Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 230385 - net-analyzer/nmap-4.68 version bump
Summary: net-analyzer/nmap-4.68 version bump
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Michal Januszewski (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-07-01 18:22 UTC by 7v5w7go9ub0o
Modified: 2008-07-02 19:07 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description 7v5w7go9ub0o 2008-07-01 18:22:35 UTC
nmap version bump Nmap 4.68

Reproducible: Always
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2008-07-01 19:03:48 UTC
# Nmap Changelog ($Id: CHANGELOG 8515 2008-06-29 09:37:46Z fyodor $); -*-text-*-

Nmap 4.68 [2008-6-28]

o Doug integrated all of your version detection submissions and
  corrections for the year up to May 31.  There were more than 1,000
  new submissions and 18 corrections.  Please keep them coming!  And
  don't forget that corrections are very important, so do submit them
  if you ever catch Nmap making a version detection or OS detection
  mistake.  The version detection DB has grown to 5,054 signatures
  representing 486 service protocols.  Protocols span the gamut from
  abc, acap, access-remote-pc, activefax, and activemq, to zebedee,
  zebra, zenimaging, and zenworks.  The most popular protocols are
  http (1,672 signatures), telnet (519), ftp (459), smtp (344), and
  pop3 (201).

o Nmap compilation on Windows is now done with Visual C++ Express 2008
  rather than 2005.  Windows compilation instructions have been
  updated at http://nmap.org/book/inst-windows.html#inst-win-source .
  [Kris]

o The Nmap Windows self-installer now automatically installs the MS
  Visual C++ 2008 runtime components if they aren't already installed
  on a system.  These are some reasonably small DLLs that are
  generally necessary for applications compiled with Visual C++ (with
  dynamic linking).  Many or most systems already have these installed
  from other software packages.  The lack of these components led to
  the error message "The Application failed to initialize properly
  (0xc0150002)." with Nmap 4.65.  A related change is that Nmap on
  Windows is now compiled with /MD rather than /MT so that it
  consistently uses these runtime libraries.  The patch was created by
  Rob Nicholls.

o Added advanced search functionality to Zenmap so that you can locate
  previous scans using criteria such as which ports were open, keywords
  in the target names, OS detection results. etc.  Try it out with
  Ctrl-F or "Tools->Search Scan Results". [Vladimir]

o Nmap's special WinPcap installer now handles 64-bit Windows machines
  by installing the proper 64-bit npf.sys. [Rob Nicholls]

o Added a new NSE Comm (common communication) library for common
  network discovery tasks such as banner-grabbing (get_banner()) and
  making a quick exchange of data (exchange()).  16 scripts were
  updated to use this library. [Kris]

o The Nmap Scripting Engine now supports mutexes for gracefully
  handling concurrency issues.  Mutexes are documented at
  http://nmap.org/book/nse-api.html#nse-mutex . [Patrick]

o Added a UDP SNMPv3 probe to version detection, along with 9 vendor
  match lines. The patch was from Tom Sellers, who contributed other
  probes and match lines to this release as well.

o Added a new timing_level() function to NSE which reports the Nmap
  timing level from 0 to 5, as set by the Nmap -T option.  The default
  is 3. [Thomas Buchanan]

o Update the HTTP library to use the new timing_level functionality to
  set connection and response timeouts. An error preventing the new
  timing_level feature from working was also fixed.  [Jah]

o Optimized the doAnyOutstandingProbes() function to make Nmap a bit
  faster and more efficient.  This makes a particularly big difference
  in cases where --min-rate is being used to specify a very high
  packet sending rate. [David]

o Fixed an integer overflow which prevented a target specification of
  "*.*.*.*" from working.  Support for the CIDR /0 is now also
  available for those times you wish to scan the entire
  Internet. [Kris]

o The robots.nse has been improved to print output more compactly and
  limit the number of entries of large robots.txt files based on Nmap
  verbosity and debugging levels. [Eddie Bell]

o The Nmap NSE scripts have been re-categorized in a more logical
  fashion.  The new categories are described at
  http://nmap.org/book/nse-usage.html#nse-categories . [Kris]

o Improve AIX support by linking against -lodm and -lcfg on that
  platform. [David]

o Updated showHTMLTitle NSE script to follow one HTTP redirect if
  necessary as long as it is on the same server. [Jah]

o Michael Pattrick and David created a new OSassist application which
  streamlines the OS fingerprint submission integration process and
  prevents certain previously common errors.  OSassist isn't part of
  Nmap, but the system was used to integrate some submissions for this
  release.  13 fingerprints were added during OSassist testing, and
  some existing fingerprints were improved as well.  Expect many more
  fingerprints coming soon.

