Age | Commit message (Collapse) | Author | Files | Lines |
|
net/wireshark security update
Revisions pulled up:
- net/wireshark/Makefile 1.57
- net/wireshark/distinfo 1.39
- net/wireshark/patches/patch-SA42767 deleted
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Jan 12 00:16:31 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Removed Files:
pkgsrc/net/wireshark/patches: patch-SA42767
Log Message:
Update "wireshark" package to version 1.4.3. Changes since 1.4.2:
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- FRAsse discovered that the MAC-LTE dissector could overflow a
buffer. (Bug 5530)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
- FRAsse discovered that the ENTTEC dissector could overflow a
buffer. (Bug 5539)
Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
CVE-2010-4538
- The ASN.1 BER dissector could assert and make Wireshark exit
prematurely. (Bug 5537)
Versions affected: 1.4.0 to 1.4.2.
The following bugs have been fixed:
- AMQP failed assertion. (Bug 4048)
- Reassemble.c leaks memory for GLIB > 2.8. (Bug 4141)
- Fuzz testing reports possible dissector bug: TCP. (Bug 4211)
- Wrong length calculation in new_octet_aligned_subset_bits()
(PER dissector). (Bug 5393)
- Function dissect_per_bit_string_display might read more bytes
than available (PER dissector). (Bug 5394)
- Cannot load wpcap.dll & packet.dll from Wireshark program
directory. (Bug 5420)
- Wireshark crashes with Copy -> Description on date/time
fields. (Bug 5421)
- DHCPv6 OPTION_CLIENT_FQDN parse error. (Bug 5426)
- Information element Error for supported channels. (Bug 5430)
- Assert when using ASN.1 dissector with loading a 'type table'.
(Bug 5447)
- Bug with RWH parsing in Infiniband dissector. (Bug 5444)
- Help->About Wireshark mis-reports OS. (Bug 5453)
- Delegated-IPv6-Prefix(123) is shown incorrect as
X-Ascend-Call-Attempt-Limit(123). (Bug 5455)
- "tshark -r file -T fields" is truncating exported data. (Bug 5463)
- gsm_a_dtap: incorrect "Extraneous Data" when decoding Packet
Flow Identifier. (Bug 5475)
- Improper decode of TLS 1.2 packet containing both
CertificateRequest and ServerHelloDone messages. (Bug 5485)
- LTE-PDCP UL and DL problem. (Bug 5505)
- CIGI 3.2/3.3 support broken. (Bug 5510)
- Prepare Filter in RTP Streams dialog does not work correctly.
(Bug 5513)
- Wrong decode at ethernet OAM Y.1731 ETH-CC. (Bug 5517)
- WPS: RF bands decryption. (Bug 5523)
- Incorrect LTP SDNV value handling. (Bug 5521)
- LTP bug found by randpkt. (Bug 5323)
- Buffer overflow in SNMP EngineID preferences. (Bug 5530)
- Updated Protocol Support
AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC,
GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T,
RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM, WPS
- New and Updated Capture File Support
Endace ERF, Microsoft Network Monitor, VMS TCPtrace.
|
|
|
|
|
|
Public headers had been moved to subdir since 0.9.6, not only recent Darwin.
Let to look at pcap/pcap.h first, then pcap.h in all cases.
|
|
|
|
|
|
vulnerability reported in SA42767 which affects the ENTTEC dissector.
|
|
|
|
* -r, --request option now works again
|
|
PR#44321 by Sascha Wildner.
Still broken for 2.8.2, because `struct wi_req' is disabled in
the include file, but it was changed in DragonFly master.
|
|
- Support for RDS, BootFromEBS, Spot Instances, and more
- Fixes Issue 251, a problem with POST when using Eucalyptus
- Fixes serious S3 issue (245) and issue 243 and 244
- Adds support for Autoscale, CloudWatch, ELB.
- Adds support for new SQS features
Also, added 26 to PYTHON_VERSIONS_ACCEPTED.
|
|
|
|
|
|
(for patch-ad, NetBSD support is already in, reuse for DragonFly).
|
|
* This package is not DESTDIR ready (need pwlib to be ready first).
* "do-install" must be changed to "post-install", or INSTALL_DIRS will not
errect.
|
|
fixes build failure on DragonFly.
|
|
|
|
|
|
DragonFly base.
* check_dhcp also installed as suid root. while here use ${SETUID_ROOT_PERMS}.
* marked as DESTDIR ready (not user-destdir, for the previous reason).
Bump PKGREVISION.
|
|
("netbsdelf3", indeed ... )
|
|
uses HTTPS.
|
|
* set TEST_TARGET
* fixes for DragonFly.
|
|
|
|
|
|
This release fixes support for YouTube after the recent site changes that
broke the program. In addition, it adds support for depositfiles.com,
fixes a few minor bugs, and adds a few minor features
|
|
alternative from mk/jpeg.buildlink3.mk
This allows selection of an alternative jpeg library (namely the x86 MMX,
SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and
follows the current standard model for alternatives (fam, motif, fuse etc).
