summaryrefslogtreecommitdiffstats
path: root/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog1025
1 files changed, 1025 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..10a8131
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,1025 @@
+tcpdump (4.99.3-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Drop Hurd build patch, which doesn't seem to be right anymore.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 14 Jan 2023 18:23:25 +0100
+
+tcpdump (4.99.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Re-enable all tests.
+ * Bump Standards-Version to 4.6.2.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 01 Jan 2023 18:19:40 +0100
+
+tcpdump (4.99.1-4) unstable; urgency=medium
+
+ * debian/usr.bin.tcpdump: account for numerical suffix in filenames
+ added by -W (closes: #1010688).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 08 May 2022 18:25:45 +0200
+
+tcpdump (4.99.1-3) unstable; urgency=medium
+
+ * Clean up AppArmor local profile for /usr/sbin/tcpdump, if it's still
+ empty (closes: #990554).
+ * Switch to debhelper compat level 13.
+ * Set `Rules-Requires-Root' to "no".
+ * Bump Standards-Version to 4.6.0.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 12 Sep 2021 18:55:44 +0200
+
+tcpdump (4.99.1-2) unstable; urgency=medium
+
+ * Upload to unstable.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 15 Aug 2021 17:29:54 +0200
+
+tcpdump (4.99.1-1) experimental; urgency=medium
+
+ * New upstream release.
+ * debian/usr.bin.tcpdump: grant access to *.cap (closes: #989433).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 20 Jun 2021 20:48:30 +0200
+
+tcpdump (4.99.0-2) unstable; urgency=medium
+
+ * Add autopkgtest support, running the upstream test suite.
+
+ -- Romain Francoise <rfrancoise@debian.org> Fri, 15 Jan 2021 23:41:47 +0100
+
+tcpdump (4.99.0-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Mention in debian/NEWS that tcpdump is now installed to /usr/bin
+ instead of /usr/sbin.
+ * Rename AppArmor profile to match new binary location and add
+ maintscript stanza to move the previous conffile if present.
+ * Temporarily disable tests that require the just-released libpcap 1.10,
+ we don't want to tie the migration of the two just before the bullseye
+ freeze.
+ * Drop unused lintian override.
+ * Bump Standards-Version to 4.5.1.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 03 Jan 2021 21:28:16 +0100
+
+tcpdump (4.9.3-7) unstable; urgency=high
+
+ * Cherry-pick commit 32027e1993 from the upstream tcpdump-4.9 branch to fix
+ untrusted input issue in the PPP printer (CVE-2020-8037, closes: #973877).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 07 Nov 2020 13:19:14 +0100
+
+tcpdump (4.9.3-6) unstable; urgency=medium
+
+ [ Simon Deziel ]
+ * debian/usr.sbin.tcpdump: use profile name specifier instead of
+ '/usr/sbin/tcpdump'.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 28 May 2020 19:23:57 +0200
+
+tcpdump (4.9.3-5) unstable; urgency=medium
+
+ * Minor packaging fixes courtesy of the Janitor bot and lintian-brush:
+ + Set upstream metadata fields: Bug-Submit, Repository, Repository-
+ Browse.
+ * Bump Standards-Version to 4.5.0.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 09 May 2020 20:42:57 +0200
+
+tcpdump (4.9.3-4) unstable; urgency=medium
+
+ * Set upstream metadata fields: Bug-Database.
+
+ -- Romain Francoise <rfrancoise@debian.org> Tue, 31 Dec 2019 19:24:04 +0100
+
+tcpdump (4.9.3-3) unstable; urgency=medium
+
+ * Minor packaging fixes courtesy of the Janitor bot and lintian-brush:
+ + Use secure URI in debian/watch.
+ + Use secure URI in Homepage field.
+ + Bump debhelper from old 11 to 12.
+ + Set debhelper-compat version in Build-Depends.
+ + Re-export upstream signing key without extra signatures.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 08 Dec 2019 13:56:42 +0100
+
+tcpdump (4.9.3-2) unstable; urgency=medium
+
+ * Disable failing IKEv2 test yet again to fix build on ppc64el (again)
+ (closes: #942171).
+
+ -- Romain Francoise <rfrancoise@debian.org> Fri, 11 Oct 2019 20:48:04 +0200
+
+tcpdump (4.9.3-1) unstable; urgency=medium
+
+ * New upstream release, with fixes for 24 different CVEs (closes: #941698).
+ * Build-depend on libpcap >= 1.9.1 to make all build-time tests pass.
+ * Re-enable IKEv2 test.
+ * Bump Standards-Version to 4.4.1.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 10 Oct 2019 21:31:38 +0200
+
+tcpdump (4.9.3~git20190901-2) unstable; urgency=medium
+
+ * Disable failing IKEv2 test again to fix build on ppc64el.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 07 Sep 2019 12:14:43 +0200
+
+tcpdump (4.9.3~git20190901-1) unstable; urgency=low
+
+ * New upstream snapshot from the tcpdump-4.9 branch:
+ + Includes fix for CVE-2017-16808 (closes: #881862).
+ + Fixes ESP decryption on ppc64el (and others), re-enable tests.
