From patchwork Thu Jul 9 15:08:50 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 10030 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "YR2" (not verified)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4gwyzQ6FZqz3wqr for ; Thu, 09 Jul 2026 15:09:06 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "YE1" (not verified)) by mail01.ipfire.org (Postfix) with ESMTPS id 4gwyzQ3NJWz7Bm for ; Thu, 09 Jul 2026 15:09:06 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4gwyzM6nsZz36W8 for ; Thu, 09 Jul 2026 15:09:03 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [IPv6:2001:678:b28::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "YR2" (not verified)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4gwyzD6yGZz33y8 for ; Thu, 09 Jul 2026 15:08:56 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4gwyzD3df5z7BS; Thu, 09 Jul 2026 15:08:56 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1783609736; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=A3fHd8hkZUKnl0qwE1jqBIn9kNJ1F0g8OxV3YimQgcY=; b=YUxtdFjPyNnlEDb5c8eedXw2m2WPwiKs5nHltOnFEz2m7j//+u1C1Ae90bl4/dITmu5U0h U0E4QA9RFzEjUDCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1783609736; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=A3fHd8hkZUKnl0qwE1jqBIn9kNJ1F0g8OxV3YimQgcY=; b=k9WpfDbvrO2pyAPuQaia7BTJWXOzAhY55s+f2YPGr9SPDEfWZVDg6/sa02IVbeiUKrsCDR /34Z4A7jfzlWM32ng4yZEj/2uAKXTViswDDldbBm5Lq+fZTGtKs5h4Ovnw1XbKOUyP8+7s odKF9MymR+IToIE6auNg7SGypV9xlfrOiEiAvdE/lE6ZP3y21RPNNZa32H5uIKpBqJQII+ oPu5e2Vxoja2j0DeIC48EJBB6rPSTVrwi448KSlYCECv84ufU55L5sZaYMD74NfSgMCuNq F0uH/bh9EIGaD0SEI0JrnldjZ5GlsCItD8vGr7nd2uwrozr6RTteR0r9in55Lw== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH] tshark: Update to version 4.6.7 Date: Thu, 9 Jul 2026 17:08:50 +0200 Message-ID: <20260709150851.3632942-8-adolf.belka@ipfire.org> In-Reply-To: <20260709150851.3632942-1-adolf.belka@ipfire.org> References: <20260709150851.3632942-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 - Update from version 4.6.6 to 4.6.7 - Update of rootfile - 12 wnpa-sec security vulnerability fixes implemented - Changelog 4.6.7 The following vulnerabilities have been fixed: wnpa-sec-2026-52 Catapult DCT2000 protocol dissector crash. Issue 21270. wnpa-sec-2026-53 pcapng file parser crash. Issue 21285. wnpa-sec-2026-54 FMP/NOTIFY protocol dissector large loop. Issue 21347. wnpa-sec-2026-55 SSH protocol dissector crash. Issue 21378. wnpa-sec-2026-56 TLS ECH decryption crash. Issue 21390. wnpa-sec-2026-57 IEEE 802.11 protocol dissector crash. Issue 21391. wnpa-sec-2026-58 Z39.50 protocol dissector crash. Issue 21397. wnpa-sec-2026-59 UMTS FP protocol dissector crash. Issue 21398. wnpa-sec-2026-60 BLF file parser information disclosure. Issue 21361. wnpa-sec-2026-61 Multiple protocol dissector infinite loops. Issue 21275, Issue 21277, Issue 21330, Issue 21383. wnpa-sec-2026-62 DBS Etherwatch file parser crash. Issue 21352. wnpa-sec-2026-63 Ciscodump extcap crash. Issue 21375. The following bugs have been fixed: Wireshark appears in German when the system language is Dutch. Issue 20347. Qt: Capture filter combo box does not enforce minimum size or expanding size policy. Issue 21080. BACapp: Error parsing you-are request. Issue 21260. Use-After-Free in Ethernet POWERLINK (EPL) Dissector during profile loading error path. Issue 21267. Sponsor slides are not properly shown. Issue 21268. Buffer overlow/segfault in Catapult DCT2000 dissector via not check no_ddi_entries in header. Issue 21270. Fuzz job issue: fuzz-2026-05-24-14517548985.pcap. Issue 