Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package wireshark.16745 for
openSUSE:Leap:15.2:Update checked in at 2021-08-10 06:06:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/wireshark.16745 (Old)
and /work/SRC/openSUSE:Leap:15.2:Update/.wireshark.16745.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wireshark.16745"
Tue Aug 10 06:06:19 2021 rev:1 rq:910199 version:3.4.6
Changes:
--------
New Changes file:
--- /dev/null 2021-07-22 10:06:18.349420535 +0200
+++
/work/SRC/openSUSE:Leap:15.2:Update/.wireshark.16745.new.1899/wireshark.changes
2021-08-10 06:06:20.491903813 +0200
@@ -0,0 +1,4111 @@
+-------------------------------------------------------------------
+Thu Jun 3 08:17:22 UTC 2021 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.4.6:
+ * Fix DVB-S2-BB dissector infinite loop (boo#1186790, wnpa-sec-2021-04)
+ * Fix Macro filters handling of escaped characters
+ * Fix Display filter crash
+ * Fix IEEE-1588 Signalling Unicast TLV incorrectly reported as being
+ malformed
+ * Fix IETF QUIC TLS decryption error with extraneous packets during
+ the handshake
+ * Fix Statistics - Resolved Addresses: multi-protocol (TCP/UDP/...)
+ ports not displayed
+
+-------------------------------------------------------------------
+Thu Apr 22 07:18:30 UTC 2021 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.4.5:
+ * CVE-2021-22207: MS-WSP dissector excessive memory consumption
+ (boo#1185128, wnpa-sec-2021-04)
+ * Fix TShark not printing GeoIP information
+ * FIx TShark error when piping to "head"
+ * Fix missing parts of ASCII representation in Packet Bytes pane
+ * Fix dissection of NDPE attribute of NAN packet
+ * Fix TECMP: reserved flag interpreted as part of timestamp
+ * Fix DNS IXFR/AXFR multiple response
+ * Fix File too large issue
+- drop patches:
+ * cmake_3-20_compatibility_1.patch
+ * cmake_3-20_compatibility_2.patch
+ * wireshark-0008-move-glib.patch
+
+-------------------------------------------------------------------
+Wed Mar 31 15:43:15 UTC 2021 - Robert Frohl <[email protected]>
+
+- cmake 3.20 compatibility (boo#1184110)
+ add cmake_3-20_compatibility_1.patch and cmake_3-20_compatibility_2.patch
+
+-------------------------------------------------------------------
+Tue Mar 30 18:45:45 UTC 2021 - Neal Gompa <[email protected]>
+
+- Add patch from Fedora to fix build with glib2-2.68
+ + Patch: wireshark-0008-move-glib.patch
+
+-------------------------------------------------------------------
+Thu Mar 11 07:40:14 UTC 2021 - Robert Frohl <[email protected]>
+
+- Wireshark 3.4.4:
+ * CVE-2021-22191: Wireshark could open unsafe URLs (boo#1183353).
+- Further features, bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.4.4.html
+
+-------------------------------------------------------------------
+Fri Feb 19 15:11:44 UTC 2021 - Robert Frohl <[email protected]>
+
+- Enable ITU G.729 Annex A/B speech codec for Tumbleweed only
+
+-------------------------------------------------------------------
+Sat Jan 30 06:54:07 UTC 2021 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.4.3:
+ * CVE-2021-22173: fix USB HID dissector memory leak
+ (wnpa-sec-2021-01, boo#1181598)
+ * CVE-2021-22174: fix USB HID dissector crash
+ (wnpa-sec-2021-02, boo#1181599)
+ * Fix bugs in SIP, Telephony, QUIC, SOMEIP-SD, SRv6, TECMP,
+ AUTOSAR-NM, Fibre Channel, f5ethtrailer, ZVT dissectors.
+ * fix TShark crashes with -T ek option
+
+-------------------------------------------------------------------
+Fri Jan 22 13:35:56 UTC 2021 - Robert Frohl <[email protected]>
+
+- Disable ITU G.729 Annex A/B speech codec for SUSE based distros, but keep
+ enabled for openSUSE.
