summaryrefslogtreecommitdiffstats
path: root/debian/changelog
blob: 32157e2113fa89b021220f0804867becefd5991e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
tcpdump (4.99.4-4~progress7.99u1) graograman-backports; urgency=medium

  * Uploading to graograman-backports, remaining changes:
    - Updating maintainer field.
    - Updating uploaders field.
    - Updating bugs field.
    - Updating vcs fields.
  * Merging debian version 4.99.4-4.

 -- Daniel Baumann <daniel.baumann@progress-linux.org>  Sat, 04 May 2024 03:35:23 +0200

tcpdump (4.99.4-4) unstable; urgency=medium

  * debian/watch: switch to .tar.xz URLs as upstream homepage no longer
    lists the .tar.gz.
  * Mark latest patch as "Forwarded: not-needed".
  * Bump Standards-Version to 4.7.0.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 28 Apr 2024 17:07:15 +0200

tcpdump (4.99.4-3~progress7.99u1) graograman-backports; urgency=medium

  * Initial reupload to graograman-backports.
  * Updating maintainer field.
  * Updating uploaders field.
  * Updating bugs field.
  * Updating vcs fields.

 -- Daniel Baumann <daniel.baumann@progress-linux.org>  Mon, 15 Apr 2024 19:13:11 +0200

tcpdump (4.99.4-3) unstable; urgency=medium

  * Allow *.pcapng in AppArmor policy, thanks to Chris Kuethe for the
    patch (closes: #1039993).
  * Pick up patch from upstream PR#812 to avoid the call to droproot()
    altogether if called with `-Z root', thanks to Tj (closes: #1035842).
  * Override 'spelling-error-in-binary' and move 'set -e' inside maintscripts.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 22 Jul 2023 17:23:56 +0200

tcpdump (4.99.4-2) unstable; urgency=medium

  * Upload to unstable.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 17 Jun 2023 17:29:12 +0200

tcpdump (4.99.4-1) experimental; urgency=medium

  * New upstream release.
  * Mark Debian-specific patches as "Forwarded: not-needed" in metadata.

 -- Romain Francoise <rfrancoise@debian.org>  Mon, 10 Apr 2023 16:57:18 +0200

tcpdump (4.99.3-1) unstable; urgency=medium

  * New upstream release.
  * Drop Hurd build patch, which doesn't seem to be right anymore.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 14 Jan 2023 18:23:25 +0100

tcpdump (4.99.2-1) unstable; urgency=medium

  * New upstream release.
  * Re-enable all tests.
  * Bump Standards-Version to 4.6.2.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 01 Jan 2023 18:19:40 +0100

tcpdump (4.99.1-4) unstable; urgency=medium

  * debian/usr.bin.tcpdump: account for numerical suffix in filenames
    added by -W (closes: #1010688).

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 08 May 2022 18:25:45 +0200

tcpdump (4.99.1-3) unstable; urgency=medium

  * Clean up AppArmor local profile for /usr/sbin/tcpdump, if it's still
    empty (closes: #990554).
  * Switch to debhelper compat level 13.
  * Set `Rules-Requires-Root' to "no".
  * Bump Standards-Version to 4.6.0.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 12 Sep 2021 18:55:44 +0200

tcpdump (4.99.1-2) unstable; urgency=medium

  * Upload to unstable.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 15 Aug 2021 17:29:54 +0200

tcpdump (4.99.1-1) experimental; urgency=medium

  * New upstream release.
  * debian/usr.bin.tcpdump: grant access to *.cap (closes: #989433).

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 20 Jun 2021 20:48:30 +0200

tcpdump (4.99.0-2) unstable; urgency=medium

  * Add autopkgtest support, running the upstream test suite.

 -- Romain Francoise <rfrancoise@debian.org>  Fri, 15 Jan 2021 23:41:47 +0100

tcpdump (4.99.0-1) unstable; urgency=medium

  * New upstream release.
  * Mention in debian/NEWS that tcpdump is now installed to /usr/bin
    instead of /usr/sbin.
  * Rename AppArmor profile to match new binary location and add
    maintscript stanza to move the previous conffile if present.
  * Temporarily disable tests that require the just-released libpcap 1.10,
    we don't want to tie the migration of the two just before the bullseye
    freeze.
  * Drop unused lintian override.
  * Bump Standards-Version to 4.5.1.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 03 Jan 2021 21:28:16 +0100

tcpdump (4.9.3-7) unstable; urgency=high

  * Cherry-pick commit 32027e1993 from the upstream tcpdump-4.9 branch to fix
    untrusted input issue in the PPP printer (CVE-2020-8037, closes: #973877).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 07 Nov 2020 13:19:14 +0100

tcpdump (4.9.3-6) unstable; urgency=medium

  [ Simon Deziel ]
  * debian/usr.sbin.tcpdump: use profile name specifier instead of
    '/usr/sbin/tcpdump'.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 28 May 2020 19:23:57 +0200

tcpdump (4.9.3-5) unstable; urgency=medium

  * Minor packaging fixes courtesy of the Janitor bot and lintian-brush:
    + Set upstream metadata fields: Bug-Submit, Repository, Repository-
      Browse.
  * Bump Standards-Version to 4.5.0.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 09 May 2020 20:42:57 +0200

tcpdump (4.9.3-4) unstable; urgency=medium

  * Set upstream metadata fields: Bug-Database.

