From ae5714b3f4f38a4970b3f6239459047b3b9b2a9e Mon Sep 17 00:00:00 2001 From: zoedong Date: Thu, 29 Jan 2026 17:28:02 +0800 Subject: [PATCH] Upgrade to version 4.6.3 Fix CVE-2026-0959, CVE-2026-0960, CVE-2026-0961 and CVE-2026-0962 --- ...ompress_snappy-with-no-xerial-chunks.patch | 41 -------- ...ACO-Handle-tvb_get_uint8-returning-1.patch | 46 --------- ...inite-loop-in-dissect_op_msg_section.patch | 96 ------------------- sources | 3 +- ...x-string-overrun-in-plugins-profinet.patch | 18 ---- wireshark-0006-Move-tmp-to-var-tmp.patch | 27 +++--- wireshark-0008-pkgconfig.patch | 10 +- wireshark-0009-remove-strato-manpages.patch | 39 ++++++++ wireshark.spec | 46 ++++----- 9 files changed, 81 insertions(+), 245 deletions(-) delete mode 100644 0001-Kafka-Fix-decompress_snappy-with-no-xerial-chunks.patch delete mode 100644 0001-MEGACO-Handle-tvb_get_uint8-returning-1.patch delete mode 100644 0001-Mongo-Avoid-infinite-loop-in-dissect_op_msg_section.patch delete mode 100644 wireshark-0003-fix-string-overrun-in-plugins-profinet.patch create mode 100644 wireshark-0009-remove-strato-manpages.patch diff --git a/0001-Kafka-Fix-decompress_snappy-with-no-xerial-chunks.patch b/0001-Kafka-Fix-decompress_snappy-with-no-xerial-chunks.patch deleted file mode 100644 index 0789aa4..0000000 --- a/0001-Kafka-Fix-decompress_snappy-with-no-xerial-chunks.patch +++ /dev/null @@ -1,41 +0,0 @@ -From e180152d3dae668249f78c72a55a4ba436b57af7 Mon Sep 17 00:00:00 2001 -From: Darius Davis -Date: Sat, 25 Oct 2025 15:01:34 +1000 -Subject: [PATCH] Kafka: Fix decompress_snappy with no xerial chunks. - -Instead of returning true without setting outputs, report a failure to -decompress and return false to the caller. - -Fix #20823 - -(cherry picked from commit 49137f8ce93c9f7ac55b69c8e089ba6a422f633e) ---- - epan/dissectors/packet-kafka.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/epan/dissectors/packet-kafka.c b/epan/dissectors/packet-kafka.c -index 2b6b179fb2..bc23feae65 100644 ---- a/epan/dissectors/packet-kafka.c -+++ b/epan/dissectors/packet-kafka.c -@@ -1909,6 +1909,7 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, uint32_t length - count++; - DISSECTOR_ASSERT_HINT(count < MAX_LOOP_ITERATIONS, "MAX_LOOP_ITERATIONS exceeded"); - } -+ ret = composite_tvb != NULL; - - } else { - -@@ -1918,9 +1919,9 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, uint32_t length - goto end; - } - *decompressed_offset = 0; -+ ret = true; - - } -- ret = true; - end: - if (composite_tvb) { - tvb_composite_finalize(composite_tvb); --- -2.41.1 - diff --git a/0001-MEGACO-Handle-tvb_get_uint8-returning-1.patch b/0001-MEGACO-Handle-tvb_get_uint8-returning-1.patch deleted file mode 100644 index 5d806da..0000000 --- a/0001-MEGACO-Handle-tvb_get_uint8-returning-1.patch +++ /dev/null @@ -1,46 +0,0 @@ -From e4f3706e1bb9ea0cc710193762be9ab36c18d207 Mon Sep 17 00:00:00 2001 -From: AndersBroman -Date: Mon, 1 Dec 2025 08:41:55 +0100 -Subject: [PATCH] MEGACO: Handle tvb_get_uint8 returning -1 - -When dissecting a media descriptor, handle tvb_get_uint8 returning --1 when searching for a left or right bracket and not finding it -by setting the bracket offset to the end offset so that the loop -will exit. Leaving it at -1 can cause going backwards and at worst -infinite loops. - -Fix #20884 - - -(cherry picked from commit aba1fbe6266beb6bf9b887b6eab008e4f4841c9b) - -Co-authored-by: John Thacker ---- - epan/dissectors/packet-megaco.