["Jun Ma" <sync.jma@xxxxxxxxx>]

Good to know that.

2007/11/16, Gianluca Varenni <gianluca.varenni@xxxxxxxxxxxx>:
> As of today, WinPcap 4.1 beta2 is available in the download section of
> the WinPcap website, http://www.winpcap.org/install/ .
>
> This new software release includes several improvements and changes to
> both the library itself and its developer's pack. First of all, it
> fixes a security vulnerability in the kernel driver reported by the
> iDefense Labs in the security advisory available at
>  http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
>
> It also includes the latest available snapshot of libpcap (1.0
> branch).
> >From the developer's point of view, this version ships with a cleaned
> up update of the developer's pack. Some header files that were wrongly
> included in the old developer's pack (including some coming from the
> Microsoft platform SDK) have been removed. Other files have been
> consolidated or split into internal header files (used for the build
> of the binaries) and public header files.
> Full details can be found in the change log attached at the end of
> this message.
>
> Being a beta release, as usual, we encourage people to test it and
> report any anomaly or strange behavior to the WinPcap mailing lists.
>
> In particular, we strongly encourage all the developers to try
> compiling all their WinPcap-based applications against the new WinPcap
> developer's pack and report any compilation issue to the winpcap-bugs
> mailing list (winpcap-bugs<AT>winpcap.org).
>
> Gianluca Varenni
> WinPcap Team
>
>
>
> Changelog from WinPcap 4.0.1
> ============================
>
> - Disabled support for monitor mode (also called TME, Table Management
>  Extensions) in the driver. This module suffers from several security
>  vulnerabilities that could result in BSODs or privilege escalation
>  attacks. This fix addresses a security vulnerability reported by the
>  iDefense Labs at
>  http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
>
> - Added a small script to integrate the libpcap sources into the
>  WinPcap tree automatically.
>
> - Moved the definition of all the I/O control codes to ioctls.h.
>
> - Cleaned up and removed some build scripts for the developer's pack.
>
> - Migrated the driver compilation environment to WDK 6000.
>
> - Enabled PreFAST driver compilation for the x64 build.
>
> - Added some doxygen directives to group the IOCTL codes and JIT
>  definitions in proper groups.
>
> - Integrated the IOCTL codes into one single set shared by packet.dll
>  and driver.
>
> - Modified the installer to return the win32 error code instead of -1
>  in case of failure in the error messages.
>
> - Added some #define directives to selectively disable the TME
>  functionality for WAN (i.e. Netmon-assisted) devices.
>
> - Added a VS2005 project to easily edit the files of the driver.
>
> - Removed some useless #include directives in the driver and
>  packet.dll.
>
> - Migrated several conditional directives (#ifdef/#endif) to the
>  defines of the DDK/WDK e.g. _X86_ and _AMD64_.
>
> - Added a check to warn users that remote-ext.h should not be included
>  directly.
>
> - Removed ntddndis.h from the WinPcap sources. It's included into the
>  Microsoft Platform SDK.
>
> - Removed devioctl.h from the WinPcap sources. It's included into the
>  Microsoft DDK/WDK.
>
> - Removed ntddpack.h from the WinPcap sources. It's an old header file
>  from the original DDK Packet sample, and it's not used by WinPcap.
>
> - Removed several useless files from the WinPcap developer's pack:
>  + all the TME extension header files
>  + devioctl.h
>  + gnuc.h
>  + ntddndis.h
>  + ntddpack.h
>  + pcap-int.h.
>
> - Bug fixing:
>  + Fixed a possible buffer overrun on x64 machines with more that 32
>    CPUs/cores.
>  + Fixed an implicit cast problem compiling the driver on x64.
>  + Fixed a bug in the installer causing a mis-detection of a previous
>    WinPcap installation.
>  + Fixed two bugs related to memory deallocation in packet.dll. We
>    were using free() instead of GlobalFreePtr(), and there was a
>    missing check as to when to deallocate a chunk of memory.
>  + Added a missing NULL pointer check in pcap_open().
>  + Moved a misplaced #ifdef WIN32 in pcap_open().
>  + Fixed a bug in the send routine of the driver that could cause a
>    crash under low resources conditions.
>
> =========
>
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>
>
>


-- 
I want to be an expert.
I want to be a professional.