 -- Romain Francoise <rfrancoise@debian.org>  Tue, 31 Dec 2019 19:24:04 +0100

tcpdump (4.9.3-3) unstable; urgency=medium

  * Minor packaging fixes courtesy of the Janitor bot and lintian-brush:
    + Use secure URI in debian/watch.
    + Use secure URI in Homepage field.
    + Bump debhelper from old 11 to 12.
    + Set debhelper-compat version in Build-Depends.
    + Re-export upstream signing key without extra signatures.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 08 Dec 2019 13:56:42 +0100

tcpdump (4.9.3-2) unstable; urgency=medium

  * Disable failing IKEv2 test yet again to fix build on ppc64el (again)
    (closes: #942171).

 -- Romain Francoise <rfrancoise@debian.org>  Fri, 11 Oct 2019 20:48:04 +0200

tcpdump (4.9.3-1) unstable; urgency=medium

  * New upstream release, with fixes for 24 different CVEs (closes: #941698).
  * Build-depend on libpcap >= 1.9.1 to make all build-time tests pass.
  * Re-enable IKEv2 test.
  * Bump Standards-Version to 4.4.1.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 10 Oct 2019 21:31:38 +0200

tcpdump (4.9.3~git20190901-2) unstable; urgency=medium

  * Disable failing IKEv2 test again to fix build on ppc64el.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 07 Sep 2019 12:14:43 +0200

tcpdump (4.9.3~git20190901-1) unstable; urgency=low

  * New upstream snapshot from the tcpdump-4.9 branch:
    + Includes fix for CVE-2017-16808 (closes: #881862).
    + Fixes ESP decryption on ppc64el (and others), re-enable tests.
  * Drop root privileges by default (closes: #935112):
    + debian/rules: Configure --with-user=tcpdump.
    + debian/tcpdump.post{inst,rm}: Create/delete a 'tcpdump' system group
      and user.
    + debian/control: Add dependency on adduser.
    + debian/patches/drop-privs-after-opening-savefile.diff: New patch
      (from Fedora) to drop root privileges *after* opening the savefile
      when possible, to alleviate possible inconvenience if the target
      directory is not writable by user tcpdump.
    + debian/patches/drop-privs-silently.diff: New patch (from Fedora) to
      drop root privileges silently.
    + debian/usr.sbin.tcpdump: Add chown capability, and update rules
      about device discovery.
    + debian/NEWS: Mention how to run tcpdump as root.
  * Bump Standards-Version to 4.4.0.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 01 Sep 2019 13:05:24 +0200

tcpdump (4.9.2-3) unstable; urgency=medium

  [ Jamie Strandboge ]
  * debian/usr.sbin.tcpdump: drop 'capability sys_module' since we already
    have 'net_admin' and network module loading (which happens with -D) is
    allowed with 'net_admin' (LP: #1759029) (closes: #894161)

  [ Romain Francoise ]
  * Switch to debhelper compatibility level 11.
  * Bump Standards-Version to 4.1.3.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 31 Mar 2018 22:22:36 +0200

tcpdump (4.9.2-2) unstable; urgency=medium

  * Use new URLs on salsa.debian.org for Vcs-* fields.
  * Bump Standards-Version to 4.1.2.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 31 Dec 2017 15:53:41 +0100

tcpdump (4.9.2-1) unstable; urgency=high

  * New upstream release:
    + Fixes 86 new CVEs, see the upstream changelog for the full list.
    + Now supports OpenSSL 1.1, so move back to libssl-dev (closes: #859740).
  * Urgency high due to security fixes.

 -- Romain Francoise <rfrancoise@debian.org>  Fri, 08 Sep 2017 21:30:47 +0200

tcpdump (4.9.1-3) unstable; urgency=high

  * Cherry-pick three upstream commits to fix the following:
    + CVE-2017-11541: buffer over-read in safeputs() (closes: #873804)
    + CVE-2017-11542: buffer over-read in pimv1_print() (closes: #873805)
    + CVE-2017-11543: buffer overflow in sliplink_print() (closes: #873806)
  * Urgency high due to security fixes.

 -- Romain Francoise <rfrancoise@debian.org>  Mon, 04 Sep 2017 19:45:45 +0200

tcpdump (4.9.1-2) unstable; urgency=medium

  * Disable IKEv2 test which mysteriously fails on ppc64el (closes: #873377).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 02 Sep 2017 11:01:30 +0200

tcpdump (4.9.1-1) unstable; urgency=medium

  * New upstream release, fixes CVE-2017-11108 (closes: #867718).
  * Bump Standards-Version to 4.1.0.
  * debian/watch: add pgpsigurlmangle option.
  * Add upstream signing key in debian/upstream.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 26 Aug 2017 18:48:32 +0200

tcpdump (4.9.0-3) unstable; urgency=medium

  [ intrigeri ]
  * Include AppArmor profile from Ubuntu (closes: #866682).