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/epan/dissectors/packet-megaco.c b/epan/dissectors/packet-megaco.c -index 011e3398f2..42b606f512 100644 ---- a/epan/dissectors/packet-megaco.c -+++ b/epan/dissectors/packet-megaco.c -@@ -1772,8 +1772,15 @@ dissect_megaco_mediadescriptor(tvbuff_t *tvb, proto_tree *megaco_tree_command_li - mediaParm = find_megaco_mediaParm_names(tvb, tvb_current_offset, tokenlen); - - tvb_LBRKT = tvb_find_uint8(tvb, tvb_next_offset , tvb_last_RBRKT, '{'); -- tvb_next_offset = tvb_find_uint8(tvb, tvb_current_offset+1 , tvb_last_RBRKT, '}'); -- tvb_RBRKT = tvb_next_offset; -+ if (tvb_LBRKT == -1) { -+ // Not found, use the end offset. -+ tvb_LBRKT = tvb_last_RBRKT; -+ } -+ tvb_RBRKT = tvb_find_uint8(tvb, tvb_current_offset+1 , tvb_last_RBRKT, '}'); -+ if (tvb_RBRKT == -1) { -+ // Not found, use the end offset. -+ tvb_RBRKT = tvb_last_RBRKT; -+ } - - switch ( mediaParm ){ - case MEGACO_LOCAL_TOKEN: --- -2.41.1 - diff --git a/0001-Mongo-Avoid-infinite-loop-in-dissect_op_msg_section.patch b/0001-Mongo-Avoid-infinite-loop-in-dissect_op_msg_section.patch deleted file mode 100644 index 3e61e6f..0000000 --- a/0001-Mongo-Avoid-infinite-loop-in-dissect_op_msg_section.patch +++ /dev/null @@ -1,96 +0,0 @@ -From ac504cd5de02a3700702409e445122a93b3cad25 Mon Sep 17 00:00:00 2001 -From: John Thacker -Date: Tue, 23 Sep 2025 11:21:14 +0000 -Subject: [PATCH] Mongo: Avoid infinite loop in dissect_op_msg_section - -If the size of a a OP_MSG data section is indicated as -1, that -leads to advancing the offset by section_len + 1, or zero, which -causes an infinite loop. - -The total message and section lengths in Mongo are signed int32s; -it is impossible for them to be negative, and impossible for the -section length to be INT_MAX (since the message length includes -the length of the four byte headers and flag bits.) - -Throw an error to avoid the offset moving backwards, an infinite loop, -or signed integer overflow. - -Also update some URLs to their new locations. - -Fix #20724. - - -(cherry picked from commit 1ec4709cab382f7077ba66d2e382c2e75ce335c1) - -Co-authored-by: John Thacker ---- - epan/dissectors/packet-mongo.c | 19 +++++++++++++++---- - 1 file changed, 15 insertions(+), 4 deletions(-) - -diff --git a/epan/dissectors/packet-mongo.c b/epan/dissectors/packet-mongo.c -index d943a7090d..fae141183f 100644 ---- a/epan/dissectors/packet-mongo.c -+++ b/epan/dissectors/packet-mongo.c -@@ -12,9 +12,9 @@ - - /* - * See Mongo Wire Protocol Specification -- * http://www.mongodb.org/display/DOCS/Mongo+Wire+Protocol -+ * https://www.mongodb.com/docs/manual/reference/mongodb-wire-protocol/ - * See also BSON Specification -- * http://bsonspec.org/#/specification -+ * http://bsonspec.org/spec.html - */ - - #include "config.h" -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - #include // CRC32C_PRELOAD - #include // crc32c_tvb_offset_calculate - #include "packet-tcp.h" -@@ -290,6 +291,7 @@ static int ett_mongo_doc_sequence; - - static