+ * Drop root privileges by default (closes: #935112):
+ + debian/rules: Configure --with-user=tcpdump.
+ + debian/tcpdump.post{inst,rm}: Create/delete a 'tcpdump' system group
+ and user.
+ + debian/control: Add dependency on adduser.
+ + debian/patches/drop-privs-after-opening-savefile.diff: New patch
+ (from Fedora) to drop root privileges *after* opening the savefile
+ when possible, to alleviate possible inconvenience if the target
+ directory is not writable by user tcpdump.
+ + debian/patches/drop-privs-silently.diff: New patch (from Fedora) to
+ drop root privileges silently.
+ + debian/usr.sbin.tcpdump: Add chown capability, and update rules
+ about device discovery.
+ + debian/NEWS: Mention how to run tcpdump as root.
+ * Bump Standards-Version to 4.4.0.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 01 Sep 2019 13:05:24 +0200
+
+tcpdump (4.9.2-3) unstable; urgency=medium
+
+ [ Jamie Strandboge ]
+ * debian/usr.sbin.tcpdump: drop 'capability sys_module' since we already
+ have 'net_admin' and network module loading (which happens with -D) is
+ allowed with 'net_admin' (LP: #1759029) (closes: #894161)
+
+ [ Romain Francoise ]
+ * Switch to debhelper compatibility level 11.
+ * Bump Standards-Version to 4.1.3.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 31 Mar 2018 22:22:36 +0200
+
+tcpdump (4.9.2-2) unstable; urgency=medium
+
+ * Use new URLs on salsa.debian.org for Vcs-* fields.
+ * Bump Standards-Version to 4.1.2.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 31 Dec 2017 15:53:41 +0100
+
+tcpdump (4.9.2-1) unstable; urgency=high
+
+ * New upstream release:
+ + Fixes 86 new CVEs, see the upstream changelog for the full list.
+ + Now supports OpenSSL 1.1, so move back to libssl-dev (closes: #859740).
+ * Urgency high due to security fixes.
+
+ -- Romain Francoise <rfrancoise@debian.org> Fri, 08 Sep 2017 21:30:47 +0200
+
+tcpdump (4.9.1-3) unstable; urgency=high
+
+ * Cherry-pick three upstream commits to fix the following:
+ + CVE-2017-11541: buffer over-read in safeputs() (closes: #873804)
+ + CVE-2017-11542: buffer over-read in pimv1_print() (closes: #873805)
+ + CVE-2017-11543: buffer overflow in sliplink_print() (closes: #873806)
+ * Urgency high due to security fixes.
+
+ -- Romain Francoise <rfrancoise@debian.org> Mon, 04 Sep 2017 19:45:45 +0200
+
+tcpdump (4.9.1-2) unstable; urgency=medium
+
+ * Disable IKEv2 test which mysteriously fails on ppc64el (closes: #873377).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 02 Sep 2017 11:01:30 +0200
+
+tcpdump (4.9.1-1) unstable; urgency=medium
+
+ * New upstream release, fixes CVE-2017-11108 (closes: #867718).
+ * Bump Standards-Version to 4.1.0.
+ * debian/watch: add pgpsigurlmangle option.
+ * Add upstream signing key in debian/upstream.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 26 Aug 2017 18:48:32 +0200
+
+tcpdump (4.9.0-3) unstable; urgency=medium
+
+ [ intrigeri ]
+ * Include AppArmor profile from Ubuntu (closes: #866682).
+
+ [ Romain Francoise ]
+ * Bump Standards-Version to 4.0.0.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 02 Jul 2017 12:13:53 +0200
+
+tcpdump (4.9.0-2) unstable; urgency=medium
+
+ * Re-enable crypto support, targeting OpenSSL 1.0 as upstream still
+ doesn't support OpenSSL 1.1.
+ * Drop --enable-ipv6 from configure line, it has been the default for
+ years now.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 11 Feb 2017 16:40:05 +0100
+
+tcpdump (4.9.0-1) unstable; urgency=high
+
+ * New upstream security release, fixing the following:
+ + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
+ + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
+ + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
+ + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
+ + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
+ + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
+ + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
+ + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
+ + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
+ + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
+ + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
+ + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
+ + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
+ + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
+ + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
+ + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
+ + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
+ + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
+ + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
+ + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
+ + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
+ + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
+ + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
+ + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
+ + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
+ + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
+ + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
+ + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
+ buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
+ lightweight resolver protocol, PIM).
+ + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
+ + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
+ + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
+ + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
+ + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
+ + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
+ + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
+ + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
+ OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
+ print-ether.c:ether_print().
+ + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
+ + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
+ + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
+ + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
+ + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
+ * Re-enable all tests and bump build-dep on libpcap0.8-dev to >= 1.8
+ accordingly.
+ * Switch Vcs-Git URL to the https one.
