *tmp_dir; ++ int old_mask; + + if (tempdir == NULL || tempdir[0] == '\0') { + /* Use OS default tempdir behaviour */ + char* filetmpl = ws_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : ""); + g_free(safe_pfx); + +- fd = g_file_open_tmp(filetmpl, namebuf, err); ++ tmp_dir = get_tmp_dir(); ++ tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL); ++ ++ if (namebuf) ++ *namebuf = tmp_file; ++ ++ old_mask = ws_umask(0077); ++ fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0); ++ ws_umask(old_mask); ++ + g_free(filetmpl); + } + else { +diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h +index 70031b5419..72011e265a 100644 +--- a/wsutil/tempfile.h ++++ b/wsutil/tempfile.h +@@ -23,7 +23,7 @@ extern "C" { + + /** + * Create a tempfile with the given prefix (e.g. "wireshark"). The path +- * is created using g_file_open_tmp. ++ * is created using get_tmp_dir and mkstemp. + * + * @param tempdir [in] If not NULL, the directory in which to create the file. + * @param namebuf [in,out] If not NULL, receives the full path of the temp file. +diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c +new file mode 100644 +index 0000000000..9128d354ce +--- /dev/null ++++ b/wsutil/wstmpdir.c +@@ -0,0 +1,71 @@ ++/* wstmpdir.c ++ * ++ * Copyright (C) 2013 Red Hat, Inc. All right reserved. ++ * ++ * Temporary directory routine ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version 2 ++ * of the License, or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Author: Peter Hatina ++ */ ++ ++#include "config.h" ++ ++#include ++#include "wstmpdir.h" ++ ++/** ++ * Gets the directory to use for temporary files. ++ * ++ * Inspired by glib-2.0. If no TMP, TEMP or TMPDIR is set, ++ * /var/tmp is returned (Fedora specific). ++ * ++ * Returns: the directory to use for temporary files. ++ */ ++const char *get_tmp_dir(void) ++{ ++ static gchar *tmp_dir; ++ ++ if (g_once_init_enter(&tmp_dir)) { ++ gchar *tmp; ++ ++ tmp = g_strdup(g_getenv("TEMP")); ++ if (tmp == NULL || *tmp == '\0') { ++ g_free(tmp); ++ tmp = g_strdup(g_getenv("TMPDIR")); ++ } ++ ++#ifdef P_tmpdir ++ if (tmp == NULL || *tmp == '\0') { ++ gsize k; ++ g_free(tmp); ++ tmp = g_strdup(P_tmpdir); ++ k = strlen(tmp); ++ if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1])) ++ tmp[k - 1] = '\0'; ++ fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir); ++ } ++#endif /* P_tmpdir */ ++ ++ if (tmp == NULL || *tmp == '\0') { ++ g_free(tmp); ++ tmp = g_strdup("/var/tmp"); ++ } ++ ++ g_once_init_leave(&tmp_dir, tmp); ++ } ++ ++ return tmp_dir; ++} +diff --git a/wsutil/wstmpdir.h b/wsutil/wstmpdir.h +new file mode 100644 +index 0000000000..07ac5837ac +--- /dev/null ++++ b/wsutil/wstmpdir.h +@@ -0,0 +1,39 @@ ++/* wstmpdir.c ++ * ++ * Copyright (C) 2013 Red Hat, Inc. All right reserved. ++ * ++ * Temporary directory routine ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version 2 ++ * of the License, or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Author: Peter Hatina ++ */ ++ ++#ifndef __WS_TMP_DIR_H__ ++#define __WS_TMP_DIR_H__ ++ ++#include "ws_symbol_export.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif // __cplusplus ++ ++WS_DLL_PUBLIC const char *get_tmp_dir(void); ++ ++#ifdef __cplusplus ++} ++#endif // __cplusplus ++ ++#endif +-- +2.37.3 + diff --git a/SOURCES/wireshark-0007-cmakelists.patch b/SOURCES/wireshark-0007-cmakelists.patch new file mode 100644 index 0000000..18064e2 --- /dev/null +++ b/SOURCES/wireshark-0007-cmakelists.patch @@ -0,0 +1,20 @@ +diff --git a/wsutil/CMakeLists.txt b/wsutil/CMakeLists.txt +index a55086c..0149801 100644 +--- a/wsutil/CMakeLists.txt ++++ b/wsutil/CMakeLists.txt +@@ -80,6 +80,7 @@ set(WSUTIL_PUBLIC_HEADERS + ws_roundup.h + ws_strptime.h + wsgcrypt.h ++ wstmpdir.h + wsjson.h + wslog.h + xtea.h +@@ -135,6 +136,7 @@ set(WSUTIL_COMMON_FILES + ws_pipe.c + ws_strptime.c + wsgcrypt.c ++ wstmpdir.c + wsjson.c + wslog.c + xtea.c diff --git a/SOURCES/wireshark-0008-pkgconfig.patch b/SOURCES/wireshark-0008-pkgconfig.patch new file mode 100644 index 0000000..3ef90b0 --- /dev/null +++ b/SOURCES/wireshark-0008-pkgconfig.patch @@ -0,0 +1,14 @@ +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 27fa752..7bdc036 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -4037,9 +4037,6 @@ install( + "${CMAKE_BINARY_DIR}/wireshark.pc" + DESTINATION + ${CMAKE_INSTALL_LIBDIR}/pkgconfig +- COMPONENT +- "Development" +- EXCLUDE_FROM_ALL + ) + + install( diff --git a/SOURCES/wireshark-0009-sync-pipe-stderr-messages.patch b/SOURCES/wireshark-0009-sync-pipe-stderr-messages.patch new file mode 100644 index 0000000..e27f7d4 --- /dev/null +++ b/SOURCES/wireshark-0009-sync-pipe-stderr-messages.patch @@ -0,0 +1,612 @@ +From 4a454d8d626ade8804d2d492c796939d82b484b6 Mon Sep 17 00:00:00 2001 +From: John Thacker +Date: Thu, 28 Dec 2023 20:18:38 -0500 +Subject: [PATCH] dumpcap: Don't use fd 2 (stderr) for the sync pipe + +Don't use stderr for the sync pipe, because third party libraries +and functions sometimes pollute stderr with other information. + +Instead, pass the information necessary to dumpcap as a parameter +to the special capture child option -Z. + +On UN*X, that means passing the sync pipe write file descriptor, as +the child is created by fork + exec and shares the file descriptor table. + +On Windows, the child process does not share the file descriptor table, +but it does share the HANDLE value for inherited handles, so pass that +instead. (The HANDLE is a void* and technically 64 bit, but only the +lower 32 bits are used for inherited handles that can be shared + and it is permissible to truncate: +https://learn.microsoft.com/en-us/windows/win32/procthread/inheritance +https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication +https://learn.microsoft.com/en-us/windows/win32/WinProg64/rules-for-using-pointers +though perhaps in the future casting to an intptr_t makes more sense.) + +Move the special Windows named signal pipe to its own long option +instead of using the parameter from the capture child option. + +This means that we alter argv inside sync_pipe_open_command so change +the static functions and free argv there. Once glib 2.68 and later is +required a GStrvBuilder could be used instead. + +Fix #12222 +--- + capture/capture_sync.c | 105 ++++++++++++++++++++--------------------- + dumpcap.c | 85 +++++++++++++++++++++++---------- + 2 files changed, 112 insertions(+), 78 deletions(-) + +diff --git a/capture/capture_sync.c b/capture/capture_sync.c +index 5c70baa6dfb..aa29a0b7ff7 100644 +--- a/capture/capture_sync.c ++++ b/capture/capture_sync.c +@@ -115,14 +115,6 @@ static ssize_t pipe_read_block(GIOChannel *pipe_io, char *indicator, int len, ch + + static void (*fetch_dumpcap_pid)(ws_process_id) = NULL; + +-static void free_argv(char** argv, int argc) +-{ +- int i; +- for (i = 0; i < argc; i++) +- g_free(argv[i]); +- g_free(argv); +-} +- + void + capture_session_init(capture_session *cap_session, capture_file *cf, + new_file_fn new_file, new_packets_fn new_packets, +@@ -202,6 +194,8 @@ void capture_process_finished(capture_session *cap_session) + + /* Append an arg (realloc) to an argc/argv array */ + /* (add a string pointer to a NULL-terminated array of string pointers) */ ++/* XXX: For glib >= 2.68 we could use a GStrvBuilder. ++ */ + static char ** + sync_pipe_add_arg(char **args, int *argc, const char *arg) + { +@@ -277,12 +271,12 @@ pipe_io_cb(GIOChannel *pipe_io, GIOCondition condition _U_, void * user_data) + #define PIPE_BUF_SIZE 5120 + static int + #ifdef _WIN32 +-sync_pipe_open_command(char* const argv[], int *data_read_fd, ++sync_pipe_open_command(char **argv, int *data_read_fd, + GIOChannel **message_read_io, int *signal_write_fd, + ws_process_id *fork_child, GArray *ifaces, + char **msg, void(*update_cb)(void)) + #else +-sync_pipe_open_command(char* const argv[], int *data_read_fd, ++sync_pipe_open_command(char **argv, int *data_read_fd, + GIOChannel **message_read_io, int *signal_write_fd _U_, + ws_process_id *fork_child, GArray *ifaces _U_, + char **msg, void(*update_cb)(void)) +@@ -290,6 +284,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + { + enum PIPES { PIPE_READ, PIPE_WRITE }; /* Constants 0 and 1 for PIPE_READ and PIPE_WRITE */ + int message_read_fd = -1; ++ char sync_id[ARGV_NUMBER_LEN]; + #ifdef _WIN32 + HANDLE sync_pipe[2]; /* pipe used to send messages from child to parent */ + HANDLE data_pipe[2]; /* pipe used to send data from child to parent */ +@@ -320,6 +315,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + + if (!msg) { + /* We can't return anything */ ++ g_strfreev(argv); + #ifdef _WIN32 + g_string_free(args, true); + #endif +@@ -338,6 +334,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + /* Couldn't create the message pipe between parent and child. */ + *msg = ws_strdup_printf("Couldn't create sync pipe: %s", + win32strerror(GetLastError())); ++ g_strfreev(argv); + return -1; + } + +@@ -351,6 +348,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + