Wireshark 3.0.7 Release Notes
What’s New
The Windows and macOS installers now ship with Qt 5.12.6. They
previously shipped with Qt 5.12.5.
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2019-22[1] CMS dissector crash. Bug 15961[2].
CVE-2019-19553[3].
The following bugs have been fixed:
• ws_pipe_wait_for_pipe() can wait on closed handles. Bug 15696[4].
• Support for 11ax in PEEKREMOTE. Bug 15740[5].
• The temporary file …<U+200B> could not be opened: Invalid argument. Bug
15751[6].
• Reassembling of the two TLS records is not working correctly. Bug
16109[7].
• Display Filter Area: Dropdown Missing pkt_comment and
tcp.options.sack_perm (likely others). Bug 16130[8].
• Display Filter autocompletion should be disabled. Bug 16132[9].
• BGP Linkstate IP Reachability information is incorrect. Bug
16144[10].
• NGAP: ExpectedUEActivityBehaviour decode error. Bug 16145[11].
• HomePlug AV dissector: MMTYPE and FMI fields are dissected
incorrectly. Bug 16158[12].
• JPEG files cannot be saved on Windows with french language. Bug
16165[13].
• X11 --display interpreted as --display-filter which maps to -Y
option. Bug 16167[14].
• "Create new file automatically after" not working with extcap.
Bug 16178[15].
• Encrypted TLS alerts sometimes listed as decrypted. Bug
16180[16].
• The "Remove Wireshark from the system path" package has "Add
Wireshark to the system PATH" as its title. Bug 16200[17].
• tshark -T ek -x causes get_field_data: code should not be
reached. Bug 16218[18].
• Crash on Go → Next/Previous Packet in Conversation when no packet
is selected.
Version 2.2.4
Bugs Fixed:
* Run the Setuptools `egg-info` command as part of the `build`
command.
* Create the socket and catch “non-socket” errors.
* Only deal with a range of file descriptors if the range is not empty.
* Declare Twine as a build dependency.
* Reformat the change log entries with keepachangelog.com sub-sections.
Changed:
* Upgrade Tox dependency to version “3.7.0”.
* Significant speed-up to discovery of file descriptors to close.
* Refactor the build system to use Makefile modules for each topic.
ftp.cyrusimap.org has been down for months. Asked about this on the
cyrus-info mailinglist months ago with no responses. So lets drop it from
MASTER_SITES.
The directory old on the ftp is also available in the http download so I
added that to MASTER_SITES as well.
18.1.1
- Fix race condition when shutting down ZAP thread while events are still processing (only affects tests)
- Publish wheels for Python 3.8 on all platforms
- Stop publishing wheels for Python 3.4 on Windows
- Sources generated with Cython 0.29.14
v0.5.9:
+ Added events for Sieve and ManageSieve, see
https://doc.dovecot.org/admin_manual/list_of_events/#pigeonhole
+ Pigeonhole: Implement the Sieve "special-use" extension described in
RFC 8579.
- duplicate: Test only compared the handles which would cause
different values to be cached as the same duplicate test. Fix to also
compare the actual hashes.
- imap_sieve_filter: IMAP FILTER Command had various bugs in error
handling. Errors may have been duplicated for each email, errors
may have been missing entirely, command tag and ERRORS/WARNINGS
parameters were swapped.
v2.3.9:
* Changed several event field names for consistency and to avoid
conflicts in parent-child event relationships:
* SMTP server command events: Renamed "name" to "cmd_name"
* Events inheriting from a mailbox: Renamed "name" to "mailbox"
* Server connection events have only "remote_ip", "remote_port",
"local_ip" and "local_port".
* Removed duplicate "client_ip", "ip" and "port".
* Mail storage events: Removed "service" field.
Use "service:<name>" category instead.
* HTTP client connection events: Renamed "host" to "dest_host" and
"port" to "dest_port"
* auth: Drop Postfix socketmap support. It hasn't been working
with recent Postfix versions for a while now.
* push-notification-lua: The "subject" field is now decoded to UTF8
instead of kept as MIME-encoded.
+ push-notification-lua: Added new "from_address", "from_display_name",
"to_address" and "to_display_name" fields. The display names are
decoded to UTF8.
+ Added various new fields to existing events.
See http://doc.dovecot.net/admin_manual/list_of_events.html
+ Add lmtp_add_received_header setting. It can be used to prevent LMTP
from adding "Received:" headers.
+ doveadm: Support SSL/STARTTLS for proxied doveadm connections based on
doveadm_ssl setting and proxy ssl/tls settings.
+ Log filters support now "service:<name>", which matches all events for
the given service. It can also be used as a category.
+ lib: Use libunwind to get abort backtraces with function names
where available.
+ lmtp: When the LMTP proxy changes the username (from passdb lookup)
add an appropriate ORCPT parameter.
- lmtp: Add lmtp_client_workarounds setting to implement workarounds for
clients that send MAIL and RCPT commands with additional spaces before
the path and for clients that omit <> brackets around the path.
See example-config/conf.d/20-lmtp.conf.
