From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] tshark: Update to version 3.6.3 Date: Mon, 18 Apr 2022 20:57:57 +0000 Message-ID: <040c229e-218b-2221-6bea-3a9ca90b56f3@ipfire.org> In-Reply-To: <20220412103540.59474-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3706889919035459018==" List-Id: --===============3706889919035459018== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Peter M=C3=BCller > - Update from 3.4.7 to 3.6.3 > - Update of rootfile > - find-dependencies run due to sobump - nothing reported > - Changelog - a range of changes including many bug fixes and several vulne= rabilities > Wireshark 3.6.3 Release Notes > Bug Fixes > =E2=80=A2 Fuzz job crash output: fuzz-2022-01-19-7399.pcap Issue 1789= 4[1]. > =E2=80=A2 TLS dissector incorrectly reports JA3 values Issue 17942[2]. > =E2=80=A2 "Wiki Protocol page" in packet details menu is broken - wiki > pages not migrated to GitLab? Issue 17944[3]. > =E2=80=A2 Dissector bug, protocol PFCP display Flow Description IE va= lue > error in Additional Flow Description of PFD Management Request > Message Issue 17951[4]. > =E2=80=A2 Bluetooth: Fails to open Log file for SCO connection Issue > 17964[5]. > =E2=80=A2 Fuzz job crash output: fuzz-2022-03-07-10896.pcap Issue 179= 84[6]. > =E2=80=A2 libwiretap: Save as ERF causes segmentation fault Issue 179= 89[7]. > =E2=80=A2 HTTP server returning multiple early hints shows too many > responses in "Follow HTTP Stream" Issue 18006[8]. > New and Updated Features > Updated Protocol Support > CSN.1, HTTP, IEEE 802.11, NTLM SSP, PFCP, PKTLOG, SSDP, TLS, and USB > HID > New and Updated Capture File Support > pcap and pcapng > Wireshark 3.6.2 Release Notes > Bug Fixes > The following vulnerabilities have been fixed: > =E2=80=A2 wnpa-sec-2022-01[1] RTMPT dissector infinite loop. Issue > 17813[2]. > =E2=80=A2 wnpa-sec-2022-02[3] Large loops in multiple dissectors. Iss= ue > 17829[4], Issue 17842[5], Issue 17847[6], Issue 17855[7], Issue > 17891[8], Issue 17925[9], Issue 17926[10], Issue 17931[11], Issue > 17932[12], Issue 17933[13]. > =E2=80=A2 wnpa-sec-2022-03[14] PVFS dissector crash. Issue 17840[15]. > =E2=80=A2 wnpa-sec-2022-04[16] CSN.1 dissector crash. Issue 17882[17]. > =E2=80=A2 wnpa-sec-2022-05[18] CMS dissector crash. Issue 17935[19]. > The following bugs have been fixed: > =E2=80=A2 Support for GSM SMS TPDU in HTTP2 body Issue 17784[20]. > =E2=80=A2 Wireshark 3.6.1 broke the ABI by removing ws_log_default_wr= iter > from libwsutil Issue 17822[21]. > =E2=80=A2 Fedora RPM package build failing with RPATH of /usr/local/l= ib64 > Issue 17830[22]. > =E2=80=A2 macos-setup.sh: ftp.pcre.org no longer exists Issue 17834[2= 3]. > =E2=80=A2 nmap.org/npcap =E2=86=92 npcap.com: domain/URL change Issue= 17838[24]. > =E2=80=A2 MPLS ECHO FEC stack change TLV not dissected correctly Issue > 17868[25]. > =E2=80=A2 Attempting to open a systemd journal export file segfaults = Issue > 17875[26]. > =E2=80=A2 Dissector bug on 802.11ac packets Issue 17878[27]. > =E2=80=A2 The Info column shows only one NGAP/S1AP packet of several > packets inside an SCTP packet Issue 17886[28]. > =E2=80=A2 Uninstalling Wireshark 3.6.1 on Windows 10 fails to remove = the > installation directory because it doesn=E2=80=99t remove the User= =E2=80=99s Guide > subdirectory and all its contents. Issue 17898[29]. > =E2=80=A2 3.6 doesn=E2=80=99t build without zlib Issue 17899[30]. > =E2=80=A2 SIP Statistics no longer properly reporting method type > accounting Issue 17904[31]. > =E2=80=A2 Fuzz job crash output: fuzz-2022-01-26-6940.pcap Issue 1790= 9[32]. > =E2=80=A2 SCTP retransmission detection broken for the first data chu= nk of > each association with relative TSN Issue 17917[33]. > =E2=80=A2 =E2=80=9CShow In Folder=E2=80=9D doesn=E2=80=99t work corre= ctly for filenames with spaces > Issue 17927[34]. > New and Updated Features > Updated Protocol Support > AMP, ASN.1 PER, ATN-ULCS, BGP, BP, CFLOW, CMS, CSN.1, GDSDB, GSM RP, > GTP, HTTP3, IEEE 802.11 Radiotap, IPDC, ISAKMP, Kafka, MP2T, MPEG > PES, MPEG SECT, MPLS ECHO, NGAP, NTLMSSP, OpenFlow 1.4, OpenFlow 1.5, > P_MUL, PN-RT, PROXY, PTP, PVFS, RSL, RTMPT, rtnetlink, S1AP, SCTP, > Signal PDU, SIP, TDS, USB, WAP, and ZigBee ZCL > New and Updated Capture File Support > BLF and libpcap > Wireshark 3.6.1 Release Notes > Bug Fixes > The following vulnerabilities have been fixed: > =E2=80=A2 wnpa-sec-2021-17[1] RTMPT dissector infinite loop. Issue > 17745[2]. CVE-2021-4185[3]. > =E2=80=A2 wnpa-sec-2021-18[4] BitTorrent DHT dissector infinite loop.