message_read_fd = _open_osfhandle( (intptr_t) sync_pipe[PIPE_READ], _O_BINARY); + if (message_read_fd == -1) { + *msg = ws_strdup_printf("Couldn't get C file handle for message read pipe: %s", g_strerror(errno)); ++ g_strfreev(argv); + CloseHandle(sync_pipe[PIPE_READ]); + CloseHandle(sync_pipe[PIPE_WRITE]); + return -1; +@@ -363,6 +361,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + /* Couldn't create the message pipe between parent and child. */ + *msg = ws_strdup_printf("Couldn't create data pipe: %s", + win32strerror(GetLastError())); ++ g_strfreev(argv); + ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ + CloseHandle(sync_pipe[PIPE_WRITE]); + return -1; +@@ -378,6 +377,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + *data_read_fd = _open_osfhandle( (intptr_t) data_pipe[PIPE_READ], _O_BINARY); + if (*data_read_fd == -1) { + *msg = ws_strdup_printf("Couldn't get C file handle for data read pipe: %s", g_strerror(errno)); ++ g_strfreev(argv); + CloseHandle(data_pipe[PIPE_READ]); + CloseHandle(data_pipe[PIPE_WRITE]); + ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ +@@ -398,6 +398,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + /* Couldn't create the signal pipe between parent and child. */ + *msg = ws_strdup_printf("Couldn't create signal pipe: %s", + win32strerror(GetLastError())); ++ g_strfreev(argv); + ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ + CloseHandle(sync_pipe[PIPE_WRITE]); + return -1; +@@ -414,6 +415,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + if (signal_pipe_write_fd == -1) { + /* Couldn't create the pipe between parent and child. */ + *msg = ws_strdup_printf("Couldn't get C file handle for sync pipe: %s", g_strerror(errno)); ++ g_strfreev(argv); + ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ + CloseHandle(sync_pipe[PIPE_WRITE]); + CloseHandle(signal_pipe); +@@ -439,7 +441,25 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + si.hStdInput = NULL; /* handle for named pipe*/ + si.hStdOutput = data_pipe[PIPE_WRITE]; + } +- si.hStdError = sync_pipe[PIPE_WRITE]; ++ si.hStdError = GetStdHandle(STD_ERROR_HANDLE); ++ ++ /* On Windows, "[a]n inherited handle refers to the same object in the child ++ * process as it does in the parent process. It also has the same value." ++ * https://learn.microsoft.com/en-us/windows/win32/procthread/inheritance ++ * When converted to a file descriptor (via _open_osfhandle), the fd ++ * value is not necessarily the same in the two processes, but the handle ++ * value can be shared. ++ * A HANDLE is a void* though "64-bit versions of Windows use 32-bit handles ++ * for interoperability... only the lower 32 bits are significant, so it is ++ * safe to truncate the handle... or sign-extend the handle" ++ * https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication ++ * So it should be fine to call PtrToLong instead of casting to intptr_t. ++ * https://learn.microsoft.com/en-us/windows/win32/WinProg64/rules-for-using-pointers ++ */ ++ int argc = g_strv_length(argv); ++ argv = sync_pipe_add_arg(argv, &argc, "-Z"); ++ snprintf(sync_id, ARGV_NUMBER_LEN, "%ld", PtrToLong(sync_pipe[PIPE_WRITE])); ++ argv = sync_pipe_add_arg(argv, &argc, sync_id); + #endif + + if (ifaces) { +@@ -458,7 +478,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + if (si.hStdOutput && (si.hStdOutput != si.hStdInput)) { + handles[i_handles++] = si.hStdOutput; + } +- handles[i_handles++] = si.hStdError; ++ handles[i_handles++] = sync_pipe[PIPE_WRITE]; + if (ifaces) { + for (j = 0; j < ifaces->len; j++) { + interface_opts = &g_array_index(ifaces, interface_options, j); +@@ -491,6 +511,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + } + ws_close(message_read_fd); /* Should close sync_pipe[PIPE_READ] */ + CloseHandle(sync_pipe[PIPE_WRITE]); ++ g_strfreev(argv); + g_string_free(args, true); + g_free(handles); + return -1; +@@ -498,6 +519,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + *fork_child = pi.hProcess; + /* We may need to store this and close it later */ + CloseHandle(pi.hThread); ++ g_strfreev(argv); + g_string_free(args, true); + g_free(handles); + +@@ -509,6 +531,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + if (pipe(sync_pipe) < 0) { + /* Couldn't create the message pipe between parent and child. */ + *msg = ws_strdup_printf("Couldn't create sync pipe: %s", g_strerror(errno)); ++ g_strfreev(argv); + return -1; + } + +@@ -517,6 +540,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + if (pipe(data_pipe) < 0) { + /* Couldn't create the data pipe between parent and child. */ + *msg = ws_strdup_printf("Couldn't create data pipe: %s", g_strerror(errno)); ++ g_strfreev(argv); + ws_close(sync_pipe[PIPE_READ]); + ws_close(sync_pipe[PIPE_WRITE]); + return -1; +@@ -533,11 +557,16 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + ws_close(data_pipe[PIPE_READ]); + ws_close(data_pipe[PIPE_WRITE]); + } +- dup2(sync_pipe[PIPE_WRITE], 2); + ws_close(sync_pipe[PIPE_READ]); +- ws_close(sync_pipe[PIPE_WRITE]); ++ /* dumpcap should be running in capture child mode (hidden feature) */ ++#ifndef DEBUG_CHILD ++ int argc = g_strv_length(argv); ++ argv = sync_pipe_add_arg(argv, &argc, "-Z"); ++ snprintf(sync_id, ARGV_NUMBER_LEN, "%d", sync_pipe[PIPE_WRITE]); ++ argv = sync_pipe_add_arg(argv, &argc, sync_id); ++#endif + execv(argv[0], argv); +- sync_pipe_write_int_msg(2, SP_EXEC_FAILED, errno); ++ sync_pipe_write_int_msg(sync_pipe[PIPE_WRITE], SP_EXEC_FAILED, errno); + + /* Exit with "_exit()", so that we don't close the connection + to the X server (and cause stuff buffered up by our parent but +@@ -549,6 +578,8 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + _exit(1); + } + ++ g_strfreev(argv); ++ + if (fetch_dumpcap_pid && *fork_child > 0) + fetch_dumpcap_pid(*fork_child); + +@@ -556,6 +587,7 @@ sync_pipe_open_command(char* const argv[], int *data_read_fd, + *data_read_fd = data_pipe[PIPE_READ]; + } + message_read_fd = sync_pipe[PIPE_READ]; ++ + #endif + + /* Parent process - read messages from the child process over the +@@ -863,14 +895,12 @@ sync_pipe_start(capture_options *capture_opts, GPtrArray *capture_comments, + } + } + +- /* dumpcap should be running in capture child mode (hidden feature) */ + #ifndef DEBUG_CHILD +- argv = sync_pipe_add_arg(argv, &argc, "-Z"); + #ifdef _WIN32 ++ /* pass process id to dumpcap for named signal pipe */ ++ argv = sync_pipe_add_arg(argv, &argc, "--signal-pipe"); + snprintf(control_id, ARGV_NUMBER_LEN, "%ld", GetCurrentProcessId()); + argv = sync_pipe_add_arg(argv, &argc, control_id); +-#else +- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); + #endif + #endif + +@@ -899,13 +929,11 @@ sync_pipe_start(capture_options *capture_opts, GPtrArray *capture_comments, + if (ret == -1) { + report_failure("%s", msg); + g_free(msg); +- free_argv(argv, argc); + return false; + } + + /* Parent process - read messages from the child process over the + sync pipe. */ +- free_argv(argv, argc); + + cap_session->fork_child_status = 0; + cap_session->cap_data_info = cap_data; +@@ -964,7 +992,7 @@ sync_pipe_close_command(int *data_read_fd, GIOChannel *message_read_io, + /* XXX - assumes PIPE_BUF_SIZE > SP_MAX_MSG_LEN */ + #define PIPE_BUF_SIZE 5120 + static int +-sync_pipe_run_command_actual(char* const argv[], char **data, char **primary_msg, ++sync_pipe_run_command_actual(char **argv, char **data, char **primary_msg, + char **secondary_msg, void(*update_cb)(void)) + { + char *msg; +@@ -1176,7 +1204,7 @@ sync_pipe_run_command_actual(char* const argv[], char **data, char **primary_msg + * redirects to sync_pipe_run_command_actual() + */ + static int +-sync_pipe_run_command(char* const argv[], char **data, char **primary_msg, ++sync_pipe_run_command(char **argv, char **data, char **primary_msg, + char **secondary_msg, void (*update_cb)(void)) + { + int ret, i; +@@ -1241,22 +1269,14 @@ sync_interface_set_80211_chan(const char *iface, const char *freq, const char *t + *primary_msg = g_strdup("Out of mem."); + *secondary_msg = NULL; + *data = NULL; +- free_argv(argv, argc); + return -1; + } + + argv = sync_pipe_add_arg(argv, &argc, "-k"); + argv = sync_pipe_add_arg(argv, &argc, opt); + +-#ifndef DEBUG_CHILD +- /* Run dumpcap in capture child mode */ +- argv = sync_pipe_add_arg(argv, &argc, "-Z"); +- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); +-#endif +- + ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb); + g_free(opt); +- free_argv(argv, argc); + return ret; + } + +@@ -1294,13 +1314,7 @@ sync_interface_list_open(char **data, char **primary_msg, + /* Ask for the interface list */ + argv = sync_pipe_add_arg(argv, &argc, "-D"); + +-#ifndef DEBUG_CHILD +- /* Run dumpcap in capture child mode */ +- argv = sync_pipe_add_arg(argv, &argc, "-Z"); +- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); +-#endif + ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb); +- free_argv(argv, argc); + return ret; + } + +@@ -1348,13 +1362,7 @@ sync_if_capabilities_open(const char *ifname, bool monitor_mode, const char* aut + argv = sync_pipe_add_arg(argv, &argc, auth); + } + +-#ifndef DEBUG_CHILD +- /* Run dumpcap in capture child mode */ +- argv = sync_pipe_add_arg(argv, &argc, "-Z"); +- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); +-#endif + ret = sync_pipe_run_command(argv, data, primary_msg, secondary_msg, update_cb); +- free_argv(argv, argc); + return ret; + } + +@@ -1449,20 +1451,17 @@ sync_interface_stats_open(int *data_read_fd, ws_process_id *fork_child, char **d + argv = sync_pipe_add_arg(argv, &argc, "-S"); + + #ifndef DEBUG_CHILD +- argv = sync_pipe_add_arg(argv, &argc, "-Z"); + #ifdef _WIN32 ++ argv = sync_pipe_add_arg(argv, &argc, "--signal-pipe"); + ret = create_dummy_signal_pipe(msg); + if (ret == -1) { + return -1; + } + argv = sync_pipe_add_arg(argv, &argc, dummy_control_id); +-#else +- argv = sync_pipe_add_arg(argv, &argc, SIGNAL_PIPE_CTRL_ID_NONE); + #endif + #endif + ret = sync_pipe_open_command(argv, data_read_fd, &message_read_io, NULL, + fork_child, NULL, msg, update_cb); +- free_argv(argv, argc); + if (ret == -1) { + return -1; + } +diff --git a/dumpcap.c b/dumpcap.c +index b5a5423..533aa96 100644 +--- a/dumpcap.c ++++ b/dumpcap.c +@@ -130,6 +130,7 @@ static gchar *sig_pipe_name = NULL; + static HANDLE sig_pipe_handle = NULL; + static gboolean signal_pipe_check_running(void); + #endif ++static int sync_pipe_fd = 2; + + #ifdef ENABLE_ASAN + /* This has public visibility so that if compiled with shared libasan (the +@@ -562,7 +563,7 @@ dumpcap_cmdarg_err(const char *fmt, va_list ap) + gchar *msg; + /* Generate a 'special format' message back to parent */ + msg = ws_strdup_vprintf(fmt, ap); +- sync_pipe_write_errmsgs_to_parent(2, msg, ""); ++ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); + g_free(msg); + } else { + fprintf(stderr, "dumpcap: "); +@@ -582,7 +583,7 @@ dumpcap_cmdarg_err_cont(const char *fmt, va_list ap) + if (capture_child) { + gchar *msg; + msg = ws_strdup_vprintf(fmt, ap); +- sync_pipe_write_errmsgs_to_parent(2, msg, ""); ++ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); + g_free(msg); + } else { + vfprintf(stderr, fmt, ap); +@@ -1007,7 +1008,7 @@ show_filter_code(capture_options *capture_opts) + #endif + if (capture_child) { + /* Let our parent know we succeeded. */ +- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); + } + return TRUE; + } +@@ -1029,7 +1030,7 @@ print_machine_readable_interfaces(GList *if_list) + + if (capture_child) { + /* Let our parent know we succeeded. */ +- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); + } + + i = 1; /* Interface id number */ +@@ -1096,7 +1097,7 @@ print_machine_readable_if_capabilities(if_capabilities_t *caps, int queries) + + if (capture_child) { + /* Let our parent know we succeeded. */ +- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); + } + + if (queries & CAPS_QUERY_LINK_TYPES) { +@@ -1197,7 +1198,7 @@ print_statistics_loop(gboolean machine_readable) + + if (capture_child) { + /* Let our parent know we succeeded. */ +- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); + } + + if (!machine_readable) { +@@ -4985,7 +4986,7 @@ capture_loop_write_pcapng_cb(capture_src *pcap_src, const pcapng_block_header_t + ws_info("Sending SP_FILE on first SHB"); + #endif + /* SHB is now ready for capture parent to read on SP_FILE message */ +- sync_pipe_write_string_msg(2, SP_FILE, report_capture_filename); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_FILE, report_capture_filename); + report_capture_filename = NULL; + } + } +@@ -5214,7 +5215,7 @@ set_80211_channel(const char *iface, const char *opt) + } + + if (capture_child) +- sync_pipe_write_string_msg(2, SP_SUCCESS, NULL); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_SUCCESS, NULL); + + out: + g_strfreev(options); +@@ -5238,6 +5239,9 @@ gather_dumpcap_runtime_info(feature_list l) + #define LONGOPT_IFNAME LONGOPT_BASE_APPLICATION+1 + #define LONGOPT_IFDESCR LONGOPT_BASE_APPLICATION+2 + #define LONGOPT_CAPTURE_COMMENT LONGOPT_BASE_APPLICATION+3 ++#ifdef _WIN32 ++#define LONGOPT_SIGNAL_PIPE LONGOPT_BASE_APPLICATION+4 ++#endif + + /* And now our feature presentation... [ fade to music ] */ + int +@@ -5252,6 +5256,9 @@ main(int argc, char *argv[]) + {"ifname", ws_required_argument, NULL, LONGOPT_IFNAME}, + {"ifdescr", ws_required_argument, NULL, LONGOPT_IFDESCR}, + {"capture-comment", ws_required_argument, NULL, LONGOPT_CAPTURE_COMMENT}, ++#ifdef _WIN32 ++ {"signal-pipe", ws_required_argument, NULL, LONGOPT_SIGNAL_PIPE}, ++#endif + {0, 0, 0, 0 } + }; + +@@ -5308,10 +5315,31 @@ main(int argc, char *argv[]) + if (strcmp("-Z", argv[i]) == 0) { + capture_child = TRUE; + machine_readable = TRUE; /* request machine-readable output */ ++ i++; ++ if (i >= argc) { ++ exit_main(1); ++ } ++ ++ if (strcmp(argv[i], SIGNAL_PIPE_CTRL_ID_NONE) != 0) { ++ // get_positive_int calls cmdarg_err ++ if (!ws_strtoi(argv[i], NULL, &sync_pipe_fd) || sync_pipe_fd <= 0) { ++ exit_main(1); ++ } + #ifdef _WIN32 +- /* set output pipe to binary mode, to avoid ugly text conversions */ +- _setmode(2, O_BINARY); ++ /* On UN*X the fd is the same when we fork + exec. ++ * On Windows the HANDLE value is the same for inherited ++ * handles in the child process and the parent, although ++ * not necessarily the fd value from _open_osfhandle. ++ * https://learn.microsoft.com/en-us/windows/win32/procthread/inheritance ++ * Also, "64-bit versions of Windows use 32-bit handles for ++ * interoperability... only the lower 32 bits are significant, ++ * so it is safe to truncate... or sign-extend the handle." ++ * https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication ++ */ ++ /* set output pipe to binary mode, avoid ugly text conversions */ ++ sync_pipe_fd = _open_osfhandle( (intptr_t) sync_pipe_fd, _O_BINARY); + #endif ++ } + } + } + +@@ -5628,9 +5656,17 @@ main(int argc, char *argv[]) + break; + case 'Z': + capture_child = TRUE; ++ /* ++ * Handled above ++ */ ++ break; + #ifdef _WIN32 +- /* set output pipe to binary mode, to avoid ugly text conversions */ +- _setmode(2, O_BINARY); ++ case LONGOPT_SIGNAL_PIPE: ++ if (!capture_child) { ++ /* We have already checked for -Z at the very beginning. */ ++ cmdarg_err("--signal-pipe may only be specified with -Z"); ++ exit_main(1); ++ } + /* + * ws_optarg = the control ID, aka the PPID, currently used for the + * signal pipe name. +@@ -5646,9 +5682,8 @@ main(int argc, char *argv[]) + exit_main(1); + } + } +-#endif + break; +- ++#endif + case 'q': /* Quiet */ + quiet = TRUE; + break; +@@ -5885,7 +5920,7 @@ main(int argc, char *argv[]) + char *error_msg = ws_strdup_printf("The capabilities of the capture device " + "\"%s\" could not be obtained (%s)", + interface_opts->name, open_status_str); +- sync_pipe_write_errmsgs_to_parent(2, error_msg, ++ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, error_msg, + get_pcap_failure_secondary_error_message(open_status, open_status_str)); + g_free(error_msg); + } +@@ -6032,7 +6067,7 @@ dumpcap_log_writer(const char *domain, enum ws_log_level level, + #endif + if (capture_child) { + gchar *msg = ws_strdup_vprintf(user_format, user_ap); +- sync_pipe_write_errmsgs_to_parent(2, msg, ""); ++ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); + g_free(msg); + } else { + ws_log_console_writer(domain, level, file, line, func, mft, user_format, user_ap); +@@ -6052,7 +6087,7 @@ dumpcap_log_writer(const char *domain, enum ws_log_level level, + /* to parent especially formatted if dumpcap running as child. */ + if (capture_child) { + gchar *msg = ws_strdup_vprintf(user_format, user_ap); +- sync_pipe_write_errmsgs_to_parent(2, msg, ""); ++ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, msg, ""); + g_free(msg); + } else if(ws_log_msg_is_active(domain, level)) { + ws_log_console_writer(domain, level, file, line, func, mft, user_format, user_ap); +@@ -6071,7 +6106,7 @@ report_packet_count(unsigned int packet_count) + + if (capture_child) { + ws_debug("Packets: %u", packet_count); +- sync_pipe_write_uint_msg(2, SP_PACKET_COUNT, packet_count); ++ sync_pipe_write_uint_msg(sync_pipe_fd, SP_PACKET_COUNT, packet_count); + } else { + count += packet_count; + fprintf(stderr, "\rPackets: %u ", count); +@@ -6092,7 +6127,7 @@ report_new_capture_file(const char *filename) + #endif + report_capture_filename = filename; + } else { +- sync_pipe_write_string_msg(2, SP_FILE, filename); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_FILE, filename); + } + } else { + #ifdef SIGINFO +@@ -6132,7 +6167,7 @@ report_cfilter_error(capture_options *capture_opts, guint i, const char *errmsg) + if (capture_child) { + snprintf(tmp, sizeof(tmp), "%u:%s", i, errmsg); + ws_debug("Capture filter error: %s", errmsg); +- sync_pipe_write_string_msg(2, SP_BAD_FILTER, tmp); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_BAD_FILTER, tmp); + } else { + /* + * clopts_step_invalid_capfilter in test/suite-clopts.sh MUST match +@@ -6155,7 +6190,7 @@ report_capture_error(const char *error_msg, const char *secondary_error_msg) + if (capture_child) { + ws_debug("Primary Error: %s", error_msg); + ws_debug("Secondary Error: %s", secondary_error_msg); +- sync_pipe_write_errmsgs_to_parent(2, error_msg, secondary_error_msg); ++ sync_pipe_write_errmsgs_to_parent(sync_pipe_fd, error_msg, secondary_error_msg); + } else { + cmdarg_err("%s", error_msg); + if (secondary_error_msg[0] != '\0') +@@ -6173,7 +6208,7 @@ report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32 + + ws_debug("Packets received/dropped on interface '%s': %u/%u (pcap:%u/dumpcap:%u/flushed:%u/ps_ifdrop:%u)", + name, received, total_drops, pcap_drops, drops, flushed, ps_ifdrop); +- sync_pipe_write_string_msg(2, SP_DROPS, tmp); ++ sync_pipe_write_string_msg(sync_pipe_fd, SP_DROPS, tmp); + g_free(tmp); + } else { + fprintf(stderr, diff --git a/SOURCES/wireshark.sysusers b/SOURCES/wireshark.sysusers new file mode 100644 index 0000000..b035d11 --- /dev/null +++ b/SOURCES/wireshark.sysusers @@ -0,0 +1,2 @@ +g wireshark - - +g usbmon - - diff --git a/SPECS/wireshark.spec b/SPECS/wireshark.spec new file mode 100644 index 0000000..2945ca5 --- /dev/null +++ b/SPECS/wireshark.spec @@ -0,0 +1,1380 @@ +%undefine __cmake_in_source_build +%global with_lua 1 +%global with_maxminddb 1 +%global plugins_version 4.2 + +Summary: Network traffic analyzer +Name: wireshark +Version: 4.2.6 +Release: 1%{?dist} +Epoch: 1 +License: BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause AND MIT AND GPL-2.0-or-later AND LGPL-2.0-or-later AND Zlib AND ISC AND (BSD-3-Clause OR GPL-2.0-only) AND (GPL-2.0-or-later AND Zlib) +Url: http://www.wireshark.org/ + +Source0: https://wireshark.org/download/src/%{name}-%{version}.tar.xz +Source1: https://www.wireshark.org/download/src/all-versions/SIGNATURES-%{version}.txt +Source2: 90-wireshark-usbmon.rules +Source3: wireshark.sysusers + +# Fedora-specific +Patch2: wireshark-0002-Customize-permission-denied-error.patch +# Will be proposed upstream +Patch3: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch +# Fedora-specific +Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch +# Fedora-specific +Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch +# Fedora-specific +Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch +Patch7: wireshark-0007-cmakelists.patch +Patch8: wireshark-0008-pkgconfig.patch +Patch9: wireshark-0009-sync-pipe-stderr-messages.patch + +#install tshark together with wireshark GUI +Requires: %{name}-cli = %{epoch}:%{version}-%{release} + +Requires: xdg-utils +Requires: hicolor-icon-theme + +%if %{with_maxminddb} && 0%{?fedora} +Requires: libmaxminddb +%endif + +BuildRequires: bzip2-devel +BuildRequires: c-ares-devel +BuildRequires: elfutils-devel +BuildRequires: gcc-c++ +BuildRequires: glib2-devel +BuildRequires: gnutls-devel +BuildRequires: krb5-devel +BuildRequires: libcap-devel +BuildRequires: libgcrypt-devel +BuildRequires: libnl3-devel +BuildRequires: libpcap-devel >= 0.9 +BuildRequires: libselinux-devel +BuildRequires: libsmi-devel +BuildRequires: openssl-devel +BuildRequires: desktop-file-utils +BuildRequires: xdg-utils +BuildRequires: bison +BuildRequires: flex +BuildRequires: perl(Pod::Html) +BuildRequires: perl(Pod::Man) +BuildRequires: perl(open) +BuildRequires: pcre2-devel +Buildrequires: libssh-devel +BuildRequires: qt6-qttools-devel +BuildRequires: qt6-linguist +BuildRequires: qt6-qtbase-devel +BuildRequires: qt6-qt5compat-devel +BuildRequires: qt6-qtmultimedia-devel +BuildRequires: qt6-qtsvg-devel +BuildRequires: zlib-devel +BuildRequires: asciidoctor +%if %{with_maxminddb} && 0%{?fedora} +BuildRequires: libmaxminddb-devel +%endif +%if %{with_lua} && 0%{?fedora} +BuildRequires: compat-lua-devel +%endif +Buildrequires: git-core +Buildrequires: python3-devel +Buildrequires: cmake +Buildrequires: speexdsp-devel +#needed for sdjournal external capture interface +BuildRequires: systemd-devel +BuildRequires: libnghttp2-devel +BuildRequires: systemd-rpm-macros + + +%description +Wireshark allows you to examine protocol data stored in files or as it is +captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, +and many other sources. It supports dozens of protocol capture file formats +and understands more than a thousand protocols. + +It has many powerful features including a rich display filter language +and the ability to reassemble multiple protocol packets in order to, for +example, view a complete TCP stream, save the contents of a file which was +transferred over HTTP or CIFS, or play back an RTP audio stream. + +%package cli +Summary: Network traffic analyzer +Requires(pre): shadow-utils + +%description cli +This package contains command-line utilities, plugins, and documentation for +Wireshark. + +%package devel +Summary: Development headers and libraries for wireshark +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: %{name}-cli = %{epoch}:%{version}-%{release} +Requires: glibc-devel +Requires: glib2-devel + +%description devel +The wireshark-devel package contains the header files, developer +documentation, and libraries required for development of wireshark scripts +and plugins. + + +%prep +%autosetup -S git + +%build +%cmake -G "Unix Makefiles" \ + -DDISABLE_WERROR=ON \ + -DBUILD_wireshark=ON \ +%if %{with_lua} && 0%{?fedora} + -DENABLE_LUA=ON \ +%else + -DENABLE_LUA=OFF \ +%endif +%if %{with_maxminddb} && 0%{?fedora} + -DBUILD_mmdbresolve=ON \ +%else + -DBUILD_mmdbresolve=OFF \ +%endif + -DBUILD_randpktdump=OFF \ + -DBUILD_androiddump=ON \ + -DENABLE_SMI=ON \ + -DUSE_qt6=ON \ + -DENABLE_PLUGINS=ON \ + -DENABLE_NETLINK=ON \ + -DBUILD_dcerpcidl2wrs=OFF \ + -DBUILD_sdjournal=ON + +%cmake_build + +%install +%cmake_install + +desktop-file-validate %{buildroot}%{_datadir}/applications/org.wireshark.Wireshark.desktop + +#install devel files (inspired by debian/wireshark-dev.header-files) +install -d -m 0755 %{buildroot}%{_includedir}/wireshark +IDIR="%{buildroot}%{_includedir}/wireshark" +mkdir -p "${IDIR}/epan" +mkdir -p "${IDIR}/epan/crypt" +mkdir -p "${IDIR}/epan/ftypes" +mkdir -p "${IDIR}/epan/dfilter" +mkdir -p "${IDIR}/epan/dissectors" +mkdir -p "${IDIR}/wiretap" +mkdir -p "${IDIR}/wsutil" +mkdir -p "${IDIR}/wsutil/wmem" +mkdir -p %{buildroot}%{_udevrulesdir} +install -m 644 %{_vpath_builddir}/config.h epan/register.h "${IDIR}/" +install -m 644 %{_vpath_builddir}/ws_version.h "${IDIR}/" +install -m 644 cfile.h file.h "${IDIR}/" +install -m 644 epan/*.h "${IDIR}/epan/" +install -m 644 epan/crypt/*.h "${IDIR}/epan/crypt" +install -m 644 epan/ftypes/*.h "${IDIR}/epan/ftypes" +install -m 644 epan/dfilter/*.h "${IDIR}/epan/dfilter" +install -m 644 epan/dissectors/*.h "${IDIR}/epan/dissectors" +install -m 644 wiretap/*.h "${IDIR}/wiretap" +install -m 644 wsutil/*.h "${IDIR}/wsutil" +install -m 644 wsutil/wmem/*.h "${IDIR}/wsutil/wmem" +install -m 644 include/*.h "${IDIR}/" +install -m 644 %{SOURCE2} %{buildroot}%{_udevrulesdir} +install -Dpm 644 %{SOURCE3} %{buildroot}%{_sysusersdir}/%{name}.conf + +touch %{buildroot}%{_bindir}/%{name} + +# Remove libtool archives and static libs +find %{buildroot} -type f -name "*.la" -delete + +%pre cli +%sysusers_create_compat %{SOURCE3} + +%post cli +%{?ldconfig} +# skip triggering if udevd isn't even accessible, e.g. containers or +# rpm-ostree-based systems +if [ -S /run/udev/control ]; then + /usr/bin/udevadm trigger --subsystem-match=usbmon +fi + +%ldconfig_postun cli + +%files +%{_datadir}/applications/org.wireshark.Wireshark.desktop +%{_datadir}/metainfo/*.xml +%{_datadir}/mime/packages/*.xml +%{_datadir}/icons/hicolor/*/apps/* +%{_datadir}/icons/hicolor/*/mimetypes/* +%{_bindir}/wireshark +%{_mandir}/man1/wireshark.* + +%files cli +%license COPYING +%doc AUTHORS INSTALL NEWS README* +%{_bindir}/capinfos +%{_bindir}/captype +%{_bindir}/editcap +%{_bindir}/mergecap +%{_bindir}/randpkt +%{_bindir}/reordercap +%{_bindir}/sharkd +%{_bindir}/text2pcap +%{_bindir}/tshark +%if %{with_maxminddb} && 0%{?fedora} +%{_bindir}/mmdbresolve +%endif +%attr(0750, root, wireshark) %caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap +%{_bindir}/rawshark +%{_udevrulesdir}/90-wireshark-usbmon.rules +%{_libdir}/lib*.so.* +%dir %{_libdir}/wireshark +%dir %{_libdir}/wireshark/extcap +%dir %{_libdir}/wireshark/plugins +%{_libdir}/wireshark/extcap/ciscodump +%{_libdir}/wireshark/extcap/udpdump +%{_libdir}/wireshark/extcap/wifidump +%{_libdir}/wireshark/extcap/sshdump +%{_libdir}/wireshark/extcap/sdjournal +%{_libdir}/wireshark/extcap/dpauxmon +%{_libdir}/wireshark/extcap/androiddump +#the version wireshark uses to store plugins is only x.y, not .z +%dir %{_libdir}/wireshark/plugins/%{plugins_version} +%dir %{_libdir}/wireshark/plugins/%{plugins_version}/epan +%dir %{_libdir}/wireshark/plugins/%{plugins_version}/wiretap +%dir %{_libdir}/wireshark/plugins/%{plugins_version}/codecs +%{_libdir}/wireshark/plugins/%{plugins_version}/epan/*.so +%{_libdir}/wireshark/plugins/%{plugins_version}/wiretap/*.so +%{_libdir}/wireshark/plugins/%{plugins_version}/codecs/*.so +%{_mandir}/man1/editcap.