  [ Romain Francoise ]
  * Bump Standards-Version to 4.0.0.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 02 Jul 2017 12:13:53 +0200

tcpdump (4.9.0-2) unstable; urgency=medium

  * Re-enable crypto support, targeting OpenSSL 1.0 as upstream still
    doesn't support OpenSSL 1.1.
  * Drop --enable-ipv6 from configure line, it has been the default for
    years now.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 11 Feb 2017 16:40:05 +0100

tcpdump (4.9.0-1) unstable; urgency=high

  * New upstream security release, fixing the following:
    + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
    + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
    + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
    + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
    + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
    + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
    + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
    + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
    + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
    + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
    + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
    + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
    + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
    + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
    + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
    + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
    + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
    + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
    + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
    + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
    + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
    + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
    + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
    + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
    + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
    + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
    + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
    + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
    + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
    + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
    + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
    + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
    + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
    + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
    + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
    + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
    + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
    + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
    + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
    + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
    + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
  * Re-enable all tests and bump build-dep on libpcap0.8-dev to >= 1.8
    accordingly.
  * Switch Vcs-Git URL to the https one.
  * Adjust lintian override name about dh 9.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 26 Jan 2017 20:04:11 +0100

tcpdump (4.8.1-2) unstable; urgency=medium

  * Disable new HNCP test, which fails on some buildds for some
    as-of-yet unexplained reason.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 29 Oct 2016 19:40:01 +0200

tcpdump (4.8.1-1) unstable; urgency=medium

  * New upstream release.
  * Re-enable Geneve tests (disabled in 4.7.4-1) and bump build-dep on
    libpcap0.8-dev to >= 1.7 accordingly.
  * Disable new pcap version tests which require libpcap 1.8+.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 29 Oct 2016 17:16:06 +0200

tcpdump (4.7.4-3) unstable; urgency=medium

  * Use dh-autoreconf instead of calling autoconf directly and patching
    config.{guess,sub}.
  * Call dh_auto_configure instead of configure in override target, patch
    by Helmut Grohne (closes: #837951).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 17 Sep 2016 11:18:45 +0200

tcpdump (4.7.4-2) unstable; urgency=medium

  * Disable crypto support as it causes FTBFS with OpenSSL 1.1.x and we
    don't have a working fix upstream yet (closes: #828569).
  * Bump Standards-Version to 3.9.8.
  * Use cgit URL for Vcs-Browser.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 28 Aug 2016 18:16:50 +0200

tcpdump (4.7.4-1) unstable; urgency=medium

  * New upstream release.
  * Disable two geneve tests that require libpcap 1.7+.
  * Bump Standards-Version to 3.9.6.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 23 May 2015 18:25:01 +0200

tcpdump (4.6.2-5) unstable; urgency=high

  * Cherry-pick commit fb6e5377f3 from upstream Git to fix regressions in the
    RPKI/RTR printer after the CVE-2015-2153 changes. Thanks to Artur Rona
    from Ubuntu for the heads-up (closes: #781362).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 04 Apr 2015 19:10:27 +0200

tcpdump (4.6.2-4) unstable; urgency=high

  * Cherry-pick changes from upstream Git to fix the following security
    issues:
    + CVE-2015-0261: missing bounds checks in IPv6 Mobility printer.
    + CVE-2015-2153: missing bounds checks in RPKI/RTR printer.
    + CVE-2015-2154: missing bounds checks in ISOCLNS printer.
    + CVE-2015-2155: missing bounds checks in ForCES printer.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 14 Mar 2015 18:43:44 +0100

tcpdump (4.6.2-3) unstable; urgency=high

  * Cherry-pick commit 0f95d441e4 from upstream Git to fix a buffer overflow
    in the PPP dissector (CVE-2014-9140).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 29 Nov 2014 12:23:53 +0100

tcpdump (4.6.2-2) unstable; urgency=high

  * Urgency high due to security fixes.
  * Add three patches extracted from various upstream commits fixing
    vulnerabilities in three dissectors:
    + CVE-2014-8767: missing bounds checks in OLSR dissector (closes: #770434).
    + CVE-2014-8768: missing bounds checks in Geonet dissector
      (closes: #770415).
    + CVE-2014-8769: missing bounds checks in AOVD dissector (closes: #770424).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 22 Nov 2014 11:48:08 +0100

tcpdump (4.6.2-1) unstable; urgency=medium

  * New upstream release.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 04 Sep 2014 18:53:34 +0200

tcpdump (4.6.1-3) unstable; urgency=medium

  * Bump build-dep on libpcap0.8-dev to >= 1.5 as the pppoes_id test case
    requires a pcap version that supports PPPoE session ID filtering.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 16 Aug 2014 17:38:28 +0200

tcpdump (4.6.1-2) unstable; urgency=medium

  * Expand configure check for net/pfvar.h to also check for existence of
    net/if_pflog.h to fix build on GNU/kFreeBSD, which ships the former
    but not the latter, see #756553 (closes: #756790).

 -- Romain Francoise <rfrancoise@debian.org>  Mon, 04 Aug 2014 22:37:24 +0200

tcpdump (4.6.1-1) unstable; urgency=medium

  * New upstream release.
  * debian/control: Mark tcpdump 'Multi-Arch: foreign' (closes: #700727).