= Issue > 17754[5]. CVE-2021-4184[6]. > =E2=80=A2 wnpa-sec-2021-19[7] pcapng file parser crash. Issue 17755[8= ]. > CVE-2021-4183[9]. > =E2=80=A2 wnpa-sec-2021-20[10] RFC 7468 file parser infinite loop. Is= sue > 17801[11]. CVE-2021-4182[12]. > =E2=80=A2 wnpa-sec-2021-21[13] Sysdig Event dissector crash. > CVE-2021-4181[14]. > =E2=80=A2 wnpa-sec-2021-22[15] Kafka dissector infinite loop. Issue > 17811[16]. > The following bugs have been fixed: > =E2=80=A2 Allow sub-second timestamps in hexdumps Issue 15562[17]. > =E2=80=A2 GRPC: An unnecessary empty Protobuf tree item is displayed = if the > GRPC message body length is 0 Issue 17675[18]. > =E2=80=A2 Can=E2=80=99t install "ChmodBPF.pkg" or "Add Wireshark to t= he system > path.pkg" on M1 MacBook Air Monterey without Rosetta 2 Issue > 17757[19]. > =E2=80=A2 TECMP: LIN Payload is cut off by 1 byte Issue 17760[20]. > =E2=80=A2 Wireshark crashes if a 64 bit field of type BASE_CUSTOM is > applied as a column Issue 17762[21]. > =E2=80=A2 Command line option "-o console.log.level" causes wireshark= and > tshark to exit on start Issue 17763[22]. > =E2=80=A2 Setting WIRESHARK_LOG_LEVEL=3Ddebug breaks interface captur= e Issue > 17764[23]. > =E2=80=A2 Unable to build without tshark Issue 17766[24]. > =E2=80=A2 IEEE 802.11 action frames are not getting parsed and always= seen > as malformed Issue 17767[25]. > =E2=80=A2 IEC 60870-5-101 link address field is 1 byte, but should ha= ve > configurable length of 0,1 or 2 bytes Issue 17775[26]. > =E2=80=A2 dfilter: 'tcp.port not in {1}' crashes Wireshark Issue 1778= 5[27]. > New and Updated Features > =E2=80=A2 The 'console.log.level' preference was removed in Wireshark > 3.6.0. This release adds an '-o console.log.level:' > backward-compatibilty option on the CLI that maps to the new > logging sub-system. Note that this does not have bitmask > semantics and does not correspond to any actual preference. It is > just a transition mechanism for users that were relying on this > CLI option and will be removed in the future. To see the new > diagnostic output options consult the manpages or the output of > '--help'. > Updated Protocol Support > ANSI A I/F, AT, BitTorrent DHT, FF, GRPC, IEC 101/104, IEEE 802.11, > IEEE 802.11 Radiotap, IPsec, Kafka, QUIC, RTMPT, RTSP, SRVLOC, Sysdig > Event, and TECMP > New and Updated Capture File Support > BLF and RFC 7468 > Wireshark 3.6.0 Release Notes > Many improvements have been made. See the =E2=80=9CNew and Updated Featu= res=E2=80=9D > section below for more details. You might want to pay particular > attention to the display filter syntax updates. > New and Updated Features > The following features are new (or have been significantly updated) > since version 3.6.0rc3: > =E2=80=A2 The macOS Intel packages now ship with Qt 5.15.3 and require > macOS 10.13 or later. > The following features are new (or have been significantly updated) > since version 3.6.0rc2: > =E2=80=A2 Display filter set elements must now be comma-separated. See > below for more details. > The following features are new (or have been significantly updated) > since version 3.6.0rc1: > =E2=80=A2 The display filter expression =E2=80=9Ca !=3D b=E2=80=9D no= w has the same meaning > as =E2=80=9C!(a =3D=3D b)=E2=80=9D. > The following features are new (or have been significantly updated) > since version 3.5.0: > =E2=80=A2 Nothing of note. > The following features are new (or have been significantly updated) > since version 3.4.0: > =E2=80=A2 Several changes have been made to the display filter syntax: > =E2=80=A2 The expression =E2=80=9Ca !=3D b=E2=80=9D now always has= the same meaning as > =E2=80=9C!(a =3D=3D b)=E2=80=9D. In particular this means filter ex= pressions with > multi-value fields like =E2=80=9Cip.addr !=3D 1.1.1.1=E2=80=9D will= work as > expected (the result is the same as typing =E2=80=9Cip.src !=3D 1.1= .1.1 and > ip.dst !=3D 1.1.1.1=E2=80=9D). This avoids the contradiction (a =3D= =3D b and a > !=3D b) being true. > =E2=80=A2 It is possible to use the syntax =E2=80=9Ca ~=3D b=E2=80= =9D or =E2=80=9Ca any_ne b=E2=80=9D to > recover the previous (inconsistent with "=3D=3D") logic for not > equal. > =E2=80=A2 Literal strings can now be specified using raw string sy= ntax, > identical to raw strings in the Python programming language. This > can be used to avoid the complexity of using two levels of > character escapes with regular expressions. > =E2=80=A2 Set elements must now be separated using a comma. A filt= er > such as http.request.method in {"GET" "HEAD"} must be written as > =E2=80=A6=E2=80=8B in {"GET", "HEAD"}. Whitespace is not significan= t. The > previous use of whitespace as separator is deprecated and will be > removed in a future version. > =E2=80=A2 Support for the syntax "a not in b" with the same meanin= g as > "not a in b" has been added. > =E2=80=A2 Packaging updates: > =E2=80=A2 A macOS Arm 64 (Apple Silicon) package is now available. > =E2=80=A2 The macOS Intel packages now ship with Qt 5.15.3 and req= uire > macOS 10.13 or later. > =E2=80=A2 The Windows installers now