The mechanical edits were applied via the following script:
#!/bin/sh
for d in */*; do
[ -d "$d" ] || continue
for i in "$d/"Makefile* "$d/"*.mk; do
case "$i" in *.orig|*"*"*) continue;; esac
out="$d/x"
sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \
-e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \
< "$i" > "$out"
if cmp -s "$i" "$out"; then
rm -f "$out"
else
echo "Edited $i"
mv -f "$i" "$i.orig" && mv "$out" "$i"
fi
done
done
|
|
1.0.10 2010-10-15 14:52 UTC
Changelog:
QA release
- Configurable newline sequence (PEAR Bug #14181)
- Make $size parameter to gets() optional (PEAR Bug #14433)
- Don't overwrite $errstr set by fsockopen (PEAR Bug #14448)
- Avoid an infinite loop if fwrite() returns 0 (PEAR Bug #14619)
- CS cleanup (PEAR Bug #14803)
|
|
1.4.4 2010-10-21 16:53 UTC
Changelog:
Corrected a problem with SMTP servers that don't support the SIZE
feature. (Bug 17942)
1.4.3 2010-10-11 01:14 UTC
Changelog:
- Reduce peak memory usage when sending large files. (Request 17887)
- Adding support for proxy authentication. (Request 17358)
|
|
0.1.1 2010-12-09 17:35 UTC
* Added initial support for IDNA2008. This is needed for characters like the
German "Eszett" which would otherwise be turned into "ss" during nameprep.
Use $n->setParams('version', '2008') to use the "new" IDNA-encoding. Default
is still IDNA2003 for backwards-compatibility. Further aspects of
IDNA2008-encoding (for example some checks) should be added later according
to RFCs.
* #16466: Unit tests (testcaseses from draft-josefsson-idn-test-vectors;
thanks to Daniel)
* Unit tests (coverage, refactoring/cleanup, more tests)
* #17542: URIs get mangled when decoding (UTF8-fix)
* Codingstyle fixes
* fixed handling of URLs with more than a domain-name (fixed opposite of
parse_url())
* Added specialized and spl exceptions
* #17533: Releases and roles do not seem to work.
|
|
1.0.2 2010-10-25 14:11 UTC
Changelog:
Automatically built QA release
|
|
Inspired by Red Hat Bugzilla Bug #501210.
|
|
Changes in version 0.2.1.28 - 2010-12-17
o Major bugfixes:
- Fix a remotely exploitable bug that could be used to crash instances
of Tor remotely by overflowing on the heap. Remote-code execution
hasn't been confirmed, but can't be ruled out. Everyone should
upgrade. Bugfix on the 0.1.1 series and later.
o Directory authority changes:
- Change IP address and ports for gabelmoo (v3 directory authority).
o Minor features:
- Update to the December 1 2010 Maxmind GeoLite Country database.
|
|
|
|
|
|
address; patch-ac changed the distribution source to not pull in
netinet/in_var.h on NetBSD but that is where SIOCGIFNETMASK_IN6 comes from
so bring it back in. Bump pkg revision.
|
|
|
|
|
|
The quvi is a command line tool for parsing video download links. It
supports Youtube and other similar video websites. libquvi is a
library for parsing video download links with C API. It is written in
C and intended to be a cross-platform library.
You can see the list of supported sites from 'quvi --support'.
|
|
2.2.19 Sat Dec 11 2010 Toni Gundogdu
Changes:
- Set <http://clive.sourceforge.net> as new WWW home
- Add man1/clive.1.pod, manify from this from now on
- Youtube: Extend format aliases to match quvi IDs
- Remove myubo support: dead site
- Backup ChangeLog as ChangeLog.pre-gitlog
- Generate ChangeLog from gitlog
- Rename Evisor.pm to Gaskrank.pm
- Rename tests
- Remove dangling (and broken) ehrensenf, cctv support
- Exclude network tests, can still be found in the repo
- gzip release tarball from now on
Bugfixes:
- Liveleak.pm: token/ID parsing
- Youtube.pm: Unknown error (http/404) [#1]
|
|
2.2.18 Tue Nov 30 2010 legatvs
Changes:
- Change google test URL
- Accept dailymotion swf URLs (related b#3115846)
|
|
|
|
|
|
OS X seems to be eating the dhcp server's responses, even with the
OS X interface config set to manual.
|
|
|
|
|
|
These services may be hosted off any TCP/IP-enabled platform. The
Samba project includes not only an impressive feature set in file and
print serving capabilities, but has been extended to include client
functionality, utilities to ease migration to Samba, tools to aid
interoperability with Microsoft Windows, and administration tools.
|
|
|
|
4.5.4 brings bugfixes and translation updates
|
|
=== Addressable 2.2.2
- fixed issue with percent escaping of '+' character in query strings
|
|
bump pkg revision
|