diff --git a/ChangeLog b/ChangeLog index e69de29bb2..1b638e0a28 100644 --- a/ChangeLog +++ b/ChangeLog @@ -0,0 +1,488 @@ +commit 144380001b +Author: Gerald Combs +Date: Tue Mar 9 14:36:18 2021 -0800 + + Windows: Update our spandsp packages. + + Use the versions of lrint and lrintf defined by Visual C++. This should fix + + 91>C:\buildbot\builders\wireshark-master-64\wireshark-win64-libs\spandsp-0.0.6-win64ws\include\spandsp/fast_convert.h(320,5): error C2169: 'lrint': intrinsic function, cannot be defined (compiling source file C:\buildbot\builders\wireshark-master-64\windows-2019-x64\build\plugins\codecs\G726\G726decode.c) [C:\buildbot\builders\wireshark-master-64\windows-2019-x64\build\cmbuild\plugins\codecs\G726\g726.vcxproj] + 91>C:\buildbot\builders\wireshark-master-64\wireshark-win64-libs\spandsp-0.0.6-win64ws\include\spandsp/fast_convert.h(325,5): error C2169: 'lrintf': intrinsic function, cannot be defined (compiling source file C:\buildbot\builders\wireshark-master-64\windows-2019-x64\build\plugins\codecs\G726\G726decode.c) [C:\buildbot\builders\wireshark-master-64\windows-2019-x64\build\cmbuild\plugins\codecs\G726\g726.vcxproj] + + for Visual C++ 16.9.1 and later. + + (cherry picked from commit 4b07a92103586daca58ad7db0d6a97230c73ce7c) + + Conflicts: + tools/win-setup.ps1 + +commit 733c52cc0b +Author: Gerald Combs +Date: Mon Mar 8 11:00:46 2021 -0800 + + Prep for 3.4.4. + +commit f8acbe7598 +Author: Gerald Combs +Date: Sun Mar 7 10:33:11 2021 +0000 + + [Automatic update for 2021-03-07] + + Update manuf, services enterprise numbers, translations, and other items. + +commit 0de80702bd +Author: Nardi Ivan +Date: Thu Feb 25 11:21:18 2021 +0000 + + GQUIC: fix parsing of unknown (but valid) tags + + This commit should be a proper fix for the regression reported in #17250 + (7fd71536 is a simple workaround). Such regression has been introduced by + b287e716 while fixing the infinite loop reported in #16897. + + b287e716, while fixing the infinite loop, broke the decoding of perfectly + valid tags not yet supported by Wireshark. + + AFAIK, the root cause of the infinite loop is the overflow of the `offset` + variable. Therefore checking for this overflow should be sufficient to avoid + the loop. + Note that we already check for sensible values for the 'tag_len' variable; + we should update `total_tag_len` accordingly. + + Some words about testing: other than correctly handling unknown but valid + tags, it is important that this commit doesn't reintroduce the infinite + loop bug. + Fortunately #16897 provided a POC trace. Unfortunately, if you revert + b287e716, this POC doesn't work anymore in master-3.4 and master branches, + but it still triggers the infinite loop in master-3.2 branch. + Therefore I have been able to manually check that this MR + the + overflow check is enough to avoid the infinite loop bug, at least in master-3.2. + + Some traffic with unknown but valid tags is available in e2ee14ae03. + + + (cherry picked from commit 142cfb03ac5d0473d70f3e8adeabdc4f4496e953) + +commit 8c997a57da +Author: Gerald Combs +Date: Sun Feb 28 10:31:23 2021 +0000 + + [Automatic update for 2021-02-28] + + Update manuf, services enterprise numbers, translations, and other items. + +commit 16bc7095b9 +Author: Nardi Ivan +Date: Mon Feb 22 19:54:53 2021 +0000 + + GQUIC: add decoding of CGST tag + + Regression introduced by b287e7165e. + + To avoid an infinite loop with malformed packets, that commit stops + parsing the tags list after finding an unknown tag. + When this "unknown" tag is perfectly valid but not supported by + Wireshark, we don't decode any subsequent (valid) tags anymore. + + GQUIC is going to die soon and it is quite unlikely it will change in + the next future. Therefore the best/quick solution is simply decoding + any valid tag. + + Close #17250 + + + (cherry