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 30 Jul 2014 19:16:49 +0200

tcpdump (4.5.1-2) unstable; urgency=low

  * Disable nflog-e testcase, the NFLOG header length is specified in host
    byte order which makes capture files order-dependent (closes: #731031).

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 01 Dec 2013 12:13:16 +0100

tcpdump (4.5.1-1) unstable; urgency=low

  * New upstream release.
  * Disable new pppoes testcase which uses a new pcap feature to avoid tying
    the two upstream versions together.
  * debian/control: Set Standards-Version to 3.9.5.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 30 Nov 2013 23:54:03 +0100

tcpdump (4.4.0-1) unstable; urgency=low

  * New upstream release:
    + Fixes format error in NTP printer (closes: #686276).
    + Rewords -e description (closes: #648768).
  * debian/control: Set Standards-Version to 3.9.4.
  * Use canonical locations in Vcs-* fields.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 25 May 2013 13:50:30 +0200

tcpdump (4.3.0-1) unstable; urgency=low

  * New upstream release.
  * Re-enable test suite.

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 13 Jun 2012 22:55:54 +0200

tcpdump (4.2.1-3) unstable; urgency=low

  * Fix CPPFLAGS handling in upstream configure.in to avoid losing
    hardening flags, patch by Simon Ruderich <simon@ruderich.org>
    (closes: #662016).
  * Fix some misspellings pointed out by lintian.
  * debian/control: Set Standards-Version to 3.9.3.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 03 Mar 2012 17:11:48 +0100

tcpdump (4.2.1-2) unstable; urgency=low

  * Drop debian/patches/50_kfreebsd.diff (closes: #658848).

 -- Romain Francoise <rfrancoise@debian.org>  Mon, 06 Feb 2012 19:01:12 +0100

tcpdump (4.2.1-1) unstable; urgency=low

  * New upstream release.
  * Upload to unstable.

 -- Romain Francoise <rfrancoise@debian.org>  Mon, 02 Jan 2012 20:19:22 +0100

tcpdump (4.2.0~rc1-2) experimental; urgency=low

  * Make sure OpenSSL support gets enabled: since it moved to multiarch
    paths, the configure script doesn't find libcrypto.so and disables
    crypto support. To fix this, simplify detection logic in configure.in
    and run autoconf before configuring.
  * Redo build flags handling:
    + Enable hardening flags via dpkg-buildflags, not hardening-includes.
    + Switch to debhelper compat level 9 to have build flags exported
      automatically.
    + Adjust build-depends accordingly.
  * Enable parallel build in debhelper.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 06 Nov 2011 19:14:23 +0100

tcpdump (4.2.0~rc1-1) experimental; urgency=low

  * New upstream beta release (closes: #636806); now switches to the -Z
    user before opening the first output file (closes: #434603).
  * debian/control: Set Standards-Version to 3.9.2.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 14 Aug 2011 10:44:58 +0200

tcpdump (4.1.1-2) unstable; urgency=low

  * Fix FTBFS on GNU/Hurd; patch from Svante Signell (closes: #622287).
  * debian/control: Tweak short and long descriptions, set
    Standards-Version to 3.9.1.

 -- Romain Francoise <rfrancoise@debian.org>  Mon, 11 Apr 2011 22:37:29 +0200

tcpdump (4.1.1-1) unstable; urgency=low

  * New upstream release (closes: #576001).
  * debian/rules: Disable dh_auto_test (for now).
  * debian/control: Set Standards-Version to 3.8.4.
  * debian/patches/30_uflag_flushopen.diff: New patch: when saving to a
    capture file with -U, flush the file immediately after opening it.
    Suggested by Ferenc Wagner <wferi@niif.hu> (closes: #533625).
  * debian/patches/20_man_fixes.diff: Fix TCP flags description, thanks to
    Christophe Rhodes <csr21@cantab.net> (closes: #575724).

 -- Romain Francoise <rfrancoise@debian.org>  Tue, 06 Apr 2010 19:58:14 +0200

tcpdump (4.0.0-6) unstable; urgency=low

  * debian/control: Build-depend on hardening-includes.
  * debian/rules: Use hardening.make.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 24 Dec 2009 11:51:12 +0100

tcpdump (4.0.0-5) unstable; urgency=low

  * Switch to 3.0 (quilt) source format:
    + Drop build-depends on quilt.
    + Remove patch/unpatch logic from debian/rules.
    + Remove README.source.
    + Refresh debian/patches/30_tcp_seq.diff.
  * Use dh(1):
    + debian/compat: Bump to 7.
    + debian/control: Build-depend on debhelper (>= 7.0.50~).
    + debian/rules: Simplify.
    + debian/tcpdump.dirs: Removed.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 08 Nov 2009 17:25:38 +0100

tcpdump (4.0.0-4) unstable; urgency=low

  * debian/control:
    + Add ${misc:Depends} to Depends.
    + Set Standards-Version to 3.8.3; no changes needed.
  * debian/{watch,README.source}: New files.
  * debian/copyright: Remove link to original file.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 08 Oct 2009 19:00:23 +0200

tcpdump (4.0.0-3) unstable; urgency=low

  * debian/patches/20_man_fixes.diff: Update; pcap-filter is in section 7,
    not 4 (closes: #527599).
  * debian/control: Set Standards-Version to 3.8.1.