+
+-------------------------------------------------------------------
+Fri Jan 13 09:32:30 UTC 2021 - Robert Frohl <[email protected]>
+
+- provide helpful error message if user doesn't have permissions to run
dumpcap (bsc#1180102)
+ add wireshark-0001-dumpcap-permission-denied.patch
+
+-------------------------------------------------------------------
+Sat Dec 19 04:24:30 UTC 2020 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.4.2
+ * CVE-2020-26422: QUIC dissector crash (boo#1180232)
+ * Fix IETF QUIC TLS decryption errors when packets are coalesced
+ with random data
+ * QUIC: missing dissection of some coalesced SH packets
+ * Fix false expect error seen on FCoE frames
+ * Updated Protocol Support
+ DOCSIS, FC-dNS, FC-SWILS, FCoE, QUIC, SNMP, and USBHID
+
+-------------------------------------------------------------------
+Fri Dec 11 14:44:07 UTC 2020 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.4.1:
+ * CVE-2020-26418: Kafka dissector memory leak (wnpa-sec-2020-16, boo#1179930)
+ * CVE-2020-26419: Multiple dissector memory leaks (wnpa-sec-2020-19,
boo#1179931)
+ * CVE-2020-26420: RTPS dissector memory leak (wnpa-sec-2020-18, boo#1179932)
+ * CVE-2020-26421: USB HID dissector crash (wnpa-sec-2020-17, boo#1179933)
+ * Fix IETF QUIC TLS decryption errors
+ * Fix failures or crashes in various dissectors
+
+-------------------------------------------------------------------
+Fri Oct 30 20:40:13 UTC 2020 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.4.0:
+ * Save RTP stream to .au supports any codec with 8000 Hz rate
+ supported by Wireshark (shown in RTP player). If save of audio
+ is not possible (unsupported codec or rate), silence of same
+ length is saved and warning is shown.
+ * Asynchronous DNS resolution is always enabled
+ * Protobuf fields can be dissected as Wireshark (header) fields
+ that allows user input the full names of Protobuf fields or
+ messages in Filter toolbar for searching.
+ * Dissectors based on Protobuf can register themselves to a new
+ 'protobuf_field' dissector table, which is keyed with the full
+ names of fields, for further parsing fields of BYTES or STRING
+ type.
+ * UI improvements
+ * sshdump can now be copied to multiple instances. Each instance
+ will show up a different interface and will have its own
+ * decode, play, and save opus payloads
+- features not enabled in the openSUSE package:
+ * decode, play, and save iLBC payloads
+
+-------------------------------------------------------------------
+Fri Oct 30 08:06:41 UTC 2020 - Robert Frohl <[email protected]>
+
+- wireshark 3.2.8:
+ * CVE-2020-26575: FBZERO dissector crash (boo#1177406)
+ * CVE-2020-28030: GQUIC dissector crash (boo#1178291)
+ * Infinite memory allocation while parsing this tcp packet
+- Further features, bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.2.8.html
+
+-------------------------------------------------------------------
+Thu Sep 24 07:56:52 UTC 2020 - Robert Frohl <[email protected]>
+
+- wireshark 3.2.7:
+ * CVE-2020-25863: MIME Multipart dissector crash (boo#1176908)
+ * CVE-2020-25862: TCP dissector crash (boo#1176909)
+ * CVE-2020-25866: BLIP dissector crash (boo#1176910)
+- Further features, bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html
+
+-------------------------------------------------------------------
+Wed Aug 12 20:46:35 UTC 2020 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.2.6:
+ * CVE-2020-17498: Kafka dissector crash (boo#1175204)
+ * Further features, bug fixes and updated protocol support as
+ listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.2.6.html
+
+-------------------------------------------------------------------
+Wed Jul 1 22:22:24 UTC 2020 - Andreas Stieger <[email protected]>
+
+- Wireshark 3.2.5:
+ * CVE-2020-15466: GVCP dissector infinite loop (boo#1173606)
+ * Further features, bug fixes and updated protocol support as
+ listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html
+- make verification of package source signatures compatible with
+ source_validator
+
+-------------------------------------------------------------------
+Fri Jun 5 08:21:21 UTC 2020 - Michel Normand <[email protected]>
+
+- Add _constraints for ppc/ppc64le that need more than 3GB to build
+
+-------------------------------------------------------------------
+Wed May 20 07:57:58 UTC 2020 - Robert Frohl <[email protected]>
+
+- wireshark 3.2.4
+ * CVE-2020-13164: NFS dissector crash (boo#1171899)
+- Further features, bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.2.4.html
+
+-------------------------------------------------------------------
+Thu Apr 9 08:42:06 UTC 2020 - Robert Frohl <[email protected]>
+
+- wireshark 3.2.3 (boo#1169063)
+ * CVE-2020-11647: The BACapp dissector could crash
+- Further features, bug fixes and updated protocol support as listed in:
+ https://www.wireshark.org/docs/relnotes/wireshark-3.2.3.html
+
+-------------------------------------------------------------------
+Fri Mar 6 10:01:51 UTC 2020 - Robert Frohl <[email protected]>
+
+- Remove dependency on brotli, only the library is needed.