picked from commit 7fd71536962cc24614cdc932770f0a4a200f6008) + +commit 4560ac0527 +Author: Guy Harris +Date: Mon Feb 22 22:23:54 2021 -0800 + + Lua: add routines to return pcap/nsec pcap/pcapng file type/subtypes. + + These will be backported, for the benefit of Lua scripts that want those + specific file types/subtypes (typically in order to write files of those + types); that allows those types to be fetched without having to know the + right string to hand to wslua_wtap_name_to_file_type_subtype(). + + (cherry picked from commit bc3cc17bc401ea9ae044c30f34e9c7052b04e603) + +commit 077a9c9354 +Author: Gerald Combs +Date: Sun Feb 21 10:31:58 2021 +0000 + + [Automatic update for 2021-02-21] + + Update manuf, services enterprise numbers, translations, and other items. + +commit 3fb8be3b91 +Author: Gerald Combs +Date: Mon Feb 15 18:28:57 2021 +0000 + + NVMe Fabrics RDMA: Initialize a variable. + + Make sure q_ctx is fully initialized. Fixes #17233. + + + (cherry picked from commit e29c934d7254eba19a943356e62d0d481df71c22) + +commit b2c58d020c +Author: Gerald Combs +Date: Fri Feb 12 19:54:54 2021 +0000 + + Be more strict about opening URLs. + + In the proto tree, copy URLs instead of opening them. + + In the export dialog, enable previews only if the advertised MIME type + *and* the contents of the file are plain text, GIF, JPEG, or PNG. + + Add warnings to the wslua browser_open_url and browser_open_data_file + documentation. + + Fixes #17232. + + + (cherry picked from commit e99c9afce86edd47b4388dd6e10cf2e758fe31cf) + +commit 5e1db6219a +Author: Guy Harris +Date: Mon Feb 15 07:39:02 2021 +0000 + + rpm-setup: install libgcrypt by default. + + Wireshark now requires it. + + + (cherry picked from commit 3c404abf2c9aef2422ddc9d037424fecbc9bdb0c) + +commit 418c3360bf +Author: Chuck Craft +Date: Sun Feb 14 22:02:11 2021 +0000 + + ip: ip_ttl _ws.expert fields not set if no tree + + See 'if (tree) ...' comment + Closes #17228 + + + (cherry picked from commit dde65b96cde8a4dd94ce15cb451a2e7fd85a9014) + +commit 24b27195f1 +Author: Gerald Combs +Date: Sun Feb 14 10:31:21 2021 +0000 + + [Automatic update for 2021-02-14] + + Update manuf, services enterprise numbers, translations, and other items. + +commit 66e6f092f9 +Author: Guy Harris +Date: Sun Feb 14 06:12:23 2021 +0000 + + WSDG: deprecate wtap_filetypes. + + Recommend the use of wtap_name_to_file_type_subtype() to get filetype + values, unless you need to run on older versions of Wireshark that don't + have it. + + Don't even *mention* wtap_filetypes in the documentation for the new + wtap_ routines, as, if you have those routines, you have + wtap_name_to_file_type_subtype(), because it's one of those routines. + + Fix references to "nul" while we're at it - it's "nil" in Lua. + + (That part of the WSDG - the Lua reference - is generated, so this + involves changing the source code implementing the Lua routines.) + + + (cherry picked from commit 5b3c3d0682c869e6dd19a5245b1a22c90192e9ae) + +commit 3213fb0a19 +Author: Guy Harris +Date: Sun Feb 14 04:23:08 2021 +0000 + + iseries: report Unicode files as Unicode rather than ASCII. + + While we're at it, that's "Unicode", not "UNICODE" - it's not an + initialism, and isn't all-caps. + + + (cherry picked from commit 8ec5906fd64260d5a59034e0a0e49bdd78553f5c) + +commit b88fcfafd7 +Author: Guy Harris +Date: Sat Feb 13 18:35:58 2021 +0000 + + wiretap: remove spaces from file format names. + + File format names are used on the command line, so don't require them to + be quoted - replace the space in "systemd journal" with an underscore. + + + (cherry picked from commit 8bba6ebe5c5d6a501ba9f2c16386f6ab437025bf) + +commit db364ed3d5 +Author: Jaap Keuter +Date: Fri Feb 12 13:20:53 2021 +0000 + + ASTERIX: fix dissection of I010_041 and I010_042 fields + + Fixes #17226 + + + (cherry picked