 -- Romain Francoise <rfrancoise@debian.org>  Tue, 16 Jun 2009 11:51:14 +0200

tcpdump (4.0.0-2) unstable; urgency=low

  * debian/patches/30_tcp_seq.diff: Patch from Ilpo Järvinen adding back
    default display of sequence numbers in TCP printer (closes: #517661).
  * debian/patches/series: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 01 Mar 2009 14:51:25 +0100

tcpdump (4.0.0-1) unstable; urgency=low

  * Upload to unstable.

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 18 Feb 2009 18:55:35 +0100

tcpdump (4.0.0-1~exp1) experimental; urgency=low

  * New upstream release.
  * debian/control: Set Standards-Version to 3.8.0.
  * debian/rules: Don't set DH_VERBOSE.
  * debian/patches/15_install.diff: New patch, don't install two identical
    tcpdump binaries.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 30 Nov 2008 22:55:39 +0100

tcpdump (3.9.8-4) unstable; urgency=low

  * debian/control: Build-Depend on libpcap0.8-dev (>= 0.9.3),
    not (>= 0.9.3-1).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 08 Mar 2008 19:24:02 +0100

tcpdump (3.9.8-3) unstable; urgency=low

  * debian/copyright: Convert to UTF-8 encoding.
  * debian/control: Set Standards-Version to 3.7.3, no changes needed.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 23 Dec 2007 14:32:17 +0100

tcpdump (3.9.8-2) unstable; urgency=low

  * debian/control: Add Vcs-Browser and Vcs-Git fields.
  * debian/patches/50_kfreebsd.diff: New patch by Petr Salinger fixing
    FTBFS on Debian GNU/kFreeBSD (closes: #448695).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 03 Nov 2007 11:12:53 +0100

tcpdump (3.9.8-1) unstable; urgency=low

  * New upstream release.

 -- Romain Francoise <rfrancoise@debian.org>  Thu, 27 Sep 2007 22:41:53 +0200

tcpdump (3.9.7-2) unstable; urgency=low

  * debian/control: Move upstream URL to the Homepage header.

 -- Romain Francoise <rfrancoise@debian.org>  Fri, 21 Sep 2007 19:48:05 +0200

tcpdump (3.9.7-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/41_cve-2007-3798.diff: Deleted.
  * debian/patches/40_cve-2007-1218.diff: Deleted.
  * debian/patches/series: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 12 Aug 2007 12:45:31 +0200

tcpdump (3.9.5-4) unstable; urgency=low

  * debian/rules: Don't ignore errors in clean target.
  * debian/patches/50_autotools-dev.diff: New patch, make config.{guess,sub}
    exec newer versions of themselves if autotools-dev is installed.
  * debian/patches/series: Update.
  * debian/control: Add build-depends on autotools-dev.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 11 Aug 2007 20:18:34 +0200

tcpdump (3.9.5-3) unstable; urgency=medium

  * Convert to quilt for patch management:
    + debian/control: Build-Depend on quilt (>= 0.40) instead of dpatch.
    + debian/rules: Include /usr/share/quilt/quilt.make.
    + Convert all dpatch patches to regular patches.

  * debian/patches/41_cve-2007-3798.diff: New patch, fixes an integer
    overflow in the BGP dissector (CVE-2007-3798), thanks to Daniel Leidert
    (closes: #434030).
  * debian/patches/series: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 01 Aug 2007 19:56:04 +0200

tcpdump (3.9.5-2) unstable; urgency=medium

  * debian/patches/40_cve-2007-1218.dpatch: New patch, fixes a potential
    buffer overflow in the 802.11 printer (CVE-2007-1218), thanks to
    Moritz Muehlenhoff <jmm@debian.org> (closes: #413430).
  * debian/patches/00list: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Mon,  5 Mar 2007 20:22:50 +0100

tcpdump (3.9.5-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/20_man_fixes.dpatch: Resync.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 23 Sep 2006 21:13:07 +0200

tcpdump (3.9.4-4) unstable; urgency=low

  * debian/compat: Switch to debhelper compatibility level 5.
  * debian/control:
    + Build-Depend on debhelper (>= 5).
    + Remove Uploaders field.
    + Bump Standards-Version to 3.7.2, no changes needed.
  * debian/rules: Misc. cleanups.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 20 May 2006 13:07:45 +0200

tcpdump (3.9.4-3) unstable; urgency=low

  * debian/patches/20_man_fixes.dpatch: Merge patch from A Costa
    <agcosta@gis.net> fixing a few typos (closes: #351014).

 -- Romain Francoise <rfrancoise@debian.org>  Thu,  2 Feb 2006 22:24:04 +0100

tcpdump (3.9.4-2) unstable; urgency=low

  * debian/patches/20_man_fixes.dpatch: Merge patch from A Costa
    <agcosta@gis.net> fixing a few typos (closes: #342310).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 10 Dec 2005 14:26:20 +0100

tcpdump (3.9.4-1) unstable; urgency=low

  * New upstream release.