expert_field ei_mongo_document_recursion_exceeded; - static expert_field ei_mongo_document_length_bad; -+static expert_field ei_mongo_section_size_bad; - static expert_field ei_mongo_unknown; - static expert_field ei_mongo_unsupported_compression; - static expert_field ei_mongo_too_large_compressed; -@@ -825,13 +827,21 @@ dissect_op_msg_section(tvbuff_t *tvb, packet_info *pinfo, unsigned offset, proto - int section_len = -1; /* Section length */ - - e_type = tvb_get_uint8(tvb, offset); -- section_len = tvb_get_letohl(tvb, offset+1); - -- ti = proto_tree_add_item(tree, hf_mongo_msg_sections_section, tvb, offset, 1 + section_len, ENC_NA); -+ ti = proto_tree_add_item(tree, hf_mongo_msg_sections_section, tvb, offset, 1, ENC_NA); - section_tree = proto_item_add_subtree(ti, ett_mongo_section); - proto_tree_add_item(section_tree, hf_mongo_msg_sections_section_kind, tvb, offset, 1, ENC_LITTLE_ENDIAN); - offset += 1; - -+ section_len = tvb_get_letohil(tvb, offset); -+ /* The section length must be strictly smaller than the total message size, -+ * both signed int32s. This prevents signed integer overflow. */ -+ if (section_len < 0 || section_len == INT32_MAX) { -+ proto_tree_add_expert_format(section_tree, pinfo, &ei_mongo_section_size_bad, tvb, offset, 4, "Bogus Mongo message section size: %i", section_len); -+ THROW(ReportedBoundsError); -+ } -+ proto_item_set_len(ti, 1 + section_len); -+ - switch (e_type) { - case KIND_BODY: - section_len = dissect_bson_document(tvb, pinfo, offset, section_tree, hf_mongo_msg_sections_section_body); -@@ -1567,6 +1577,7 @@ proto_register_mongo(void) - static ei_register_info ei[] = { - { &ei_mongo_document_recursion_exceeded, { "mongo.document.recursion_exceeded", PI_MALFORMED, PI_ERROR, "BSON document recursion exceeds", EXPFILL }}, - { &ei_mongo_document_length_bad, { "mongo.document.length.bad", PI_MALFORMED, PI_ERROR, "BSON document length bad", EXPFILL }}, -+ { &ei_mongo_section_size_bad, { "mongo.msg.sections.section.size.bad", PI_MALFORMED, PI_ERROR, "Bogus Mongo message section size", EXPFILL }}, - { &ei_mongo_unknown, { "mongo.unknown.expert", PI_UNDECODED, PI_WARN, "Unknown Data (not interpreted)", EXPFILL }}, - { &ei_mongo_unsupported_compression, { "mongo.unsupported_compression.expert", PI_UNDECODED, PI_WARN, "This packet was compressed with an unsupported compressor", EXPFILL }}, - { &ei_mongo_too_large_compressed, { "mongo.too_large_compressed.expert", PI_UNDECODED, PI_WARN, "The size of the uncompressed packet exceeded the maximum allowed value", EXPFILL }}, --- -2.41.1 - diff --git a/sources b/sources index fd935f5..36df0a4 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -SHA512 (wireshark-4.4.9.tar.xz) = a4f13bc0c8b1c08dfed8fe8e88997e5378c0ad1f9eeb972ea07cd85e7c7140b17f63ec9efce286b636abea7b99b9f54a640852a2ec4a36bfab96c6cf08e4772d - +SHA512 (wireshark-4.6.3.tar.xz) = 99ee0c5a12138b421646a5d5f4ac7175558997033a0cfc4335421b8c9fae433c4cd2c9a8842e79f6faee276f8d23ccfe7749791e4f8bbb971e7e694d44eca581 diff --git a/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch b/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch deleted file mode 100644 index 7e9cb39..0000000 --- a/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch +++ /dev/null @@ -1,18 +0,0 @@ -From: Peter Hatina -Date: Wed, 4 Sep 2013 10:03:57 +0200 -Subject: [PATCH] fix string overrun in plugins/profinet - - -diff --git a/plugins/epan/profinet/packet-dcom-cba.c b/plugins/epan/profinet/packet-dcom-cba.c -index 52c5017e1f..fb980269db 100644 ---- a/plugins/epan/profinet/packet-dcom-cba.c -+++ b/plugins/epan/profinet/packet-dcom-cba.c -@@ -543,7 +543,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset, - packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) - { - uint32_t u32Pointer; -- char szStr[1000]; -+ char szStr[1000] = ""; - uint32_t u32MaxStr = sizeof(szStr); - char *call; - diff --git a/wireshark-0006-Move-tmp-to-var-tmp.patch b/wireshark-0006-Move-tmp-to-var-tmp.patch index a856286..01f0a4a 100644 --- a/wireshark-0006-Move-tmp-to-var-tmp.patch +++ b/wireshark-0006-Move-tmp-to-var-tmp.patch @@ -19,10 +19,10 @@ to use different directory on different filesystem. create mode 100644 wsutil/wstmpdir.h diff --git a/ui/qt/iax2_analysis_dialog.cpp b/ui/qt/iax2_analysis_dialog.cpp -index 07b9b42e01..fb09de989b 100644 +index cdbd865..a2d24c5 100644 --- a/ui/qt/iax2_analysis_dialog.cpp +++ b/ui/qt/iax2_analysis_dialog.cpp -@@ -25,6 +25,7 @@ +@@ -24,6 +24,7 @@ #include "ui/rtp_stream.h" #endif #include @@ -30,19 +30,18 @@ index 07b9b42e01..fb09de989b 100644 #include #include -@@ -255,10 +256,10 @@ Iax2AnalysisDialog::Iax2AnalysisDialog(QWidget &parent, CaptureFile &cf) : +@@ -252,9 +253,9 @@ Iax2AnalysisDialog::Iax2AnalysisDialog(QWidget &parent, CaptureFile &cf) : // We keep our temp files open for the lifetime of the dialog. The GTK+ // UI opens and closes at various points. -- QString tempname = QString("%1/wireshark_iax2_f").arg(QDir::tempPath()); -+ QString tempname = QString("%1/wireshark_iax2_f").arg(get_tmp_dir()); +- QString tempname = QStringLiteral("%1/wireshark_iax2_f").arg(QDir::tempPath()); ++ QString tempname = QStringLiteral("%1/wireshark_iax2_f").arg(get_tmp_dir()); fwd_tempfile_ = new QTemporaryFile(tempname, this); - fwd_tempfile_->open(); -- tempname = QString("%1/wireshark_iax2_r").arg(QDir::tempPath()); -+ tempname = QString("%1/wireshark_iax2_r").arg(get_tmp_dir()); +- tempname = QStringLiteral("%1/wireshark_iax2_r").arg(QDir::tempPath()); ++ tempname = QStringLiteral("%1/wireshark_iax2_r").arg(get_tmp_dir()); rev_tempfile_ = new QTemporaryFile(tempname, this); - rev_tempfile_->open(); + if (!fwd_tempfile_->open() || fwd_tempfile_->error() != QFile::NoError || !rev_tempfile_->open() || rev_tempfile_->error() != QFile::NoError) { diff --git a/ui/qt/utils/rtp_audio_file.cpp b/ui/qt/utils/rtp_audio_file.cpp index 591a63bbf3..203f5c5286 100644 --- a/ui/qt/utils/rtp_audio_file.cpp @@ -59,8 +58,8 @@ index 591a63bbf3..203f5c5286 100644 tempname = "memory"; if (use_disk_for_temp) { -- tempname = QString("%1/wireshark_rtp_stream").arg(QDir::tempPath()); -+ tempname = QString("%1/wireshark_rtp_stream").arg(get_tmp_dir()); +- tempname = QStringLiteral("%1/wireshark_rtp_stream").arg(QDir::tempPath()); ++ tempname = QStringLiteral("%1/wireshark_rtp_stream").arg(get_tmp_dir()); sample_file_ = new QTemporaryFile(tempname, this); } else { sample_file_ = new