"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "CHANGELOG" between
ettercap-0.8.3.tar.gz and ettercap-0.8.3.1.tar.gz

About: ettercap is a multipurpose sniffer/interceptor/logger for switched LAN.

CHANGELOG  (ettercap-0.8.3):CHANGELOG  (ettercap-0.8.3.1)
Legend: Legend:
+ new feature + new feature
- old feature removed - old feature removed
!! bug fixed !! bug fixed
========================================= =========================================
0.8.3.1-Bertillon 20200801
!! Fix SSL protocol failure with older TLS client/server versions (min. TLS1.
0)
!! Fix blackholing SSL packets when specific redirection is used
!! Fix TLS 1.3 interception issues (replace fake certificate with proper key
length)
!! Fix segmentation fault when parsing HTTP NTLM handshake (fixes #922)
!! Fix crash if one redirect command is not enabled
!! Fix build on MacOSX detecting new dependency HarfBuzz
!! Fix warnings when parsing etter.(m)dns file when built w/o IPv6 support
!! Fix capture delay with libpcap v1.9.1 (fixes #974)
!! Fix segmentation fault when etterlog concatinate files
!! Fix compiling with GCC version / defaulting to -fno-common
!! Fix bad UDP length for packets changed with replace()
!! Fix passing --lua-args arguments to LUA scripts
!! Fix MSVC build when macro ORDER_ADD_{SHORT,LONG} is being used
!! Fix references to old sourceforce.org website in the code and documentatio
n
!! Fix fingerprint_submit (still missing its server counterpart)
+ Take over client-side SNI extension in ClientHello in SSL interception (re
q. OpenSSL 1.1.1)
+ Take over SAN certificate extension from server certificate in SSL interce
ption
+ Use server certificate sign algorithm to sign fake certificate defaulting
to SHA256
+ CLI provided plugins are now also autostarted in graphical UI
+ Added --plugin-list CLI parameter
+ New execreplace etterfilter command
+ Update bundled OUI mac addresses
+ Update LuaJIT from 2.0.4 to 2.0.5
+ Update libnet from 1.1.6 to 1.2
+ Update check from 0.10.0 to 0.15.0
+ Update curl from 7.44.0 to 7.71.1
- Separate etter.dns and etter.mdns examples in dedicated examples file
- Remove source IP specification from customizable SSL redirects
- Remove of deprecated redirect commands from etter.conf
- Remove Easter Egg (Sorry ALoR and NaGA)
0.8.3-Bertillon 20190701 0.8.3-Bertillon 20190701
!! Fix binary comparsion and assignment in etterfilter !! Fix binary comparison and assignment in etterfilter
!! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long) !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long)
!! Non-aligned filters are no longer supported (recompilation with etterfilte r required) !! Non-aligned filters are no longer supported (recompilation with etterfilte r required)
!! Fixed sslstrip plugin startup issue due to regex compilation error !! Fixed sslstrip plugin startup issue due to regex compilation error
!! Fixed lots of build warnings !! Fixed lots of build warnings
!! Proper separation of library and executable code !! Proper separation of library and executable code
!! Fixed heap-buffer-overflow in write_output in etterfilter !! Fixed heap-buffer-overflow in write_output in etterfilter
!! ip_addr sanity check when etterlog processes info logfile !! ip_addr sanity check when etterlog processes info logfile
!! Lots of buffer under-/overflow conditions fixed !! CVE-2017-8366 (Lots of buffer under-/overflow conditions fixed)
!! CVE-2017-6430 (Fix invalid read on crafted file in etterfilter) !! CVE-2017-6430 (Fix invalid read on crafted file in etterfilter)
!! fix dns_spoof plugin when used in bridge mode !! fix dns_spoof plugin when used in bridge mode
+ SSL redirects are now customizable at runtime + SSL redirects are now customizable at runtime
+ GeoIP detection / support using CMake + GeoIP detection / support using CMake
+ Rework of GTK3 UI - modern GNOME3 look + Rework of GTK3 UI - modern GNOME3 look
+ New Kerberos 5 downgrade plugin + New Kerberos 5 downgrade plugin
+ GTK3 is the new default GTK_BUILD_TYPE + GTK3 is the new default GTK_BUILD_TYPE
+ OSPF dissector supports more authentication methods in hash-cracker friend ly format + OSPF dissector supports more authentication methods in hash-cracker friend ly format
+ Rework of Oracle O5LOGON dissector + Rework of Oracle O5LOGON dissector
+ Multi-threaded name resolution + Multi-threaded name resolution
skipping to change at line 46 skipping to change at line 77
!! Fixed drop_privs function usage !! Fixed drop_privs function usage
!! Fixed nopromisc option usage !! Fixed nopromisc option usage
!! Fixed missing break in parser code !! Fixed missing break in parser code
!! Improved redirect commands !! Improved redirect commands
!! Fix truncated VLAN packet headers !! Fix truncated VLAN packet headers
!! Fix ettercap.rc file (windows only) !! Fix ettercap.rc file (windows only)
!! Various cmake fixes !! Various cmake fixes
!! A ton of BSD bug fixes !! A ton of BSD bug fixes
!! Simplify macosx cmake files !! Simplify macosx cmake files
!! Fix incorrect sequence number after TCP injection !! Fix incorrect sequence number after TCP injection
!! Fix pcap length, and aligment problems with libpcap !! Fix pcap length, and alignment problems with libpcap
!! Bug fixes and gtk code refactor (gtk box wrapper) !! Bug fixes and gtk code refactor (gtk box wrapper)
!! Fix some ipv6 send issues !! Fix some ipv6 send issues
!! Fixed sleep time on Windows (high CPU usage) !! Fixed sleep time on Windows (high CPU usage)
!! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1) !! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1)
- CVE-2014-6395 (Length Parameter Inconsistency) - CVE-2014-6395 (Length Parameter Inconsistency)
- CVE-2014-6396 (Arbitrary write) - CVE-2014-6396 (Arbitrary write)
- CVE-2014-9376 (Negative index/underflow) - CVE-2014-9376 (Negative index/underflow)
- CVE-2014-9377 (Heap overflow) - CVE-2014-9377 (Heap overflow)
- CVE-2014-9378 (Unchecked return value) - CVE-2014-9378 (Unchecked return value)
- CVE-2014-9379 (Incorrect cast) - CVE-2014-9379 (Incorrect cast)
 End of changes. 5 change blocks. 
4 lines changed or deleted 41 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)