+ * Adjust lintian override name about dh 9.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 26 Jan 2017 20:04:11 +0100
+
+tcpdump (4.8.1-2) unstable; urgency=medium
+
+ * Disable new HNCP test, which fails on some buildds for some
+ as-of-yet unexplained reason.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 29 Oct 2016 19:40:01 +0200
+
+tcpdump (4.8.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Re-enable Geneve tests (disabled in 4.7.4-1) and bump build-dep on
+ libpcap0.8-dev to >= 1.7 accordingly.
+ * Disable new pcap version tests which require libpcap 1.8+.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 29 Oct 2016 17:16:06 +0200
+
+tcpdump (4.7.4-3) unstable; urgency=medium
+
+ * Use dh-autoreconf instead of calling autoconf directly and patching
+ config.{guess,sub}.
+ * Call dh_auto_configure instead of configure in override target, patch
+ by Helmut Grohne (closes: #837951).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 17 Sep 2016 11:18:45 +0200
+
+tcpdump (4.7.4-2) unstable; urgency=medium
+
+ * Disable crypto support as it causes FTBFS with OpenSSL 1.1.x and we
+ don't have a working fix upstream yet (closes: #828569).
+ * Bump Standards-Version to 3.9.8.
+ * Use cgit URL for Vcs-Browser.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 28 Aug 2016 18:16:50 +0200
+
+tcpdump (4.7.4-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Disable two geneve tests that require libpcap 1.7+.
+ * Bump Standards-Version to 3.9.6.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 23 May 2015 18:25:01 +0200
+
+tcpdump (4.6.2-5) unstable; urgency=high
+
+ * Cherry-pick commit fb6e5377f3 from upstream Git to fix regressions in the
+ RPKI/RTR printer after the CVE-2015-2153 changes. Thanks to Artur Rona
+ from Ubuntu for the heads-up (closes: #781362).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 04 Apr 2015 19:10:27 +0200
+
+tcpdump (4.6.2-4) unstable; urgency=high
+
+ * Cherry-pick changes from upstream Git to fix the following security
+ issues:
+ + CVE-2015-0261: missing bounds checks in IPv6 Mobility printer.
+ + CVE-2015-2153: missing bounds checks in RPKI/RTR printer.
+ + CVE-2015-2154: missing bounds checks in ISOCLNS printer.
+ + CVE-2015-2155: missing bounds checks in ForCES printer.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 14 Mar 2015 18:43:44 +0100
+
+tcpdump (4.6.2-3) unstable; urgency=high
+
+ * Cherry-pick commit 0f95d441e4 from upstream Git to fix a buffer overflow
+ in the PPP dissector (CVE-2014-9140).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 29 Nov 2014 12:23:53 +0100
+
+tcpdump (4.6.2-2) unstable; urgency=high
+
+ * Urgency high due to security fixes.
+ * Add three patches extracted from various upstream commits fixing
+ vulnerabilities in three dissectors:
+ + CVE-2014-8767: missing bounds checks in OLSR dissector (closes: #770434).
+ + CVE-2014-8768: missing bounds checks in Geonet dissector
+ (closes: #770415).
+ + CVE-2014-8769: missing bounds checks in AOVD dissector (closes: #770424).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 22 Nov 2014 11:48:08 +0100
+
+tcpdump (4.6.2-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 04 Sep 2014 18:53:34 +0200
+
+tcpdump (4.6.1-3) unstable; urgency=medium
+
+ * Bump build-dep on libpcap0.8-dev to >= 1.5 as the pppoes_id test case
+ requires a pcap version that supports PPPoE session ID filtering.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 16 Aug 2014 17:38:28 +0200
+
+tcpdump (4.6.1-2) unstable; urgency=medium
+
+ * Expand configure check for net/pfvar.h to also check for existence of
+ net/if_pflog.h to fix build on GNU/kFreeBSD, which ships the former
+ but not the latter, see #756553 (closes: #756790).
+
+ -- Romain Francoise <rfrancoise@debian.org> Mon, 04 Aug 2014 22:37:24 +0200
+
+tcpdump (4.6.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/control: Mark tcpdump 'Multi-Arch: foreign' (closes: #700727).
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 30 Jul 2014 19:16:49 +0200
+
+tcpdump (4.5.1-2) unstable; urgency=low
+
+ * Disable nflog-e testcase, the NFLOG header length is specified in host
+ byte order which makes capture files order-dependent (closes: #731031).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 01 Dec 2013 12:13:16 +0100
+
+tcpdump (4.5.1-1) unstable; urgency=low
+
+ * New upstream release.
+ * Disable new pppoes testcase which uses a new pcap feature to avoid tying
+ the two upstream versions together.
+ * debian/control: Set Standards-Version to 3.9.5.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 30 Nov 2013 23:54:03 +0100
+
+tcpdump (4.4.0-1) unstable; urgency=low
+
+ * New upstream release:
+ + Fixes format error in NTP printer (closes: #686276).
+ + Rewords -e description (closes: #648768).
+ * debian/control: Set Standards-Version to 3.9.4.
+ * Use canonical locations in Vcs-* fields.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 25 May 2013 13:50:30 +0200
+
+tcpdump (4.3.0-1) unstable; urgency=low
+
+ * New upstream release.