  * debian/patches/40_spelling.dpatch: Dropped (included upstream).
  * debian/patches/30_version.dpatch: Dropped.
  * debian/patches/30_vlan_eflag: New patch, reverse test for eflag in
    print-ether.c to match the intended effect (closes: #324706).

  * This upload also transitions tcpdump to OpenSSL 0.9.8.

 -- Romain Francoise <rfrancoise@debian.org>  Sun,  9 Oct 2005 20:11:49 +0200

tcpdump (3.9.3-2) unstable; urgency=low

  * debian/patches/40_spelling.dpatch: New patch, fixes spelling errors
    ("advertisment" vs. "advertisement"), thanks to Michael Shields
    <shields@msrl.com> (closes: #318676).
  * debian/patches/00list: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 17 Jul 2005 12:28:22 +0200

tcpdump (3.9.3-1) unstable; urgency=low

  * New upstream release.
  * Build-Depend on libpcap0.8-dev (which is really libpcap 0.9.3).

  * debian/patches/30_ascii-output.dpatch: Dropped (merged upstream).
  * debian/patches/30_version: New patch, fixes upstream version (still at
    3.9.2 while this is version 3.9.3).
  * debian/patches/00list: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 16 Jul 2005 14:59:30 +0200

tcpdump (3.9.1-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/30_ascii-output.dpatch: New patch, fixes -x, -X and -A
    priorities and removes extra newline and tab characters in the ascii
    output (closes: #285764, #316908).
  * debian/patches/00list: Update.

 -- Romain Francoise <rfrancoise@debian.org>  Wed,  6 Jul 2005 20:17:19 +0200

tcpdump (3.9.0.cvs.20050622-1) unstable; urgency=low

  * New CVS snapshot.
  * debian/control: Bump Standards-Version to 3.6.2.1, no changes needed.

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 22 Jun 2005 19:52:31 +0200

tcpdump (3.9.0.cvs.20050614-1) unstable; urgency=low

  * New CVS snapshot.
  * Upload to unstable.

 -- Romain Francoise <rfrancoise@debian.org>  Tue, 14 Jun 2005 19:43:24 +0200

tcpdump (3.9.0.cvs.20050529-1) experimental; urgency=low

  * New upstream CVS snapshot for experimental.

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 29 May 2005 12:55:31 +0200

tcpdump (3.9.0.cvs.20050511-1) experimental; urgency=low

  * Upstream CVS snapshot of tcpdump 3.9 for experimental.
  * debian/patches/20_man_fixes.dpatch: Resynchronized.
  * debian/patches/30_openssl_des.dpatch: Dropped (fixed upstream).
  * debian/patches/40_ipv6cp.dpatch: Ditto.
  * debian/patches/50_misc_dos.dpatch: Ditto.
  * debian/patches/00list: Update.
  * debian/control: Build with libpcap0.9, also in experimental.

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 11 May 2005 20:00:31 +0200

tcpdump (3.8.3-5) unstable; urgency=low

  * debian/copyright: Clarify license conditions, some files in the
    distribution are still under the 4-clause BSD license (closes: #283008).
  * debian/changelog: Revise 3.8.3-4 entry to add CAN numbers (which have
    been assigned in the meantime).

 -- Romain Francoise <rfrancoise@debian.org>  Sun,  1 May 2005 17:23:45 +0200

tcpdump (3.8.3-4) unstable; urgency=high

  * Urgency set to high due to security fixes.
  * debian/patches/50_misc_dos.dpatch: Security fixes stolen from the 3.8
    branch fix infinite loops in the BGP, ISIS, LDP and RSVP dissectors
    [CAN-2005-1278, CAN-2005-1279, CAN-2005-1280] (closes: #306529).
  * debian/patches/00list: Add 50_misc_dos.

 -- Romain Francoise <rfrancoise@debian.org>  Wed, 27 Apr 2005 21:05:37 +0200

tcpdump (3.8.3-3) unstable; urgency=low

  * debian/patches/40_ipv6cp.dpatch: New patch, do not try to print IPV6CP
    ppp packets, the dissector doesn't support it (closes: #255179).
  * debian/patches/00list: Add 40_ipv6cp.

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 19 Jun 2004 15:01:27 +0200

tcpdump (3.8.3-2) unstable; urgency=low

  * debian/rules: Enable crypto support (closes: #82581, #93428).
  * debian/control:
    + Build-Depend on libssl-dev.
    + Put back URL markers in description.
    + Switch Maintainer and Uploaders fields to match reality.
  * debian/patches/30_openssl_des.dpatch: Patch to make upstream's
    configure script check for DES_cbc_encrypt instead of des_cbc_encrypt,
    (the function got renamed in OpenSSL 0.9.7), which saves us the hassle
    of re-running autoconf.  Temporary hack since upstream has fixed this
    in CVS already.
  * debian/patches/00list: Add 30_openssl_des.