QBuffer(this); @@ -256,13 +255,13 @@ index ea11122..982ba1a 100644 --- a/ui/qt/about_dialog.cpp +++ b/ui/qt/about_dialog.cpp @@ -14,6 +14,7 @@ + #include #include "main_application.h" - #include +#include /* for get_tmp_dir() */ - #include - #include + #include + @@ -204,7 +205,7 @@ FolderListModel::FolderListModel(QObject * parent): appendRow(QStringList() << tr("\"File\" dialog location") << get_open_dialog_initial_dir() << tr("Capture files")); diff --git a/wireshark-0008-pkgconfig.patch b/wireshark-0008-pkgconfig.patch index e32958a..b5df5b2 100644 --- a/wireshark-0008-pkgconfig.patch +++ b/wireshark-0008-pkgconfig.patch @@ -1,13 +1,13 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 17fa031..6876018 100644 +index e6095ac..71a04e8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -4175,8 +4175,6 @@ endif() - +@@ -4309,8 +4309,6 @@ endif() + cmake_path(SET TMP_DST_PATH NORMALIZE "${CMAKE_INSTALL_LIBDIR}/pkgconfig") install(FILES "${CMAKE_BINARY_DIR}/resources/wireshark.pc" - DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig + DESTINATION ${TMP_DST_PATH} - COMPONENT "Development" - EXCLUDE_FROM_ALL ) - install( + cmake_path(SET TMP_DST_PATH NORMALIZE "${CMAKE_INSTALL_DATADIR}/${PROJECT_NAME}") diff --git a/wireshark-0009-remove-strato-manpages.patch b/wireshark-0009-remove-strato-manpages.patch new file mode 100644 index 0000000..a96d329 --- /dev/null +++ b/wireshark-0009-remove-strato-manpages.patch @@ -0,0 +1,39 @@ +diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt +index adcfa0c..fd92872 100644 +--- a/doc/CMakeLists.txt ++++ b/doc/CMakeLists.txt +@@ -40,8 +40,6 @@ endmacro() + + ADD_MAN_PAGE(wireshark 1) + ADD_MAN_PAGE(tshark 1) +-ADD_MAN_PAGE(stratoshark 1) +-ADD_MAN_PAGE(strato 1) + + ADD_MAN_PAGE(androiddump 1) + ADD_MAN_PAGE(capinfos 1) +@@ -55,10 +53,8 @@ ADD_MAN_PAGE(randpktdump 1) + ADD_MAN_PAGE(etwdump 1) + ADD_MAN_PAGE(rawshark 1) + ADD_MAN_PAGE(reordercap 1) +-ADD_MAN_PAGE(sshdig 1) + ADD_MAN_PAGE(sshdump 1) + ADD_MAN_PAGE(text2pcap 1) +-ADD_MAN_PAGE(falcodump 1) + ADD_MAN_PAGE(udpdump 1) + ADD_MAN_PAGE(wifidump 1) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 71a04e8..a797ad1 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -2272,10 +2272,7 @@ if (ASCIIDOCTOR_FOUND) + ${CMAKE_BINARY_DIR}/doc/man_pages/etwdump.html + ${CMAKE_BINARY_DIR}/doc/man_pages/rawshark.html + ${CMAKE_BINARY_DIR}/doc/man_pages/reordercap.html +- ${CMAKE_BINARY_DIR}/doc/man_pages/sshdig.html + ${CMAKE_BINARY_DIR}/doc/man_pages/sshdump.html +- ${CMAKE_BINARY_DIR}/doc/man_pages/strato.html +- ${CMAKE_BINARY_DIR}/doc/man_pages/stratoshark.html + ${CMAKE_BINARY_DIR}/doc/man_pages/wifidump.html + ${CMAKE_BINARY_DIR}/doc/man_pages/text2pcap.html + ${CMAKE_BINARY_DIR}/doc/man_pages/tshark.html diff --git a/wireshark.spec b/wireshark.spec index 44109b0..f26b1ad 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,10 +1,10 @@ %undefine __cmake_in_source_build -%global plugins_version 4.4 +%global plugins_version 4.6 Summary: Network traffic analyzer Name: wireshark -Version: 4.4.9 -Release: 5%{?dist} +Version: 4.6.3 +Release: 1%{?dist} License: GPL+ Url: http://www.wireshark.org/ @@ -12,20 +12,13 @@ Source0: https://wireshark.org/download/src/%{name}-%{version}.tar.xz