+-------------------------------------------------------------------
+Thu Feb 27 07:51:33 UTC 2020 - Robert Frohl <[email protected]>
+
+- wireshark 3.2.2 (boo#1165241)
+ * CVE-2020-9431: LTE RRC dissector memory leak.
++++ 3914 more lines (skipped)
++++ between /dev/null
++++ and
/work/SRC/openSUSE:Leap:15.2:Update/.wireshark.16745.new.1899/wireshark.changes
New:
----
_constraints
wireshark-0001-dumpcap-permission-denied.patch
wireshark-3.4.6.tar.xz
wireshark-3.4.6.tar.xz.asc
wireshark.changes
wireshark.keyring
wireshark.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ wireshark.spec ++++++
#
# spec file for package wireshark
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# define libraries
%define libcodecs libwscodecs2
%define libtap libwiretap11
%define libutil libwsutil12
%define libwire libwireshark14
%if 0%{?suse_version} >= 1500
%bcond_without lz4
%else
%bcond_with lz4
%endif
Name: wireshark
Version: 3.4.6
Release: 0
Summary: A Network Traffic Analyser
License: GPL-2.0-or-later AND GPL-3.0-or-later
Group: Productivity/Networking/Diagnostic
URL: https://www.wireshark.org/
Source: https://www.wireshark.org/download/src/%{name}-%{version}.tar.xz
Source2:
https://www.wireshark.org/download/SIGNATURES-%{version}.txt#/%{name}-%{version}.tar.xz.asc
Source3:
https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshark.keyring
Patch10: wireshark-0001-dumpcap-permission-denied.patch
BuildRequires: bison
BuildRequires: flex
BuildRequires: glib2-devel >= 2.32
BuildRequires: hicolor-icon-theme
BuildRequires: krb5-devel
BuildRequires: libbrotli-devel
# keep until libbrotli-devel bug is fixed
BuildRequires: libbrotlidec1
BuildRequires: libcap-devel
BuildRequires: libcares-devel >= 1.5.0
BuildRequires: libgcrypt-devel >= 1.4.2
BuildRequires: libgnutls-devel >= 3.2
BuildRequires: libpcap-devel
BuildRequires: libqt5-linguist-devel
BuildRequires: libsmi-devel
BuildRequires: libtool
BuildRequires: net-snmp-devel
BuildRequires: openssl-devel
BuildRequires: pcre-devel
BuildRequires: pkgconfig
BuildRequires: portaudio-devel
BuildRequires: snappy-devel
BuildRequires: spandsp-devel
BuildRequires: tcpd-devel
BuildRequires: update-desktop-files
BuildRequires: zlib-devel
BuildRequires: pkgconfig(Qt5Core) >= 5.3.0
BuildRequires: pkgconfig(Qt5Gui)
BuildRequires: pkgconfig(Qt5Multimedia)
BuildRequires: pkgconfig(Qt5PrintSupport)
BuildRequires: pkgconfig(Qt5Svg)
BuildRequires: pkgconfig(Qt5Widgets)
BuildRequires: pkgconfig(libmaxminddb)
BuildRequires: pkgconfig(libnghttp2)
BuildRequires: pkgconfig(libssh) >= 0.6.0
BuildRequires: pkgconfig(libsystemd)
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(minizip)
BuildRequires: pkgconfig(opus)
BuildRequires: pkgconfig(sbc)
BuildRequires: pkgconfig(speexdsp)
# keep until libbrotli-devel bug is fixed
Requires: libbrotlidec1
Requires(pre): permissions
Requires(pre): shadow
Recommends: wireshark-ui = %{version}
Provides: ethereal = %{version}
Obsoletes: %{libcodecs} < %{version}
Obsoletes: ethereal < %{version}
Provides: group(wireshark)
%if 0%{?is_opensuse} && 0%{?suse_version} >= 1550
# enable ITU G.729 Annex A/B speech codec only in Tumbleweed
BuildRequires: pkgconfig(libbcg729)
%endif
%if %{with lz4}
BuildRequires: pkgconfig(liblz4)
# in openSUSE Leap 42.3, lz4 was incorrectly packaged
BuildConflicts: pkgconfig(liblz4) = 124
%endif
%if 0%{?suse_version} > 1310
BuildRequires: pkgconfig(libnl-3.0)
%endif
%if 0%{?suse_version} > 1320
BuildRequires: lua51-devel
%else
BuildRequires: lua-devel
%endif
%description
Wireshark is a network protocol analyzer. It allows examining data
from a live network or from a capture file on disk. You can
interactively browse the capture data, viewing summary and detailed
information for each packet. Wireshark has several features,
including a rich display filter language and the ability to view the
reconstructed stream of a TCP session.