- lda/lmtp: Invalid MAIL FROM addresses were rejcted too aggressively.
Now mails from addresses with unicode characters are delivered, but
their Return-Path header will be <> instead of the given MAIL FROM
address.
- lmtp: The lmtp_hdr_delivery_address setting is ignored.
- imap: imap_command_finished event's "args" and "human_args" parameters
were always empty.
- mbox: Seeking in zlib and bzip2 compressed input streams didn't work
correctly.
- imap-hibernate: Process crashed when client got destroyed while it was
attempted to be unhibernated, and the unhibernation fails.
- *-login: Proxying may have crashed if SSL handshake to the backend
failed immediately. This was unlikely to happen in normal operation.
- *-login: If TLS handshake to upstream server failed during proxying,
login process could crash due to invalid memory access.
- *-login: v2.3 regression: Using SASL authentication without initial
response may have caused SSL connections to hang. This happened often
at least with PHP's IMAP library.
- *-login: When login processes are flooded with authentication attempts
it starts logging errors about "Authentication server sent unknown id".
This is still expected. However, it also caused the login process to
disconnect from auth server and potentially log some user's password
in the error message.
- dict-sql: SQL prepared statements were not shared between sessions.
This resulted in creating a lot of prepared statements, which was
especially inefficient when using Cassandra backend with a lot of
Cassandra nodes.
- auth: auth_request_finished event didn't have success=yes parameter
set for successful authentications.
- auth: userdb dict - Trying to list users crashed.
- submission: Service could be configured to allow anonymous
authentication mechanism and anonymous user access.
- LAYOUT=index: Corrupted dovecot.list.index caused folder creation to
panic.
- doveadm: HTTP server crashes if request target starts with double "/".
- dsync: Remote dsync started hanging if the initial doveadm
"dsync-server" command was sent in the same TCP packet as the
following dsync handshake. v2.3.8 regression.
- lib: Several "input streams" had a bug that in some rare situations
might cause it to access freed memory. This could lead to crashes or
corruption.
The only currently known effect of this is that using zlib plugin with
external mail attachments (mail_attachment_dir) could cause fetching
the mail to return a few bytes of garbage data at the beginning of the
header. Note that the mail wasn't saved corrupted, but fetching it
caused corrupted mail to be sent to the client.
- lib-storage: If a mail only has quoted content, use the quoted text
for generating message snippet (IMAP PREVIEW) instead of returning
empty snippet.
- lib-storage: When vsize header was rebuilt, newly calculated message
sizes were added to dovecot.index.cache instead of being directly
saved into vsize records in dovecot.index.
- lib: JSON generator was escaping UTF-8 characters unnecessarily.
Changes:
- sessions (thanks @annagrram)
- rclone support for remote access (mount any cloud storage!!!)
- toggle selection with 'Space' or '^J'
- ignore events during selection so the + symbol is not lost
- run custom (non-shell-interpreted) commands like plugins
- configure cd-on-quit as the default behaviour
- create parent dirs for new files and dirs, duplicate a file/dir
anywhere
- 'copy/move as' workflow (thanks @KlzXS)
- edit , flush selection buffer (thanks @KlzXS)
- support xargs with minimal options (as in BusyBox) (thanks @KlzXS)
- changed the key to size sort to 'z'
- additional key ']' to show command prompt
- mount archives using archivemount
- smoother double click handling
- program option -R to disable rollover at edges
- keybind collision checker (for custom keybind config) (thanks
@annagrram)
- show size of file in bytes in status bar in disk usage mode
- pass unresolved path as second argument ($2) to plugin
- mechanism for plugins to control active directory
- all binary questions are confirmed by 'y' or 'Y'
- plugins
- some plugins renamed
- integrated shellcheck in CI, POSIX-compliance fixes (thanks
@koalaman)
- getplugs - detect modifications in exiting plugin file (thanks
@KlzXS)
- drag-file & drop-file: drag & drop files using dragon
- gutenread: browse, download and read from Project Gutenberg
- suedit - edit file with superuser permissions
- fzhist - fuzzy select commands from history, edit and run
- fzcd - change to a fuzzy-searched directory
- rename - batch rename directory or selection using qmv or vidir
- pskill - fuzzy list a process or zombies by name and kill
- exetoggle - toggle executable status of hovered file
- treeview - informative tree output with file permissions and size
- chksum - recursively calculate checksum for files in hovered
directory
- fzopen renamed to fzopen
- imgsxiv instructions added to browse and rename images
- create link to current file
- additional key ';' to execute plugin
- more explicit force removal message
- force non-detachable internal edits in $EDITOR (option -E)
- export current file as $nnn (instead of $NN)
- fix file open failure from browser when configured as default FM
Changelog:
2019-11-17 Jay Berkenbilt <ejb@ql.org>
* 9.1.0: release
2019-11-09 Jay Berkenbilt <ejb@ql.org>
* 9.1.rc1: release
* Improve behavior of wildcard expansion for msvc executable when
run from the Windows cmd.exe shell. Unlike in UNIX environments,
Windows leaves it up to the executable to expand its own
wildcards. Fixes#224.