* +%{_mandir}/man1/tshark.* +%{_mandir}/man1/mergecap.* +%{_mandir}/man1/text2pcap.* +%{_mandir}/man1/capinfos.* +%{_mandir}/man1/dumpcap.* +%{_mandir}/man4/wireshark-filter.* +%{_mandir}/man1/rawshark.* +%{_mandir}/man1/randpkt.* +%{_mandir}/man1/reordercap.* +%{_mandir}/man1/sshdump.* +%{_mandir}/man1/udpdump.* +%{_mandir}/man1/wifidump.* +%{_mandir}/man1/androiddump.* +%{_mandir}/man1/captype.* +%{_mandir}/man1/ciscodump.* +%{_mandir}/man1/randpktdump.* +%{_mandir}/man1/dpauxmon.* +%{_mandir}/man1/sdjournal.* +%{_mandir}/man1/etwdump.* +%{_mandir}/man1/falcodump.* +%{_mandir}/man4/extcap.* +%{_datadir}/doc/wireshark/* + +%if %{with_maxminddb} && 0%{?fedora} +%{_mandir}/man1/mmdbresolve.* +%endif +%dir %{_datadir}/wireshark +%{_datadir}/wireshark/* +%{_sysusersdir}/%{name}.conf + +%files devel +%doc doc/README.* ChangeLog +%{_includedir}/wireshark +%{_libdir}/lib*.so +%{_libdir}/pkgconfig/%{name}.pc + +%changelog +* Thu Aug 22 2024 Michal Ruprich - 1:4.2.6-1 +- New version 4.2.6 + +* Mon Jul 29 2024 Michal Ruprich - 1:4.2.5-3 +- Resolves: RHEL-49578 - Wireshark hangs if dumpcap returned unexpected messages in sync pipe + +* Mon Jun 24 2024 Troy Dawson - 1:4.2.5-2 +- Bump release for June 2024 mass rebuild + +* Thu May 30 2024 Michal Ruprich - 1:4.2.5-1 +- New version 4.2.5 + +* Fri Apr 12 2024 Michal Ruprich - 1:4.2.4-1 +- New version 4.2.4 + +* Sun Feb 18 2024 Yaakov Selkowitz - 1:4.2.2-3 +- Install more devel headers + +* Sun Feb 11 2024 Michal Ruprich - 1:4.2.2-2 +- Making sure that wireshark.pc is created and installed + +* Thu Feb 01 2024 Michal Ruprich - 1:4.2.2-1 +- New version 4.2.2 + +* Sat Jan 27 2024 Fedora Release Engineering - 1:4.0.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Aug 31 2023 Michal Ruprich - 1:4.0.8-2 +- Resolves: #2236246 - wireshark crash in managed interfaces + +* Tue Aug 29 2023 Michal Ruprich - 1:4.0.8-1 +- New version 4.0.8 +- Resolves: #2235577 - possible Denial of Service via crafted package + +* Fri Jul 28 2023 Michal Ruprich - 1:4.0.7-3 +- Resolves: #2227004 - capinfos aborts in FIPS + +* Sat Jul 22 2023 Fedora Release Engineering - 1:4.0.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jul 14 2023 Michal Ruprich - 1:4.0.7-1 +- New version 4.0.7 + +* Thu May 25 2023 Michal Ruprich - 1:4.0.6-1 +- New version 4.0.6 + +* Thu Apr 13 2023 Michal Ruprich - 1:4.0.5-1 +- New version 4.0.5 +- Fix for bug #2159392 + +* Wed Mar 22 2023 Michal Ruprich - 1:4.0.4-2 +- SPDX migration + +* Tue Mar 07 2023 Michal Ruprich - 1:4.0.4-1 +- New version 4.0.4 + +* Thu Feb 02 2023 Michal Ruprich - 1:4.0.3-1 +- New version 4.0.3 + +* Sat Jan 21 2023 Fedora Release Engineering - 1:4.0.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Dec 08 2022 Michal Ruprich - 1:4.0.2-1 +- New version 4.0.2 + +* Thu Oct 27 2022 Michal Ruprich - 1:4.0.1-1 +- New version 4.0.1 +- Only compat-lua is supported, on Fedora only + +* Fri Oct 14 2022 Michal Ruprich - 1:4.0.0-2 +- Adding a couple of tweaks for the latest rebased version + +* Thu Oct 06 2022 Kenneth Topp - 1:4.0.0-1 +- New version 4.0.0 + +* Thu Sep 29 2022 Michal Ruprich - 1:3.6.8-2 +- New version 3.6.8 +- Fix for CVE-2022-3190 + +* Mon Aug 01 2022 Davide Cavalca - 1:3.6.7-2 +- Drop gating for python3-devel dependency + +* Thu Jul 28 2022 Michal Ruprich - 1:3.6.7-1 +- New version 3.6.7 + +* Sat Jul 23 2022 Fedora Release Engineering - 1:3.6.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Feb 16 2022 Michal Ruprich - 1:3.6.2-1 +- New version 3.6.2 +- Fix for CVE-2022-0581, CVE-2022-0582, CVE-2022-0583, CVE-2022-0585, CVE-2022-0586 + +* Sat Jan 22 2022 Fedora Release Engineering - 1:3.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Jan 12 2022 Michal Ruprich - 1:3.6.1-1 +- New version 3.6.1 +- Fix for CVE-2021-4181, CVE-2021-4182, CVE-2021-4183, CVE-2021-4184, CVE-2021-4185, CVE-2021-4190 + +* Thu Nov 25 2021 Michal Ruprich - 1:3.6.0-1 +- New version 3.6.0 +- Fix for CVE-2021-39920, CVE-2021-39921, CVE-2021-39922, CVE-2021-39923, CVE-2021-39924, CVE-2021-39925, CVE-2021-39926, CVE-2021-39928, CVE-2021-39929 + +* Wed Oct 13 2021 Michal Ruprich - 1:3.4.9-2 +- New version 3.4.9 + +* Mon Sep 06 2021 Timothée Ravier - 1:3.4.8-2 +- Use system sysusers config to create groups + +* Tue Aug 31 2021 Michal Ruprich - 1:3.4.8-1 +- New version 3.4.8 + +* Fri Jul 23 2021 Fedora Release Engineering - 1:3.4.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Thu Jul 15 2021 Michal Ruprich - 1:3.4.7-1 +- New version 3.4.7 + +* Thu Jun 10 2021 Michal Ruprich - 1:3.4.6-1 +- New version 3.4.6 +- Fix for CVE-2021-22207 + +* Thu May 27 2021 Michal Ruprich - 1:3.4.5-1 +- New version 3.4.5 +- Fix for CVE-2021-22207 + +* Tue Mar 16 2021 Michal Ruprich - 1:3.4.4-1 +- New version 3.4.4 +- Fix for CVE-2021-22191 + +* Tue Feb 23 2021 Michal Ruprich - 1:3.4.3-3 +- Adding more commits to make SMC complete + +* Mon Feb 22 2021 Michal Ruprich - 1:3.4.3-2 +- Adding SMC-R, SMC-D and SMC-D v2 + +* Tue Feb 16 2021 Michal Ruprich - 1:3.4.3-1 +- New version 3.4.3 +- Fix for CVE-2021-22173, CVE-2021-22174 + +* Fri Jan 29 2021 Michal Ruprich - 1:3.4.2-1 +- New version 3.4.2 +- Fix for CVE-2020-26418, CVE-2020-26419, CVE-2020-26420, CVE-2020-26421 + +* Wed Jan 27 2021 Fedora Release Engineering - 1:3.4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Dec 02 2020 Michal Ruprich - 1:3.4.0-1 +- New version 3.4.0 +- Fix for CVE-2020-26575, CVE-2020-28030 + +* Fri Oct 09 2020 Michal Ruprich - 1:3.2.7-1 +- New version 3.2.7 +- Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866 + +* Thu Sep 10 2020 Michal Ruprich - 1:3.2.6-2 +- Temprorarily disabling LTO build due to errors in libqt5core + +* Wed Aug 19 2020 Michal Ruprich - 1:3.2.6-1 +- New version 3.2.6 +- Fix for CVE-2020-17498 + +* Thu Jul 30 2020 Michal Ruprich - 1:3.2.5-3 +- Adding ownership for dirs created by wireshark (rhbz#1860650) + +* Wed Jul 29 2020 Fedora Release Engineering - 1:3.2.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Thu Jul 02 2020 Michal Ruprich - 1:3.2.5-1 +- New version 3.2.5 + +* Fri May 22 2020 Michal Ruprich - 1:3.2.4-1 +- New version 3.2.4 +- Enabling build with androiddump (rhbz#1834367) + +* Mon Apr 13 2020 Gwyn Ciesla - 1:3.2.3-1 +- 3.2.3 + +* Fri Apr 03 2020 Michal Ruprich - 1:3.2.2-1 +- New version 3.2.2 + +* Fri Jan 31 2020 Fedora Release Engineering - 1:3.2.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Dec 19 2019 Michal Ruprich - 1:3.2.0-1 +- New version 3.2.0 + +* Wed Oct 30 2019 Michal Ruprich - 1:3.0.5-1 +- New version 3.0.5 + +* Tue Aug 20 2019 Michal Ruprich - 1:3.0.3-1 +- New version 3.0.3 +- Fixes CVE-2019-13619 + +* Sat Jul 27 2019 Fedora Release Engineering - 1:3.0.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Tue Apr 09 2019 Michal Ruprich - 1:3.0.1-1 +- New version 3.0.1 +- Fixes CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10897, CVE-2019-10898, CVE-2019-10899, CVE-2019-10900, CVE-2019-10901, CVE-2019-10902, CVE-2019-10903 + +* Mon Mar 11 2019 Michal Ruprich - 1:3.0.0-1 +- New version 3.0.0 + +* Sun Feb 03 2019 Fedora Release Engineering - 1:2.6.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Jan 21 2019 Michal Ruprich - 1:2.6.6-1 +- New version 2.6.6 +- Contains fixes for CVE-2019-5716, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719 +- Add explicit curdir on CMake invokation + +* Wed Jan 02 2019 Michal Ruprich - 1:2.6.5-2 +- Adding libnghttp2-devel as BuildRequires - needed for HTTP2 support(rhbz#1512722) + +* Mon Dec 10 2018 Michal Ruprich - 1:2.6.5-1 +- New version 2.6.5 +- Contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628 + +* Mon Nov 12 2018 Michal Ruprich - 1:2.6.4-1 +- New version 2.6.4 +- Contains fixes for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058 + +* Mon Jul 23 2018 Michal Ruprich - 1:2.6.2-1 +- New version 2.6.2 +- Contains fixes for CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370 + +* Sat Jul 14 2018 Fedora Release Engineering - 1:2.