+ * Re-enable test suite.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 13 Jun 2012 22:55:54 +0200
+
+tcpdump (4.2.1-3) unstable; urgency=low
+
+ * Fix CPPFLAGS handling in upstream configure.in to avoid losing
+ hardening flags, patch by Simon Ruderich <simon@ruderich.org>
+ (closes: #662016).
+ * Fix some misspellings pointed out by lintian.
+ * debian/control: Set Standards-Version to 3.9.3.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 03 Mar 2012 17:11:48 +0100
+
+tcpdump (4.2.1-2) unstable; urgency=low
+
+ * Drop debian/patches/50_kfreebsd.diff (closes: #658848).
+
+ -- Romain Francoise <rfrancoise@debian.org> Mon, 06 Feb 2012 19:01:12 +0100
+
+tcpdump (4.2.1-1) unstable; urgency=low
+
+ * New upstream release.
+ * Upload to unstable.
+
+ -- Romain Francoise <rfrancoise@debian.org> Mon, 02 Jan 2012 20:19:22 +0100
+
+tcpdump (4.2.0~rc1-2) experimental; urgency=low
+
+ * Make sure OpenSSL support gets enabled: since it moved to multiarch
+ paths, the configure script doesn't find libcrypto.so and disables
+ crypto support. To fix this, simplify detection logic in configure.in
+ and run autoconf before configuring.
+ * Redo build flags handling:
+ + Enable hardening flags via dpkg-buildflags, not hardening-includes.
+ + Switch to debhelper compat level 9 to have build flags exported
+ automatically.
+ + Adjust build-depends accordingly.
+ * Enable parallel build in debhelper.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 06 Nov 2011 19:14:23 +0100
+
+tcpdump (4.2.0~rc1-1) experimental; urgency=low
+
+ * New upstream beta release (closes: #636806); now switches to the -Z
+ user before opening the first output file (closes: #434603).
+ * debian/control: Set Standards-Version to 3.9.2.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 14 Aug 2011 10:44:58 +0200
+
+tcpdump (4.1.1-2) unstable; urgency=low
+
+ * Fix FTBFS on GNU/Hurd; patch from Svante Signell (closes: #622287).
+ * debian/control: Tweak short and long descriptions, set
+ Standards-Version to 3.9.1.
+
+ -- Romain Francoise <rfrancoise@debian.org> Mon, 11 Apr 2011 22:37:29 +0200
+
+tcpdump (4.1.1-1) unstable; urgency=low
+
+ * New upstream release (closes: #576001).
+ * debian/rules: Disable dh_auto_test (for now).
+ * debian/control: Set Standards-Version to 3.8.4.
+ * debian/patches/30_uflag_flushopen.diff: New patch: when saving to a
+ capture file with -U, flush the file immediately after opening it.
+ Suggested by Ferenc Wagner <wferi@niif.hu> (closes: #533625).
+ * debian/patches/20_man_fixes.diff: Fix TCP flags description, thanks to
+ Christophe Rhodes <csr21@cantab.net> (closes: #575724).
+
+ -- Romain Francoise <rfrancoise@debian.org> Tue, 06 Apr 2010 19:58:14 +0200
+
+tcpdump (4.0.0-6) unstable; urgency=low
+
+ * debian/control: Build-depend on hardening-includes.
+ * debian/rules: Use hardening.make.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 24 Dec 2009 11:51:12 +0100
+
+tcpdump (4.0.0-5) unstable; urgency=low
+
+ * Switch to 3.0 (quilt) source format:
+ + Drop build-depends on quilt.
+ + Remove patch/unpatch logic from debian/rules.
+ + Remove README.source.
+ + Refresh debian/patches/30_tcp_seq.diff.
+ * Use dh(1):
+ + debian/compat: Bump to 7.
+ + debian/control: Build-depend on debhelper (>= 7.0.50~).
+ + debian/rules: Simplify.
+ + debian/tcpdump.dirs: Removed.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 08 Nov 2009 17:25:38 +0100
+
+tcpdump (4.0.0-4) unstable; urgency=low
+
+ * debian/control:
+ + Add ${misc:Depends} to Depends.
+ + Set Standards-Version to 3.8.3; no changes needed.
+ * debian/{watch,README.source}: New files.
+ * debian/copyright: Remove link to original file.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 08 Oct 2009 19:00:23 +0200
+
+tcpdump (4.0.0-3) unstable; urgency=low
+
+ * debian/patches/20_man_fixes.diff: Update; pcap-filter is in section 7,
+ not 4 (closes: #527599).
+ * debian/control: Set Standards-Version to 3.8.1.
+
+ -- Romain Francoise <rfrancoise@debian.org> Tue, 16 Jun 2009 11:51:14 +0200
+
+tcpdump (4.0.0-2) unstable; urgency=low
+
+ * debian/patches/30_tcp_seq.diff: Patch from Ilpo Järvinen adding back
+ default display of sequence numbers in TCP printer (closes: #517661).
+ * debian/patches/series: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 01 Mar 2009 14:51:25 +0100
+
+tcpdump (4.0.0-1) unstable; urgency=low
+
+ * Upload to unstable.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 18 Feb 2009 18:55:35 +0100
+
+tcpdump (4.0.0-1~exp1) experimental; urgency=low
+
+ * New upstream release.
