File: ChangeLog

package info (click to toggle)
wireshark 4.6.4-1
links: PTS, VCS
area: main
in suites: sid
size: 351,436 kB
sloc: ansic: 3,103,613; cpp: 129,736; xml: 100,978; python: 56,510; perl: 24,575; sh: 5,874; lex: 4,383; pascal: 4,304; makefile: 164; ruby: 113; objc: 91; tcl: 35
file content (1096 lines) | stat: -rw-r--r-- 34,674 bytes
commit a48895bcb6
Author: Gerald Combs <gerald@wireshark.org>
Date:   Wed Feb 25 08:40:10 2026 -0800

    Build: 4.6.4 [skip ci]

commit c046267a60
Author: Giovanni Musto <giovanni.musto@italdesign.it>
Date:   Wed Feb 25 09:09:17 2026 +0100

    BLF: Avoid error in case of truncated log container

    (cherry picked from commit 84fbadc5229ee785a1610ccb349a90f7e8fd854e)

    Co-authored-by: Giovanni Musto <giovanni.musto@italdesign.it>

commit 5e5a67852f
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Feb 24 08:46:43 2026 -0500

    IEEE802.11: Do not try to retrieve Special User Info in HE Trigger

    In a Trigger Control frame, if the Special User Info flag indicates that
    the Special User Info is not present (i.e., HE PHY), do not try to
    retrieve the Special User Info, as that can cause a malformed error by
    attempting to read bytes that aren't there.

    When determining how to dissect the Common Info, we only need the
    PHY Version Identifier, which is carried in three bits in the first
    two octets, so only retrieve what we need instead of the entire
    64-bit quantity, to minimize unnecessary exceptions.

    Fixup b84900c5fbe573730d115c0ce9247327e36daf44

    Fix #21032

    AI-Assisted: no
    (cherry picked from commit b05551fe3a2733adddb00259bb44d23f9e86bb46)

commit 2d3f54f31d
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Feb 24 15:46:08 2026 -0800

    CMake: Update GnuTLS to 3.8.12

    AI-Assisted: no
    (cherry picked from commit d3fba774c1a00b17d3d0c6f964ad92285ee59f85)

commit e5b7ab31f6
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Feb 23 13:15:54 2026 -0800

    extcap: Update our SSH configuration location on Windows

    "%d" expands to the user's home directory, so we need to append
    ".ssh\config" instead of "config".

    AI-Assisted: no
    (cherry picked from commit 81b24a356cd6e487d8f975c8c93be5817ddfb9c1)

commit b00d934d23
Author: John Thacker <johnthacker@gmail.com>
Date:   Fri Oct 17 16:27:18 2025 -0400

    extcap: Do not try to read c:\etc\ssh\ssh_config on Windows

    libssh by default tries to read /etc/ssh/ssh_config on all OSes.
    OpenSSH Portable for Windows by default doesn't create a systemwide
    ssh_config, and if it does, it puts it in %ProgramData%\ssh and
    has to check permissions because it might be owned and writable
    by a non-admin user. Since C:\etc does not exist by default on
    Windows, that's a possible security issue.

    https://github.com/PowerShell/openssh-portable/blob/latestw_all/ssh.c#L591-L597
    https://github.com/PowerShell/openssh-portable/blob/latestw_all/contrib/win32/openssh/config.h.vs#L1723

    Only read from the OpenSSH default configuration file in the user
    home directory on Windows.

    Fix #20806.

    (cherry picked from commit 845c005ab8549b4a84a11d1d2505effad2c00528)

commit bb06340f38
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Feb 23 14:56:59 2026 -0800

    Prep for 4.6.4

commit 9ee1b012fc
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Feb 22 10:18:32 2026 +0000

    [Automatic update for 2026-02-22]

    Update manuf, services enterprise numbers, translations, and other items.

commit 3b5ad0d491
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sat Feb 14 09:59:22 2026 -0800

    CMake: Update libssh to 0.11.4

    AI-Assisted: no
    (cherry picked from commit 29bbb0d874e0051ba446fe2c90306151e63ceab3)

commit 1bb4e7cf93
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Feb 18 11:19:04 2026 -0800

    tshark: add some additional WS_EXIT_ codes and use them.

    In tshark, instead of exiting with 2, which means "invalid capture
    interface specified", exit with codes that specify the problem that
    occurred.