ship with Npcap 1.55. > =E2=80=A2 A 64-bit Windows PortableApps package is now available. > =E2=80=A2 TCP conversations now support a completeness criteria, which > facilitates the identification of TCP streams having any of > opening or closing handshakes, a payload, in any combination. It > can be accessed with the new tcp.completeness filter. > =E2=80=A2 Protobuf fields that are not serialized on the wire or othe= rwise > missing in capture files can now be displayed with default values > by setting the new =E2=80=9Cadd_default_value=E2=80=9D preference. = The default > values might be explicitly declared in =E2=80=9Cproto2=E2=80=9D fil= es, or false > for bools, first value for enums, zero for numeric types. > =E2=80=A2 Wireshark now supports reading Event Tracing for Windows (E= TW). A > new extcap named ETW reader is created that now can open an etl > file, convert all events in the file to DLT_ETW packets and write > to a specified FIFO destination. Also, a new packet_etw dissector > is created to dissect DLT_ETW packets so Wireshark can display > the DLT_ETW packet header, its message and packet_etw dissector > calls packet_mbim sub_dissector if its provider matches the MBIM > provider GUID. > =E2=80=A2 =E2=80=9CFollow DCCP stream=E2=80=9D feature to filter for = and extract the > contents of DCCP streams. > =E2=80=A2 Wireshark now supports dissecting RTP packets with OPUS pay= loads. > =E2=80=A2 Importing captures from text files based on regular express= ions > is now possible. By specifying a regex capturing a single packet > including capturing groups for relevant fields a textfile can be > converted to a libpcap capture file. Supported data encodings are > plain-hexadecimal, -octal, -binary and base64. Also the timestamp > format now allows the second-fractions to be placed anywhere in > the timestamp and it will be stored with nanosecond instead of > microsecond precision. > =E2=80=A2 The RTP Player has been significatnly redesigned and improv= ed. > See Playing VoIP Calls[1] and RTP Player Window[2] in the User=E2= =80=99s > Guide for more details. > =E2=80=A2 The RTP Player can play many streams in row. > =E2=80=A2 The UI is more responsive. > =E2=80=A2 The RTP Player maintains playlist and other tools can ad= d and > remove streams to and from it. > =E2=80=A2 Every stream can be muted or routed to the left or right > channel for replay. > =E2=80=A2 The option to save audio has been moved from the RTP Ana= lysis > dialog to the RTP Player. The RTP Player also saves what was > played, and it can save in multichannel .au or .wav. > =E2=80=A2 The RTP Player is now accessible from the Telephony =E2= =80=BA RTP =E2=80=BA > RTP Player menu. > =E2=80=A2 The VoIP dialogs (VoIP Calls, RTP Streams, RTP Analysis, RTP > Player, SIP Flows) are non-modal and can stay opened on > background. > =E2=80=A2 The same tools are provided across all dialogs (Prepare > Filter, Analyse, RTP Player =E2=80=A6=E2=80=8B) > =E2=80=A2 The =E2=80=9CFollow Stream=E2=80=9D dialog is now able to f= ollow SIP calls based > on their Call-ID value. > =E2=80=A2 The =E2=80=9CFollow Stream=E2=80=9D dialog=E2=80=99s YAML o= utput format has been updated > to add timestamps and peers information For more details see > Following Protocol Streams[3] in the User=E2=80=99s Guide. > =E2=80=A2 IP fragments between public IPv4 addresses are now reassemb= led > even if they have different VLAN IDs. Reassembly of IP fragments > where one endpoint is a private (RFC 1918 section 3) or > link-local (RFC 3927) IPv4 address continues to take the VLAN ID > into account, as those addresses can be reused. To revert to the > previous behavior and not reassemble fragments with different > VLAN IDs, turn on the =E2=80=9CEnable stricter conversation tracking > heuristics=E2=80=9D top level protocol preference. > =E2=80=A2 USB Link Layer reassembly has been added, which allows hard= ware > captures to be analyzed at the same level as software captures. > =E2=80=A2 TShark can now export TLS session keys with the > --export-tls-session-keys option. > =E2=80=A2 Wireshark participated in the Google Season of Docs 2020 an= d the > User=E2=80=99s Guide has been extensively updated. > =E2=80=A2 The =E2=80=9CRTP Stream Analysis=E2=80=9D dialog CSV export= format was slightly > changed. The first line of the export contains column titles as > in other CSV exports. > =E2=80=A2 Wireshark now supports the Turkish language. > =E2=80=A2 The settings in the =E2=80=9CImport from Hex Dump=E2=80=9D = dialog is now stored > in a profile import_hexdump.json file. > =E2=80=A2 Analyze =E2=80=BA Reload Lua Plugins has been improved to p= roperly > support FileHandler. > =E2=80=A2 The =E2=80=9CRTP Stream Analysis=E2=80=9D and =E2=80=9CIAX2= Stream Analysis=E2=80=9D dialogs now > show correct