+ * debian/control: Set Standards-Version to 3.8.0.
+ * debian/rules: Don't set DH_VERBOSE.
+ * debian/patches/15_install.diff: New patch, don't install two identical
+ tcpdump binaries.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 30 Nov 2008 22:55:39 +0100
+
+tcpdump (3.9.8-4) unstable; urgency=low
+
+ * debian/control: Build-Depend on libpcap0.8-dev (>= 0.9.3),
+ not (>= 0.9.3-1).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 08 Mar 2008 19:24:02 +0100
+
+tcpdump (3.9.8-3) unstable; urgency=low
+
+ * debian/copyright: Convert to UTF-8 encoding.
+ * debian/control: Set Standards-Version to 3.7.3, no changes needed.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 23 Dec 2007 14:32:17 +0100
+
+tcpdump (3.9.8-2) unstable; urgency=low
+
+ * debian/control: Add Vcs-Browser and Vcs-Git fields.
+ * debian/patches/50_kfreebsd.diff: New patch by Petr Salinger fixing
+ FTBFS on Debian GNU/kFreeBSD (closes: #448695).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 03 Nov 2007 11:12:53 +0100
+
+tcpdump (3.9.8-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 27 Sep 2007 22:41:53 +0200
+
+tcpdump (3.9.7-2) unstable; urgency=low
+
+ * debian/control: Move upstream URL to the Homepage header.
+
+ -- Romain Francoise <rfrancoise@debian.org> Fri, 21 Sep 2007 19:48:05 +0200
+
+tcpdump (3.9.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/41_cve-2007-3798.diff: Deleted.
+ * debian/patches/40_cve-2007-1218.diff: Deleted.
+ * debian/patches/series: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 12 Aug 2007 12:45:31 +0200
+
+tcpdump (3.9.5-4) unstable; urgency=low
+
+ * debian/rules: Don't ignore errors in clean target.
+ * debian/patches/50_autotools-dev.diff: New patch, make config.{guess,sub}
+ exec newer versions of themselves if autotools-dev is installed.
+ * debian/patches/series: Update.
+ * debian/control: Add build-depends on autotools-dev.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 11 Aug 2007 20:18:34 +0200
+
+tcpdump (3.9.5-3) unstable; urgency=medium
+
+ * Convert to quilt for patch management:
+ + debian/control: Build-Depend on quilt (>= 0.40) instead of dpatch.
+ + debian/rules: Include /usr/share/quilt/quilt.make.
+ + Convert all dpatch patches to regular patches.
+
+ * debian/patches/41_cve-2007-3798.diff: New patch, fixes an integer
+ overflow in the BGP dissector (CVE-2007-3798), thanks to Daniel Leidert
+ (closes: #434030).
+ * debian/patches/series: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 01 Aug 2007 19:56:04 +0200
+
+tcpdump (3.9.5-2) unstable; urgency=medium
+
+ * debian/patches/40_cve-2007-1218.dpatch: New patch, fixes a potential
+ buffer overflow in the 802.11 printer (CVE-2007-1218), thanks to
+ Moritz Muehlenhoff <jmm@debian.org> (closes: #413430).
+ * debian/patches/00list: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Mon, 5 Mar 2007 20:22:50 +0100
+
+tcpdump (3.9.5-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/20_man_fixes.dpatch: Resync.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 23 Sep 2006 21:13:07 +0200
+
+tcpdump (3.9.4-4) unstable; urgency=low
+
+ * debian/compat: Switch to debhelper compatibility level 5.
+ * debian/control:
+ + Build-Depend on debhelper (>= 5).
+ + Remove Uploaders field.
+ + Bump Standards-Version to 3.7.2, no changes needed.
+ * debian/rules: Misc. cleanups.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 20 May 2006 13:07:45 +0200
+
+tcpdump (3.9.4-3) unstable; urgency=low
+
+ * debian/patches/20_man_fixes.dpatch: Merge patch from A Costa
+ <agcosta@gis.net> fixing a few typos (closes: #351014).
+
+ -- Romain Francoise <rfrancoise@debian.org> Thu, 2 Feb 2006 22:24:04 +0100
+
+tcpdump (3.9.4-2) unstable; urgency=low
+
+ * debian/patches/20_man_fixes.dpatch: Merge patch from A Costa
+ <agcosta@gis.net> fixing a few typos (closes: #342310).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 10 Dec 2005 14:26:20 +0100
+
+tcpdump (3.9.4-1) unstable; urgency=low
+
+ * New upstream release.
+
+ * debian/patches/40_spelling.dpatch: Dropped (included upstream).
+ * debian/patches/30_version.dpatch: Dropped.
+ * debian/patches/30_vlan_eflag: New patch, reverse test for eflag in
+ print-ether.c to match the intended effect (closes: #324706).