    Also, give WS_EXIT_NOW a value that's *not* a valid UN*X exit status, as
    it doesn't mean "exit with this exit status", it means "the command-line
    options processed by the routine told us to print something and quit,
    and we already successfully printed what we were told to print, to just
    exit now with EXIT_SUCCESS", and this means we don't have to renumber it
    if we add a new real exit code. Add comments in various places
    explaining this.

    (cherry picked from commit 9c4cbd8513c856c5749d73f3c22481df6343db41)

    AI-Assisted: no

commit b1567ea018
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Feb 18 02:03:53 2026 +0000

    tshark, strato: fix exit status.

    Exit with WS_EXIT_INVALID_FILTER, not WS_EXIT_INVALID_INTERFACE, if the
    read filter isn't valid.

    (cherry picked from commit e53cc35bc7fa3740ead1b3afa6c210f59c12e54b)

    Co-authored-by: Guy Harris <gharris@sonic.net>

commit 64ad4b1b3a
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Feb 15 10:23:50 2026 +0000

    [Automatic update for 2026-02-15]

    Update manuf, services enterprise numbers, translations, and other items.

commit a0852e4e07
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Thu Feb 12 18:26:15 2026 +0000

    SOCKS: Check the matched port not just the default port

    SOCKS supports Decode As, so when determining the direction
    check the matched port, not just the IANA assigned port.
    There's no heuristic dissector, so pinfo->match_uint is
    always set.

    AI-Assisted: no

    (cherry picked from commit d823f0deab7b6769a47a6cfacb9d46f42a142bb9)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 799bef23ff
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Thu Feb 12 18:23:41 2026 +0000

    Fix const pointer usage for gcc.

    AI-Assisted: no

    (cherry picked from commit 96d27343151d90a3de642d6544f969392ccffe73)

    Co-authored-by: Dexter Gerig <dexgerig@gmail.com>

commit acebe751e6
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Tue Feb 10 19:32:37 2026 +0100

    Diameter: add a missing 3GPP RAT-Type AVP value

    AI-Assisted: no

    (cherry picked from commit 822055418e407d9cd9ca94384431fe388498aa4c)

    Co-authored-by: Pascal Quantin <pascal@wireshark.org>

commit 7bf88b6772
Author: Guy Harris <gharris@sonic.net>
Date:   Tue Feb 10 02:19:15 2026 +0000

    tshark: remove an extra semicolon.

    AI-Assisted: no

    (cherry picked from commit 0dfb765d2584e036440e23e4c316c72e7b0be4b1)

    Co-authored-by: Guy Harris <gharris@sonic.net>

commit 46a5a86d9d
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Mon Feb 9 23:31:48 2026 +0100

    Diameter update 3GPP RAT-Type AVP values

    Based on 3GPP 29.212 v19.1.0.
    Fixes #21012

    AI-Assisted: no

    (cherry picked from commit a4ace7abcb885463108e96171d6ef2bf96cbe659)

    Co-authored-by: Pascal Quantin <pascal@wireshark.org>

commit 148642eff9
Author: Guy Harris <gharris@sonic.net>
Date:   Mon Feb 9 20:05:32 2026 +0000

    tshark: handle errors when printing packet dissection information.

    Have the "process a packet" routines that print packet dissection return
    an enum with 3 values - packet passed the read filter, packet didn't
    pass the read filter, and packet passed the read filter but we got an
    error writing out the results of the packet dissection.

    In those routnes, explicitly check the return value of `print_packet()`,
    and explicitly check for an error from `fflush()`, rather than just
    checking for an error on the standard output after doing all that; this
    makes it clearer that we *are*, in fact, checking for errors.

    If we get an error writing out the results of the packet dissection,
    stop processing packets:

    - The most likely case is probably "we're piping tshark output to sme
      other program, and that program exited before reading all the output",
      e.g. piping to `head -N`. We should stop, so we don't waste time
      dissecting packets when whoever we're piping the dissections to isn't
      listening any more.

    - The next most likely case is probably "we ran out of space in the file
      system", in which case we shouldn't keep hammering on that file
      system.

    - TH thrid most likely case is probably "we exceeded our quota on that
      file system", in which case we should just stop so the user can get
      rid of the dissection file and either give up or ask the system
      administrator for a larger quota.