%package -n %{libutil}
Summary: Library for wireshark utilities
Group: System/Libraries
%description -n %{libutil}
The libwsutil library provides utility functions for libwireshark.
%package -n %{libwire}
Summary: Network packet dissection library
Group: System/Libraries
%description -n %{libwire}
The libwireshark library provides the network packet dissection services
developed by the Wireshark project.
%package -n %{libtap}
Summary: Wireshark library for tapping
Group: System/Libraries
%description -n %{libtap}
Wiretap, part of the Wireshark project, is a library that allows one to read
and write several packet capture file formats.
%package devel
Summary: A Network Traffic Analyser
Group: Development/Libraries/C and C++
Requires: %{libtap} = %{version}
Requires: %{libutil} = %{version}
Requires: %{libwire} = %{version}
Requires: %{name} = %{version}
Requires: glib2-devel
Requires: glibc-devel
Provides: ethereal-devel = %{version}
Obsoletes: ethereal-devel < %{version}
%description devel
Wireshark is a network protocol analyzer. It allows examining data
from a live network or from a capture file on disk.
%package ui-qt
Summary: A Network Traffic Analyser - Qt UI
Group: Productivity/Networking/Diagnostic
Requires: %{name} = %{version}
Requires: hicolor-icon-theme
Provides: %{name}-ui = %{version}
# gtk is the deprecated ui so ensure its uninstall
Provides: %{name}-ui-gtk = %{version}
Obsoletes: %{name}-ui-gtk < %{version}
%description ui-qt
This package contains the Qt based UI for Wireshark.
%prep
# The publisher doesn't sign the source tarball, but a signatures file
containing multiple hashes.
# Verify hashes in that file against source tarball.
echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep SHA256 | head -n1 | cut
-d= -f2` %{SOURCE0}" | sha256sum -c
%autosetup -p1
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark*.desktop
%build
%cmake -DCMAKE_INSTALL_LIBDIR='%{_lib}/'
%if 0%{?is_opensuse}
%cmake_build
%else
# if the cmake_build makro does not exit we build it by hand...
%{_bindir}/make \
%if "%{_bindir}/make" == "%{_bindir}/make"
-O VERBOSE=1 \
%else
-v \
%endif
-j8
%endif
%install
%cmake_install
find %{buildroot} -type f -name "*.la" -delete -print
# Ethereal support (remove when SLE-11 is out of scope
ln -fs wireshark %{buildroot}%{_bindir}/ethereal
ln -fs tshark %{buildroot}%{_bindir}/tethereal
install -d -m 0755 %{buildroot}%{_sysconfdir}
install -d -m 0755 %{buildroot}%{_mandir}/man1/
# install separate appdata files corresponding to .desktop files for AppStore
integration
install -d -m0755 %{buildroot}%{_datadir}/appdata
install -m644 wireshark.appdata.xml
%{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
sed -i -e "/<description>/i \ \ \ \ <name>Wireshark (QT) Network
Analyzer<\/name>" \
-e "/<description>/i \ \ \ \ <summary>QT interface for wireshark network
traffic analyzer<\/summary>" \
%{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
# -devel
install -d -m 0755 %{buildroot}%{_includedir}/wireshark
IDIR="%{buildroot}%{_includedir}/wireshark"
mkdir -p "${IDIR}/epan"
mkdir -p "${IDIR}/epan/crypt"
