Commit Graph

119 Commits

Author SHA1 Message Date
Franz Pletz
1466bdd98f
wireshark: 2.2.6 -> 2.2.7 2017-06-20 03:56:42 +02:00
Robin Gloster
ece9d8867b
wireshark: 2.2.5 -> 2.2.6 2017-05-23 13:26:50 +02:00
Franz Pletz
7b27e1c3c9
wireshark: 2.2.4 -> 2.2.5 for multiple CVEs
Fixes:

  * CVE-2017-5596
  * CVE-2017-5597
  * CVE-2017-6467
  * CVE-2017-6468
  * CVE-2017-6469
  * CVE-2017-6470
  * CVE-2017-6471
  * CVE-2017-6472
  * CVE-2017-6473
  * CVE-2017-6474
2017-03-20 14:43:15 +01:00
Nikolay Amiantov
545e267adf wireshark-gtk: wrap properly 2017-03-16 00:53:42 +03:00
Thomas Tuegel
127bf18a35
extra-cmake-modules: Lift Qt dependency 2017-02-27 11:49:46 -06:00
Michael Raskin
194d137bd3 wireshark: patch for CVE-2017-6041 2017-02-22 14:17:02 +01:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Peter Hoeg
887590e1d2 wireshark: use cmake and move to gtk3/qt5
wireshark used to use autotools, but instead we now use cmake. The
change alone brought to light a few missing required dependencies.

Additionally, wireshark was using gtk2 and qt4, so that has changed to
gtk3 and qt5.
2017-01-31 21:20:12 +01:00
Parnell Springmeyer
6777e6f812
Merging with upstream 2017-01-29 05:54:01 -06:00
Parnell Springmeyer
2f113ee90a
setcap-wrapper: Minor refactor 2017-01-29 01:08:36 -06:00
Lancelot SIX
c99540d526
wireshark: 2.2.3 -> 2.2.4
This release fixes those security related issues:
- https://www.wireshark.org/security/wnpa-sec-2017-01.html
- https://www.wireshark.org/security/wnpa-sec-2017-02.html
2017-01-26 11:30:48 +01:00
Parnell Springmeyer
bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
mimadrid
280d0cf20f
wireshark: 2.2.2 -> 2.2.3 2016-12-17 12:59:56 +01:00
Vladimír Čunát
baa73cd6e0
Merge #20506: wireshark: add darwin support 2016-11-21 18:05:11 +01:00
Lancelot SIX
e9549d293c
wireshark: 2.2.0 -> 2.2.2
See releases announcements:

- https://www.wireshark.org/docs/relnotes/wireshark-2.2.1.html
- https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html

wireshark-2.2.1 fixes the following vulnerabilities:

- CVE-2016-7957
- CVE-2016-7958

wireshard-2.2.2 fixes the following vulnerabilities:

- CVE-2016-9372
- CVE-2016-9374
- CVE-2016-9376
- CVE-2016-9373
- CVE-2016-9375
2016-11-21 14:30:17 +01:00
Matthew Bauer
fe91dd36d0
wireshark: add darwin support 2016-11-17 15:10:22 -06:00
Kirill Boltaev
0f37287df5 treewide: explicitly specify gtk version 2016-09-13 21:09:24 +03:00
Lancelot SIX
33300d380b wireshark: 2.0.5 -> 2.2.0
Release note:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html

Security related annonces related to 2.0.5 (subject to denial of
service attack):

https://www.wireshark.org/security/wnpa-sec-2016-50.html
https://www.wireshark.org/security/wnpa-sec-2016-51.html
https://www.wireshark.org/security/wnpa-sec-2016-52.html
https://www.wireshark.org/security/wnpa-sec-2016-53.html
https://www.wireshark.org/security/wnpa-sec-2016-54.html
https://www.wireshark.org/security/wnpa-sec-2016-55.html
2016-09-08 16:26:51 +02:00
Parnell Springmeyer
98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
mimadrid
5fbe282abd
wireshark: 2.0.4 -> 2.0.5 2016-07-29 12:11:09 +02:00
Franz Pletz
a950c154c1 wireshark: 2.0.3 -> 2.0.4 (security)
Fixes a few security problems:
  https://www.wireshark.org/docs/relnotes/wireshark-2.0.4.html
2016-07-10 10:46:22 +02:00
Bjørn Forsman
d809ef47cb wireshark: 2.0.2 -> 2.0.3 2016-05-22 20:04:44 +02:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Graham Christensen
ca6108a2a1 wireshark: 2.0.0 -> 2.0.2 for: CVE-2016-2521 CVE-2016-2522 CVE-2016-2523 CVE-2016-2524 CVE-2016-2525 CVE-2016-2526 CVE-2016-2527 CVE-2016-2528 CVE-2016-2529 CVE-2016-2531 CVE-2016-2532 2016-03-04 13:31:31 -06:00
Reno Reckling
28fd7afd02 wireshark-qt: make wireshark-qt build and run again 2015-12-31 13:56:50 +01:00
Franz Pletz
bfb399e3c4 wireshark: 1.12.7 -> 2.0.0
Updates wireshark to the next major stable version. Also updated and tested
the patch to search for dumpcap in PATH by @bjornfor.
2015-11-27 05:17:26 +01:00
michael bishop
e72bcc348c future proof the wireshark source path 2015-11-15 16:38:58 -04:00
Bjørn Forsman
b95bec7917 wireshark: 1.12.5 -> 1.12.7
Build and run tested.
2015-09-16 19:00:34 +02:00
Pascal Wittmann
c0a5ffc438 wireshark: update from 1.12.4 to 1.12.5, fixes CVE-2015-3808 2015-05-29 22:17:03 +02:00
Bjørn Forsman
890534bedc wireshark: update from 1.12.3 to 1.12.4
Potentially fixes CVE-2015-2188, CVE-2015-2189, CVE-2015-2191
2015-04-11 13:48:09 +02:00
Bjørn Forsman
478969d50c wireshark: change dependency heimdal -> openssl
This fixes wirehsark build, which has been broken since commit
942e179974 (heimdal: Correct the openssl dependency).
2015-04-11 13:23:35 +02:00
Bjørn Forsman
7a1e652130 wireshark: update 1.12.2 -> 1.12.3 (security update)
The following vulnerabilities have been fixed.

