[Wireshark-bugs] [Bug 1184] *Shark should support associating TCP and UDP packets with processes

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1184 Moshe Kaplan changed: What|Removed |Added CC||m...@moshekaplan.com -- You are

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 Guy Harris changed: What|Removed |Added Status|CONFIRMED |RESOLVED Resolution|---

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #13 from Gerrit Code Review --- Change 33190 merged by Guy Harris: Fix SMB2 decryption on big-endian machines. https://code.wireshark.org/review/33190 -- You are receiving this mail because: You are watching all bug

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #12 from Gerrit Code Review --- Change 33190 had a related patch set uploaded by Guy Harris: Fix SMB2 decryption on big-endian machines. https://code.wireshark.org/review/33190 -- You are receiving this mail because: You

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #10 from Gerrit Code Review --- Change 33189 had a related patch set uploaded by Guy Harris: Fix SMB2 decryption on big-endian machines. https://code.wireshark.org/review/33189 -- You are receiving this mail because: You

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #11 from Gerrit Code Review --- Change 33189 merged by Guy Harris: Fix SMB2 decryption on big-endian machines. https://code.wireshark.org/review/33189 -- You are receiving this mail because: You are watching all bug

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #9 from Gerrit Code Review --- Change 33188 merged by Guy Harris: Fix SMB2 decryption on big-endian machines. https://code.wireshark.org/review/33188 -- You are receiving this mail because: You are watching all bug

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #8 from Gerrit Code Review --- Change 33188 had a related patch set uploaded by Guy Harris: Fix SMB2 decryption on big-endian machines. https://code.wireshark.org/review/33188 -- You are receiving this mail because: You are

[Wireshark-bugs] [Bug 15777] New: `tshark -G folders`leaves mmdbresolve process behind

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15777 Bug ID: 15777 Summary: `tshark -G folders`leaves mmdbresolve process behind Product: Wireshark Version: Git Hardware: x86 OS: Mac OS X 10.4 Status:

[Wireshark-bugs] [Bug 15754] Wireshark fails to parse piped pcapng with an SHB with a byte order different from the host running dumpcap

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15754 --- Comment #5 from Guy Harris --- Note: if we choose not to fix this based on "we want dumpcap to be simple and safe and handling byte-swapped captures is too much", then, because the Wireshark tests in the test directory pipe

[Wireshark-bugs] [Bug 15772] The SMB2 code to look up decryption keys by session ID assumes it's running on a little-endian machine

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 Guy Harris changed: What|Removed |Added Summary|Several test failures on|The SMB2 code to look up

[Wireshark-bugs] [Bug 15774] PROFINET DCP access violation at DHCP client identifier crashes Wireshark

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15774 Pascal Quantin changed: What|Removed |Added CC||pas...@wireshark.org ---

[Wireshark-bugs] [Bug 15776] New: Add support for GELF protocol

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15776 Bug ID: 15776 Summary: Add support for GELF protocol Product: Wireshark Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity:

[Wireshark-bugs] [Bug 15774] PROFINET DCP access violation at DHCP client identifier crashes Wireshark

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15774 --- Comment #2 from Thomas Wiens --- (In reply to Gerrit Code Review from comment #1) > Change 33186 had a related patch set uploaded by Pascal Quantin: > PROFINET DCP: fix dissection of an empty DHCP option > >

[Wireshark-bugs] [Bug 15774] PROFINET DCP access violation at DHCP client identifier crashes Wireshark

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15774 --- Comment #1 from Gerrit Code Review --- Change 33186 had a related patch set uploaded by Pascal Quantin: PROFINET DCP: fix dissection of an empty DHCP option https://code.wireshark.org/review/33186 -- You are receiving this mail

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #6 from Guy Harris --- (In reply to Tuan Hoang from comment #5) > Another option is I'm asking internally that somebody in the IBM team could > have an eye on supporting wireshark s390x in the future. There're teams > doing it

[Wireshark-bugs] [Bug 15775] Appearance > Font and Colors - no longer allows picking

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15775 --- Comment #1 from Guy Harris --- If you still have a version of 2.6.2 where this works, could you post the full version information, from the version dialog, for that version? (Yes, the 2.6.2 version where it works, not the 3.0.1