+
+ * This upload also transitions tcpdump to OpenSSL 0.9.8.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 9 Oct 2005 20:11:49 +0200
+
+tcpdump (3.9.3-2) unstable; urgency=low
+
+ * debian/patches/40_spelling.dpatch: New patch, fixes spelling errors
+ ("advertisment" vs. "advertisement"), thanks to Michael Shields
+ <shields@msrl.com> (closes: #318676).
+ * debian/patches/00list: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 17 Jul 2005 12:28:22 +0200
+
+tcpdump (3.9.3-1) unstable; urgency=low
+
+ * New upstream release.
+ * Build-Depend on libpcap0.8-dev (which is really libpcap 0.9.3).
+
+ * debian/patches/30_ascii-output.dpatch: Dropped (merged upstream).
+ * debian/patches/30_version: New patch, fixes upstream version (still at
+ 3.9.2 while this is version 3.9.3).
+ * debian/patches/00list: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 16 Jul 2005 14:59:30 +0200
+
+tcpdump (3.9.1-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/30_ascii-output.dpatch: New patch, fixes -x, -X and -A
+ priorities and removes extra newline and tab characters in the ascii
+ output (closes: #285764, #316908).
+ * debian/patches/00list: Update.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 6 Jul 2005 20:17:19 +0200
+
+tcpdump (3.9.0.cvs.20050622-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * debian/control: Bump Standards-Version to 3.6.2.1, no changes needed.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 22 Jun 2005 19:52:31 +0200
+
+tcpdump (3.9.0.cvs.20050614-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * Upload to unstable.
+
+ -- Romain Francoise <rfrancoise@debian.org> Tue, 14 Jun 2005 19:43:24 +0200
+
+tcpdump (3.9.0.cvs.20050529-1) experimental; urgency=low
+
+ * New upstream CVS snapshot for experimental.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 29 May 2005 12:55:31 +0200
+
+tcpdump (3.9.0.cvs.20050511-1) experimental; urgency=low
+
+ * Upstream CVS snapshot of tcpdump 3.9 for experimental.
+ * debian/patches/20_man_fixes.dpatch: Resynchronized.
+ * debian/patches/30_openssl_des.dpatch: Dropped (fixed upstream).
+ * debian/patches/40_ipv6cp.dpatch: Ditto.
+ * debian/patches/50_misc_dos.dpatch: Ditto.
+ * debian/patches/00list: Update.
+ * debian/control: Build with libpcap0.9, also in experimental.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 11 May 2005 20:00:31 +0200
+
+tcpdump (3.8.3-5) unstable; urgency=low
+
+ * debian/copyright: Clarify license conditions, some files in the
+ distribution are still under the 4-clause BSD license (closes: #283008).
+ * debian/changelog: Revise 3.8.3-4 entry to add CAN numbers (which have
+ been assigned in the meantime).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 1 May 2005 17:23:45 +0200
+
+tcpdump (3.8.3-4) unstable; urgency=high
+
+ * Urgency set to high due to security fixes.
+ * debian/patches/50_misc_dos.dpatch: Security fixes stolen from the 3.8
+ branch fix infinite loops in the BGP, ISIS, LDP and RSVP dissectors
+ [CAN-2005-1278, CAN-2005-1279, CAN-2005-1280] (closes: #306529).
+ * debian/patches/00list: Add 50_misc_dos.
+
+ -- Romain Francoise <rfrancoise@debian.org> Wed, 27 Apr 2005 21:05:37 +0200
+
+tcpdump (3.8.3-3) unstable; urgency=low
+
+ * debian/patches/40_ipv6cp.dpatch: New patch, do not try to print IPV6CP
+ ppp packets, the dissector doesn't support it (closes: #255179).
+ * debian/patches/00list: Add 40_ipv6cp.
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 19 Jun 2004 15:01:27 +0200
+
+tcpdump (3.8.3-2) unstable; urgency=low
+
+ * debian/rules: Enable crypto support (closes: #82581, #93428).
+ * debian/control:
+ + Build-Depend on libssl-dev.
+ + Put back URL markers in description.
+ + Switch Maintainer and Uploaders fields to match reality.
+ * debian/patches/30_openssl_des.dpatch: Patch to make upstream's
+ configure script check for DES_cbc_encrypt instead of des_cbc_encrypt,
+ (the function got renamed in OpenSSL 0.9.7), which saves us the hassle
+ of re-running autoconf. Temporary hack since upstream has fixed this
+ in CVS already.
+ * debian/patches/00list: Add 30_openssl_des.
+
+ -- Romain Francoise <rfrancoise@debian.org> Fri, 14 May 2004 22:14:08 +0200
+
+tcpdump (3.8.3-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules:
+ + Add -D_FILE_OFFSET_BITS=64 to default CFLAGS to match libpcap
+ (closes: #154762).
+ + Use dpatch for patch management.
+ + Clean up CFLAGS handling.
+ + Support DEB_BUILD_OPTIONS.
+ * debian/control:
+ + Build-Depend on libpcap0.8-dev, dpatch.
+ + Add versioned Build-Depends on debhelper.
+ + Remove Emacs-style URL markers from description.
+ * debian/compat: New file.
+ * debian/copyright: Update.
+ * debian/tcpdump.docs: Do not install upstream INSTALL file.