    To do that, add a new error, PASS_PRINT_ERROR, to pass_status_t, so that
    the "process packets" routines can report this error.

    Fix #21011.

    AI-Assisted: no

    (cherry picked from commit 57b70ca886787c59497bf87013df486664499f71)

    Co-authored-by: Guy Harris <gharris@sonic.net>

commit a10a288979
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Feb 8 10:18:33 2026 +0000

    [Automatic update for 2026-02-08]

    Update manuf, services enterprise numbers, translations, and other items.

commit f88e26d3d9
Author: John Thacker <johnthacker@gmail.com>
Date:   Sun Feb 8 00:20:43 2026 +0000

    SOCKS: Create a proxy conversation for each outer conversation

    To support multiple SOCKS over TCP connections on the same outer
    5-tuple (consecutively, of course, not concurrently), associate the
    inner proxy conversation with the outer conversation, and create
    a new inner conversation when the outer conversation changes.

    Fix #21006

    AI-Assisted: no

    (cherry picked from commit 624e46fb5545503ea42cfa26cabeb093f01502bf)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 0c4c5a531f
Author: John Thacker <johnthacker@gmail.com>
Date:   Sat Feb 7 02:31:46 2026 +0000

    RF4CE: Check that the input data is long enough

    Prevent illegal memory access.

    Fix: #21009

    AI-Assisted: no

    (cherry picked from commit 17215397c1a5fbb2ef8764b3ec29ec45cde9c153)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit c0c3f1489d
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Fri Feb 6 11:59:14 2026 +0100

    silabs-dch: deal with potential 0x00 garbage byte in Wi-Sun Payloads

    (cherry picked from commit 5d3123f6e81420a4febe1da86a22d260f014222f)

    Co-authored-by: Dhruv Chandwani <dhchandw@silabs.com>

commit 41cd8351b4
Author: John Thacker <johnthacker@gmail.com>
Date:   Fri Feb 6 05:55:03 2026 -0500

    TDS: Fix dissection of variable-length data types in RPC

    DATENTYPE does not have a column maximum length (TYPE_VARLEN) because
    the length is fixed at 3 if non-NULL.

    Retrieve the SCALE value and pass it to dissect_tds_type_varbyte so that
    the types which have a length that depends on the SCALE (TIMENTYPE,
    DATETIME2NTYPE, and DATETIMEOFFSETNTYPE) are dissected correctly.

    Fix the retrieval and display of variable length integers when 64-bit
    and of variable length floats; the incorrect offset (the offset of the
    length value) was being used instead.

    https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-tds/cbe9c510-eae6-4b1f-9893-a098944d430a

    Fix: #21001

    AI-Assisted: no
    (backported from commit 15ffb508bba4945beba8df98bc32c486e6a8ec23)

commit 63cecf3f87
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Feb 6 11:44:24 2026 +0000

    sgp22: ProfileInstallationResult is a response

    (cherry picked from commit d88ba3d22ebce8965f4bf54215080c3136b9c5a8)

    Co-authored-by: Stig Bjørlykke <stig@bjorlykke.org>

commit 31beefa73d
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Feb 6 10:57:51 2026 +0000

    gsm_sim: STORE DATA Le is only present for last block

    Change the check for STORE DATA Le to only be valid for last block.
    This will give an expert info if Le is present when more blocks
    expected.

    Ping #20141

    (cherry picked from commit c766203b6762a9ea1af729882f9f8fdb9de488a1)

    Co-authored-by: Stig Bjørlykke <stig@bjorlykke.org>

commit 6db8ce26ac
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Feb 6 08:36:54 2026 +0000

    at: Make AT+CSIM quotes optional

    Check if quotes are used in AT+CSIM.

    (cherry picked from commit 5354910b63c12481ecb56071c33b110c3c91a3a4)

    Co-authored-by: Stig Bjørlykke <stig@bjorlykke.org>

commit dbdbea73c0
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Feb 6 08:36:15 2026 +0000

    gsm_sim: Append to Info column

    Append to the Info column for both command and response.
    Add a separator from the previous dissector.

    (cherry picked from commit c2e4c36333b725056c8025a28a32baffaab1caff)

    Co-authored-by: Stig Bjørlykke <stig@bjorlykke.org>

commit 4314890a02
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Feb 6 08:35:26 2026 +0000

    mbim: Combine UICC response APDU and status

    The GSM SIM dissector requires that a UICC response APDU always
    end with SW1SW2. Combine the response APDU and the status.