mkdir -p "${IDIR}/epan/ftypes"
mkdir -p "${IDIR}/epan/dfilter"
mkdir -p "${IDIR}/epan/dissectors"
mkdir -p "${IDIR}/epan/wmem"
mkdir -p "${IDIR}/wiretap"
mkdir -p "${IDIR}/wsutil"
install -m 644 *.h "${IDIR}/"
install -m 644 build/config.h "${IDIR}/"
install -m 644 epan/*.h "${IDIR}/epan/"
install -m 644 epan/crypt/*.h "${IDIR}/epan/crypt"
install -m 644 epan/ftypes/*.h "${IDIR}/epan/ftypes"
install -m 644 epan/dfilter/*.h "${IDIR}/epan/dfilter"
install -m 644 epan/dissectors/*.h "${IDIR}/epan/dissectors"
install -m 644 epan/wmem/*.h "${IDIR}/epan/wmem"
install -m 644 wiretap/*.h "${IDIR}/wiretap"
install -m 644 wsutil/*.h "${IDIR}/wsutil"
install -D -m 0644 image/wsicon48.png
%{buildroot}%{_datadir}/pixmaps/wireshark.png
install -D -m 0644 wireshark.desktop
%{buildroot}%{_datadir}/applications/wireshark.desktop
%suse_update_desktop_file %{name}
rm -f %{buildroot}%{_datadir}/doc/wireshark/*.html
%pre
getent group wireshark >/dev/null || groupadd -r wireshark
%verifyscript
%verify_permissions -e %{_bindir}/dumpcap
%post
%set_permissions %{_bindir}/dumpcap
exit 0
%post -n %{libutil} -p /sbin/ldconfig
%postun -n %{libutil} -p /sbin/ldconfig
%post -n %{libwire} -p /sbin/ldconfig
%postun -n %{libwire} -p /sbin/ldconfig
%post -n %{libtap} -p /sbin/ldconfig
%postun -n %{libtap} -p /sbin/ldconfig
%files
%license COPYING
%doc AUTHORS NEWS README.md README.linux
%{_mandir}/man1/[^i]*
%{_mandir}/man4/*
%{_bindir}/capinfos
%{_bindir}/captype
%{_bindir}/editcap
%{_bindir}/idl2wrs
%{_bindir}/mergecap
%{_bindir}/mmdbresolve
%{_bindir}/randpkt
%{_bindir}/rawshark
%{_bindir}/reordercap
%{_bindir}/sharkd
%{_bindir}/tethereal
%{_bindir}/text2pcap
%{_bindir}/tshark
%verify(not mode caps) %attr(0750,root,wireshark)
%caps(cap_net_raw,cap_net_admin=ep) %{_bindir}/dumpcap
%{_libdir}/wireshark/
%{_datadir}/wireshark/
%files -n %{libutil}
%{_libdir}/libwsutil*.so.*
%files -n %{libwire}
%{_libdir}/libwireshark.so.*
%files -n %{libtap}
%{_libdir}/libwiretap.so.*
%files devel
%{_includedir}/wireshark
%{_includedir}/wireshark/config.h
%{_libdir}/lib*.so
%{_libdir}/pkgconfig/wireshark.pc
%files ui-qt
%{_bindir}/wireshark
%{_bindir}/ethereal
%dir %{_datadir}/appdata
%{_datadir}/appdata/wireshark.appdata.xml
%{_datadir}/applications/wireshark.desktop
%{_datadir}/pixmaps/wireshark.png
%{_datadir}/icons/hicolor/*/apps/wireshark.png
%{_datadir}/icons/hicolor/*/mimetypes/application-wireshark-doc.png
%{_datadir}/icons/hicolor/scalable/apps/wireshark.svg
%{_datadir}/mime/packages/wireshark.xml
%post ui-qt
%desktop_database_post
%icon_theme_cache_post
%postun ui-qt
%desktop_database_postun
%icon_theme_cache_postun
%changelog
++++++ _constraints ++++++
<?xml version="1.0"?>
<constraints>
<overwrite>
<conditions>
<arch>ppc</arch>
<arch>ppc64le</arch>
</conditions>
<hardware>
<physicalmemory>
<size unit="G">5</size>
</physicalmemory>
</hardware>
</overwrite>
</constraints>
++++++ wireshark-0001-dumpcap-permission-denied.patch ++++++
commit 1865e02e6c22ee55b0bb11b8c78330d4e65a1132
Author: Robert Frohl <[email protected]>
Date: Wed Jan 13 14:18:36 2021 +0100
Warn if user can't access dumpcap.