+ * debian/patches: New directory.
+ * debian/patches/10_man_install.dpatch: Patch split off the Debian diff
+ to change man install paths in upstream Makefile.in.
+ * debian/patches/20_man_fixes.dpatch: Patch split off the Debian diff to
+ fix some inconsistencies in the upstream man page.
+ * debian/patches/00list: New file (patch list).
+
+ -- Romain Francoise <rfrancoise@debian.org> Tue, 11 May 2004 14:02:09 +0200
+
+tcpdump (3.7.2-4) unstable; urgency=high
+
+ * Urgency high due to security fixes.
+ * Backport changes from upstream CVS to fix ISAKMP payload handling
+ denial-of-service vulnerabilities (CAN-2004-0183, CAN-2004-0184).
+ Detailed changes (with corresponding upstream revisions):
+ + Add length checks in isakmp_id_print() (print-isakmp.c, rev. 1.47)
+ + Add data checks all over the place, change rawprint() prototype and
+ add corresponding return value checks (print-isakmp.c, rev. 1.46)
+ + Add missing ntohs() and change length initialization in
+ isakmp_id_print(), not porting prototype changes (print-isakmp.c,
+ rev. 1.45)
+
+ -- Romain Francoise <rfrancoise@debian.org> Tue, 6 Apr 2004 19:39:24 +0200
+
+tcpdump (3.7.2-3) unstable; urgency=low
+
+ * Backport changes from upstream CVS to fix several vulnerabilities in
+ ISAKMP, L2TP and Radius parsing (closes: #227844, #227845, #227846).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sat, 17 Jan 2004 14:12:30 +0100
+
+tcpdump (3.7.2-2) unstable; urgency=low
+
+ * Acknowledge NMU by Romain (closes: #208543).
+ * Apply man page fixes by Romain:
+ + networks(4) changed to networks(5) (closes: #194180).
+ + ethers(3N) changed to ethers(5) (closes: #197888).
+ * debian/control: Added Romain Francoise as co maintainer. Thanks for
+ your help, Romain!
+
+ -- Torsten Landschoff <torsten@debian.org> Sun, 19 Oct 2003 04:12:31 +0200
+
+tcpdump (3.7.2-1.1) unstable; urgency=low
+
+ * NMU
+ * Reverse order of #include directives in print-sctp.c so that
+ IPPROTO_SCTP is defined (closes: #208543).
+
+ -- Romain Francoise <rfrancoise@debian.org> Sun, 12 Oct 2003 17:06:01 +0200
+
+tcpdump (3.7.2-1) unstable; urgency=low
+
+ * New upstream release (closes: #195816).
+
+ -- Torsten Landschoff <torsten@debian.org> Sun, 8 Jun 2003 00:14:44 +0200
+
+tcpdump (3.7.1-1.2) unstable; urgency=high
+
+ * Non-maintainer upload
+ * Apply security fixes from 3.7.2
+ - Fixed infinite loop when parsing malformed isakmp packets.
+ (CAN-2003-0108)
+ - Fixed infinite loop when parsing malformed BGP packets.
+ - Fixed buffer overflow with certain malformed NFS packets.
+
+ -- Matt Zimmerman <mdz@debian.org> Thu, 27 Feb 2003 11:00:32 -0500
+
+tcpdump (3.7.1-1.1) unstable; urgency=low
+
+ * NMU
+ * Simple rebuild to deal with libpcap0->libpcap0.7 transition.
+ Sourceful NMU so that every arch rebuilds it.
+
+ -- LaMont Jones <lamont@debian.org> Wed, 14 Aug 2002 21:25:45 -0600
+
+tcpdump (3.7.1-1) unstable; urgency=low
+
+ * New upstream release (closes: #138052).
+
+ -- Torsten Landschoff <torsten@debian.org> Sat, 3 Aug 2002 23:54:04 +0200
+
+tcpdump (3.6.2-2) unstable; urgency=HIGH
+
+ * print-rx.c: Take the version from current CVS fixing the remote
+ buffer overflow reported in FreeBSD Security Advisory SA-01:48
+ yesterday. Thanks to Matt Zimmerman for forwarding the report,
+ I might have missed it.
+ * debian/control: Clean the Build-Depends from build-essential
+ packages.
+
+ -- Torsten Landschoff <torsten@debian.org> Thu, 19 Jul 2001 15:03:48 +0200
+
+tcpdump (3.6.2-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Torsten Landschoff <torsten@debian.org> Tue, 6 Mar 2001 04:18:16 +0100
+
+tcpdump (3.6.1-2) unstable; urgency=low
+
+ * debian/rules: Force support for IPv6 (closes: #82665).
+ * print-icmp6.c: Removed duplicate definition also in icmp6.h to
+ get the package to compile with IPv6.
+ * Rebuild should fix the missing libpcap0-dependency (closes: #82666).
+ Additional info: The missing dependency was because the configure
+ script found my libpcap sources in the parent directory. Black magic
+ always works against you :(
+
+ -- Torsten Landschoff <torsten@debian.org> Thu, 18 Jan 2001 00:44:01 +0100
+
+tcpdump (3.6.1-1) unstable; urgency=high
+
+ * Taking back the package. Kudos to Anand for his help.