    Ping #20141

    (cherry picked from commit 0c957b0c82ac0d90e4c4ec3e910c6b48fd840bc4)

    Co-authored-by: Stig Bjørlykke <stig@bjorlykke.org>

commit ebd9612c8c
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Thu Feb 5 19:56:54 2026 +0100

    NAS-5GS: more correction of Rejected NSSAI

    Utilize existing S-NASSI function to represent values correctly

    (cherry picked from commit bd727a92182fb98def580f0afc24e03f11992543)

    Co-authored-by: Joakim Karlsson <oakimk@gmail.com>

commit 73d4e7eaff
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Thu Feb 5 19:55:45 2026 +0100

    NTS-KE: check alpn string presence before calling strcmp()

    Fixed #21000

    AI-Assisted: no

    (cherry picked from commit 5fdfc5780454f9d41e7f462578126e1149f0a04d)

    Co-authored-by: Pascal Quantin <pascal@wireshark.org>

commit a407f55579
Author: Guy Harris <gharris@sonic.net>
Date:   Thu Feb 5 11:43:00 2026 +0000

    blf: expand the interface mapping when a new IDB is supplied when dumping.

    Writers get notified when a new IDB is added to the list for the output
    file; respond to that notification by expanding the interface mapping as
    needed.

    Fix #20976.

    AI-Assisted: no

    (cherry picked from commit 38eafd37d695dec2ba686edec9f2fa0ba85f8fd0)

    Co-authored-by: Guy Harris <gharris@sonic.net>

commit 36791c8765
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Mon Feb 2 18:19:13 2026 +0100

    wiretap: fix crash in handling of BLF as output format

    Actually check if blf_dump_get_interface_mapping() succeeds.

    Fixes #20976

    (cherry picked from commit 2b163010fdcb8c824f9047dfa582c203b06f827c)

    AI-Assisted: no

commit b11e9c6757
Author: Guy Harris <gharris@sonic.net>
Date:   Thu Feb 5 07:27:45 2026 +0000

    validate-commit.py: show what the subject line is if it's too long now is the time to come for all good men to come to the aid of the party

    This should make it easier to debug cases where the line *isn't* too
    long but the script complains that it is.

    (Yes, this one is too long. This is for testing purposes.)

    (cherry picked from commit f9ff139143c1d5fdd866fd6e883998594af3e019)

    Co-authored-by: Guy Harris <gharris@sonic.net>

commit b863f23d7f
Author: Guy Harris <gharris@sonic.net>
Date:   Thu Feb 5 00:40:21 2026 +0000

    BLF: Fix leaks when dumping

    Free the dynamically allocated parts of the blf_writer_data_t
    structure when finishing. Also free them if the open fails,
    as wtap_dump_open_finish does not call the subtype_finish if
    the subtype_open fails.

    Fix expanding the interface to channel array; GArrays copy values
    when calling g_array_append_vals, so that was leaking the
    newdata array.

    (cherry picked from commit 65f766763b7a5f7c2ade38ecbffe4d913585c16b)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 50d3c2d23d
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Feb 4 23:57:27 2026 +0000

    BLF: Make formatting consistent

    (cherry picked from commit a4242884b7300fa21ce5c47e733c8094c9a9924a)

    Co-authored-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>

commit 8a96f9ca0f
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Wed Feb 4 20:17:09 2026 +0000

    IPV6: adding NAT64 /48 to wildcard prefix

    adding this /48 to the wildcard will allow for the targeting of the 3rd quartet when using a /96 as your prefix length

    (cherry picked from commit da6bf13ef0f00e13b0094f236acd32194a0c74f8)

    Co-authored-by: Mark Stout <mark.stout@markstout.com>

commit a082b4ed54
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Feb 4 21:29:29 2026 +0000

    blf: Check for wtap_dump_file_tell failing

    This shouldn't fail after writing_must_seek is set to true
    by the previous commit, but check anyway.

    Coverity CID 1659231

    (cherry picked from commit 00a735ccfc9ce30d09210239f459f480ecf11ebf)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit d3e7e35f11
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Feb 4 20:32:28 2026 +0000

    tools: handle commit messages from commit -v

    git commit -v will add the diff to the commit message during editing,
    but will remove it from the final commit message. This is not done with
    comments (#) like other lines, but with a special marker pattern that
    looks like # -- >8 --. Anything below this line will be removed from the
    actual commit message, so the validation script doesn't have to consider
    it.