calculation mean jitter calculations. > =E2=80=A2 RTP streams are now created based on Skinny protocol messag= es in > addition to other types of messages. > =E2=80=A2 The =E2=80=9CVoIP Calls Flow Sequence=E2=80=9D window shows= more information > about various Skinny messages. > =E2=80=A2 Initial support for building Wireshark on Windows using GCC= and > MinGW-w64 has been added. See README.msys2 in the sources for > more information. > New File Format Decoding Support > Vector Informatik Binary Log File (BLF) > New Protocol Support > 5G Lawful Interception (5GLI), Bluetooth Link Manager Protocol (BT > LMP), Bundle Protocol version 7 (BPv7), Bundle Protocol version 7 > Security (BPSec), CBOR Object Signing and Encryption (COSE), E2 > Application Protocol (E2AP), Event Tracing for Windows (ETW), EXtreme > extra Eth Header (EXEH), High-Performance Connectivity Tracer > (HiPerConTracer), ISO 10681, Kerberos SPAKE, Linux psample protocol, > Local Interconnect Network (LIN), Microsoft Task Scheduler Service, > O-RAN E2AP, O-RAN fronthaul UC-plane (O-RAN), Opus Interactive Audio > Codec (OPUS), PDU Transport Protocol, R09.x (R09), RDP Dynamic > Channel Protocol (DRDYNVC), RDP Graphic pipeline channel Protocol > (EGFX), RDP Multi-transport (RDPMT), Real-Time Publish-Subscribe > Virtual Transport (RTPS-VT), Real-Time Publish-Subscribe Wire > Protocol (processed) (RTPS-PROC), Shared Memory Communications (SMC), > Signal PDU, SparkplugB, State Synchronization Protocol (SSyncP), > Tagged Image File Format (TIFF), TP-Link Smart Home Protocol, UAVCAN > DSDL, UAVCAN/CAN, UDP Remote Desktop Protocol (RDPUDP), Van Jacobson > PPP compression (VJC), World of Warcraft World (WOWW), and X2 xIRI > payload (xIRI) > Updated Protocol Support > Too many protocols have been updated to list here. > New and Updated Capture File Support > Vector Informatik Binary Log File (BLF) > Wireshark 3.4.9 Release Notes > Bug Fixes > =E2=80=A2 TShark PDML output embeds "proto" elements within other "pr= oto" > elements Issue 10588[1]. > =E2=80=A2 Filter expressions comparing against single-octet hex strin= gs > where the hex digit string equals a protocol name don=E2=80=99t work > Issue 12810[2]. > =E2=80=A2 AMQP 0.9: dissector fails to handle Content-Body frame split > across TCP packets Issue 14217[3]. > =E2=80=A2 IEEE 802.15.4: Missing check on "PAN ID Present" bit of the > Multipurpose Frame Control field Issue 17496[4]. > =E2=80=A2 Wireshark ignored some character in filename when exporting= SMB > objects. Issue 17530[5]. > =E2=80=A2 tshark -z credentials: assertion failed: (allocator=E2=86= =92in_scope) > Issue 17576[6]. > =E2=80=A2 IS-IS Extended IP Reachability Prefix-SID not decoded prope= rly > Issue 17610[7]. > =E2=80=A2 Error when reloading lua plugins with a capture file loaded= via a > custom lua file handler Issue 17615[8]. > =E2=80=A2 Absolute time UTC field filters are constructed incorrectly, > don=E2=80=99t match the packet Issue 17617[9]. > =E2=80=A2 GUI freezes when clicking on large (non-capture) file in Fi= le > chooser Issue 17620[10]. > =E2=80=A2 Crash after selecting a different profile while capturing I= ssue > 17622[11]. > =E2=80=A2 BT-DHT reports malformed packets that are actually uTP on s= ame > connection Issue 17626[12]. > Updated Protocol Support > AMQP, Aruba IAP, BGP, BT-DHT, CoAP, DCERPC SPOOLSS, Diameter, EPL, > GSM A-bis OML, GSM A-I/F COMMON, GSM SIM, IEEE 1905.1a, IEEE > 802.15.4, IMAP, InfiniBand, ISIS LSP, ISObus VT, JPEG, MP2T, > NORDIC_BLE, QUIC, RTCP, SDP, SMB, TWAMP-Control, USB HID, and VSS > Monitoring > New and Updated Capture File Support > CAM Inspector, Ixia IxVeriWave, pcapng, and USBDump > Wireshark 3.4.8 Release Notes > Bug Fixes > =E2=80=A2 Dissector bug reported for Bluetooth Cycling Power Measurem= ent > characteristic for extreme angles value Issue 17505[1]. > =E2=80=A2 vcruntime140_1.dll deleted on Wireshark update/install Issue > 17506[2]. > =E2=80=A2 Raknet Addresses are incorrectly identified. Issue 17509[3]. > =E2=80=A2 Editcap saving files as ethernet when specifying '-T > ieee-802-11-*' Issue 17520[4]. > =E2=80=A2 CoAP dissector confuses Content-Format with Accept Issue > 17536[5]. > Updated Protocol Support > BT ATT, BT LE LL, CoAP, DLM3, GSM SIM, iLBC, and RakNet >=20 > Signed-off-by: Adolf Belka > --- > config/rootfiles/packages/tshark | 185 +++++++++++++------------------ > lfs/tshark | 6 +- > 2 files changed, 77 insertions(+), 114 deletions(-) >=20 > diff --git a/config/rootfiles/packages/tshark b/config/rootfiles/packages/t= shark > index f46d7ba01..937ddd3d6 100644 > --- a/config/rootfiles/packages/tshark > +++ b/config/rootfiles/packages/tshark > @@ -44,6 +44,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/crc32-tvb.h > #usr/include/wireshark/epan/crc6-tvb.h > #usr/include/wireshark/epan/crc8-tvb.h > +#usr/include/wireshark/epan/dccpservicecodes.h > #usr/include/wireshark/epan/decode_as.h > #usr/include/wireshark/epan/dfilter > #usr/include/wireshark/epan/dfilter/dfilter.h > @@ -51,6 +52,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/diam_dict.h > #usr/include/wireshark/epan/disabled_protos.h > #usr/include/wireshark/epan/dissectors > +#usr/include/wireshark/epan/dissectors/cond_ace_token_enum.h > #usr/include/wireshark/epan/dissectors/file-rbm.h > #usr/include/wireshark/epan/dissectors/packet-6lowpan.h > #usr/include/wireshark/epan/dissectors/packet-a21.h > @@ -61,10 +63,12 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-adb_service.h > #usr/include/wireshark/epan/dissectors/packet-afp.h > #usr/include/wireshark/epan/dissectors/packet-alcap.h > +#usr/include/wireshark/epan/dissectors/packet-amp.h > #usr/include/wireshark/epan/dissectors/packet-ansi_a.h > #usr/include/wireshark/epan/dissectors/packet-ansi_map.h > #usr/include/wireshark/epan/dissectors/packet-ansi_tcap.h > #usr/include/wireshark/epan/dissectors/packet-arp.h > +#usr/include/wireshark/epan/dissectors/packet-asap+enrp-common.h > #usr/include/wireshark/epan/dissectors/packet-atalk.h > #usr/include/wireshark/epan/dissectors/packet-atm.h > #usr/include/wireshark/epan/dissectors/packet-atn-ulcs.h > @@ -75,12 +79,16 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-bgp.h > #usr/include/wireshark/epan/dissectors/packet-bicc_mst.h > #usr/include/wireshark/epan/dissectors/packet-bluetooth.h > +#usr/include/wireshark/epan/dissectors/packet-bpsec.h > +#usr/include/wireshark/epan/dissectors/packet-bpv6.h > +#usr/include/wireshark/epan/dissectors/packet-bpv7.h > #usr/include/wireshark/epan/dissectors/packet-bssap.h > #usr/include/wireshark/epan/dissectors/packet-bssgp.h > #usr/include/wireshark/epan/dissectors/packet-btatt.h > #usr/include/wireshark/epan/dissectors/packet-btavctp.h > #usr/include/wireshark/epan/dissectors/packet-btavdtp.h > #usr/include/wireshark/epan/dissectors/packet-btavrcp.h > +#usr/include/wireshark/epan/dissectors/packet-btbredr_rf.h > #usr/include/wireshark/epan/dissectors/packet-bthci_acl.h > #usr/include/wireshark/epan/dissectors/packet-bthci_cmd.h > #usr/include/wireshark/epan/dissectors/packet-bthci_evt.h > @@ -102,6 +110,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-cmp.h > #usr/include/wireshark/epan/dissectors/packet-cms.h > #usr/include/wireshark/epan/dissectors/packet-coap.h > +#usr/include/wireshark/epan/dissectors/packet-cose.h > #usr/include/wireshark/epan/dissectors/packet-credssp.h > #usr/include/wireshark/epan/dissectors/packet-crmf.h > #usr/include/wireshark/epan/dissectors/packet-csn1.h > @@ -132,10 +141,10 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-disp.h > #usr/include/wireshark/epan/dissectors/packet-dns.h > #usr/include/wireshark/epan/dissectors/packet-docsis-tlv.h > +#usr/include/wireshark/epan/dissectors/packet-doip.h > #usr/include/wireshark/epan/dissectors/packet-dop.h > #usr/include/wireshark/epan/dissectors/packet-dsp.h > #usr/include/wireshark/epan/dissectors/packet-dtls.h > -#usr/include/wireshark/epan/dissectors/packet-dtn.h > #usr/include/wireshark/epan/dissectors/packet-dvbci.h > #usr/include/wireshark/epan/dissectors/packet-e164.h > #usr/include/wireshark/epan/dissectors/packet-e1ap.h > @@ -162,6 +171,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-fcswils.h > #usr/include/wireshark/epan/dissectors/packet-ff.h > #usr/include/wireshark/epan/dissectors/packet-fix.h > +#usr/include/wireshark/epan/dissectors/packet-flexray.h > #usr/include/wireshark/epan/dissectors/packet-fmp.h > #usr/include/wireshark/epan/dissectors/packet-frame.h > #usr/include/wireshark/epan/dissectors/packet-ftam.h > @@ -220,6 +230,8 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-isis-clv.h > #usr/include/wireshark/epan/dissectors/packet-isis.h > #usr/include/wireshark/epan/dissectors/packet-isl.h > +#usr/include/wireshark/epan/dissectors/packet-iso10681.h > +#usr/include/wireshark/epan/dissectors/packet-iso15765.h > #usr/include/wireshark/epan/dissectors/packet-isup.h > #usr/include/wireshark/epan/dissectors/packet-its.h > #usr/include/wireshark/epan/dissectors/packet-iwarp-ddp-rdmap.h > @@ -237,6 +249,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-lcsap.h > #usr/include/wireshark/epan/dissectors/packet-ldap.h > #usr/include/wireshark/epan/dissectors/packet-ldp.h > +#usr/include/wireshark/epan/dissectors/packet-lin.h > #usr/include/wireshark/epan/dissectors/packet-link16.h > #usr/include/wireshark/epan/dissectors/packet-lisp.h > #usr/include/wireshark/epan/dissectors/packet-llc.h > @@ -274,6 +287,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-nisplus.h > #usr/include/wireshark/epan/dissectors/packet-nlm.h > #usr/include/wireshark/epan/dissectors/packet-nr-rrc.h > +#usr/include/wireshark/epan/dissectors/packet-nrppa.h > #usr/include/wireshark/epan/dissectors/packet-nsh.h > #usr/include/wireshark/epan/dissectors/packet-ntlmssp.h > #usr/include/wireshark/epan/dissectors/packet-ntp.h > @@ -292,6 +306,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-pcnfsd.h > #usr/include/wireshark/epan/dissectors/packet-pdcp-lte.h > #usr/include/wireshark/epan/dissectors/packet-pdcp-nr.h > +#usr/include/wireshark/epan/dissectors/packet-pdu-transport.h > #usr/include/wireshark/epan/dissectors/packet-per.h > #usr/include/wireshark/epan/dissectors/packet-pkcs1.h > #usr/include/wireshark/epan/dissectors/packet-pkcs12.h > @@ -334,7 +349,6 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-rtcp.h > #usr/include/wireshark/epan/dissectors/packet-rtp-events.h > #usr/include/wireshark/epan/dissectors/packet-rtp.h > -#usr/include/wireshark/epan/dissectors/packet-rtps.h > #usr/include/wireshark/epan/dissectors/packet-rtse.h > #usr/include/wireshark/epan/dissectors/packet-rtsp.h > #usr/include/wireshark/epan/dissectors/packet-rx.h > @@ -367,6 +381,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-smrse.h > #usr/include/wireshark/epan/dissectors/packet-snmp.h > #usr/include/wireshark/epan/dissectors/packet-socketcan.h > +#usr/include/wireshark/epan/dissectors/packet-someip.h > #usr/include/wireshark/epan/dissectors/packet-spice.h > #usr/include/wireshark/epan/dissectors/packet-sprt.h > #usr/include/wireshark/epan/dissectors/packet-sscop.h > @@ -380,6 +395,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-tacacs.h > #usr/include/wireshark/epan/dissectors/packet-tcap.h > #usr/include/wireshark/epan/dissectors/packet-tcp.h > +#usr/include/wireshark/epan/dissectors/packet-tcpclv3.h > #usr/include/wireshark/epan/dissectors/packet-tetra.h > #usr/include/wireshark/epan/dissectors/packet-thrift.h > #usr/include/wireshark/epan/dissectors/packet-tls-utils.h > @@ -391,6 +407,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/dissectors/packet-tte.h > #usr/include/wireshark/epan/dissectors/packet-ua.h > #usr/include/wireshark/epan/dissectors/packet-uaudp.h > +#usr/include/wireshark/epan/dissectors/packet-uavcan-dsdl.h > #usr/include/wireshark/epan/dissectors/packet-ubertooth.h > #usr/include/wireshark/epan/dissectors/packet-udp.h > #usr/include/wireshark/epan/dissectors/packet-umts_fp.h > @@ -478,6 +495,7 @@ usr/bin/tshark > #usr/include/wireshark/epan/packet.h > #usr/include/wireshark/epan/packet_info.h > #usr/include/wireshark/epan/params.h > +#usr/include/wireshark/epan/pci-ids.h > #usr/include/wireshark/epan/plugin_if.h > #usr/include/wireshark/epan/ppptypes.h > #usr/include/wireshark/epan/prefs-int.h > @@ -522,27 +540,12 @@ usr/bin/tshark > #usr/include/wireshark/epan/uat.h > #usr/include/wireshark/epan/unit_strings.h > #usr/include/wireshark/epan/value_string.h > -#usr/include/wireshark/epan/wmem > -#usr/include/wireshark/epan/wmem/wmem.h > -#usr/include/wireshark/epan/wmem/wmem_array.h > -#usr/include/wireshark/epan/wmem/wmem_core.h > -#usr/include/wireshark/epan/wmem/wmem_interval_tree.h > -#usr/include/wireshark/epan/wmem/wmem_list.h > -#usr/include/wireshark/epan/wmem/wmem_map.h > -#usr/include/wireshark/epan/wmem/wmem_miscutl.h > -#usr/include/wireshark/epan/wmem/wmem_queue.h > -#usr/include/wireshark/epan/wmem/wmem_scopes.h > -#usr/include/wireshark/epan/wmem/wmem_stack.h > -#usr/include/wireshark/epan/wmem/wmem_strbuf.h > -#usr/include/wireshark/epan/wmem/wmem_strutl.h > -#usr/include/wireshark/epan/wmem/wmem_tree.h > -#usr/include/wireshark/epan/wmem/wmem_user_cb.h > +#usr/include/wireshark/epan/wmem_scopes.h > +#usr/include/wireshark/epan/wscbor.h > #usr/include/wireshark/epan/x264_prt_id.h > #usr/include/wireshark/epan/xdlc.h > #usr/include/wireshark/file.h > #usr/include/wireshark/globals.h > -#usr/include/wireshark/log.h > -#usr/include/wireshark/version_info.h > #usr/include/wireshark/wiretap > #usr/include/wireshark/wiretap/file_wrappers.h > #usr/include/wireshark/wiretap/merge.h > @@ -550,13 +553,16 @@ usr/bin/tshark > #usr/include/wireshark/wiretap/pcapng_module.h > #usr/include/wireshark/wiretap/secrets-types.h > #usr/include/wireshark/wiretap/wtap.h > +#usr/include/wireshark/wiretap/wtap_modules.h > #usr/include/wireshark/wiretap/wtap_opttypes.h > #usr/include/wireshark/ws_attributes.h > #usr/include/wireshark/ws_compiler_tests.h > #usr/include/wireshark/ws_diag_control.h > +#usr/include/wireshark/ws_log_defs.h > #usr/include/wireshark/ws_symbol_export.h > #usr/include/wireshark/ws_version.h > #usr/include/wireshark/wsutil > +#usr/include/wireshark/wsutil/802_11-utils.h > #usr/include/wireshark/wsutil/adler32.h > #usr/include/wireshark/wsutil/base32.h > #usr/include/wireshark/wsutil/bits_count_ones.h > @@ -580,9 +586,10 @@ usr/bin/tshark > #usr/include/wireshark/wsutil/curve25519.h > #usr/include/wireshark/wsutil/eax.h > #usr/include/wireshark/wsutil/epochs.h > +#usr/include/wireshark/wsutil/exported_pdu_tlvs.h > #usr/include/wireshark/wsutil/filesystem.h > -#usr/include/wireshark/wsutil/frequency-utils.h > #usr/include/wireshark/wsutil/g711.h > +#usr/include/wireshark/wsutil/glib-compat.h > #usr/include/wireshark/wsutil/inet_addr.h > #usr/include/wireshark/wsutil/inet_ipv4.h > #usr/include/wireshark/wsutil/inet_ipv6.h > @@ -595,7 +602,6 @@ usr/bin/tshark > #usr/include/wireshark/wsutil/os_version_info.h > #usr/include/wireshark/wsutil/pint.h > #usr/include/wireshark/wsutil/please_report_bug.h > -#usr/include/wireshark/wsutil/plugins.h > #usr/include/wireshark/wsutil/pow2.h > #usr/include/wireshark/wsutil/privileges.h > #usr/include/wireshark/wsutil/processes.h > @@ -608,25 +614,43 @@ usr/bin/tshark > #usr/include/wireshark/wsutil/strtoi.h > #usr/include/wireshark/wsutil/tempfile.h > #usr/include/wireshark/wsutil/time_util.h > +#usr/include/wireshark/wsutil/to_str.h > #usr/include/wireshark/wsutil/type_util.h > #usr/include/wireshark/wsutil/unicode-utils.h > #usr/include/wireshark/wsutil/utf8_entities.h > +#usr/include/wireshark/wsutil/wmem > +#usr/include/wireshark/wsutil/wmem/wmem.h > +#usr/include/wireshark/wsutil/wmem/wmem_array.h > +#usr/include/wireshark/wsutil/wmem/wmem_core.h > +#usr/include/wireshark/wsutil/wmem/wmem_interval_tree.h > +#usr/include/wireshark/wsutil/wmem/wmem_list.h > +#usr/include/wireshark/wsutil/wmem/wmem_map.h > +#usr/include/wireshark/wsutil/wmem/wmem_miscutl.h > +#usr/include/wireshark/wsutil/wmem/wmem_queue.h > +#usr/include/wireshark/wsutil/wmem/wmem_stack.h > +#usr/include/wireshark/wsutil/wmem/wmem_strbuf.h > +#usr/include/wireshark/wsutil/wmem/wmem_strutl.h > +#usr/include/wireshark/wsutil/wmem/wmem_tree.h > +#usr/include/wireshark/wsutil/wmem/wmem_user_cb.h > +#usr/include/wireshark/wsutil/ws_assert.h > #usr/include/wireshark/wsutil/ws_cpuid.h > +#usr/include/wireshark/wsutil/ws_getopt.h > #usr/include/wireshark/wsutil/ws_mempbrk.h > #usr/include/wireshark/wsutil/ws_mempbrk_int.h > #usr/include/wireshark/wsutil/ws_pipe.h > -#usr/include/wireshark/wsutil/ws_printf.h > +#usr/include/wireshark/wsutil/ws_roundup.h > #usr/include/wireshark/wsutil/wsjson.h > +#usr/include/wireshark/wsutil/wslog.h > #usr/include/wireshark/wsutil/xtea.h > #usr/lib/libwireshark.so > -usr/lib/libwireshark.so.14 > -usr/lib/libwireshark.so.14.0.7 > +usr/lib/libwireshark.so.15 > +usr/lib/libwireshark.so.15.0.3 > #usr/lib/libwiretap.so > -usr/lib/libwiretap.so.11 > -usr/lib/libwiretap.so.11.0.7 > +usr/lib/libwiretap.so.12 > +usr/lib/libwiretap.so.12.0.3 > #usr/lib/libwsutil.so > -usr/lib/libwsutil.so.12 > -usr/lib/libwsutil.so.12.0.0 > +usr/lib/libwsutil.so.13 > +usr/lib/libwsutil.so.13.1.0 > #usr/lib/pkgconfig/wireshark.pc > #usr/lib/wireshark > #usr/lib/wireshark/cmake > @@ -648,81 +672,34 @@ usr/lib/wireshark/extcap/randpktdump > usr/lib/wireshark/extcap/sshdump > usr/lib/wireshark/extcap/udpdump > #usr/lib/wireshark/plugins > -#usr/lib/wireshark/plugins/3.4 > -#usr/lib/wireshark/plugins/3.4/codecs > -usr/lib/wireshark/plugins/3.4/codecs/g711.so > -usr/lib/wireshark/plugins/3.4/codecs/g722.so > -usr/lib/wireshark/plugins/3.4/codecs/g726.so > -usr/lib/wireshark/plugins/3.4/codecs/l16mono.so > -usr/lib/wireshark/plugins/3.4/codecs/opus_dec.so > -#usr/lib/wireshark/plugins/3.4/epan > -usr/lib/wireshark/plugins/3.4/epan/ethercat.so > -usr/lib/wireshark/plugins/3.4/epan/gryphon.so > -usr/lib/wireshark/plugins/3.4/epan/irda.so > -usr/lib/wireshark/plugins/3.4/epan/mate.so > -usr/lib/wireshark/plugins/3.4/epan/opcua.so > -usr/lib/wireshark/plugins/3.4/epan/profinet.so > -usr/lib/wireshark/plugins/3.4/epan/stats_tree.so > -usr/lib/wireshark/plugins/3.4/epan/transum.so > -usr/lib/wireshark/plugins/3.4/epan/unistim.so > -usr/lib/wireshark/plugins/3.4/epan/wimax.so > -usr/lib/wireshark/plugins/3.4/epan/wimaxasncp.so > -usr/lib/wireshark/plugins/3.4/epan/wimaxmacphy.so > -#usr/lib/wireshark/plugins/3.4/wiretap > -usr/lib/wireshark/plugins/3.4/wiretap/usbdump.so > -#usr/share/doc/wireshark > -#usr/share/doc/wireshark/androiddump.html > -#usr/share/doc/wireshark/capinfos.html > -#usr/share/doc/wireshark/captype.html > -#usr/share/doc/wireshark/ciscodump.html > -#usr/share/doc/wireshark/dftest.html > -#usr/share/doc/wireshark/dpauxmon.html > -#usr/share/doc/wireshark/dumpcap.html > -#usr/share/doc/wireshark/editcap.html > -#usr/share/doc/wireshark/extcap.html > -#usr/share/doc/wireshark/mergecap.html > -#usr/share/doc/wireshark/randpkt.html > -#usr/share/doc/wireshark/randpktdump.html > -#usr/share/doc/wireshark/rawshark.html > -#usr/share/doc/wireshark/reordercap.html > -#usr/share/doc/wireshark/sshdump.html > -#usr/share/doc/wireshark/text2pcap.html > -#usr/share/doc/wireshark/tshark.html > -#usr/share/doc/wireshark/udpdump.html > -#usr/share/doc/wireshark/wireshark-filter.html > -#usr/share/doc/wireshark/wireshark.html > -#usr/share/man/man1/androiddump.1 > -#usr/share/man/man1/capinfos.1 > -#usr/share/man/man1/captype.1 > -#usr/share/man/man1/ciscodump.1 > -#usr/share/man/man1/dftest.1 > -#usr/share/man/man1/dpauxmon.1 > -#usr/share/man/man1/dumpcap.1 > -#usr/share/man/man1/editcap.1 > -#usr/share/man/man1/mergecap.1 > -#usr/share/man/man1/randpkt.1 > -#usr/share/man/man1/randpktdump.1 > -#usr/share/man/man1/rawshark.1 > -#usr/share/man/man1/reordercap.1 > -#usr/share/man/man1/sshdump.1 > -#usr/share/man/man1/text2pcap.1 > -#usr/share/man/man1/tshark.1 > -#usr/share/man/man1/udpdump.1 > -#usr/share/man/man1/wireshark.1 > -#usr/share/man/man4/extcap.4 > -#usr/share/man/man4/wireshark-filter.4 > +#usr/lib/wireshark/plugins/3.6 > +#usr/lib/wireshark/plugins/3.6/codecs > +usr/lib/wireshark/plugins/3.6/codecs/g711.so > +usr/lib/wireshark/plugins/3.6/codecs/g722.so > +usr/lib/wireshark/plugins/3.6/codecs/g726.so > +usr/lib/wireshark/plugins/3.6/codecs/l16mono.so > +usr/lib/wireshark/plugins/3.6/codecs/opus_dec.so > +#usr/lib/wireshark/plugins/3.6/epan > +usr/lib/wireshark/plugins/3.6/epan/ethercat.so > +usr/lib/wireshark/plugins/3.6/epan/gryphon.so > +usr/lib/wireshark/plugins/3.6/epan/irda.so > +usr/lib/wireshark/plugins/3.6/epan/mate.so > +usr/lib/wireshark/plugins/3.6/epan/opcua.so > +usr/lib/wireshark/plugins/3.6/epan/profinet.so > +usr/lib/wireshark/plugins/3.6/epan/stats_tree.so > +usr/lib/wireshark/plugins/3.6/epan/transum.so > +usr/lib/wireshark/plugins/3.6/epan/unistim.so > +usr/lib/wireshark/plugins/3.6/epan/wimax.so > +usr/lib/wireshark/plugins/3.6/epan/wimaxasncp.so > +usr/lib/wireshark/plugins/3.6/epan/wimaxmacphy.so > +#usr/lib/wireshark/plugins/3.6/wiretap > +usr/lib/wireshark/plugins/3.6/wiretap/usbdump.so > #usr/share/wireshark > -#usr/share/wireshark/AUTHORS-SHORT > #usr/share/wireshark/COPYING > -#usr/share/wireshark/androiddump.html > -#usr/share/wireshark/capinfos.html > -#usr/share/wireshark/captype.html > usr/share/wireshark/cfilters > -#usr/share/wireshark/ciscodump.html > usr/share/wireshark/colorfilters > #usr/share/wireshark/dfilter_macros > usr/share/wireshark/dfilters > -#usr/share/wireshark/dftest.html > #usr/share/wireshark/diameter > usr/share/wireshark/diameter/AlcatelLucent.xml > usr/share/wireshark/diameter/Cisco.xml > @@ -768,13 +745,9 @@ usr/share/wireshark/dtds/smil.dtd > usr/share/wireshark/dtds/watcherinfo.dtd > usr/share/wireshark/dtds/xcap-caps.dtd > usr/share/wireshark/dtds/xcap-error.dtd > -#usr/share/wireshark/dumpcap.html > -#usr/share/wireshark/editcap.html > usr/share/wireshark/enterprises.tsv > -#usr/share/wireshark/extcap.html > #usr/share/wireshark/ipmap.html > #usr/share/wireshark/manuf > -#usr/share/wireshark/mergecap.html > #usr/share/wireshark/pdml2html.xsl > #usr/share/wireshark/profiles > #usr/share/wireshark/profiles/Bluetooth > @@ -996,22 +969,12 @@ usr/share/wireshark/radius/dictionary.yubico > usr/share/wireshark/radius/dictionary.zeus > usr/share/wireshark/radius/dictionary.zte > usr/share/wireshark/radius/dictionary.zyxel > -#usr/share/wireshark/randpkt.html > -#usr/share/wireshark/randpktdump.html > -#usr/share/wireshark/rawshark.html > -#usr/share/wireshark/reordercap.html > usr/share/wireshark/services > usr/share/wireshark/smi_modules > -#usr/share/wireshark/sshdump.html > -#usr/share/wireshark/text2pcap.html > #usr/share/wireshark/tpncp > usr/share/wireshark/tpncp/tpncp.dat > -#usr/share/wireshark/tshark.html > -#usr/share/wireshark/udpdump.html > #usr/share/wireshark/wimaxasncp > usr/share/wireshark/wimaxasncp/dictionary.dtd > usr/share/wireshark/wimaxasncp/dictionary.xml > -#usr/share/wireshark/wireshark-filter.html > -#usr/share/wireshark/wireshark.html > usr/share/wireshark/wka > usr/share/wireshark/ws.css > diff --git a/lfs/tshark b/lfs/tshark > index be732c97e..eb89f7474 100644 > --- a/lfs/tshark > +++ b/lfs/tshark > @@ -26,7 +26,7 @@ include Config > =20 > SUMMARY =3D A Network Traffic Analyser > =20 > -VER =3D 3.4.7 > +VER =3D 3.6.3 > =20 > THISAPP =3D wireshark-$(VER) > DL_FILE =3D $(THISAPP).tar.xz > @@ -35,7 +35,7 @@ DIR_APP =3D $(DIR_SRC)/$(THISAPP) > TARGET =3D $(DIR_INFO)/$(THISAPP) > PROG =3D tshark > DEPS =3D krb5 c-ares > -PAK_VER =3D 11 > +PAK_VER =3D 12 > =20 > SERVICES =3D > =20 > @@ -47,7 +47,7 @@ objects =3D $(DL_FILE) > =20 > $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > =20 > -$(DL_FILE)_BLAKE2 =3D 0a6112ed667739935417350660e31d64747cb81295db058e0a27= c38387b2ed2b9806f8d61925c262d531fb96d87e230d1cd5d511ae0bdba973373835bf5d7bc5 > +$(DL_FILE)_BLAKE2 =3D 3b636867d946f0cf748eb719874e815c919ee9cedd21a7e9034d= 54b4cb87ae4a09ec02a199e1ec8051e421fe2929983d659f340ccfd12ab35e1ecd52000964fd > =20 > install : $(TARGET) > =20 --===============3706889919035459018==--