diff --git a/CVE-2022-3190.patch b/CVE-2022-3190.patch deleted file mode 100644 index 3dcc2f761f00b062583ba53dfa6e39deb45fde11..0000000000000000000000000000000000000000 --- a/CVE-2022-3190.patch +++ /dev/null @@ -1,143 +0,0 @@ -From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001 -From: Jason Cohen -Date: Wed, 31 Aug 2022 11:10:17 -0500 -Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic - -Remove a chance for an infinate loop in the disection heuristic. ---- - epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++------------- - 1 file changed, 56 insertions(+), 52 deletions(-) - -diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c -index b2ba8f899d..915348ea83 100644 ---- a/epan/dissectors/packet-f5ethtrailer.c -+++ b/epan/dissectors/packet-f5ethtrailer.c -@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d - static gint - dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) - { -- proto_tree *type_tree = NULL; -- proto_item *ti = NULL; - guint offset = 0; -- guint processed = 0; -- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; -- guint8 type; -- guint8 len; -- guint8 ver; - - /* While we still have data in the trailer. For old format trailers, this needs - * type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes). - * All old format trailers are at least 4 bytes long, so just check for length of magic. - */ -- while (tvb_reported_length_remaining(tvb, offset)) { -- type = tvb_get_guint8(tvb, offset); -- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; -- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); -- -- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW -- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE -- && ver <= F5TRAILER_VER_MAX) { -- /* Parse out the specified trailer. */ -- switch (type) { -- case F5TYPE_LOW: -- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); -- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); -- -- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -- if (processed > 0) { -- tdata->trailer_len += processed; -- tdata->noise_low = 1; -- } -- break; -- case F5TYPE_MED: -- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); -- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); -- -- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -- if (processed > 0) { -- tdata->trailer_len += processed; -- tdata->noise_med = 1; -- } -- break; -- case F5TYPE_HIGH: -- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); -- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); -- -- processed = -- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -- if (processed > 0) { -- tdata->trailer_len += processed; -- tdata->noise_high = 1; -- } -- break; -+ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) { -+ /* length field does not include the type and length bytes. Add them back in */ -+ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; -+ if (len > tvb_reported_length_remaining(tvb, offset) -+ || len < F5_MIN_SANE || len > F5_MAX_SANE) { -+ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */ -+ return offset; -+ } -+ guint8 type = tvb_get_guint8(tvb, offset); -+ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); -+ -+ /* Parse out the specified trailer. */ -+ proto_tree *type_tree = NULL; -+ proto_item *ti = NULL; -+ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; -+ guint processed = 0; -+ -+ switch (type) { -+ case F5TYPE_LOW: -+ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); -+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); -+ -+ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -+ if (processed > 0) { -+ tdata->trailer_len += processed; -+ tdata->noise_low = 1; - } -- if (processed == 0) { -- proto_item_set_len(ti, 1); -- return offset; -+ break; -+ case F5TYPE_MED: -+ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); -+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); -+ -+ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -+ if (processed > 0) { -+ tdata->trailer_len += processed; -+ tdata->noise_med = 1; -+ } -+ break; -+ case F5TYPE_HIGH: -+ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); -+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); -+ -+ processed = -+ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -+ if (processed > 0) { -+ tdata->trailer_len += processed; -+ tdata->noise_high = 1; - } -+ break; -+ default: -+ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/ -+ return offset; -+ } -+ if (processed == 0) { -+ /* couldn't process trailer - bali out */ -+ proto_item_set_len(ti, 1); -+ return offset; - } - offset += processed; - } --return offset; -+ return offset; - } /* dissect_old_trailer() */ - - /*---------------------------------------------------------------------------*/ --- -GitLab - diff --git a/CVE-2022-3725.patch b/CVE-2022-3725.patch deleted file mode 100644 index 4539967cc0966c72be0f447ce4d9c6d3c78e0f03..0000000000000000000000000000000000000000 --- a/CVE-2022-3725.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 5db46d3a7c0f6481361a4a007de125ab92bfb674 Mon Sep 17 00:00:00 2001 -From: John Thacker -Date: Mon, 26 Sep 2022 19:55:59 -0400 -Subject: [PATCH] opus: Don't overflow a signed 16-bit integer - -The internal sample rate of 48KHz overflows a signed 16-bit -integer, and causes incorrect calculations. Use an unsigned integer. - -Fix #18378 - - -(cherry picked from commit 749a8d091200b43175268689996471b59fa34266) ---- - epan/dissectors/packet-opus.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/epan/dissectors/packet-opus.c b/epan/dissectors/packet-opus.c -index 9451fed0a1..54a83a007e 100644 ---- a/epan/dissectors/packet-opus.c -+++ b/epan/dissectors/packet-opus.c -@@ -128,7 +128,7 @@ parse_size_field(const unsigned char *ch, int32_t cn, int16_t *size) - } - - static int16_t --opus_packet_get_samples_per_frame(const unsigned char *data, int16_t Fs) -+opus_packet_get_samples_per_frame(const unsigned char *data, uint16_t Fs) - { - int audiosize; - if (data[0] & 0x80) { --- -GitLab - diff --git a/SIGNATURES-3.6.11.txt b/SIGNATURES-3.6.11.txt new file mode 100644 index 0000000000000000000000000000000000000000..f0154c6059f9a44e4989cf396ab60526cbdb259a Binary files /dev/null and b/SIGNATURES-3.6.11.txt differ diff --git a/SIGNATURES-3.6.3.txt b/SIGNATURES-3.6.3.txt deleted file mode 100644 index 232c0f8eb9aece80c839edb0a387b63030bf1bb3..0000000000000000000000000000000000000000 Binary files a/SIGNATURES-3.6.3.txt and /dev/null differ diff --git a/wireshark-0002-Customize-permission-denied-error.patch b/wireshark-0002-Customize-permission-denied-error.patch deleted file mode 100644 index cad466301e6c266625009faa3f0f5d9a0b5787f2..0000000000000000000000000000000000000000 --- a/wireshark-0002-Customize-permission-denied-error.patch +++ /dev/null @@ -1,57 +0,0 @@ -From: Jan Safranek -Date: Fri, 26 Nov 2010 14:30:45 +0300 -Subject: [PATCH] Customize 'permission denied' error. - -Add Fedora-specific message to error output when dumpcap cannot be started -because of permissions. - -Signed-off-by: Jan Safranek - -diff --git a/capture/capture_sync.c b/capture/capture_sync.c -index 2f9d2cc..b18e47f 100644 ---- a/capture/capture_sync.c -+++ b/capture/capture_sync.c -@@ -375,6 +375,7 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, voi - gchar *signal_pipe_name; - #else - char errmsg[1024+1]; -+ const char *securitymsg = ""; - int sync_pipe[2]; /* pipe used to send messages from child to parent */ - enum PIPES { PIPE_READ, PIPE_WRITE }; /* Constants 0 and 1 for PIPE_READ and PIPE_WRITE */ - #endif -@@ -728,8 +729,11 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, voi - dup2(sync_pipe[PIPE_WRITE], 2); - ws_close(sync_pipe[PIPE_READ]); - execv(argv[0], argv); -- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s", -- argv[0], g_strerror(errno)); -+ if (errno == EPERM || errno == EACCES) -+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root."; -+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s%s", -+ argv[0], g_strerror(errno), securitymsg); -+ - sync_pipe_errmsg_to_parent(2, errmsg, ""); - - /* Exit with "_exit()", so that we don't close the connection -@@ -826,6 +830,7 @@ sync_pipe_open_command(char** argv, int *data_read_fd, - int i; - #else - char errmsg[1024+1]; -+ const char *securitymsg = ""; - int sync_pipe[2]; /* pipe used to send messages from child to parent */ - int data_pipe[2]; /* pipe used to send data from child to parent */ - #endif -@@ -1003,8 +1008,11 @@ sync_pipe_open_command(char** argv, int *data_read_fd, - ws_close(sync_pipe[PIPE_READ]); - ws_close(sync_pipe[PIPE_WRITE]); - execv(argv[0], argv); -- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s", -- argv[0], g_strerror(errno)); -+ execv(argv[0], (gpointer)argv); -+ if (errno == EPERM || errno == EACCES) -+ securitymsg = "\nAre you a member of the 'wireshark' group? Try running\n'usermod -a -G wireshark _your_username_' as root."; -+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s%s", -+ argv[0], g_strerror(errno), securitymsg); - sync_pipe_errmsg_to_parent(2, errmsg, ""); - - /* Exit with "_exit()", so that we don't close the connection diff --git a/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch b/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch deleted file mode 100644 index 8277a8c40ce7d777f7ec33cb734247a8fde79218..0000000000000000000000000000000000000000 --- a/wireshark-0003-fix-string-overrun-in-plugins-profinet.patch +++ /dev/null @@ -1,18 +0,0 @@ -From: Peter Hatina -Date: Wed, 4 Sep 2013 10:03:57 +0200 -Subject: [PATCH] fix string overrun in plugins/profinet - - -diff --git a/plugins/epan/profinet/packet-dcom-cba.c b/plugins/epan/profinet/packet-dcom-cba.c -index 0f1658a..f7fd322 100644 ---- a/plugins/epan/profinet/packet-dcom-cba.c -+++ b/plugins/epan/profinet/packet-dcom-cba.c -@@ -555,7 +555,7 @@ dissect_ICBAPhysicalDevice_get_LogicalDevice_rqst(tvbuff_t *tvb, int offset, - packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) - { - guint32 u32Pointer; -- gchar szStr[1000]; -+ gchar szStr[1000] = ""; - guint32 u32MaxStr = sizeof(szStr); - gchar *call; - diff --git a/wireshark-0004-Restore-Fedora-specific-groups.patch b/wireshark-0004-Restore-Fedora-specific-groups.patch deleted file mode 100644 index 4ec1140c0b7ce1e1f1b204730d5737130c56f4a3..0000000000000000000000000000000000000000 --- a/wireshark-0004-Restore-Fedora-specific-groups.patch +++ /dev/null @@ -1,15 +0,0 @@ -From: Peter Lemenkov -Date: Fri, 13 Sep 2013 14:36:55 +0400 -Subject: [PATCH] Restore Fedora-specific groups - -Signed-off-by: Peter Lemenkov -diff --git a/org.wireshark.Wireshark.desktop b/org.wireshark.Wireshark.desktop -index 334db48..669c6f1 100644 ---- a/org.wireshark.Wireshark.desktop -+++ b/org.wireshark.Wireshark.desktop -@@ -108,4 +108,4 @@ Terminal=false - MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr; - # Category entry according to: - # https://specifications.freedesktop.org/menu-spec/1.0/ --Categories=Network;Monitor;Qt; -+Categories=Application;Network;Monitor;Qt; diff --git a/wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch b/wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch deleted file mode 100644 index e2c5b99db9c896372b78fe0dc6f7df7d9cc14d08..0000000000000000000000000000000000000000 --- a/wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch +++ /dev/null @@ -1,20 +0,0 @@ -From: Kenneth Soerensen -Date: Wed, 29 Jan 2014 16:04:12 +0400 -Subject: [PATCH] Fix paths in