from commit b9bdc803bb3bc9edcf25a9aaec4b5c2723db7b3e) + +commit 3a60e4992d +Author: Guy Harris +Date: Sat Feb 13 03:29:33 2021 +0000 + + wslua: expose some libwiretap APIs in Lua. + + Provide Lua version of wtap_file_type_subtype_string(), + wtap_file_type_subtype_short_string(), and + wtap_short_string_to_file_type_subtype(). + + This will be backported to the 3.2 and 3.4 branches, to allow scripts + not run on the bleeding-edge version to use them. + + + (cherry picked from commit f0ebc507626e3ffd0195b132486da11b3c7b138b) + +commit 21f9f3f1f2 +Author: Gerald Combs +Date: Tue Feb 9 15:48:08 2021 -0800 + + TShark: Load extcap preferences only when needed. + + In our first pass through our options, look for ones that might require + extcap. Call extcap_register_preferences() only when that's the case. + + Warn about missing extcap preferences only when we've loaded them. + + (cherry picked from commit c7f66cf93491fd3ed9ca03fe967a692d64546aa2) + + Conflicts: + tshark.c + +commit 90ed3ff952 +Author: Constantine Gavrilov +Date: Sun Feb 7 19:26:02 2021 +0000 + + Fix dissection of transport connect payload for NVMEoF with RDMA. + + + (cherry picked from commit 28937e9022f232504286c1abd34834bf0ec7d421) + +commit 108b84a591 +Author: Guy Harris +Date: Tue Feb 9 19:38:51 2021 +0000 + + dumpcap: don't mention Npcap if we're not using it. + + + (cherry picked from commit 99c712ff5a2f4d2d52f90d6f3c711ab6c7990a35) + +commit 098fe77ec6 +Author: Guy Harris +Date: Tue Feb 9 06:33:18 2021 +0000 + + dumpcap: provide more information to put into an Npcap bug. + + Turn the sequence of details to supply in an Npcap bug into a list, with + one element per line, and provide the interface name, Windows version + string, and Npcap version string. Put that into a common routine. + + + (cherry picked from commit b09514f3b3edfc96bceff2c4c11e5ff0a55e4709) + +commit 089889acf2 +Author: Guy Harris +Date: Mon Feb 8 23:16:33 2021 +0000 + + dumpcap: use the display name in error messages. + + That adds the description, if present, on UN*X, and replaces the ugly + GUID-based name with a friendly name on Windows. + + + (cherry picked from commit 9b771d2c14845bdcb7306ebb1a96cc68e5a3b9c0) + +commit ab6fb92ba3 +Author: Guy Harris +Date: Mon Feb 8 21:10:54 2021 +0000 + + dumpcap: give details on how to fix Npcap bugs. + + Give a whole bunch of details to put into the bug, in the (vain?) hope + that the user will put them in the bug, to try to help Daniel and + possibly Microsoft networking stack folk figure out what's happening. + + (Remove an extra report_capture_error() left over from the previous + commit.) + + + (cherry picked from commit 37f5e0f7fd654f9f9ad3dd13ee4893779f56002d) + +commit 34dbb3bc32 +Author: Guy Harris +Date: Mon Feb 8 20:35:43 2021 +0000 + + dumpcap: show the interface name in capture errors. + + dumpcap can capture on more than one interface at a time. If the + capture stops due to an error on an interface, report the name of the + interface on which the error occurred. + + + (cherry picked from commit b3db9e3aa1d652dbb1ef2ec2b57b0ef39c40d244) + +commit 375f76bdeb +Author: Guy Harris +Date: Mon Feb 8 08:40:36 2021 +0000 + + "The device has been removed." can happen if it has, indeed, been removed. + + So only tell the user to report that as an Npcap bug if they *haven't* + removed the device. + + + (cherry picked from commit d28021cacb860722663e6402fe6aea37cd0de8a6) + +commit ebb55c3c02 +Author: Guy Harris +Date: Mon Feb 8 06:51:44 2021 +0000 + + dumpcap: look for "PacketReceivePacket error: .