 -- Romain Francoise <rfrancoise@debian.org>  Fri, 14 May 2004 22:14:08 +0200

tcpdump (3.8.3-1) unstable; urgency=low

  * New upstream release.
  * debian/rules:
    + Add -D_FILE_OFFSET_BITS=64 to default CFLAGS to match libpcap
      (closes: #154762).
    + Use dpatch for patch management.
    + Clean up CFLAGS handling.
    + Support DEB_BUILD_OPTIONS.
  * debian/control:
    + Build-Depend on libpcap0.8-dev, dpatch.
    + Add versioned Build-Depends on debhelper.
    + Remove Emacs-style URL markers from description.
  * debian/compat: New file.
  * debian/copyright: Update.
  * debian/tcpdump.docs: Do not install upstream INSTALL file.
  * debian/patches: New directory.
  * debian/patches/10_man_install.dpatch: Patch split off the Debian diff
    to change man install paths in upstream Makefile.in.
  * debian/patches/20_man_fixes.dpatch: Patch split off the Debian diff to
    fix some inconsistencies in the upstream man page.
  * debian/patches/00list: New file (patch list).

 -- Romain Francoise <rfrancoise@debian.org>  Tue, 11 May 2004 14:02:09 +0200

tcpdump (3.7.2-4) unstable; urgency=high

  * Urgency high due to security fixes.
  * Backport changes from upstream CVS to fix ISAKMP payload handling
    denial-of-service vulnerabilities (CAN-2004-0183, CAN-2004-0184).
    Detailed changes (with corresponding upstream revisions):
    + Add length checks in isakmp_id_print() (print-isakmp.c, rev. 1.47)
    + Add data checks all over the place, change rawprint() prototype and
      add corresponding return value checks (print-isakmp.c, rev. 1.46)
    + Add missing ntohs() and change length initialization in
      isakmp_id_print(), not porting prototype changes (print-isakmp.c,
      rev. 1.45)

 -- Romain Francoise <rfrancoise@debian.org>  Tue,  6 Apr 2004 19:39:24 +0200

tcpdump (3.7.2-3) unstable; urgency=low

  * Backport changes from upstream CVS to fix several vulnerabilities in
    ISAKMP, L2TP and Radius parsing (closes: #227844, #227845, #227846).

 -- Romain Francoise <rfrancoise@debian.org>  Sat, 17 Jan 2004 14:12:30 +0100

tcpdump (3.7.2-2) unstable; urgency=low

  * Acknowledge NMU by Romain (closes: #208543).
  * Apply man page fixes by Romain:
    + networks(4) changed to networks(5) (closes: #194180).
    + ethers(3N) changed to ethers(5) (closes: #197888).
  * debian/control: Added Romain Francoise as co maintainer. Thanks for
    your help, Romain!

 -- Torsten Landschoff <torsten@debian.org>  Sun, 19 Oct 2003 04:12:31 +0200

tcpdump (3.7.2-1.1) unstable; urgency=low

  * NMU
  * Reverse order of #include directives in print-sctp.c so that
    IPPROTO_SCTP is defined (closes: #208543).

 -- Romain Francoise <rfrancoise@debian.org>  Sun, 12 Oct 2003 17:06:01 +0200

tcpdump (3.7.2-1) unstable; urgency=low

  * New upstream release (closes: #195816).

 -- Torsten Landschoff <torsten@debian.org>  Sun,  8 Jun 2003 00:14:44 +0200

tcpdump (3.7.1-1.2) unstable; urgency=high

  * Non-maintainer upload
  * Apply security fixes from 3.7.2
    - Fixed infinite loop when parsing malformed isakmp packets.
      (CAN-2003-0108)
    - Fixed infinite loop when parsing malformed BGP packets.
    - Fixed buffer overflow with certain malformed NFS packets.

 -- Matt Zimmerman <mdz@debian.org>  Thu, 27 Feb 2003 11:00:32 -0500

tcpdump (3.7.1-1.1) unstable; urgency=low

  * NMU
  * Simple rebuild to deal with libpcap0->libpcap0.7 transition.
    Sourceful NMU so that every arch rebuilds it.

 -- LaMont Jones <lamont@debian.org>  Wed, 14 Aug 2002 21:25:45 -0600

tcpdump (3.7.1-1) unstable; urgency=low

  * New upstream release (closes: #138052).

 -- Torsten Landschoff <torsten@debian.org>  Sat,  3 Aug 2002 23:54:04 +0200

tcpdump (3.6.2-2) unstable; urgency=HIGH

  * print-rx.c: Take the version from current CVS fixing the remote
    buffer overflow reported in FreeBSD Security Advisory SA-01:48
    yesterday. Thanks to Matt Zimmerman for forwarding the report,
    I might have missed it.
  * debian/control: Clean the Build-Depends from build-essential
    packages.

 -- Torsten Landschoff <torsten@debian.org>  Thu, 19 Jul 2001 15:03:48 +0200

tcpdump (3.6.2-1) unstable; urgency=low

  * New upstream release.