21272. Fuzz job UTF-8 encoding issue: fuzz-2026-06-07-14732586286.pcap. Issue 21331. Memory leak in alp-sample1.pcap. Issue 21343. Memory leak in nspi.pcap. Issue 21344. Heap-Buffer-Overflow in Wireshark Logcat Parser. Issue 21346. IPv6 Ping from Debian (among others) is dissected as "HiPerConTracer" Issue 21349. HEVC (H.265) dissector: bit_offset not advanced after sub_layer_hrd_parameters() causes false Malformed Packet. Issue 21362. dfilter_compile_full: heap-buffer-overflow READ in ws_strptime on a time literal. Issue 21376. Wireshark crashes with a HEAP_CORRUPTION error when using the last saved recent_common file. Issue 21379. Fuzz job issue: fuzz-2026-06-30-15106674620.pcap. Issue 21381. New and Updated Features The Windows installers are now built with Visual Studio 2026. Updated Protocol Support ALC, BACapp, C2P, Catapult DCT2000, COTP, CSN.1, DCERPC, DCERPC MAPI, DCERPC NSPI, DNS, DVB-S2-TABLE, eDonkey, EPL, FC ELS, FMP/NOTIFY, H.265, HiPerConTracer, IEEE 802.11, LLS, MEGACO, MIH, MPEG DSM-CC, MS-WSP, RELOAD, SGP.32, SSH, STANAG 4607, UMTS FP, WOWW, and Z39.50 New and Updated Capture File Support Android Logcat, BLF, DBS Etherwatch, Netlog, and pcapng Plugin Development Changes On UN*X systems (excluding macOS when running from an app bundle, as with the official installer) extcap binaries are now searched for under the libexec directory by default, e.g., /usr/libexec/wireshark/extcap instead of /usr/lib64/wireshark/extcap or similar. This is the customary place for helper binaries, which as opposed to libraries do not need multiarch support. The location can be overridden via the environment variable WIRESHARK_EXTCAP_DIR. The extcap binaries shipped with Wireshark are installed in the new location, but third party extcaps may need packaging changes. This change was effective in version 4.6.0, but was not explicitly noted in the release notes previously. Note that some distributions do not use a libexec directory, such as Alpine Linux, which does not have multilib support. On such systems extcap binaries should be in the same location as before. Signed-off-by: Adolf Belka --- config/rootfiles/packages/tshark | 4 ++-- lfs/tshark | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/config/rootfiles/packages/tshark b/config/rootfiles/packages/tshark index 9042f6777..3ade5373d 100644 --- a/config/rootfiles/packages/tshark +++ b/config/rootfiles/packages/tshark @@ -11,10 +11,10 @@ usr/bin/dumpcap usr/bin/tshark #usr/lib/libwireshark.so usr/lib/libwireshark.so.19 -usr/lib/libwireshark.so.19.0.6 +usr/lib/libwireshark.so.19.0.7 #usr/lib/libwiretap.so usr/lib/libwiretap.so.16 -usr/lib/libwiretap.so.16.0.6 +usr/lib/libwiretap.so.16.0.7 #usr/lib/libwsutil.so usr/lib/libwsutil.so.17 usr/lib/libwsutil.so.17.0.0 diff --git a/lfs/tshark b/lfs/tshark index 84a4ffe23..1965d445e 100644 --- a/lfs/tshark +++ b/lfs/tshark @@ -26,7 +26,7 @@ include Config SUMMARY = A Network Traffic Analyser -VER = 4.6.6 +VER = 4.6.7 THISAPP = wireshark-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -35,7 +35,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tshark DEPS = c-ares libxxhash -PAK_VER = 36 +PAK_VER = 37 SERVICES = @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 3ba090394930adbd8649df0b93b65ad68f58964fe2a5b8632450f3f3b7d2f26bbc20f95a825d08082b1c2d25ebb420500b3b58b8cb1f6b88b8326c093f56c83f +$(DL_FILE)_BLAKE2 = 6c9c9201686a80fd855e589b00efa8be0b34771305981206aa58b345c38e1a9094b701e8067fadacf81787d15ebf9839fd9921322c1ab24ac183963094282b89 install : $(TARGET)