* (1617)". + + The error message text for ERROR_DEVICE_REMOVED (1617) might be in the + user's language; just look for the numeric error code. + + + (cherry picked from commit 27cbb6852577a458b10d200714022af23c7a67a9) + +commit ebba9d3f45 +Author: Guy Harris +Date: Mon Feb 8 03:12:44 2021 +0000 + + dumpcap: improve some secondary error emssages. + + For "PacketReceivePacket error: The device has been removed. (1617)", + report the error in that fashion, indicate that the interface is no + longer attached, *and* suggest that this may be an Npcap bug and that + the user should report it as such; give the URL for the Npcap issue + list. + + For "The other host terminated the connection", report the error in that + fashion, and suggest that it might be a problem with the host on which + the capture is being done. + + Hopefully this will mean fewer bugs filed as *Wireshark* bugs for those + issues. + + (And, with any new capture API in libpcap, these should all turn into + specific PCAP_ERROR_ codes, to make it easier to detect them in callers + of libpcap.) + + + (cherry picked from commit 152fd1fdab24e33b59c83b91ab2a37a99ad99cc6) + +commit 653071f630 +Author: Gerald Combs +Date: Sun Feb 7 10:33:33 2021 +0000 + + [Automatic update for 2021-02-07] + + Update manuf, services enterprise numbers, translations, and other items. + +commit 5b97f29a9a +Author: Harald Welte +Date: Fri Feb 5 12:00:37 2021 +0000 + + packet-fr: Register for SLL dispatch to Frame Relay dissector + + Without this patch, any Linux cooked packet capture on HDLC / frame + relay devices will not be dispatched to the proper dissector. + + Such packets do carry a proper sll_hatype set to ARPHRD_FRAD and should + be dispatched accordingly. However, the packet-fr dissector so far + did not register itself accordingly. + + + (cherry picked from commit b83f92a4580080a968f73b4cda8ca52f2d6332ba) + +commit d742da0e53 +Author: Jaap Keuter +Date: Thu Feb 4 17:29:54 2021 +0000 + + SIP: Fix header Id mapping + + Fixes #17215 + + + (cherry picked from commit 7401dbaa82f0e8c7b9a4d64766d43f9e6f86a7cf) + +commit e372771997 +Author: Gerald Combs +Date: Sat Jan 30 00:36:23 2021 +0000 + + Docs: Change the default wsbuglink text to "Issue". + + Change the default text in the AsciiDoctor wsbuglink macrom from "Bug" + to "Issue". + + + (cherry picked from commit 9177f0e71a57303db01802d4f0ca6d7bdb473fac) + +commit 003a730a20 +Author: João Valverde +Date: Fri Jan 29 21:39:31 2021 +0000 + + Don't include config.h in system headers + + Config.h must not be installed so configuration must be performed by client code. + + Fixes #17190. + + + (cherry picked from commit 10178fdb09528cfe43592d72a52274d98b7eb5f0) + +commit 49393cf362 +Author: Jaap Keuter +Date: Tue Feb 2 20:10:59 2021 +0000 + + S7COMM: remove array size from function interface + + Fixes #17198 + + + (cherry picked from commit 55d53dbf1b1ed557455fd4a66ad52c761684b307) + +commit 39da36ad6e +Author: Dario Lombardo +Date: Mon Dec 28 19:03:08 2020 +0100 + + ntp: remove size constraint for invalid refid. + + When the refid contains non-ascii chars, the conversion function + returns a string longer than 4 chars. This results in an invalid + string if the output is limited to 4 bytes. Incidentally this + results in an invalid PDML output as well that caught this bug + in the first place. + + Fix: #17112. + +commit 564a52be19 +Author: Gerald Combs +Date: Sun Jan 31 10:30:58 2021 +0000 + + [Automatic update for 2021-01-31] + + Update manuf, services enterprise numbers, translations, and other items. + +commit e0abfddcc5 +Author: Gerald Combs +Date: Fri Jan 29 11:51:46 2021 -0800 + + Version: 3.4.3 → 3.4.4. + + [skip ci] diff --git a/NEWS b/NEWS index 415fc4f87a..e44193942f 100644 --- a/NEWS +++ b/NEWS @@ -11,8 +11,33 @@ Wireshark 3.4.4 Release Notes The following vulnerabilities have been fixed: + • wnpa-sec-2021-03[1] Wireshark could open unsafe URLs. Issue + 17232[2]. CVE-2021-22191[3]. + The following bugs have been fixed: + • NTP Version 3 Client Decode PDML output issue (Reference ID + Issue) Issue 17112[4]. + + • 3.4.2: public wireshark include files are including