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Jul 11 2018 Michal Ruprich - 1:2.6.1-2 +- Fixing build error with newer qt5 version + +* Thu May 24 2018 Michal Ruprich - 1:2.6.1-1 +- New version 2.6.1 + +* Tue May 15 2018 Michal Ruprich - 1:2.6.0-2 +- Added Obsoletes for wireshark-qt and wireshark-gtk + +* Wed May 02 2018 Michal Ruprich - 1:2.6.0-1 +- New version 2.6.0 +- Fix for CVE-2018-9256, CVE-2018-9257, CVE-2018-9258, CVE-2018-9259, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274 +- Switch from autotools to cmake +- Removed python2-devel(#1560284) and libssh2-devel from dependencies +- Removed python scripts + +* Thu Mar 15 2018 Michal Ruprich - 1:2.4.5-2 +- Removing dependency on wireshark from wireshark-cli (rhbz#1554818) +- Removing deprecated Group tags + +* Fri Mar 09 2018 Michal Ruprich - 1:2.4.5-1 +- New upstream version 2.4.5 +- Contains fixes for CVE-2018-7419, CVE-2018-7418, CVE-2018-7417, CVE-2018-7420, CVE-2018-7320, CVE-2018-7336, CVE-2018-7337, CVE-2018-7334, CVE-2018-7335, CVE-2018-6836, CVE-2018-5335, CVE-2018-5334, CVE-2017-6014, CVE-2017-9616, CVE-2017-9617, CVE-2017-9766 +- Removed GTK+ based GUI (rhbz#1486203) +- Corrected LDFLAGS in spec (rhbz#1548665) +- Alternatives are no longer needed (rhbz#1533701) + +* Fri Feb 09 2018 Igor Gnatenko - 1:2.4.4-2 +- Escape macros in %%changelog + +* Fri Jan 19 2018 Michal Ruprich - 1:2.4.4-1 +- New upstream version 2.4.4 +- Contains fix for CVE-2017-17935 + +* Fri Jan 05 2018 Igor Gnatenko - 1:2.4.3-2 +- Remove obsolete scriptlets + +* Wed Dec 20 2017 Michal Ruprich - 1:2.4.3-1 +- New upstream version 2.4.3 +- Contains fixe for CVE-2017-17085, CVE-2017-17084, CVE-2017-17083 + +* Thu Oct 12 2017 Michal Ruprich - 1:2.4.2-1 +- New upstream version 2.4.2 +- Contains fixes for CVE-2017-15189, CVE-2017-15190, CVE-2017-15191, CVE-2017-15192, CVE-2017-15193, CVE-2017-13764, CVE-2017-13765, CVE-2017-13766, CVE-2017-13767 + +* Tue Aug 08 2017 Martin Sehnoutka - 1:2.4.0-6 +- Use epoch in Requires (rhbz#1478501) + +* Thu Aug 03 2017 Martin Sehnoutka - 1:2.4.0-5 +- Add libssh as a build dependency (rhbz#1419131) + +* Thu Aug 03 2017 Fedora Release Engineering - 2.4.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 2.4.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Jul 21 2017 Martin Sehnoutka - 2.4.0-2 +- Move init.lua file into the main subpackage (rhbz#1463270) + +* Thu Jul 20 2017 Martin Sehnoutka - 2.4.0-2 +- New upstream version 2.4.0 + +* Thu Jun 29 2017 Martin Sehnoutka - 2.4.0rc2-1 +- New upstream version + +* Mon Jun 12 2017 Martin Sehnoutka - 2.2.7-1 +- New upstream release 2.2.7 + +* Thu May 25 2017 Martin Sehnoutka - 2.2.6-5 +- Add triggerin script to remove old alternatives +- Remove appdata.xml as it is provided by upstream now + +* Mon May 15 2017 Fedora Release Engineering - 2.2.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild + +* Mon Apr 24 2017 Martin Sehnoutka - 2.2.6-2 +- Build with lua support (resolves: #1259623) + +* Fri Apr 21 2017 Martin Sehnoutka - 2.2.6-1 +- New upstream release 2.2.6 + +* Fri Apr 07 2017 Igor Gnatenko - 2.2.5-2 +- Stop patching pkg-config + +* Tue Mar 07 2017 Martin Sehnoutka - 2.2.5-1 +- New upstream version 2.2.5 + +* Mon Mar 06 2017 Martin Sehnoutka - 2.2.4-3 +- Fix python_sitearch macro +- Fix path in desktop file + +* Sat Feb 11 2017 Fedora Release Engineering - 2.2.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Jan 25 2017 Martin Sehnoutka - 2.2.4-2 +- New upstream release 2.2.4 + +* Thu Dec 08 2016 Martin Sehnoutka - 2.2.2-4 +- Change update-alternatives name from wireshark to wireshark-gui; Resolve: + #1400654 + +* Thu Dec 01 2016 Martin Sehnoutka - 2.2.2-3 +- Move all executables into /usr/bin/ directory + +* Fri Nov 18 2016 Peter Robinson 2.2.2-2 +- Build QT GUI with qt5 (rhbz #1347752) + +* Fri Nov 18 2016 Peter Robinson 2.2.2-1 +- Version 2.2.2 +- See https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html +- Use %%license, spec cleanups +- Put udev rules in right location (rhbz #1365581) + +* Wed Nov 2 2016 Peter Lemenkov - 2.1.1-3 +- No longer uses adns ( https://github.com/wireshark/wireshark/commit/7a1d3f6 ) +- Remove --with-ipv6 switch ( https://github.com/wireshark/wireshark/commit/fad1565 ) +- Change GTK option switch ( https://github.com/wireshark/wireshark/commit/d77029d ) + +* Tue Sep 13 2016 Kevin Fenzi - 2.1.1-2 +- Add Requires(post) for systemd-udev to avoid rpm scriptlet failures + +* Sun Jul 24 2016 Peter Hatina - 2.1.1-1 +- Ver. 2.1.1 +- See https://www.wireshark.org/docs/relnotes/wireshark-2.1.1.html + +* Tue Jul 19 2016 Fedora Release Engineering - 2.1.0-4 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Wed Jul 13 2016 Peter Hatina - 2.1.0-3 +- Fix typo, install ws_diag_control +- Related: rhbz#1347869 + +* Mon Jun 20 2016 Peter Hatina - 2.1.0-2 +- Install ws_diag_control.h into standard include directory +- Resolves: rhbz#1347869 + +* Tue Jun 14 2016 Peter Hatina - 2.1.0-1 +- Ver. 2.1.0 +- See https://www.wireshark.org/docs/relnotes/wireshark-2.1.0.html + +* Thu Apr 28 2016 Peter Hatina - 2.0.3-1 +- Ver. 2.0.3 + +* Tue Mar 01 2016 Peter Hatina - 2.0.2-1 +- Ver. 2.0.2 + +* Tue Feb 23 2016 Peter Hatina - 2.0.1-3 +- Fix missing Requires in wireshark.pc + +* Fri Feb 05 2016 Fedora Release Engineering - 2.0.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jan 14 2016 Peter Hatina - 2.0.1-1 +- Ver. 2.0.1 +- Introduced wireshark metapackage for wireshark-cli and wireshark-gtk +- wireshark-qt and wireshark-gtk contain the GUI applications +- See https://www.wireshark.org/docs/relnotes/wireshark-2.0.1.html + +* Fri Jan 8 2016 Peter Lemenkov - 1.12.9-1 +- Ver. 1.12.9 +- See https://www.wireshark.org/docs/relnotes/wireshark-1.12.9.html + +* Tue Nov 3 2015 Peter Lemenkov - 1.12.8-2 +- Fixed Wireshark detection in external projects using wireshark.m4 script. + See https://bugzilla.redhat.com/1274831 for further details. + +* Thu Oct 15 2015 Peter Hatina - 1.12.8-1 +- Ver. 1.12.8 +- Dropped patch no. 10 (applied upstream) + +* Fri Aug 21 2015 Peter Lemenkov - 1.12.7-2 +- Enable libnl3 (see rhbz#1207386, rhbz#1247566) +- Remove airpcap switch (doesn't have any effect on Linux) +- Backport patch no. 11 +- Fixed building with F24+ + +* Tue Aug 18 2015 Peter Lemenkov - 1.12.7-1 +- Ver. 1.12.7 +- Dropped patch no. 11 (applied upstream) + +* Tue Jun 30 2015 Peter Hatina - 1.12.6-4 +- Move plugins to %%{_libdir}/wireshark/plugins to avoid + transaction conflicts + +* Fri Jun 26 2015 Peter Hatina - 1.12.6-3 +- Disable overlay scrolling in main window +- Resolves: rhbz#1235830 + +* Fri Jun 26 2015 Peter Hatina - 1.12.6-2 +- Add symlink plugins/current -> plugins/%%{version} + +* Thu Jun 18 2015 Peter Hatina - 1.12.6-1 +- Ver. 1.12.6 + +* Wed May 13 2015 Peter Hatina - 1.12.5-1 +- Ver. 1.12.5 + +* Thu Mar 26 2015 Richard Hughes - 1.12.4-2 +- Add an AppData file for the software center + +* Thu Mar 5 2015 Peter Hatina - 1.12.4-1 +- Ver. 1.12.4 + +* Mon Feb 2 2015 Peter Hatina - 1.12.3-3 +- temporary: disable lua + +* Mon Feb 2 2015 Peter Hatina - 1.12.3-2 +- rebuild with gtk3 +- fix gdk crash + +* Thu Jan 8 2015 Peter Hatina - 1.12.3-1 +- Ver. 1.12.3 + +* Mon Dec 22 2014 Peter Hatina - 1.12.2-2 +- fix CLI parsing by getopt_long + +* Mon Nov 17 2014 Peter Hatina - 1.12.2-1 +- Ver. 1.12.2 + +* Mon Sep 22 2014 Peter Hatina - 1.12.1-1 +- Ver. 1.12.1 + +* Tue Sep 09 2014 Peter Lemenkov - 1.12.0-5 +- Install epan/wmem/*.h files. See rhbz #1129419 + +* Wed Sep 3 2014 Peter Hatina - 1.12.0-4 +- fix fields print format + +* Mon Aug 18 2014 Rex Dieter 1.12.0-3 +- update mime scriptlets + +* Mon Aug 18 2014 Fedora Release Engineering - 1.12.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Tue Aug 05 2014 Peter Lemenkov - 1.12.0-1 +- Ver. 1.12.0 +- Dropped a lot of outdated patches. +- Added /usr/sbin/captype application. +- Added temporary workaround for wireshark.pc.in missing in the official + tarball. +- Removed outdated --with-dumpcap-group="wireshark" cli switch. It doesn't work + during rpmbuild, and we still set group explicitly in the 'files' section. +- Removed --enable-setcap-install. Likewise. +- Some ANSI C header files were moved to epan/ + +* Fri Aug 1 2014 Peter Hatina - 1.10.9-1 +- Ver. 1.10.9 + +* Fri Jun 13 2014 Peter Hatina - 1.10.8-1 +- Ver. 1.10.8 + +* Sun Jun 08 2014 Fedora Release Engineering - 1.10.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri May 30 2014 Peter Hatina - 1.0.7-2 +- add AMQP 1.0 support + +* Wed Apr 23 2014 Peter Hatina - 1.10.7-1 +- Ver. 1.10.7 + +* Fri Mar 21 2014 Peter Hatina - 1.10.6-2 +- Reload udev rule for usbmon subsystem only + +* Sat Mar 08 2014 Peter Lemenkov - 1.10.6-1 +- Ver. 1.10.6 + +* Fri Mar 7 2014 Peter Hatina - 1.10.5-4 +- Fix Capture Dialog layout on low resolution displays +- Resolves: #1071313 + +* Sun Feb 9 2014 Ville Skyttä +- Fix --with-gtk* build option usage. + +* Wed Jan 29 2014 Peter Lemenkov - 1.10.5-3 +- Fixed paths in the desktop-file (see rhbz #1059188) + +* Mon Jan 13 2014 Peter Lemenkov - 1.10.5-2 +- Updated RTPproxy dissector (again) +- Fix rare issue with the Sniffer traces (patch no. 23) + +* Mon Dec 23 2013 Peter Lemenkov - 1.10.5-1 +- Ver. 1.10.5 +- Don't apply upstreamed patches no. 18, 19, 20. + +* Thu Dec 19 2013 Peter Lemenkov - 1.10.4-2 +- Fix endianness in the Bitcoin protocol dissector (patch no. 19) +- Last-minute fix for wrongly backported change (patch no. 20) +- Fix FTBFS in Rawhide (see patch no. 21 - recent Glib doesn't provide g_memmove macro anymore) + +* Wed Dec 18 2013 Peter Lemenkov - 1.10.4-1 +- Ver. 1.10.4 +- Don't apply upsteamed patches no. 13, 14, 15, 16, 17 +- Fix variable overflow (patch no. 18) +- Updated RTPproxy dissector (backported three more patches from trunk) + +* Tue Dec 10 2013 Peter Hatina - 1.10-3-9 +- remove python support + +* Tue Dec 10 2013 Peter Hatina - 1.10-3-8 +- fix read permissions of /dev/usbmon* for non-root users + +* Mon Dec 09 2013 