    AI-Assisted: no

    (cherry picked from commit b10df896cca6f1bbd3d3620bc9522875506db630)

    Co-authored-by: Martin Nyhus <martin@nyhus.dev>

commit ce9511ac39
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Wed Feb 4 10:13:38 2026 +0100

    artnet: Fix wrong RDM Status for Output Status

    Fix: #20980

    (cherry picked from commit 7551171435761167d44f8b37ec2fef9502ca7daf)

    Co-authored-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

commit 09690afd1d
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Feb 4 02:56:20 2026 +0000

    pcapng: Fix writing Custom Options containing a UTF-8 string

    Include the length of the PEN.
    Also, since pcapng_write_custom_string_option writes nothing
    if the total size is > 65535, return 0 in that case.

    Fix #20978

    AI-Assisted: no

    (cherry picked from commit 82db2faf45a2a12cd411f04a431ed3405b12c9e7)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 6abc8aea00
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Feb 4 03:00:58 2026 +0000

    Zigbee Direct: Set necessary packet pointer to the global short_table

    The Zigbee NWK dissector requires a ieee802154_packet structure to be
    passed as dissector data. When Zigbee Direct is used to tunnel Zigbee
    NPDUs, there is no IEEE 802.15.4 MAC layer and header to fill that out.

    A zeroed out packet structure has been passed in, but apparently that
    packet structure should always contain a pointer to a global lookup
    table. (The Zigbee NWK dissector might need some checking to see if
    the address is already set, etc.)

    Also set the COL_PROTOCOL fence immediately before calling the
    Zigbee NWK dissector, and insert a separator.

    Fix #20977

    AI-Assisted: no

    (cherry picked from commit 029738e8f7736fe65cda10c1995d343fc7cd2751)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit c033983005
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Feb 3 23:37:23 2026 +0000

    pcapng-darwin-custom: Fix option length handling

    When writing an option, the padding need to be written, so pad the
    uint16 options.

    When reporting the size of an option, the padding is not included, but
    the whole length is included (so report the value from strlen, not the
    amount of padding to make it a multiple of 4.) However, options larger
    than 65535 aren't written.

    Fix #20991

    AI-Assisted: no

    (cherry picked from commit 3bd23100c43430c5a6eb3fa4e1353c2c93187c12)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 7761a297ac
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Feb 3 21:54:43 2026 +0000

    Zigbee Direct: Make sure a loop iterates

    The loop variable i was not advanced when a test was false, resulting
    in an infinite loop. Use for loops for clarity. Also switch to using
    a GHashTableIter, which is faster than creating a list of all the values
    and also doesn't require freeing. (It was previously leaking.)

    AI-Assisted: no

    (cherry picked from commit e9183fadd2266dfd64d4984c293301cc247ca5d2)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit e236891954
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Tue Feb 3 20:33:44 2026 +0100

    NAS-5GS: correction of Rejected NSSAI

    Use of correct offset value

    (cherry picked from commit 1f2a9840894498f9b8226a305f66b465013f21ab)

    Co-authored-by: Joakim Karlsson <oakimk@gmail.com>

commit 8e494ede48
Author: John Thacker <johnthacker@gmail.com>
Date:   Mon Feb 2 14:33:37 2026 +0000

    CMake: Qt 6.10 requires macOS 13

    Qt 6.10 (and 6.11) requires macOS 13 and higher.

    https://doc-snapshots.qt.io/qt6-6.10/supported-platforms.html

    AI-Assisted: no

    (cherry picked from commit a7b6bb8162fd764b57b7dfd0eccc44947d6daa43)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 4041fa534f
Author: John Thacker <johnthacker@gmail.com>
Date:   Sun Feb 1 15:29:54 2026 +0000

    rsa: Use proper free function

    gnutls_x509_privkey_export_rsa_raw() allocates buffers with
    gnutls_malloc() and they must be freed with gnutls_free().