a org.wireshark.Wireshark.desktop file - - -diff --git a/org.wireshark.Wireshark.desktop b/org.wireshark.Wireshark.desktop -index 669c6f1..f7df1f3 100644 ---- a/org.wireshark.Wireshark.desktop -+++ b/org.wireshark.Wireshark.desktop -@@ -102,8 +102,8 @@ Comment[tr]=Ağ trafiği çözümleyicisi - Comment[vi]=Trình phân tích giao thông mạng - Comment[uk]=Аналізатор мережевого трафіку - Icon=org.wireshark.Wireshark --TryExec=wireshark --Exec=wireshark %f -+TryExec=/usr/bin/wireshark -+Exec=/usr/bin/wireshark %f - Terminal=false - MimeType=application/vnd.tcpdump.pcap;application/x-pcapng;application/x-snoop;application/x-iptrace;application/x-lanalyzer;application/x-nettl;application/x-radcom;application/x-etherpeek;application/x-visualnetworks;application/x-netinstobserver;application/x-5view;application/x-tektronix-rf5;application/x-micropross-mplog;application/x-apple-packetlogger;application/x-endace-erf;application/ipfix;application/x-ixia-vwr; - # Category entry according to: diff --git a/wireshark-0006-Move-tmp-to-var-tmp.patch b/wireshark-0006-Move-tmp-to-var-tmp.patch deleted file mode 100644 index 268cbaffd81cb8f1b9dbefc5ee824bc653b01da1..0000000000000000000000000000000000000000 --- a/wireshark-0006-Move-tmp-to-var-tmp.patch +++ /dev/null @@ -1,269 +0,0 @@ -From cb54210f7f02b07768cfbf49ae266d487f580e1b Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Thu, 29 Jun 2017 15:32:58 +0200 -Subject: [PATCH] Move /tmp to /var/tmp - -Fedora is using tmpfs which is limited by the size of RAM, thus we need -to use different directory on different filesystem. ---- - ui/qt/about_dialog.cpp | 3 +- - ui/qt/iax2_analysis_dialog.cpp | 5 +-- - ui/qt/rtp_analysis_dialog.cpp | 5 +-- - ui/qt/rtp_audio_stream.cpp | 3 +- - wsutil/tempfile.c | 9 +++--- - wsutil/tempfile.h | 4 +-- - wsutil/wstmpdir.c | 70 ++++++++++++++++++++++++++++++++++++++++++ - wsutil/wstmpdir.h | 39 +++++++++++++++++++++++ - 8 files changed, 132 insertions(+), 11 deletions(-) - create mode 100644 wsutil/wstmpdir.c - create mode 100644 wsutil/wstmpdir.h - -diff --git a/ui/qt/about_dialog.cpp b/ui/qt/about_dialog.cpp -index 31dc581..2f74285 100644 ---- a/ui/qt/about_dialog.cpp -+++ b/ui/qt/about_dialog.cpp -@@ -26,6 +26,7 @@ - - #include "wireshark_application.h" - #include -+#include /* for get_tmp_dir() */ - - #include - #include -@@ -206,7 +206,7 @@ FolderListModel::FolderListModel(QObject * parent): - appendRow(QStringList() << tr("\"File\" dialogs") << get_last_open_dir() << tr("capture files")); - - /* temp */ -- appendRow(QStringList() << tr("Temp") << g_get_tmp_dir() << tr("untitled capture files")); -+ appendRow(QStringList() << tr("Temp") << get_tmp_dir() << tr("untitled capture files")); - - /* pers conf */ - appendRow(QStringList() << tr("Personal configuration") -diff --git a/ui/qt/iax2_analysis_dialog.cpp b/ui/qt/iax2_analysis_dialog.cpp -index ee4e5fd..fe17a95 100644 ---- a/ui/qt/iax2_analysis_dialog.cpp -+++ b/ui/qt/iax2_analysis_dialog.cpp -@@ -37,6 +37,7 @@ - #include "ui/rtp_stream.h" - #endif - #include -+#include /* for get_tmp_dir() */ - - #include - #include -@@ -271,10 +272,10 @@ Iax2AnalysisDialog::Iax2AnalysisDialog(QWidget &parent, CaptureFile &cf) : - - // We keep our temp files open for the lifetime of the dialog. The GTK+ - // UI opens and closes at various points. -- QString tempname = QString("%1/wireshark_iax2_f").arg(QDir::tempPath()); -+ QString tempname = QString("%1/wireshark_iax2_f").arg(get_tmp_dir()); - fwd_tempfile_ = new QTemporaryFile(tempname, this); - fwd_tempfile_->open(); -- tempname = QString("%1/wireshark_iax2_r").arg(QDir::tempPath()); -+ tempname = QString("%1/wireshark_iax2_r").arg(get_tmp_dir()); - rev_tempfile_ = new QTemporaryFile(tempname, this); - rev_tempfile_->open(); - -diff --git a/ui/qt/utils/rtp_audio_file.cpp