o Improved the mapping from dnet device names (like eth0) and WinPcap
  names (like \Device\NPF_{28700713...}).  You can see this mapping
  with --iflist, and the change should make Nmap more likely to work
  on Windows machines with unusual networking configurations. [David]

o Service fingerprints in XML output are no longer be truncated to 2kb.
  [Michael]

o Some laptops report the IP Family as NULL for disabled WiFi cards.
  This could lead to a crash with the "sin->sin_family == AF_INET6"
  assertion failure.  Nmap no longer quits when this is
  encountered. [Michael]

o On systems without the GNU getopt_long_only() function, Nmap has its
  own replacement.  That replacement used to call the system's
  getopt() function if it exists.  But the AIX and Solaris getopt()
  functions proved insufficient/buggy, so Nmap now always calls its own
  internal getopt() now from its getopt_long_only()
  replacement. [David]

o Integrated several service match lines from Tom Sellers.

o An error was fixed where Zenmap would crash when trying to load from
  the recent scans database a file containing non-ASCII characters. The
  error looked like
    pysqlite2.dbapi2.OperationalError: Could not decode to UTF-8 column
      'nmap_xml_output' with text
    '
    = 0.0" assertion failed.  I think the problem was
  actually caused by SMP machines which didn't sync the clock time
  perfectly.  This lead to gettimeofday() sometimes reporting that
  time decreased by some microseconds.  Now Nmap is willing to
  tolerate decreases of up to 1 millisecond in this function. [Fyodor]

o Nmap now returns correct values for --iflist in windows even
  if interface aliases have been set. Previously it would misreport
  the windevices and not list all interfaces. [Michael]

o Nmap no longer crashes with an 'assert' error when its told to
  access a disabled WiFi NIC on some laptops. [Michael]

o Upgraded the OpenSSL shipped for Windows to 0.9.8h. [Kris]

o The NSE http library was updated to gracefully handle certain bogus
  (non-)http responses. [Jah]

o The zoneTrans.nse script now takes a "domain" script argument to
  specify the desired domain name to transfer.  You can narrow the
  scope down with the form "zoneTrans={domain=xxx}". [Kris]

o Increase write buffer length for Nmap output on Windows. This should
  prevent error messages like: "log_vwrite: vnsprintf failed.  Even
  after increasing bufferlen to 819200, Vsnprintf returned -1 (logt ==
  1)."  Thanks to prozente0 for the report. [Fyodor]

o Fixed the --script-updatedb command, which was claiming to be
  "Aborting database update" even when the update was performed
  perfectly.  See http://seclists.org/nmap-dev/2008/q2/0623.html .
  Thanks to Jah for the report.
Comment 2 Michal Januszewski (RETIRED) gentoo-dev 2008-07-01 19:27:42 UTC
Added to CVS.  Thanks for notifying us about the new version.
Comment 3 7v5w7go9ub0o 2008-07-01 19:33:17 UTC
1. Should I put the "change file" notes in the original report?

2. How many days should I wait before reporting "version bumps"? (e.g. wireshark updated Jun 30 with a security fix, but I was going to wait 'til Thursday or so -- don't want to irritate volunteers who keep Gentoo going)

Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2008-07-01 20:03:08 UTC
(In reply to comment #3)
> 1. Should I put the "change file" notes in the original report?

No, it's just something *I* irregularly do because sometimes a version bump includes a security fix, and then it needs to be handled differently.

> 2. How many days should I wait before reporting "version bumps"? (e.g.
> wireshark updated Jun 30 with a security fix, but I was going to wait 'til
> Thursday or so -- don't want to irritate volunteers who keep Gentoo going)

There are developers who despise "zero day version bump bugs" but they're just jealous. ;-)
Comment 5 Michal Januszewski (RETIRED) gentoo-dev 2008-07-02 19:07:01 UTC
FWIW, as far as I'm concerned both are fine (i.e. 0-day version bumps and changelog excerpts in the bug reports).