 -- Torsten Landschoff <torsten@debian.org>  Tue,  6 Mar 2001 04:18:16 +0100

tcpdump (3.6.1-2) unstable; urgency=low

  * debian/rules: Force support for IPv6 (closes: #82665).
  * print-icmp6.c: Removed duplicate definition also in icmp6.h to
    get the package to compile with IPv6.
  * Rebuild should fix the missing libpcap0-dependency (closes: #82666).
    Additional info: The missing dependency was because the configure
    script found my libpcap sources in the parent directory. Black magic
    always works against you :(

 -- Torsten Landschoff <torsten@debian.org>  Thu, 18 Jan 2001 00:44:01 +0100

tcpdump (3.6.1-1) unstable; urgency=high

  * Taking back the package. Kudos to Anand for his help.
  * New upstream release. This release fixes a security hole in print-rx.c.
  * debian/rules: Disable crypto support (closes: #81969).
  * Removed empty README.Debian (closes: #81966).

 -- Torsten Landschoff <torsten@debian.org>  Tue, 16 Jan 2001 16:04:03 +0100

tcpdump (3.5.2-3) unstable; urgency=low

  * Fixup dependancy stuff. Sheesh. (Closes: #78063, #78081, #78082)

 -- Anand Kumria <wildfire@progsoc.org>  Tue, 28 Nov 2000 02:16:01 +1100

tcpdump (3.5.2-2) unstable; urgency=low

  * Update both config.guess and config.sub (Closes: #36692, #53145)
  * Opps, make the .diff available.
  * We require a particular libpcap version to work (Closes: #77877)

 -- Anand Kumria <wildfire@progsoc.org>  Mon, 27 Nov 2000 01:13:55 +1100

tcpdump (3.5.2-1) unstable; urgency=low

  * New Maintainer
  * New upstream release (Closes: #75889)
  * Upstream added hex dump (-x) and ascii dump (-X) Closes: #23514, #29418)
  * Acknowledge and incorporate security fixes (Closes: #63708, #77489)
  * Appletalk / Ethertalk patches are in (Closes: #67642)

 -- Anand Kumria <wildfire@progsoc.org>  Wed, 22 Nov 2000 13:19:33 +1100

tcpdump (3.4a6-4.1) frozen unstable; urgency=high

  * Non-maintainer upload by security team
  * Apply patch from tcpdump-workers mailinglist to fix DNS DoS attack
    against tcpdump. Based on patch from Guy Harris <gharris@flashcom.net> as
    found on http://www.tcpdump.org/lists/workers/1999/msg00607.html
  * Fix Build-Depends entry in debian/control

 -- Wichert Akkerman <wakkerma@debian.org>  Sun,  7 May 2000 15:17:33 +0200

tcpdump (3.4a6-4) unstable; urgency=low

  * New maintainer.
  * tcpdump.c (main): Reestablish priviliges before closing the device
    (closes: #19959).
  * It seems the problem with ppp came from the kernel - I can dump
    packages on ppp0 just fine... (closes: #25757)
  * print-tcp.c (tcp_print): Applied patch from David S. Miller submitted
    by Andrea Arcangeli to fix tcpdump sack TCP option interpretation
    (closes: #28530).
  * print-bootp.c (rfc1048_print): Interpret timezone offset as signed
    (closes: #40376). Fixed byte order problem in printing internet
    addresses (closes: #40375). Thanks to Roderick Schertler for the patch.
  * Several files: Applied SMB patch from samba.org (closes: #27653).
  * print-ip.c (ip_print): Check for ip headers with less than 5 longs.
    Patch taken from RedHat's source package.
  * Redid debian/rules using debhelper.
  * Makefile.in: Install the manpage into man8 instead of man1.
  * tcpdump.1: Moved to section 8 (admin commands).
  * print-smb.c (print_smb): Disabled anything but printing the command
    info by default. Otherwise we would get flooded with smb information.
    You can get all info using -vvv. Two -v's will give you the SMB headers.
  * tcpdump.1: Documented the behaviour described above.

 -- Torsten Landschoff <torsten@debian.org>  Mon, 22 Nov 1999 01:31:44 +0100

tcpdump (3.4a6-3) frozen unstable; urgency=low

  * fixed permissions

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Mon, 30 Mar 1998 02:28:39 +0200


tcpdump (3.4a6-2) frozen unstable; urgency=low

  * rebuild with latest debmake, fixes #19415
    (should also fix the lintian warnings)
  * updated standards-version

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Mon, 30 Mar 1998 00:28:39 +0200


tcpdump (3.4a6-1) unstable; urgency=low

  * updated to latest upstream version, fixes: Bug#17163
  * install changelog.Debian compressed, fixes: Bug#15417

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Sun,  1 Feb 1998 00:08:31 +0100


tcpdump (3.4a4-1) unstable; urgency=low

  * updated to latest upstream version
  * libc6 version

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Wed, 17 Sep 1997 23:22:54 +0200


tcpdump (3.3.1a2-1) frozen stable unstable; urgency=medium

  * updated to latest upstream version (works with new libpcap now)

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Sat, 24 May 1997 00:49:17 +0200


tcpdump (3.3-2) unstable; urgency=low

  * fixed SLIP support

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Sun, 16 Feb 1997 21:06:51 +0100


tcpdump (3.3-1) unstable; urgency=low

  * updated to latest upstream version

 -- Peter Tobias <tobias@et-inf.fho-emden.de>  Thu, 16 Jan 1997 01:34:00 +0100