b/ui/qt/utils/rtp_audio_file.cpp -index 591a63b..203f5c5 100644 ---- a/ui/qt/utils/rtp_audio_file.cpp -+++ b/ui/qt/utils/rtp_audio_file.cpp -@@ -31,6 +31,7 @@ - - #include "rtp_audio_file.h" - #include -+#include /* for get_tmp_dir() */ - - RtpAudioFile::RtpAudioFile(bool use_disk_for_temp, bool use_disk_for_frames): - real_pos_(0) -@@ -45,7 +46,7 @@ RtpAudioFile::RtpAudioFile(bool use_disk_for_temp, bool use_disk_for_frames): - - tempname = "memory"; - if (use_disk_for_temp) { -- tempname = QString("%1/wireshark_rtp_stream").arg(QDir::tempPath()); -+ tempname = QString("%1/wireshark_rtp_stream").arg(get_tmp_dir()); - sample_file_ = new QTemporaryFile(tempname, this); - } else { - sample_file_ = new QBuffer(this); -diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c -index 5082452..f751a7c 100644 ---- a/wsutil/tempfile.c -+++ b/wsutil/tempfile.c -@@ -12,10 +12,12 @@ - - #include - #include "tempfile.h" -+#include -+#include /* for get_tmp_dir() */ - - /** - * Create a tempfile with the given prefix (e.g. "wireshark"). The path -- * is created using g_file_open_tmp. -+ * is created using get_tmp_dir. - * - * @param namebuf [in,out] If not NULL, receives the full path of the temp file. - * Must be freed. -@@ -30,6 +31,9 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err) - { - int fd; - gchar *safe_pfx = NULL; -+ gchar *tmp_file; -+ const char *tmp_dir; -+ int old_mask; - - if (pfx) { - /* The characters in "delimiters" come from: -@@ -49,7 +53,15 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err) - gchar* filetmpl = g_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : ""); - g_free(safe_pfx); - -- fd = g_file_open_tmp(filetmpl, namebuf, err); -+ tmp_dir = get_tmp_dir(); -+ tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL); -+ -+ if (namebuf) -+ *namebuf = tmp_file; -+ -+ old_mask = ws_umask(0077); -+ fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0); -+ ws_umask(old_mask); - - g_free(filetmpl); - return fd; -diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h -index 1dca2df..bb3160c 100644 ---- a/wsutil/tempfile.h -+++ b/wsutil/tempfile.h -@@ -45,7 +45,7 @@ WS_DLL_PUBLIC char *get_tempfile_path(const char *filename); - - /** - * Create a tempfile with the given prefix (e.g. "wireshark"). The path -- * is created using g_file_open_tmp. -+ * is created using get_tmp_dir and mkstemp. - * - * @param namebuf [in,out] If not NULL, receives the full path of the temp file. - * Must be freed. -diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c -new file mode 100644 -index 0000000..d8b733b ---- /dev/null -+++ b/wsutil/wstmpdir.c -@@ -0,0 +1,71 @@ -+/* wstmpdir.c -+ * -+ * Copyright (C) 2013 Red Hat, Inc. All right reserved. -+ * -+ * Temporary directory routine -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2 -+ * of the License, or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -+ * -+ * Author: Peter Hatina -+ */ -+ -+#include "config.h" -+ -+#include -+#include "wstmpdir.h" -+ -+/** -+ * Gets the directory to use for temporary files. -+ * -+ * Inspired by glib-2.0. If no TMP, TEMP or TMPDIR is set, -+ * /var/tmp is returned (Fedora specific). -+ * -+ * Returns: the directory to use for temporary files. -+ */ -+const char *get_tmp_dir(void) -+{ -+ static gchar *tmp_dir; -+ -+ if (g_once_init_enter(&tmp_dir)) { -+ gchar *tmp; -+ -+ tmp = g_strdup(g_getenv("TEMP")); -+ if (tmp == NULL || *tmp == '\0') { -+ g_free(tmp); -+ tmp = g_strdup(g_getenv("TMPDIR")); -+ } -+ -+#ifdef P_tmpdir -+ if (tmp == NULL || *tmp == '\0') { -+ gsize k; -+ g_free(tmp); -+ tmp = g_strdup(P_tmpdir); -+ k = strlen(tmp); -+ if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1])) -+ tmp[k - 1] = '\0'; -+ fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir); -+ } -+#endif /* P_tmpdir */ -+ -+ if (tmp == NULL || *tmp == '\0') { -+ g_free(tmp); -+ tmp = g_strdup("/var/tmp"); -+ } -+ -+ g_once_init_leave(&tmp_dir, tmp); -+ } -+ -+ return tmp_dir; -+} -diff --git a/wsutil/wstmpdir.h b/wsutil/wstmpdir.h -new file mode 100644 -index 0000000..07ac583 ---- /dev/null -+++ b/wsutil/wstmpdir.h -@@ -0,0 +1,39 @@ -+/* wstmpdir.c -+ * -+ * Copyright (C) 2013 Red Hat, Inc. All right reserved. -+ * -+ * Temporary directory routine -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2 -+ * of the License, or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -+ * -+ * Author: Peter Hatina -+ */ -+ -+#ifndef __WS_TMP_DIR_H__ -+#define __WS_TMP_DIR_H__ -+ -+#include "ws_symbol_export.h" -+ -+#ifdef __cplusplus -+extern "C" { -+#endif // __cplusplus -+ -+WS_DLL_PUBLIC const char *get_tmp_dir(void); -+ -+#ifdef __cplusplus -+} -+#endif // __cplusplus -+ -+#endif --- -2.13.0 diff --git a/wireshark-0007-cmakelists.patch b/wireshark-0007-cmakelists.patch deleted file mode 100644 index 0d75fc35c0ed76cd2226b77d8f5171fdc8809057..0000000000000000000000000000000000000000 --- a/wireshark-0007-cmakelists.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/wsutil/CMakeLists.txt b/wsutil/CMakeLists.txt -index 0367cd1..6382a2c 100644 ---- a/wsutil/CMakeLists.txt -+++ b/wsutil/CMakeLists.txt -@@ -69,6 +69,7 @@ set(WSUTIL_PUBLIC_HEADERS - ws_mempbrk_int.h - ws_pipe.h - ws_roundup.h -+ wstmpdir.h - wsjson.h - wslog.h - xtea.h -@@ -118,6 +118,7 @@ set(WSUTIL_COMMON_FILES - ws_getopt.c - ws_mempbrk.c - ws_pipe.c -+ wstmpdir.c - wsgcrypt.c - wsjson.c - wslog.c diff --git a/wireshark-3.6.3.tar.xz b/wireshark-3.6.11.tar.xz similarity index 77% rename from wireshark-3.6.3.tar.xz rename to wireshark-3.6.11.tar.xz index a6889bd35f25b94d9843a65cde6ca7500725d306..1065315c627bdb78f2bcd829e368b7028c0ae648 100644 Binary files a/wireshark-3.6.3.tar.xz and b/wireshark-3.6.11.tar.xz differ diff --git a/wireshark.spec b/wireshark.spec index 2482c2271d85956883d2712a3562429dc44a2590..a83de289e5d9ff3784e7d2a277e0224d3e72b556 100644 --- a/wireshark.spec +++ b/wireshark.spec @@ -1,11 +1,13 @@ %undefine __cmake_in_source_build +%global with_lua 1 +%global with_maxminddb 1 %global plugins_version 3.6 %define _lto_cflags %{nil} Summary: Network traffic analyzer Name: wireshark -Version: 3.6.3 -Release: 3 +Version: 3.6.11 +Release: 1 Epoch: 1 License: GPL+ Url: http://www.wireshark.org/ @@ -15,15 +17,6 @@ Source1: https://www.wireshark.org/download/src/all-versions/SIGNATURES-% Source2: 90-wireshark-usbmon.rules Source3: wireshark.sysusers -Patch2: wireshark-0002-Customize-permission-denied-error.patch -Patch3: wireshark-0003-fix-string-overrun-in-plugins-profinet.patch -Patch4: wireshark-0004-Restore-Fedora-specific-groups.patch -Patch5: wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch -Patch6: wireshark-0006-Move-tmp-to-var-tmp.patch -Patch7: wireshark-0007-cmakelists.patch -Patch8: CVE-2022-3190.patch -Patch9: CVE-2022-3725.patch - Requires: xdg-utils Requires: hicolor-icon-theme Requires(pre): shadow-utils @@ -103,8 +96,16 @@ Files for help with wireshark. %cmake -G "Unix Makefiles" \ -DDISABLE_WERROR=ON \ -DBUILD_wireshark=ON \ +%if %{with_lua} && 0%{?fedora} + -DENABLE_LUA=ON \ +%else -DENABLE_LUA=OFF \ +%endif +%if %{with_maxminddb} && 0%{?fedora} + -DBUILD_mmdbresolve=ON \ +%else -DBUILD_mmdbresolve=OFF \ +%endif -DBUILD_randpktdump=OFF \ -DBUILD_androiddump=ON \ -DENABLE_SMI=ON \ @@ -197,6 +198,9 @@ exit 0 %{_mandir}/man?/* %changelog +* Tue Feb 14 2023 liyuxiang - 3.6.11-1 +- Update to 3.6.11 + * Wed Nov 09 2022 liyuxiang - 1:3.6.3-3 - fix CVE-2022-3725 @@ -227,7 +231,7 @@ exit 0 * Wed Dec 16 2020 zhanghua - 2.6.2-15 - fix CVE-2020-9430 -* Mon Nov 07 2020 wangxiao - 2.6.2-14 +* Sat Nov 07 2020 wangxiao - 2.6.2-14 - fix CVE-2020-28030 malformed packet on wire could make GQUIC protocol dissector loop