+ * New upstream release. This release fixes a security hole in print-rx.c.
+ * debian/rules: Disable crypto support (closes: #81969).
+ * Removed empty README.Debian (closes: #81966).
+
+ -- Torsten Landschoff <torsten@debian.org> Tue, 16 Jan 2001 16:04:03 +0100
+
+tcpdump (3.5.2-3) unstable; urgency=low
+
+ * Fixup dependancy stuff. Sheesh. (Closes: #78063, #78081, #78082)
+
+ -- Anand Kumria <wildfire@progsoc.org> Tue, 28 Nov 2000 02:16:01 +1100
+
+tcpdump (3.5.2-2) unstable; urgency=low
+
+ * Update both config.guess and config.sub (Closes: #36692, #53145)
+ * Opps, make the .diff available.
+ * We require a particular libpcap version to work (Closes: #77877)
+
+ -- Anand Kumria <wildfire@progsoc.org> Mon, 27 Nov 2000 01:13:55 +1100
+
+tcpdump (3.5.2-1) unstable; urgency=low
+
+ * New Maintainer
+ * New upstream release (Closes: #75889)
+ * Upstream added hex dump (-x) and ascii dump (-X) Closes: #23514, #29418)
+ * Acknowledge and incorporate security fixes (Closes: #63708, #77489)
+ * Appletalk / Ethertalk patches are in (Closes: #67642)
+
+ -- Anand Kumria <wildfire@progsoc.org> Wed, 22 Nov 2000 13:19:33 +1100
+
+tcpdump (3.4a6-4.1) frozen unstable; urgency=high
+
+ * Non-maintainer upload by security team
+ * Apply patch from tcpdump-workers mailinglist to fix DNS DoS attack
+ against tcpdump. Based on patch from Guy Harris <gharris@flashcom.net> as
+ found on http://www.tcpdump.org/lists/workers/1999/msg00607.html
+ * Fix Build-Depends entry in debian/control
+
+ -- Wichert Akkerman <wakkerma@debian.org> Sun, 7 May 2000 15:17:33 +0200
+
+tcpdump (3.4a6-4) unstable; urgency=low
+
+ * New maintainer.
+ * tcpdump.c (main): Reestablish priviliges before closing the device
+ (closes: #19959).
+ * It seems the problem with ppp came from the kernel - I can dump
+ packages on ppp0 just fine... (closes: #25757)
+ * print-tcp.c (tcp_print): Applied patch from David S. Miller submitted
+ by Andrea Arcangeli to fix tcpdump sack TCP option interpretation
+ (closes: #28530).
+ * print-bootp.c (rfc1048_print): Interpret timezone offset as signed
+ (closes: #40376). Fixed byte order problem in printing internet
+ addresses (closes: #40375). Thanks to Roderick Schertler for the patch.
+ * Several files: Applied SMB patch from samba.org (closes: #27653).
+ * print-ip.c (ip_print): Check for ip headers with less than 5 longs.
+ Patch taken from RedHat's source package.
+ * Redid debian/rules using debhelper.
+ * Makefile.in: Install the manpage into man8 instead of man1.
+ * tcpdump.1: Moved to section 8 (admin commands).
+ * print-smb.c (print_smb): Disabled anything but printing the command
+ info by default. Otherwise we would get flooded with smb information.
+ You can get all info using -vvv. Two -v's will give you the SMB headers.
+ * tcpdump.1: Documented the behaviour described above.
+
+ -- Torsten Landschoff <torsten@debian.org> Mon, 22 Nov 1999 01:31:44 +0100
+
+tcpdump (3.4a6-3) frozen unstable; urgency=low
+
+ * fixed permissions
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Mon, 30 Mar 1998 02:28:39 +0200
+
+
+tcpdump (3.4a6-2) frozen unstable; urgency=low
+
+ * rebuild with latest debmake, fixes #19415
+ (should also fix the lintian warnings)
+ * updated standards-version
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Mon, 30 Mar 1998 00:28:39 +0200
+
+
+tcpdump (3.4a6-1) unstable; urgency=low
+
+ * updated to latest upstream version, fixes: Bug#17163
+ * install changelog.Debian compressed, fixes: Bug#15417
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sun, 1 Feb 1998 00:08:31 +0100
+
+
+tcpdump (3.4a4-1) unstable; urgency=low
+
+ * updated to latest upstream version
+ * libc6 version
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Wed, 17 Sep 1997 23:22:54 +0200
+
+
+tcpdump (3.3.1a2-1) frozen stable unstable; urgency=medium
+
+ * updated to latest upstream version (works with new libpcap now)
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sat, 24 May 1997 00:49:17 +0200
+
+
+tcpdump (3.3-2) unstable; urgency=low
+
+ * fixed SLIP support
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sun, 16 Feb 1997 21:06:51 +0100
+
+
+tcpdump (3.3-1) unstable; urgency=low
+
+ * updated to latest upstream version
+
+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Thu, 16 Jan 1997 01:34:00 +0100