[Wireshark-bugs] [Bug 15775] Appearance > Font and Colors - no longer allows picking

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15775 Guy Harris changed: What|Removed |Added Component|Common utilities|Qt UI

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 Tuan Hoang changed: What|Removed |Added CC||tmho...@linux.ibm.com --- Comment

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #4 from Guy Harris --- > > FAILED test/suite_decryption.py::case_decrypt_smb2::test_smb311_bad_key > > FAILED test/suite_decryption.py::case_decrypt_smb2::test_smb300_aes128ccm > > FAILED

[Wireshark-bugs] [Bug 15707] Wireshark fails on piped/streamed pcapng packet capture data with mixed BE/LE SHBs, but reads mixed BE/LE files correctly

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15707 --- Comment #7 from Guy Harris --- (In reply to TheDiveO from comment #5) > The issue I see is that with Wireshark reading from the pipe it has given an > extcap plugin, Wireshark already fails with an error message as soon as it > sees

[Wireshark-bugs] [Bug 15707] Wireshark fails on piped/streamed pcapng packet capture data with mixed BE/LE SHBs, but reads mixed BE/LE files correctly

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15707 --- Comment #6 from Guy Harris --- At least part of the problem is that 1) x86 is little-endian and 2) we don't support piping byte-swapped pcapng (or pcap, I suspect) files to dumpcap so you can't pipe big-endian files to pcapng on

[Wireshark-bugs] [Bug 15754] Wireshark fails to parse piped pcapng with an SHB with a byte order different from the host running dumpcap

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15754 Guy Harris changed: What|Removed |Added See Also||https://bugs.wireshark.org/

[Wireshark-bugs] [Bug 15707] Wireshark fails on piped/streamed pcapng packet capture data with mixed BE/LE SHBs, but reads mixed BE/LE files correctly

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15707 Guy Harris changed: What|Removed |Added See Also||https://bugs.wireshark.org/

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 Guy Harris changed: What|Removed |Added See Also||https://bugs.wireshark.org/

[Wireshark-bugs] [Bug 15754] Wireshark fails to parse piped pcapng with an SHB with a byte order different from the host running dumpcap

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15754 Guy Harris changed: What|Removed |Added See Also||https://bugs.wireshark.org/

[Wireshark-bugs] [Bug 15775] New: Appearance > Font and Colors - no longer allows picking

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15775 Bug ID: 15775 Summary: Appearance > Font and Colors - no longer allows picking Product: Wireshark Version: 3.0.1 Hardware: x86 OS: Windows 10

[Wireshark-bugs] [Bug 15754] Wireshark fails to parse piped pcapng with an SHB with a byte order different from the host running dumpcap

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15754 Guy Harris changed: What|Removed |Added Hardware|x86-64 |All OS|Linux

[Wireshark-bugs] [Bug 15771] Test failures on armhf: add_pfield-time-bytes-local-le-551-4

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15771 --- Comment #2 from Kevin Daudt --- We have CI setup on https://github.com/alpinelinux/aports for armhf. If you would make a pull request there, it would run on drone.io CI. You could also setup your own drone.io CI instance. -- You

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 --- Comment #2 from Kevin Daudt --- We don't have CI available for s390x saidly. But we have someone who has access to s390x hardware and he's looking into it. He said that it built without issues for him, so it might be a dependency /

[Wireshark-bugs] [Bug 15773] Enhance to support new FTTB related ANCP TLVs

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15773 --- Comment #5 from jewgenij.bytsch...@t-systems.com --- New ANCP TLVs (RFC Draft): +--+-+---+ | Type Code| TLV Name|

[Wireshark-bugs] [Bug 15773] Enhance to support new FTTB related ANCP TLVs

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15773 --- Comment #4 from jewgenij.bytsch...@t-systems.com --- Created attachment 17118 --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17118=edit ANCP Port-Up, PPPoE PADI, PPPoE PADR (3 packets) The pcap trace contains an ANCP

[Wireshark-bugs] [Bug 15774] PROFINET DCP access violation at DHCP client identifier crashes Wireshark

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15774 Alexis La Goutte changed: What|Removed |Added Ever confirmed|0 |1