Source1: 90-wireshark-usbmon.rules Source2: wireshark.sysusers -# CVE-2025-11626 -Patch0001: 0001-Mongo-Avoid-infinite-loop-in-dissect_op_msg_section.patch -# CVE-2025-13499 -Patch0002: 0001-Kafka-Fix-decompress_snappy-with-no-xerial-chunks.patch -# CVE-2025-13946 -Patch0003: 0001-MEGACO-Handle-tvb_get_uint8-returning-1.patch - Patch3000: wireshark-0002-Customize-permission-denied-error.patch -Patch3001: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch -Patch3002: wireshark-0004-Restore-Fedora-specific-groups.patch -Patch3003: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch -Patch3004: wireshark-0006-Move-tmp-to-var-tmp.patch -Patch3005: wireshark-0007-cmakelists.patch -Patch3006: wireshark-0008-pkgconfig.patch +Patch3001: wireshark-0004-Restore-Fedora-specific-groups.patch +Patch3002: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch +Patch3003: wireshark-0006-Move-tmp-to-var-tmp.patch +Patch3004: wireshark-0007-cmakelists.patch +Patch3005: wireshark-0008-pkgconfig.patch +Patch3006: wireshark-0009-remove-strato-manpages.patch BuildRequires: qt5-qtbase-devel qt5-qtmultimedia-devel qt5-qtsvg-devel BuildRequires: systemd-devel libnghttp2-devel systemd-rpm-macros qt5-qttools-devel qt5-linguist @@ -37,6 +30,8 @@ BuildRequires: libcap-devel libgcrypt-devel libpcap-devel >= 0.9 libnl3-devel BuildRequires: gnutls-devel krb5-devel libselinux-devel BuildRequires: elfutils-devel gcc-c++ glib2-devel BuildRequires: bzip2-devel c-ares-devel speexdsp-devel +# Required for XML parsing support; fixes CMake error "Could NOT find LibXml2" +BuildRequires: libxml2-devel >= 2.9.7 Requires: %{name}-cli = %{version}-%{release} Requires: xdg-utils @@ -153,6 +148,7 @@ fi %{_bindir}/capinfos %{_bindir}/captype %{_bindir}/editcap +%{_bindir}/dftest %{_bindir}/mergecap %{_bindir}/randpkt %{_bindir}/reordercap @@ -164,13 +160,14 @@ fi %attr(0750, root, wireshark) %caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap %{_udevrulesdir}/90-wireshark-usbmon.rules %{_libdir}/lib*.so.* -%dir %{_libdir}/wireshark -%dir %{_libdir}/wireshark/extcap +%dir %{_libexecdir}/wireshark +%dir %{_libexecdir}/wireshark/extcap %dir %{_libdir}/wireshark/plugins -%{_libdir}/wireshark/extcap/udpdump -%{_libdir}/wireshark/extcap/sdjournal -%{_libdir}/wireshark/extcap/dpauxmon -%{_libdir}/wireshark/extcap/androiddump +%dir %{_libdir}/wireshark +%{_libexecdir}/wireshark/extcap/udpdump +%{_libexecdir}/wireshark/extcap/sdjournal +%{_libexecdir}/wireshark/extcap/dpauxmon +%{_libexecdir}/wireshark/extcap/androiddump %dir %{_libdir}/wireshark/plugins/%{plugins_version} %dir %{_libdir}/wireshark/plugins/%{plugins_version}/epan %dir %{_libdir}/wireshark/plugins/%{plugins_version}/wiretap @@ -200,7 +197,6 @@ fi %{_mandir}/man1/dpauxmon.* %{_mandir}/man1/sdjournal.* %{_mandir}/man1/etwdump.1.gz -%{_mandir}/man1/falcodump.* %{_mandir}/man4/extcap.* %{_datadir}/doc/wireshark/* %{_mandir}/man1/mmdbresolve.* @@ -214,6 +210,10 @@ fi %{_libdir}/cmake/%{name}/*.cmake %changelog +* Thu Jan 29 2026 Miaojun Dong - 4.6.3-1 +- Upgrade to version 4.6.3 +- Fix CVE-2026-0959, CVE-2026-0960, CVE-2026-0961 and CVE-2026-0962 + * Thu Dec 11 2025 Miaojun Dong - 4.4.9-5 - Fix CVE-2025-13946 -- Gitee