    AI-Assisted: no

    (cherry picked from commit 5b1dfffd1869c5c08859b01c1e21bedb82ce3799)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit d1abe80ab2
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Feb 1 10:18:38 2026 +0000

    [Automatic update for 2026-02-01]

    Update manuf, services enterprise numbers, translations, and other items.

commit 5069211216
Author: John Thacker <johnthacker@gmail.com>
Date:   Sat Jan 31 17:16:57 2026 +0000

    GitLab CI: Clear our Python virtual environments

    AI-Assisted: no

    (cherry picked from commit 634e2aaa0f833dc8e197840017835cb80397795a)

    Co-authored-by: Gerald Combs <gerald@wireshark.org>

commit 12ca26efc2
Author: John Thacker <johnthacker@gmail.com>
Date:   Sat Jan 31 16:46:47 2026 +0000

    Qt: Always update WelcomePage style sheet on ApplicationPaletteChange

    WelcomePage sets a style sheet on all platforms that depends on the
    Application palette, which means that it needs to update when there is
    an ApplicationPaletteChange event in order to get the new colors.

    On Windows it is less necessary, but that is only because the Style
    is switched back and forth between fusion and windowsvista on dark and
    light modes, respectively, which has a side effect of redrawing all
    the widgets. It is necessary on Linux.

    AI-Assisted: no

    (cherry picked from commit 4b7c3df411d74227b0b8cfe46b6e68091728560e)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 5c73214dc9
Author: Anders Broman <a.broman58@gmail.com>
Date:   Thu Jan 29 17:13:11 2026 +0100

    Update glib bundle on MacOS and Windows

    Combine the next commit to fix a typo

    AI-Assisted: no

    (cherry picked from commit f6b40f9d1212b80db8d6d1a687ec389a2991a5bc)
    (cherry picked from commit c507160fac67952fb45d27154da60484e5231b51)

commit c7bc52f761
Author: John Thacker <johnthacker@gmail.com>
Date:   Sat Jan 31 13:57:44 2026 +0000

    Qt: Use Application attribute UseStyleSheetPropagationInWidgetStyles

    We have a lot of style sheets that base their colors on the main
    application palette, so have palette changes propagated.

    Ping #20774

    AI-Assisted: no

    (cherry picked from commit abb7413f62b56c70229a5292c5687d37923aa2c5)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 78557dd19a
Author: John Thacker <johnthacker@gmail.com>
Date:   Fri Jan 30 16:11:23 2026 +0000

    CMake+Windows: Update WinSparkle to 0.9.2

    Switch to a layout that conforms to vcpkg. Add version discovery.

    (cherry picked from commit cee55f5d44b1ade12b680fd65f9ce38dd443e749)

    Co-authored-by: Gerald Combs <gerald@wireshark.org>

commit ba39a72576
Author: John Thacker <johnthacker@gmail.com>
Date:   Fri Jan 30 14:47:11 2026 +0000

    secrets: Fix return type

    The GnuTLS return types are ints and negative on error. Casting it to a
    bool makes all errors into positive one, which obscures the failure.

    This probably worked ok before converting to C99 types
    ( 2562674df0d294223d49ee9dfea7cc9680b00098 ) because a gboolean is
    really a int, and casting back and forth between an int and a
    gboolean doesn't coerce the value into 1 the way it does with a
    stdbool bool.

    AI-Assisted: no

    (cherry picked from commit 806af16d88d0fc7adbaa24f984995e4779a40604)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 48c61354bb
Author: Anders Broman <a.broman58@gmail.com>
Date:   Fri Jan 30 14:24:43 2026 +0100

    packet-isakmp: IKEv2 EMERGENCY_CALL_NUMBERS Notify payload cannot be decoded

    MCC was added to the IE at some point.

    Added decoding of MCC and use common code to dissect the list.
    Closes #20974

    AI-Assisted: no

    (cherry picked from commit 796b7a01ae8b0f2afd17038a8aafeacb978d7467)

    Co-authored-by: Anders Broman <a.broman58@gmail.com>

commit 752d3f641d
Author: John Thacker <johnthacker@gmail.com>
Date:   Fri Jan 30 01:48:11 2026 +0000

    CMake: Update c-ares to 1.34.6

    (cherry picked from commit 97271e5b21fa1f317f2c6c8094cb47f92037fb3a)

    Co-authored-by: Gerald Combs <gerald@wireshark.org>

commit 56a28b25db
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Jan 29 14:18:56 2026 +0000

    wtap: don't include "pcapng.h" in "pcapng_module.h"

    It is not needed anymore and it's not a public header.