diff --git a/capchild/capture_sync.c b/capchild/capture_sync.c
index f31914886a..d3baab6c50 100644
--- a/capchild/capture_sync.c
+++ b/capchild/capture_sync.c
@@ -21,6 +21,10 @@
#include <wsutil/strtoi.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <grp.h>
+
#ifdef _WIN32
#include <wsutil/unicode-utils.h>
#include <wsutil/win32-utils.h>
@@ -570,11 +574,22 @@ sync_pipe_start(capture_options *capture_opts,
capture_session *cap_session, inf
* Child process - run dumpcap with the right arguments to make
* it just capture with the specified capture parameters
*/
+ char * grp_warning = calloc(1, 256);
dup2(sync_pipe[PIPE_WRITE], 2);
ws_close(sync_pipe[PIPE_READ]);
execv(argv[0], argv);
- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process:
%s",
- argv[0], g_strerror(errno));
+ if (errno == EPERM || errno == EACCES) {
+ struct stat statbuf;
+ struct group *grp;
+ if(stat("/usr/bin/dumpcap", &statbuf) == 0) {
+ if ((grp = getgrgid(statbuf.st_gid)) != NULL) {
+ snprintf(grp_warning , 256, "\nYou need to be
a member of the '%s' group. Try running\n'usermod -a -G %s <YOUR_USERNAME>' as
root.", grp->gr_name, grp->gr_name);
+ }
+ }
+ }
+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process:
%s%s",
+ argv[0], g_strerror(errno), grp_warning);
+ free(grp_warning);
sync_pipe_errmsg_to_parent(2, errmsg, "");
/* Exit with "_exit()", so that we don't close the connection
@@ -805,6 +820,7 @@ sync_pipe_open_command(char* const argv[], int
*data_read_fd,
* Child process - run dumpcap with the right arguments to make
* it just capture with the specified capture parameters
*/
+ char * grp_warning = calloc(1, 256);
dup2(data_pipe[PIPE_WRITE], 1);
ws_close(data_pipe[PIPE_READ]);
ws_close(data_pipe[PIPE_WRITE]);
@@ -812,8 +828,18 @@ sync_pipe_open_command(char* const argv[], int
*data_read_fd,
ws_close(sync_pipe[PIPE_READ]);
ws_close(sync_pipe[PIPE_WRITE]);
execv(argv[0], argv);
- g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process:
%s",
- argv[0], g_strerror(errno));
+ if (errno == EPERM || errno == EACCES) {
+ struct stat statbuf;
+ struct group *grp;
+ if(stat("/usr/bin/dumpcap", &statbuf) == 0) {
+ if ((grp = getgrgid(statbuf.st_gid)) != NULL) {
+ snprintf(grp_warning , 256, "\nYou need to be
a member of the '%s' group. Try running\n'usermod -a -G %s <YOUR_USERNAME>' as
root.", grp->gr_name, grp->gr_name);
+ }
+ }
+ }
+ g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process:
%s%s",
+ argv[0], g_strerror(errno), grp_warning);
+ free(grp_warning);
sync_pipe_errmsg_to_parent(2, errmsg, "");
/* Exit with "_exit()", so that we don't close the connection
++++++ wireshark-3.4.6.tar.xz.asc ++++++
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-3.4.6.tar.xz: 32304604 bytes
SHA256(wireshark-3.4.6.tar.xz)=12a678208f8cb009e6b9d96026e41a6ef03c7ad086b9e1029f42053b249b4628
RIPEMD160(wireshark-3.4.6.tar.xz)=a2e4ab6cdd044495a5e91da23fa1a3d45a17ff39