build time + "config.h" Issue 17190[5]. + + • wireshark-3.4.3/epan/dissectors/packet-s7comm.c:3521: bad array + index ? Issue 17198[6]. + + • SIP protocol: P-Called-Party-ID header mixed up with + P-Charge-Info header Issue 17215[7]. + + • Asterix CAT010 Decode Error Issue 17226[8]. + + • _ws.expert columns not populated for IPv4 Issue 17228[9]. + + • Buildbot crash output: fuzz-2021-02-12-1651908.pcap Issue + 17233[10]. + + • gQUIC: Wireshark 3.4.3 fails to dissect a packet (gQUIC q024) + that v3.2.6 succeeds. Issue 17250[11]. + New and Updated Features New Protocol Support @@ -21,9 +46,11 @@ Wireshark 3.4.4 Release Notes Updated Protocol Support + ASTERIX, Frame Relay, GQUIC, NTP, NVMe Fabrics RDMA, S7COMM, and SIP + New and Updated Capture File Support - There is no new or updated capture file support in this release. + iSeries Getting Wireshark @@ -35,7 +62,7 @@ Wireshark 3.4.4 Release Notes Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can - be found on the download page[1] on the Wireshark web site. + be found on the download page[12] on the Wireshark web site. File Locations @@ -49,22 +76,33 @@ Wireshark 3.4.4 Release Notes The User’s Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/ - Community support is available on Wireshark’sQ&A site[2] and on the + Community support is available on Wireshark’sQ&A site[13] and on the wireshark-users mailing list. Subscription information and archives - for all of Wireshark’s mailing lists can be found on the web site[3]. + for all of Wireshark’s mailing lists can be found on the web site[14]. - Issues and feature requests can be reported on the issue tracker[4]. + Issues and feature requests can be reported on the issue tracker[15]. Frequently Asked Questions - A complete FAQ is available on the Wireshark web site[5]. + A complete FAQ is available on the Wireshark web site[16]. - Last updated 2021-03-07 09:51:45 UTC + Last updated 2021-03-10 18:06:51 UTC References - 1. https://www.wireshark.org/download.html#thirdparty - 2. https://ask.wireshark.org/ - 3. https://www.wireshark.org/lists/ - 4. https://gitlab.com/wireshark/wireshark/-/issues - 5. https://www.wireshark.org/faq.html + 1. https://www.wireshark.org/security/wnpa-sec-2021-03 + 2. https://gitlab.com/wireshark/wireshark/-/issues/17232 + 3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22191 + 4. https://gitlab.com/wireshark/wireshark/-/issues/17112 + 5. https://gitlab.com/wireshark/wireshark/-/issues/17190 + 6. https://gitlab.com/wireshark/wireshark/-/issues/17198 + 7. https://gitlab.com/wireshark/wireshark/-/issues/17215 + 8. https://gitlab.com/wireshark/wireshark/-/issues/17226 + 9. https://gitlab.com/wireshark/wireshark/-/issues/17228 + 10. https://gitlab.com/wireshark/wireshark/-/issues/17233 + 11. https://gitlab.com/wireshark/wireshark/-/issues/17250 + 12. https://www.wireshark.org/download.html#thirdparty + 13. https://ask.wireshark.org/ + 14. https://www.wireshark.org/lists/ + 15. https://gitlab.com/wireshark/wireshark/-/issues + 16. https://www.wireshark.org/faq.html diff --git a/docbook/release-notes.adoc b/docbook/release-notes.adoc index dfe9920ad7..68fbe91a19 100644 --- a/docbook/release-notes.adoc +++ b/docbook/release-notes.adoc @@ -29,7 +29,7 @@ The following vulnerabilities have been fixed: * wssalink:2021-03[] Wireshark could open unsafe URLs. wsbuglink:17232[]. -// cveidlink:2021-xxxx[]. +cveidlink:2021-22191[]. // Fixed in master: e99c9afce8 // Fixed in release-3.4: b2c58d020c // Fixed in master-3.2: 0f638a240c diff --git a/wireshark.appdata.xml b/wireshark.appdata.xml index f25a206bcb..15bcda0101 100644 --- a/wireshark.appdata.xml +++ b/wireshark.appdata.xml @@ -48,6 +48,9 @@ wireshark-dev_at_wireshark.org + + https://www.wireshark.org/docs/relnotes/wireshark-3.4.4.html + https://www.wireshark.org/docs/relnotes/wireshark-3.4.3.html