    Signed-off-by: Adrian Moreno <amorenoz@redhat.com>

    (cherry picked from commit 67461cbb463f5d0bc4571f67e7a5981fc8ce6088)

    Co-authored-by: Adrian Moreno <amorenoz@redhat.com>

commit bb32f1e1b7
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Tue Jan 27 13:54:00 2026 +0100

    packget-bgp.c: Fix bgp cluster-list dissector

    No need to use fixed buffer offset when correct adjustment is made
    beforehand.

    AI-Assisted: no

    (cherry picked from commit 6077ce6d619285f949f52b7ea829372228735f9b)

    Co-authored-by: ajauntevs <aleksis.jauntevs@ml1.net>

commit 168bf05775
Author: Michael Mann <mmann78@netscape.net>
Date:   Mon Jan 26 16:44:37 2026 +0000

    USB-HID: Bugfix resource exhaustion in parse_report_descriptor()

    Sanity range check was removed in 739666a7f5acc270204980e01b4069caf5060f30, restore it

    AI-Assisted: no
    Fixes #20972

    (cherry picked from commit 6f753c79b7c8ac382e6383dfabd7d5be6e2b722c)

    Co-authored-by: Michael Mann <mmann78@netscape.net>

commit d8c9a841b6
Author: John Thacker <johnthacker@gmail.com>
Date:   Sun Jan 25 15:23:42 2026 +0000

    MySQL: Fix random access dissection of frames with compression

    Compression does not start until the OK packet at the end of the
    handshake. Some authentication packets can be sent in the handshake
    after both sides agree on the compression capabilities but before
    that OK packet.

    Dissection can occur out of order via the user clicking on frames
    in the Wireshark GUI, so only advance the compression state
    o the compression init state when the compression state is
    in the no compression state, which will only be on the first pass.
    Also indicate that the first compressed frame is after the OK packet,
    not when the capabilities are agreed.

    Otherwise, the capture file from !10248 does not dissect frame 8
    correctly if the user clicks on frame 9 or later with MySQL and then
    back to frame 8, and also does not properly compress if selecting
    frame 6 (the login request) for redissection and then clicking on a
    compressed frame (past frame 9) before clicking on frame 9.

    AI-Assisted: no

    (cherry picked from commit 4285f33f64b4c2b7f09474a3898826dad594d0a5)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 7d6cebe372
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Jan 25 10:18:22 2026 +0000

    [Automatic update for 2026-01-25]

    Update manuf, services enterprise numbers, translations, and other items.

commit 1d95816b2e
Author: Michael Mann <mmann78@netscape.net>
Date:   Sat Jan 24 19:40:23 2026 +0000

    TECMP: fix position of invalid_cycle_repetition expert info

    (cherry picked from commit eefcb60115f457ae8bb10a0e10c839ab99c8d94a)

    Co-authored-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>

commit 283905048b
Author: Anders Broman <a.broman58@gmail.com>
Date:   Sat Jan 24 09:48:48 2026 +0100

    Qt: Speed up expert info proxy model

    When opening the Expert Dialog, the tap information and GUI is
    periodically updated to avoid the program looking frozen. Since
    expert infos have been added, this causes a relayout. Part of a
    relayout is querying for the existence of children (partly to
    add the indicator).

    The normal process of querying for children in a QSortFilterProxyModel
    calculates, if necessary, the mapping from the source model to the
    proxy model. This mapping is cached so it can be used later, including
    in other member functions. However, the mapping has to be recalculated
    each time new items have been added and the model reset in TapDraw.
    The mapping involves sorting the rows added to the model. It is expensiv
     to repeatedly periodically sort as items are added.

    Determining whether or not there are children does not require
    sorting, nor counting all the children, as it can stop as soon as
    one visible child is found. Override the hasChildren function to
    calculate whether or not there are children in a much faster way,
    without calculating and caching the mapping. This reduces the time
    to open the Expert Dialog dramatically, and also makes it O(N) in
    average time instead of something like O(N^2 log N).