SHA1(wireshark-3.4.6.tar.xz)=20596183210daeb0070ae43716529caf81c6187a
Wireshark-win64-3.4.6.exe: 61382664 bytes
SHA256(Wireshark-win64-3.4.6.exe)=9021124cd54bbd3301dcd98dbfa32f989ce9631e37cb652c2722bb8a3e561a33
RIPEMD160(Wireshark-win64-3.4.6.exe)=8aa15a4a183b18471643e2cbdbe87d7985797571
SHA1(Wireshark-win64-3.4.6.exe)=7d1686b5850bb2606a257895e3b03fa66d86981d
Wireshark-win32-3.4.6.exe: 56435872 bytes
SHA256(Wireshark-win32-3.4.6.exe)=702d61e63e5496fa7c952b97652cf2455b378b46ca1c808d7f5201bfddb51062
RIPEMD160(Wireshark-win32-3.4.6.exe)=9be64e53ba99f2c36883aa2aac7463a1c467854a
SHA1(Wireshark-win32-3.4.6.exe)=1a3070bb23b31af92b0ac18af7b162aaf4fba6e7
Wireshark-win32-3.4.6.msi: 44642304 bytes
SHA256(Wireshark-win32-3.4.6.msi)=7bcf63fcff3ede139c52f60452bd6f6137052f1f8669cbee3eec4f477becee16
RIPEMD160(Wireshark-win32-3.4.6.msi)=f66801be334f5dedbd28ed68801485930af1f6a7
SHA1(Wireshark-win32-3.4.6.msi)=f8a7231a0709e462b62c051aac723f9043d2fc8f
Wireshark-win64-3.4.6.msi: 49688576 bytes
SHA256(Wireshark-win64-3.4.6.msi)=75f42ee5663079d91cf5f48be0217ac9d97b404ef2f3c5f54639dc1635a943a8
RIPEMD160(Wireshark-win64-3.4.6.msi)=235a1950976dc20e34dc8a61ecf69010408530f3
SHA1(Wireshark-win64-3.4.6.msi)=b8a2969ca69195c132ee150f8aec5b706552be32
WiresharkPortable_3.4.6.paf.exe: 38306544 bytes
SHA256(WiresharkPortable_3.4.6.paf.exe)=5c886584ed761a011c4db01340bc28b1d1b421d2ec5cf00c6298d8944a019339
RIPEMD160(WiresharkPortable_3.4.6.paf.exe)=19f87ccc00f9e88a69714f1632716342f8a71296
SHA1(WiresharkPortable_3.4.6.paf.exe)=9cbb37cf7af0e496b7db30c3a995c029f228dfae
Wireshark 3.4.6 Intel 64.dmg: 130991548 bytes
SHA256(Wireshark 3.4.6 Intel
64.dmg)=fbf27fb0947cd2fefca7896158552e6f3b90b863afb46a75780ff0b24d649ce2
RIPEMD160(Wireshark 3.4.6 Intel 64.dmg)=4bdfc674018dea626b2aff8b92aa48607bcdecec
SHA1(Wireshark 3.4.6 Intel 64.dmg)=236603462a1972a0a0f974dc06eeafa43bce7e6a
You can validate these hashes using the following commands (among others):
Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
Other: openssl sha256 wireshark-x.y.z.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAmC31KwACgkQgiRKeOb+
rurDPhAAwlDTM2zK73QgU/gQPPdH7inf1GNLICVm39Himlpi4hVSx5rPav/F/jsC
aNYQ3Lv4WqfKLy2BDZh4b4gnzPZjzLp5ep8ACgKoKgBP5pVutQz9kOUs+bPU4ttB
pEtGMHRcl1KJhTx7SupUNYllxtv9bDzJTbqrIckMya/JiKd2Qa8obUEHPR460sna
9KnfIKaFrFlZ+xPHfNCp/0WDnt7aF+Z1yHx9frT0zBEshCPwPevve6C5Qf23/m5x
ktm5iDg1+/m7WGVUv77wR60HcicBbQ5EOkRS/YO+l7++z1mhjOgt+okHYx/Mt4Tn
80zZO52NoL4vzZnFQ0pXXieY5QJX1XI/3QLGogNd/yStiUXV1Yo9q0qYvhAL5Gmv
okrRo/KxUs8OsS1NanwTWlxW1kmgglEJtcENqplFXeHzYVKi8cdE6dCEGrgPr/+u
zDQ5ysbRHdzAeR7a2IMHKNEU5eXgJcMieETuQa6b74Ya6iGdD5YrYqZKfH/mQnkW
RtCuZEwQN8oHbGPTtWfLFyB8oW4WOslPfAR7KVXgwQoKqG8mpVBJ+pekki4tUgEt
CHoGv8vZDgfzhaC1ODpNO557xi9e029B/I8cAYufym9ZlduYOc3woAC70m+pVDEQ
K9tFDrLx2KPlv3N4JT/07QkImCWgn/S4uyO8bFESxT6E057Dwyw=
=5Ffv
-----END PGP SIGNATURE-----