[Wireshark-bugs] [Bug 15773] Enhance to support new FTTB related ANCP TLVs

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15773 Alexis La Goutte changed: What|Removed |Added Status|UNCONFIRMED |INCOMPLETE Ever

[Wireshark-bugs] [Bug 15774] New: PROFINET DCP access violation at DHCP client identifier crashes Wireshark

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15774 Bug ID: 15774 Summary: PROFINET DCP access violation at DHCP client identifier crashes Wireshark Product: Wireshark Version: Git Hardware: x86 OS:

[Wireshark-bugs] [Bug 15763] elastic-mapping improvements

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15763 --- Comment #16 from Gerrit Code Review --- Change 33111 merged by Dario Lombardo: elastic: change 'pcap_file' into 'doc' in the mapping. https://code.wireshark.org/review/33111 -- You are receiving this mail because: You are watching

[Wireshark-bugs] [Bug 15773] Enhance to support new FTTB related ANCP TLVs

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15773 Jim Young changed: What|Removed |Added OS|Windows 10 |All Severity|Major

[Wireshark-bugs] [Bug 11463] Buildbot crash output: fuzz-2015-08-23-6110.pcap

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11463 Dario Lombardo changed: What|Removed |Added CC||lom...@gmail.com

[Wireshark-bugs] [Bug 10605] Buildbot crash output: fuzz-2014-10-22-28529.pcap

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10605 Dario Lombardo changed: What|Removed |Added Status|CONFIRMED |RESOLVED CC|

[Wireshark-bugs] [Bug 15773] New: Enhance to support new FTTB related ANCP TLVs

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15773 Bug ID: 15773 Summary: Enhance to support new FTTB related ANCP TLVs Product: Wireshark Version: 3.0.1 Hardware: x86-64 OS: Windows 10 Status: UNCONFIRMED

[Wireshark-bugs] [Bug 15727] TNS request connect defined as malformed

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15727 Dario Lombardo changed: What|Removed |Added CC||lom...@gmail.com --- Comment #1

[Wireshark-bugs] [Bug 15771] Test failures on armhf: add_pfield-time-bytes-local-le-551-4

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15771 Dario Lombardo changed: What|Removed |Added CC||lom...@gmail.com --- Comment #1

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 Dario Lombardo changed: What|Removed |Added CC||lom...@gmail.com --- Comment #1

[Wireshark-bugs] [Bug 15763] elastic-mapping improvements

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15763 --- Comment #15 from Gerrit Code Review --- Change 33112 merged by Dario Lombardo: elastic: change 'template' into 'index_patterns' in the mapping. https://code.wireshark.org/review/33112 -- You are receiving this mail because: You are

[Wireshark-bugs] [Bug 15772] Several test failures on s390x

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772 Alexis La Goutte changed: What|Removed |Added CC||pe...@lekensteyn.nl -- You

[Wireshark-bugs] [Bug 15771] Test failures on armhf: add_pfield-time-bytes-local-le-551-4

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15771 Alexis La Goutte changed: What|Removed |Added CC||pe...@lekensteyn.nl -- You

[Wireshark-bugs] [Bug 15506] Wireshark (sometimes) requires a restart after changing nameres.mac_name

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15506 --- Comment #1 from utente.ex...@tiscali.it --- Created attachment 17116 --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17116=edit Cloned profile requiring Wireshark restart when switching if you switch between this two

[Wireshark-bugs] [Bug 15763] elastic-mapping improvements

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15763 --- Comment #14 from Gerrit Code Review --- Change 33109 merged by Anders Broman: elastic: use correct elastic field types in mapping. https://code.wireshark.org/review/33109 -- You are receiving this mail because: You are watching all

[Wireshark-bugs] [Bug 15735] Add dissection support for NVMe/TCP

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15735 Alexis La Goutte changed: What|Removed |Added Resolution|--- |FIXED

[Wireshark-bugs] [Bug 15735] Add dissection support for NVMe/TCP

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15735 --- Comment #3 from Gerrit Code Review --- Change 32640 merged by Alexis La Goutte: nvme-tcp: Add nvme-tcp dissector https://code.wireshark.org/review/32640 -- You are receiving this mail because: You are watching all bug