Peter Lemenkov - 1.10.3-7 +- Fix error in the backported RTPproxy patches + +* Fri Dec 06 2013 Peter Lemenkov - 1.10.3-6 +- Updated RTPproxy dissector (again), squashed patch no. 15 (applied upstream). +- Use proper soname in the python scripts +- Don't apply no longer needed fix for pod2man. +- Fix for main window. See patch no. 15 +- Fix for SCTP dissection. See patch no. 16 +- Fix for rare issue in Base Station Subsystem GPRS Protocol dissection. See + patch no. 17 +- Fix building w/o Lua + +* Wed Nov 27 2013 Peter Lemenkov - 1.10.3-5 +- Updated RTPproxy dissector (again) +- Allow packets more than 64k (for USB capture). See patch no. 13 +- Don't die during loading of some SIP capture files. See patch no. 14 +- Backport support for RTPproxy dissector timeouts detection. See patch no. 15 + +* Wed Nov 13 2013 Peter Lemenkov - 1.10.3-4 +- Updated RTPproxy dissector + +* Thu Nov 07 2013 Peter Hatina - 1.10.3-3 +- fix subpackage requires + +* Wed Nov 06 2013 Peter Hatina - 1.10.3-2 +- harden dumpcap capabilities + +* Sat Nov 02 2013 Peter Lemenkov - 1.10.3-1 +- Ver. 1.10.3 +- Dropped upsteamed patch no. 13 + +* Tue Oct 01 2013 Peter Lemenkov - 1.10.2-8 +- Added support for rtpproxy conversations (req/resp matching) + +* Tue Sep 24 2013 Peter Hatina - 1.10.2-7 +- fix build error caused by symbols clash + +* Tue Sep 17 2013 Peter Hatina - 1.10.2-6 +- move default temporary directory to /var/tmp + +* Fri Sep 13 2013 Peter Lemenkov - 1.10.2-5 +- Convert automake/pkgconfig files into patches (better upstream integration) +- Restored category in the *.desktop file +- Install another one necessary header file - frame_data_sequence.h + +* Thu Sep 12 2013 Peter Lemenkov - 1.10.2-4 +- Enhance desktop integration (*.desktop and MIME-related files) + +* Thu Sep 12 2013 Peter Lemenkov - 1.10.2-3 +- Fix building on Fedora 18 (no perl-podlators) + +* Thu Sep 12 2013 Peter Lemenkov - 1.10.2-2 +- Add an OpenFlow dissector + +* Wed Sep 11 2013 Peter Lemenkov - 1.10-2-1 +- Ver. 1.10.2 +- Actually remove the console helper + +* Mon Sep 09 2013 Peter Lemenkov - 1.10.1-1 +- Ver. 1.10.1 +- Backported rtpproxy dissector module + +* Wed Sep 04 2013 Peter Hatina - 1.10.0-11 +- fix missing ws_symbol_export.h + +* Wed Sep 04 2013 Peter Hatina - 1.10.0-10 +- fix tap iostat overflow + +* Wed Sep 04 2013 Peter Hatina - 1.10.0-9 +- fix sctp bytes graph crash + +* Wed Sep 04 2013 Peter Hatina - 1.10.0-8 +- fix string overrun in plugins/profinet + +* Tue Sep 03 2013 Peter Hatina - 1.10.0-7 +- fix BuildRequires - libgcrypt-devel + +* Tue Sep 03 2013 Peter Hatina - 1.10.0-6 +- fix build parameter -fstack-protector-all + +* Sun Aug 04 2013 Fedora Release Engineering - 1.10.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jun 24 2013 Peter Hatina 1.10.0-4 +- fix pod2man build error + +* Mon Jun 24 2013 Peter Hatina 1.10.0-3 +- fix bogus date + +* Mon Jun 17 2013 Peter Hatina 1.10.0-2 +- fix flow graph crash + +* Mon Jun 17 2013 Peter Hatina 1.10.0-1 +- upgrade to 1.10.0 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.10.0.html + +* Mon Apr 08 2013 Peter Hatina 1.8.6-5 +- fix documentation build error + +* Wed Mar 27 2013 Peter Hatina 1.8.6-4 +- fix capture crash (#894753) + +* Tue Mar 19 2013 Peter Hatina 1.8.6-3 +- fix dns resolving crash (#908211) + +* Mon Mar 18 2013 Peter Hatina 1.8.6-2 +- return to gtk2, stable branch 1.8 is not gtk3 ready + +* Tue Mar 12 2013 Peter Hatina 1.8.6-1 +- upgrade to 1.8.6 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html + +* Sun Feb 10 2013 Parag Nemade - 1.8.5-3 +- Remove vendor tag from desktop file as per https://fedorahosted.org/fesco/ticket/1077 + +* Tue Feb 05 2013 Peter Hatina - 1.8.5-2 +- fix gtk3 layout issues +- NOTE: there may be some windows with broken layouts left + +* Thu Jan 31 2013 Peter Hatina - 1.8.5-1 +- upgrade to 1.8.5 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html + +* Mon Dec 03 2012 Peter Hatina - 1.8.4-1 +- upgrade to 1.8.4 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html + +* Tue Oct 16 2012 Peter Hatina - 1.8.3-2 +- backport dissector table fix +- TODO: remove this after new release + +* Thu Oct 11 2012 Peter Hatina - 1.8.3-1 +- upgrade to 1.8.3 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.3.html + +* Tue Sep 4 2012 Jan Safranek - 1.8.2-3 +- added back compatibility with RHEL6 +- GeoIP build dependency made also conditional on with_GeoIP variable + +* Wed Aug 29 2012 Jan Safranek - 1.8.2-2 +- fixed "libwireshark.so.1: cannot open shared object file" error + message on startup + +* Thu Aug 16 2012 Jan Safranek - 1.8.2-1 +- upgrade to 1.8.2 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html + +* Fri Jul 27 2012 Fedora Release Engineering - 1.8.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue Jul 24 2012 Jan Safranek - 1.8.1-1 +- upgrade to 1.8.1 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.1.html + +* Mon Jun 25 2012 Jan Safranek - 1.8.0 +- upgrade to 1.8.0 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.8.0.html + +* Wed May 23 2012 Jan Safranek - 1.6.8-1 +- upgrade to 1.6.8 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.8.html + +* Mon May 21 2012 Jan Safranek - 1.6.7-2 +- Removed dependency on GeoIP on RHEL. + +* Tue Apr 10 2012 Jan Safranek - 1.6.7-1 +- upgrade to 1.6.7 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.7.html + +* Wed Mar 28 2012 Jan Safranek - 1.6.6-1 +- upgrade to 1.6.6 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.6.html + +* Fri Mar 9 2012 Jan Safranek - 1.6.5-2 +- fixed wireshark crashing when using combo box in import dialog (#773290) +- added AES support into netlogon dissector + +* Wed Jan 11 2012 Jan Safranek - 1.6.5-1 +- upgrade to 1.6.5 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.5.html + +* Fri Dec 2 2011 Jan Safranek - 1.6.4-1 +- upgrade to 1.6.4 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.4.html +- build with c-ares and libpcap (#759305) +- fixed display of error message boxes on startup in gnome3 (#752559) + +* Mon Nov 14 2011 Jan Safranek - 1.6.3-2 +- added dependency on shadow-utils (#753293) +- removed usermode support + +* Wed Nov 2 2011 Jan Safranek - 1.6.3-1 +- upgrade to 1.6.3 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.3.html + +* Wed Oct 26 2011 Fedora Release Engineering - 1.6.2-5 +- Rebuilt for glibc bug#747377 + +* Fri Oct 21 2011 Jan Safranek - 1.6.2-4 +- updated autoconf macros and pkgconfig file in wireshark-devel to reflect + current config.h (#746655) + +* Mon Oct 17 2011 Steve Dickson - 1.6.2-3 +- Fixed a regression introduce by upstream patch r38306 + which caused v4.1 traffic not to be displayed. +- Added v4 error status to packet detail window. + +* Tue Sep 13 2011 Jan Safranek - 1.6.2-2 +- fixed spelling of the security message (#737270) + +* Fri Sep 9 2011 Jan Safranek - 1.6.2-1 +- upgrade to 1.6.2 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.2.html + + +* Thu Jul 21 2011 Jan Safranek - 1.6.1-1 +- upgrade to 1.6.1 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.1.html + +* Thu Jun 16 2011 Jan Safranek - 1.6.0-4 +- fixed previous incomplete fix + +* Thu Jun 16 2011 Jan Safranek - 1.6.0-3 +- fixed Fedora-specific message when user is not part of 'wireshark' group + - now it does not contain '<' and '>' characters (#713545) + +* Thu Jun 9 2011 Jan Safranek - 1.6.0-2 +- added wspy_dissectors directory to the package + - other packages can add Python plugins there + - as side effect, removed following message: + [Errno 2] No such file or directory: '/usr/lib64/wireshark/python/1.6.0/wspy_dissectors' +- enabled zlib support + +* Wed Jun 8 2011 Jan Safranek - 1.6.0-1 +- upgrade to 1.6.0 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.6.0.html + +* Thu Jun 2 2011 Jan Safranek - 1.4.7-1 +- upgrade to 1.4.7 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.7.html + +* Thu May 19 2011 Steve Dickson - 1.4.6-3 +- Improved the NFS4.1 patcket dissectors + +* Sat May 07 2011 Christopher Aillon - 1.4.6-2 +- Update icon cache scriptlet + +* Tue Apr 19 2011 Jan Safranek - 1.4.6-1 +- upgrade to 1.4.6 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html + +* Mon Apr 18 2011 Jan Safranek - 1.4.5-1 +- upgrade to 1.4.5 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.5.html + +* Sun Apr 03 2011 Cosimo Cecchi - 1.4.4-2 +- Use hi-res icons + +* Thu Mar 3 2011 Jan Safranek - 1.4.4-1 +- upgrade to 1.4.4 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html + +* Mon Feb 07 2011 Fedora Release Engineering - 1.4.