* When reading /P from the encryption dictionary, use static_cast
instead of QIntC to convert the value to a signed integer. The
value of /P is a bit field, and PDF files have been found in the
wild where /P is represented as an unsigned integer even though
the spec states that it is a signed 32-bit value. By using
static_cast, we allow qpdf to compensate for writers that
incorrectly represent the correct bit field as an unsigned value.
Fixes#382.
2019-11-05 Jay Berkenbilt <ejb@ql.org>
* Add support for pluggable crypto providers, enabling multiple
implementations of the cryptographic functions needed by qpdf.
This feature was added by request of Red Hat, which recognized the
use of qpdf's native crypto implementations as a potential
security liability, preferring instead to get all crypto
functionality from a third-party library that receives a lot of
scrutiny. However it was also important to me to not impose any
unnecessary third party dependencies on my users or packagers,
some of which build qpdf for lots of environments, some of which
may not easily support gnutls. Starting in qpdf 9.1.0, it is be
possible to build qpdf with both the native and gnutls crypto
providers or with either in isolation. In support of this feature,
new classes QPDFCryptoProvider and QPDFCryptoImpl have been added
to the public interface. See QPDFCryptoImpl.hh for details about
adding your own crypto provider and QPDFCryptoProvider.hh for
details about choosing which one is used. Note that selection of
crypto providers is invisible to anyone who doesn't explicitly
care. Neither end users nor developers have to be concerned about
it.
* The environment variable QPDF_CRYPTO_PROVIDER can be used to
override qpdf's default choice of crypto provider. The
--show-crypto flag to the qpdf CLI can be used to present a list
of supported crypto providers with the default provider always
listed first.
* Add gnutls crypto provider. Thanks to Zdenek Dohnal for
contributing the code that I ultimately used in the gnutls crypto
provider and for engaging in an extended discussion about this
feature. Fixes#218.
2019-10-22 Jay Berkenbilt <ejb@ql.org>
* Incorporate changes from Masamichi Hosoda <trueroad@trueroad.jp>
to properly handle signature in the following ways:
- Always represent /Contents in a signature dictionary as a hex
string
- Do not compress signature dictionaries when generating object
streams
- Do not encrypt/decrypt the /Contents field of the signature
dictionary when creating or reading encrypted files
* Incorporate changes from Masamichi Hosoda <trueroad@trueroad.jp>
to add additional methods for making it possible to gain deeper
insight into cross reference tables and object renumbering. These
new API calls make it possible for applications to go into PDF
files created by qpdf and make changes to them that go beyond
working with the PDF at the object level. The specific use case
for these changes was to write an external tool to perform digital
signature, but there could be other uses as well. New methods
include the following, all of which are described in their
respective headers:
- QPDF::getXRefTable()
- QPDFObjectHandle::getParsedOffset()
- QPDFWriter::getRenumberedObjGen(QPDFObjGen)
- QPDFWriter::getWrittenXRefTable()
Changelog:
NSPR 4.24 contains the following changes:
- added macro PR_ASSERT_ARG
- removed some declarations
- added support for Nios-II, Nds32 and Microblaze
architectures
This fixes some small problems (e.g. with the display of the date the topic
was set) when connecting to IRC networks running newer, standards-compliant
server implementations.
I'm backporting these fixes because I'm not expecting a new HexChat release
to be made any time soon.
Bump PKGREVISION
* Version 2.0.34
- Blacklisted names are now also blocked if they appear in `CNAME`
pointers.
- `dnscrypt-proxy` can now act as a local DoH *server*. Firefox can
be configured to use it, so that ESNI can be enabled without bypassing
your DNS proxy.
This release fixes one bug in erts.
--- Fixed Bugs and Malfunctions ---
OTP-16301 Application(s): erts
Related Id(s): ERL-1079
Large amounts of quickly executed dirty work could
cause heavy contention on an internal spin lock. The
spin lock was replaced by a mutex which behaves much
better under these conditions.
This release is a maintenance release to support X.Org X Server 1.20.
Kevin Brace (4):
Do not call xf86DisableRandR() for X Server 1.20
Fix for xf86InterceptSigIll() discontinuation in X Server 1.20
Enable SISGAMMARAMP macro on X.Org X Server
Version bumped to 0.12.0
ZBar is an open source software suite for reading bar codes from various
sources, such as video streams, image files and raw intensity sensors. It
supports many popular symbologies (types of bar codes) including
EAN-13/UPC-A, UPC-E, EAN-8, Code 128, Code 39, Interleaved 2 of 5 and QR
Code.
The flexible, layered implementation facilitates bar code scanning and
decoding for any application: use it stand-alone with the included GUI and
command line programs, easily integrate a bar code scanning widget into
your Qt, GTK+ or PyGTK GUI application, leverage one of the script or
programming interfaces (Python, Perl, C++) ...all the way down to a
streamlined C library suitable for embedded use.
Packaged in pkgsrc-wip by myself and <ng0>.