- wnpa-sec-2015-01
  The WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559,
  CVE-2015-0560

- wnpa-sec-2015-02
  The LPP dissector could crash. (Bug 10773) CVE-2015-0561

- wnpa-sec-2015-03
  The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562

- wnpa-sec-2015-04
  The SMTP dissector could crash. (Bug 10823) CVE-2015-0563

- wnpa-sec-2015-05
  Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam
  Rathaus. CVE-2015-0564

See more at https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
2015-01-08 19:43:50 +01:00
Bjørn Forsman
d5e8c6b732 wireshark: update from 1.12.1 to 1.12.2
Potentially fixes CVE-2014-8710, CVE-2014-8711, CVE-2014-8712,
CVE-2014-8713, CVE-2014-8714.
2014-12-02 21:36:22 +01:00
Bjørn Forsman
263decc48a wireshark: fix meta.description 2014-09-20 13:28:46 +02:00
Bjørn Forsman
8983b60f87 wireshark: add CLI and Qt versions
In addition to our existing GTK version.

* Only install desktop file if building a GUI version.
* The Qt build appends "-qt" to the
  wireshark binary name. Undo it so the desktop file works.
* The 'wireshark' attribute still refers to the GTK version, for
  backwards compatibility.
2014-09-20 13:28:46 +02:00
Bjørn Forsman
1daa2e5a7e wireshark: update to 1.12.1 (latest stable)
There are no references to g_memmove in the source anymore, so remove
the now unneeded (and failing!) sed fixup.

Sourceforge no longer has wireshark sources, the page tells users to
download from www.wireshark.org instead. So do that.
2014-09-20 13:28:46 +02:00
Bjørn Forsman
a70197a653 wireshark: add patch to lookup "dumpcap" in PATH
What this allows us to do is define a "dumpcap" setuid wrapper in NixOS
and have wireshark use that instead of the non-setuid dumpcap binary
that it normally uses.

As far as I can tell, the code that is changed to do lookup in PATH is
only used by wireshark/tshark to find dumpcap. dumpcap, the thing that's
typically setuid, is not affected by this patch. wireshark and tshark
should *not* be installed setuid, so the fact that they now do lookup in
PATH is not a security concern.

With this commit, and the following config, only "root" and users in the
"wireshark" group will have access to capturing network traffic with
wireshark/dumpcap:

  environment.systemPackages = [ pkgs.wireshark ];
  security.setuidOwners = [
    { program = "dumpcap";
      owner = "root";
      group = "wireshark";
      setuid = true;
      setgid = false;
      permissions = "u+rx,g+x";
    }
  ];
  users.extraGroups.wireshark.gid = 500;

(This wouldn't have worked before, because then wireshark would not use
our setuid dumpcap binary.)
2014-04-22 21:33:11 +02:00
Bjørn Forsman
cbd4650a1a wireshark: add myself (bjornfor) as maintainer 2014-04-22 21:33:11 +02:00
Bjørn Forsman
27477f1fac wireshark: build with libcap (POSIX capabilities)
This makes running wireshark (or more specifically, dumpcap) as root a
bit more secure. From <wireshark-1.11.2>/doc/README.packaging:

  The "--with-libcap" option is only useful when dumpcap is installed
  setuid. If it is enabled dumpcap will try to drop any setuid privileges
  it may have while retaining the CAP_NET_ADMIN and CAP_NET_RAW
  capabilities. It is enabled by default, if the Linux capabilities
  library (on which it depends) is found.
2014-04-22 21:33:11 +02:00
Michael Raskin
9233723353 Temporary patch for Wireshark build 2014-04-06 00:57:35 +04:00
Peter Simons
ca73a92578 wireshark: the gtk3 build fails, so use gtk2
Duh, this is much more difficult than I would have thought.
2014-01-17 11:10:58 +01:00
Peter Simons
ac2a215c10 wireshark: build GUI with gtk3
This should be configurable, I guess.
2014-01-17 10:37:53 +01:00
Peter Simons
c1a80535ad wireshark: update from 1.10.5 to 1.11.2 2014-01-15 17:29:14 +01:00
Nixpkgs Monitor
f512614a10 wireshark: update from 1.10.3 to 1.10.5, potentially fixes CVE-2013-7112, CVE-2013-7113, CVE-2013-7114 2014-01-10 08:28:58 +01:00
Mathijs Kwik
5771888f4e wireshark: upgrade to 1.10.3
- cleaned up dependencies
- python support is deprecated (upstream) in favor of pyreshark
2013-12-23 10:21:18 +01:00
Vladimír Čunát
5fd97b7067 wireshark: bugfix+CVE update to current old-stable
The old version also didn't build anymore on x-updates.
2013-11-23 14:42:42 +01:00
Bjørn Forsman
d6f7910722 wireshark: bump from 1.8.6 to 1.8.7 (security update) 2013-05-21 22:53:46 +02:00
Bjørn Forsman
af6503b2af wireshark: add desktop item
And fix a small "ethereal" typo.
2013-05-21 22:48:50 +02:00
Bjørn Forsman
3b6a347bea wireshark: update homepage URL 2013-05-11 20:31:24 +02:00
Bjørn Forsman
8c108024ab wireshark: bump to version 1.8.6
Multiple vulnerabilities and many bugs have been fixed. See the release
notes for details:

  http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
2013-05-11 20:31:13 +02:00
Eelco Dolstra
5509f3beec wireshark: Update to 1.8.5
CVE-2013-1582, CVE-2013-1586, CVE-2013-1588, CVE-2013-1590
2013-02-27 15:07:28 +01:00
Michael Raskin
3b01ff4591 Update Wireshark 2012-10-17 22:45:54 +04:00
Peter Simons
1a4f43c7b3 wireshark: updated to version 1.6.2
svn path=/nixpkgs/trunk/; revision=30426
2011-11-14 15:11:23 +00:00
Michael Raskin
7195b61a31 Update Wireshark
svn path=/nixpkgs/branches/stdenv-updates/; revision=24785
2010-11-20 20:51:29 +00:00
Michael Raskin
4325bd0b28 Update Wireshark to release
svn path=/nixpkgs/trunk/; revision=24129
2010-10-07 07:56:00 +00:00
Michael Raskin
3a0bf4d42d Update wireshark
svn path=/nixpkgs/trunk/; revision=23516
2010-08-29 19:17:00 +00:00
Armijn Hemel
1aee2df93a update libpcap to 1.1.1 and wireshark to 1.3.4
svn path=/nixpkgs/trunk/; revision=21205
2010-04-21 13:31:08 +00:00
Armijn Hemel
a53ab8a2e7 update to 1.3.2
svn path=/nixpkgs/trunk/; revision=19107
2009-12-25 12:38:08 +00:00
Marc Weber
5b3c7c6b7a wireshark update - old source vanished
svn path=/nixpkgs/trunk/; revision=17865
2009-10-18 04:43:59 +00:00
Michael Raskin
2eb7441069 Wireshark update
svn path=/nixpkgs/trunk/; revision=15439
2009-05-04 11:01:59 +00:00
Marc Weber
498be42912 version bump: wireshark-1.1.2, libpcap-1.0.0
svn path=/nixpkgs/trunk/; revision=14054
2009-02-12 20:28:01 +00:00
Armijn Hemel
e89fed21f9 update to 1.0.3
svn path=/nixpkgs/trunk/; revision=12845
2008-09-11 22:04:27 +00:00
Armijn Hemel
84d3e027b8 update to 1.0.2
svn path=/nixpkgs/trunk/; revision=12362
2008-07-15 22:21:21 +00:00
Armijn Hemel
10ca296d82 change 'name' to version number of the tarball (was still at 0.99.7)
svn path=/nixpkgs/trunk/; revision=11732
2008-04-27 21:47:21 +00:00
Marc Weber
7e43554ace Updated wireshark (used all-versions/ url now so if version changes url will still be valid in the future) - is this good or bad?
svn path=/nixpkgs/trunk/; revision=11610
2008-04-12 12:44:56 +00:00
Armijn Hemel
aae41dd4d4 update to 0.99.7
svn path=/nixpkgs/trunk/; revision=10005
2007-12-31 18:41:30 +00:00
Michael Raskin
9b43958df5 Version bump. Wireshark.org has already pulled old version off site...
svn path=/nixpkgs/trunk/; revision=8950
2007-07-06 13:07:14 +00:00
Armijn Hemel
c068774f59 cleanups, build graphical frontend too
svn path=/nixpkgs/trunk/; revision=8677
2007-05-14 00:04:39 +00:00
Armijn Hemel
16fc4c0838 ethereal -> wireshark
update to 0.99.5

svn path=/nixpkgs/trunk/; revision=8675
2007-05-13 23:24:34 +00:00