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Jan 17 2011 Jan Safranek - 1.4.3-2 +- create the 'wireshark' group as system, not user +- add few additional header files to -devel subpackage (#671997) + +* Thu Jan 13 2011 Jan Safranek - 1.4.3-1 +- upgrade to 1.4.3 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.3.html + +* Wed Jan 5 2011 Jan Safranek - 1.4.2-5 +- fixed buffer overflow in ENTTEC dissector (#666897) + +* Wed Dec 15 2010 Jan Safranek - 1.4.2-4 +- added epan/dissectors/*.h to -devel subpackage (#662969) + +* Mon Dec 6 2010 Jan Safranek - 1.4.2-3 +- fixed generation of man pages again (#635878) + +* Fri Nov 26 2010 Jan Safranek - 1.4.2-2 +- rework the Wireshark security (#657490). Remove the console helper and + allow only members of new 'wireshark' group to capture the packets. + +* Mon Nov 22 2010 Jan Safranek - 1.4.2-1 +- upgrade to 1.4.2 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html + +* Mon Nov 1 2010 Jan Safranek - 1.4.1-2 +- temporarily disable zlib until + https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4955 is resolved (#643461) + +* Fri Oct 22 2010 Jan Safranek - 1.4.1-1 +- upgrade to 1.4.1 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.1.html +- Own the %%{_libdir}/wireshark dir (#644508) +- associate *.pcap files with wireshark (#641163) + +* Wed Sep 29 2010 jkeating - 1.4.0-2 +- Rebuilt for gcc bug 634757 + +* Fri Sep 24 2010 Jan Safranek - 1.4.0-2 +- fixed generation of man pages (#635878) + +* Tue Aug 31 2010 Jan Safranek - 1.4.0-1 +- upgrade to 1.4.0 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.4.0.html + +* Fri Jul 30 2010 Jan Safranek - 1.2.10-1 +- upgrade to 1.2.10 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html + +* Fri Jul 30 2010 Jan Safranek - 1.2.9-4 +- Rebuilt again for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Thu Jul 22 2010 Jan Safranek - 1.2.9-3 +- removing useless LDFLAGS (#603224) + +* Thu Jul 22 2010 David Malcolm - 1.2.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Fri Jun 11 2010 Radek Vokal - 1.2.9-1 +- upgrade to 1.2.9 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html + +* Mon May 17 2010 Radek Vokal - 1.2.8-4 +- removing traling bracket from python_sitearch (#592391) + +* Fri May 7 2010 Radek Vokal - 1.2.8-3 +- fix patched applied without fuzz=0 + +* Thu May 6 2010 Radek Vokal - 1.2.8-2 +- use sitearch instead of sitelib to avoid pyo and pyc conflicts + +* Thu May 6 2010 Radek Vokal - 1.2.8-1 +- upgrade to 1.2.8 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html + +* Tue Apr 6 2010 Radek Vokal - 1.2.7-2 +- rebuild with GeoIP support (needs to be turned on in IP protocol preferences) + +* Fri Apr 2 2010 Radek Vokal - 1.2.7-1 +- upgrade to 1.2.7 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html + +* Wed Mar 24 2010 Radek Vokal - 1.2.6-3 +- bring back -pie + +* Tue Mar 16 2010 Jeff Layton - 1.2.6-2 +- add patch to allow decode of NFSv4.0 callback channel +- add patch to allow decode of more SMB FIND_FILE infolevels + +* Fri Jan 29 2010 Radek Vokal - 1.2.6-1 +- upgrade to 1.2.6 +- see https://www.wireshark.org/docs/relnotes/wireshark-1.2.6.html + +* Wed Jan 20 2010 Radek Vokal - 1.2.5-5 +- minor spec file tweaks for better svn checkout support (#553500) + +* Tue Jan 05 2010 Radek Vokál - 1.2.5-4 +- init.lua is present always and not only when lua support is enabled + +* Tue Jan 05 2010 Radek Vokál - 1.2.5-3 +- fix file list, init.lua is only in -devel subpackage (#552406) + +* Fri Dec 18 2009 Patrick Monnerat 1.2.5-2 +- Autoconf macro for plugin development. + +* Fri Dec 18 2009 Radek Vokal - 1.2.5-1 +- upgrade to 1.2.5 +- fixes security vulnaribilities, see https://www.wireshark.org/security/wnpa-sec-2009-09.html + +* Thu Dec 17 2009 Radek Vokal - 1.2.4-3 +- split -devel package (#547899, #203642, #218451) +- removing root warning dialog (#543709) + +* Mon Dec 14 2009 Radek Vokal - 1.2.4-2 +- enable lua support - https://wiki.wireshark.org/Lua +- attempt to fix filter crash on 64bits + +* Wed Nov 18 2009 Radek Vokal - 1.2.4-1 +- upgrade to 1.2.4 +- https://www.wireshark.org/docs/relnotes/wireshark-1.2.4.html + +* Fri Oct 30 2009 Radek Vokal - 1.2.3-1 +- upgrade to 1.2.3 +- https://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html + +* Mon Sep 21 2009 Radek Vokal - 1.2.2-1 +- upgrade to 1.2.2 +- https://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html + +* Mon Sep 14 2009 Bill Nottingham - 1.2.1-5 +- do not use portaudio in RHEL + +* Fri Aug 28 2009 Radek Vokal - 1.2.1-4 +- yet anohter rebuilt + +* Fri Aug 21 2009 Tomas Mraz - 1.2.1-3 +- rebuilt with new openssl + +* Mon Jul 27 2009 Fedora Release Engineering - 1.2.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Jul 22 2009 Radek Vokal - 1.2.1 +- upgrade to 1.2.1 +- https://www.wireshark.org/docs/relnotes/wireshark-1.2.1.html + +* Tue Jun 16 2009 Radek Vokal - 1.2.0 +- upgrade to 1.2.0 +- https://www.wireshark.org/docs/relnotes/wireshark-1.2.0.html + +* Fri May 22 2009 Radek Vokal - 1.1.4-0.pre1 +- update to latest development build + +* Thu Mar 26 2009 Radek Vokal - 1.1.3-1 +- upgrade to 1.1.3 + +* Thu Mar 26 2009 Radek Vokal - 1.1.2-4.pre1 +- fix libsmi support + +* Wed Feb 25 2009 Fedora Release Engineering - 1.1.2-3.pre1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Feb 16 2009 Radek Vokal - 1.1.2-2.pre1 +- add netdump support + +* Sun Feb 15 2009 Steve Dickson - 1.1.2-1.pre1 +- NFSv4.1: Add support for backchannel decoding + +* Mon Jan 19 2009 Radek Vokal - 1.1.2-0.pre1 +- upgrade to latest development release +- added support for portaudio (#480195) + +* Sun Jan 18 2009 Tomas Mraz - 1.1.1-0.pre1.2 +- rebuild with new openssl + +* Sat Nov 29 2008 Ignacio Vazquez-Abrams - 1.1.1-0.pre1.1 +- Rebuild for Python 2.6 + +* Thu Nov 13 2008 Radek Vokál 1.1.1-0.pre1 +- upgrade to 1.1.1 development branch + +* Wed Sep 10 2008 Radek Vokál 1.0.3-1 +- upgrade to 1.0.3 +- Security-related bugs in the NCP dissector, zlib compression code, and Tektronix .rf5 file parser have been fixed. +- WPA group key decryption is now supported. +- A bug that could cause packets to be wrongly dissected as "Redback Lawful Intercept" has been fixed. + +* Mon Aug 25 2008 Radek Vokál 1.0.2-3 +- fix requires for wireshark-gnome + +* Thu Jul 17 2008 Steve Dickson 1.0.2-2 +- Added patches to support NFSv4.1 + +* Fri Jul 11 2008 Radek Vokál 1.0.2-1 +- upgrade to 1.0.2 + +* Tue Jul 8 2008 Radek Vokál 1.0.1-1 +- upgrade to 1.0.1 + +* Sun Jun 29 2008 Dennis Gilmore 1.0.0-3 +- add sparc arches to -fPIE +- rebuild for new gnutls + +* Tue Apr 1 2008 Radek Vokál 1.0.0-2 +- fix BuildRequires - python, yacc, bison + +* Tue Apr 1 2008 Radek Vokál 1.0.0-1 +- April Fools' day upgrade to 1.0.0 + +* Tue Feb 19 2008 Fedora Release Engineering - 0.99.7-3 +- Autorebuild for GCC 4.3 + +* Wed Dec 19 2007 Radek Vokál 0.99.7-2 +- fix crash in unprivileged mode (#317681) + +* Tue Dec 18 2007 Radek Vokál 0.99.7-1 +- upgrade to 0.99.7 + +* Fri Dec 7 2007 Radek Vokál 0.99.7-0.pre2.1 +- rebuilt for openssl + +* Mon Nov 26 2007 Radek Vokal 0.99.7-0.pre2 +- switch to libsmi from net-snmp +- disable ADNS due to its lack of Ipv6 support +- 0.99.7 prerelease 2 + +* Tue Nov 20 2007 Radek Vokal 0.99.7-0.pre1 +- upgrade to 0.99.7 pre-release + +* Wed Sep 19 2007 Radek Vokál 0.99.6-3 +- fixed URL + +* Thu Aug 23 2007 Radek Vokál 0.99.6-2 +- rebuilt + +* Mon Jul 9 2007 Radek Vokal 0.99.6-1 +- upgrade to 0.99.6 final + +* Fri Jun 15 2007 Radek Vokál 0.99.6-0.pre2 +- another pre-release +- turn on ADNS support + +* Wed May 23 2007 Radek Vokál 0.99.6-0.pre1 +- update to pre1 of 0.99.6 release + +* Mon Feb 5 2007 Radek Vokál 0.99.5-1 +- multiple security issues fixed (#227140) +- CVE-2007-0459 - The TCP dissector could hang or crash while reassembling HTTP packets +- CVE-2007-0459 - The HTTP dissector could crash. +- CVE-2007-0457 - On some systems, the IEEE 802.11 dissector could crash. +- CVE-2007-0456 - On some systems, the LLT dissector could crash. + +* Mon Jan 15 2007 Radek Vokal 0.99.5-0.pre2 +- another 0.99.5 prerelease, fix build bug and pie flags + +* Tue Dec 12 2006 Radek Vokal 0.99.5-0.pre1 +- update to 0.99.5 prerelease + +* Thu Dec 7 2006 Jeremy Katz - 0.99.4-5 +- rebuild for python 2.5 + +* Tue Nov 28 2006 Radek Vokal 0.99.4-4 +- rebuilt for new libpcap and net-snmp + +* Thu Nov 23 2006 Radek Vokal 0.99.4-3 +- add htmlview to Buildrequires to be picked up by configure scripts (#216918) + +* Tue Nov 7 2006 Radek Vokal 0.99.4-2.fc7 +- Requires: net-snmp for the list of MIB modules + +* Wed Nov 1 2006 Radek Vokál 0.99.4-1 +- upgrade to 0.99.4 final + +* Tue Oct 31 2006 Radek Vokál 0.99.4-0.pre2 +- upgrade to 0.99.4pre2 + +* Tue Oct 10 2006 Radek Vokal 0.99.4-0.pre1 +- upgrade to 0.99.4-0.pre1 + +* Fri Aug 25 2006 Radek Vokál 0.99.3-1 +- upgrade to 0.99.3 +- Wireshark 0.99.3 fixes the following vulnerabilities: +- the SCSI dissector could crash. Versions affected: CVE-2006-4330 +- the IPsec ESP preference parser was susceptible to off-by-one errors. CVE-2006-4331 +- a malformed packet could make the Q.2931 dissector use up available memory. CVE-2006-4333 + +* Tue Jul 18 2006 Radek Vokál 0.99.2-1 +- upgrade to 0.99.2 + +* Wed Jul 12 2006 Jesse Keating - 0.99.2-0.pre1.1 +- rebuild + +* Tue Jul 11 2006 Radek Vokál 0.99.2-0.pre1 +- upgrade to 0.99.2pre1, fixes (#198242) + +* Tue Jun 13 2006 Radek Vokal 0.99.1-0.pre1 +- spec file changes + +* Fri Jun 9 2006 Radek Vokal 0.99.1pre1-1 +- initial build for Fedora Core