    Fixes #20970

    AI-Assisted: no

    (cherry picked from commit f2791659ed855ca7e8699e00666f003561201b47)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit 5bc42eccce
Author: Anders Broman <a.broman58@gmail.com>
Date:   Sat Jan 24 08:39:06 2026 +0100

    Qt: Speed up expert info item row calculation

    The childItems_ list is only appended to, the items are not sorted
    or removed (until destruction). An item is only added as the child
    of a single parent, which determines its row from that point onwards.
    So we can cache the row upon insertion instead of using indexOf_ and
    searching for the child in the parent's list of children. That
    reduces a frequently called O(N) operation to O(1).

    Ping #20970

    AI-Assisted: no

    (cherry picked from commit be66fffbaae3915d25462fd82b96999b774cffdc)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit e144eaff96
Author: Anders Broman <a.broman58@gmail.com>
Date:   Thu Jan 22 07:50:18 2026 +0100

    TECMP: Fixing FlexRay Replay format

    The Replay Format was not implemented correctly and is being fixed.

    (cherry picked from commit 83d7fdfb430551714c98f62fd58dd955a690f760)

    Co-authored-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>

commit 320f3d20fd
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Jan 21 23:28:08 2026 +0000

    TLS Utils: For JA4, test if ALPN characters are alphanumeric

    The JA4 technical details indicate that the hex representation is
    used when the first and last characters are non (ASCII) alphanumeric,
    not non (ASCII) printable.

    https://github.com/FoxIO-LLC/ja4/blob/main/technical_details/JA4.md#alpn-extension-value

    Fix #20966

    AI-Assisted: no

    (cherry picked from commit c074ae7e74ee59b408bf99c2a25419ecc4fcdda2)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit d44ae7b5bc
Author: Balint Reczey <balint@balintreczey.hu>
Date:   Fri Dec 5 20:11:01 2025 +0100

    stratoshark: Inherit patch, build version and version extension from the project

    Since the Stratoshark source is released together with Wireshark patching and
    building is done together.

    In the release-4.6 branch Stratoshark inherits 0.9.x releases.

    This prevents releasing Stratoshark with the same version again and again
    with Wireshark point releases.

    (cherry picked from commit de0949e22a8b1d37b769c3e0c753621f9654a4b5)

commit 08859536e3
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Jan 8 19:50:19 2026 -0500

    CMake: Update NPcap to 1.86

    https://github.com/nmap/npcap/releases/tag/v1.86

    Fix #20828 (There are also some other important bugs squashed since
    1.83.)

    Ping #20013

    (cherry picked from commit a1e2f993585fb97247bb27b71bcb896c438e99f2)

commit 450f3ac65a
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Jan 18 10:18:30 2026 +0000

    [Automatic update for 2026-01-18]

    Update manuf, services enterprise numbers, translations, and other items.

commit 4857e26d58
Author: Guy Harris <gharris@sonic.net>
Date:   Fri Jan 16 19:11:58 2026 +0000

    TTL: Allow 0-length normal CAN frames

    The TTL specification allows for it.

    Files with such packets were incorrectly detected as corrupted, and the rest of the block was skipped after the error.

    (cherry picked from commit 06b4168979bac12f374dc887ff4826c6b285a2dd)

    Co-authored-by: Giovanni Musto <giovanni.musto@italdesign.it>

commit 7fe55b8d95
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Jan 15 21:57:49 2026 +0000

    tls-utils: Update TLS 1.3 SignatureScheme list

    Update the value string for the TLS SignatureScheme for recent
    registrations, primarily post quantum cryptography.

    https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme

    Note that the various private use range used by OpenQuantumSafe could be
    updated, but this commit does not do so (but does update the URL to
    point to the current location.)

    Fix #20953

    (cherry picked from commit c5bb3f71d6e8efeaf97fbbd20bd92fc8681e3bbe)

    Co-authored-by: John Thacker <johnthacker@gmail.com>

commit ab7ee8b5e4
Author: Guy Harris <gharris@sonic.net>
Date:   Thu Jan 15 11:33:42 2026 +0000

    dumpcap man page: fix glitches.

    Remove stray > after option names. Remove an extra space.

    AI-Assisted: no

    (cherry picked from commit 7a08b32b59e2164d5fe9ee5ba0e9f5f7a97189ea)

    Co-authored-by: Guy Harris <gharris@sonic.net>

commit 9f66f285cd
Author: Gerald Combs <gerald@wireshark.org>
Date:   Wed Jan 14 12:08:19 2026 -0800

    Version: 4.6.3 → 4.6.4 [skip ci]