Reintegrate Nmap 7.98 release branch

CHANGELOG

@@ -1,6 +1,19 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
-o Updated liblua to 5.4.8
+Nmap 7.98 [2025-08-21]
+
+o [SECURITY] Rebuilt the Windows self-installer with NSIS 3.11, addressing
+  CVE-2025-43715--a race condition in earlier NSIS versions that could allow
+  local attackers to escalate to SYSTEM privileges when a vulnerable installer is
+  run as SYSTEM. The Nmap installer does not run as SYSTEM by default.
+
+o Upgraded included libraries: OpenSSL 3.0.17, Lua 5.4.8
+
+o [Windows] Upgraded the included version of Npcap from 1.82 to 1.83, improving
+  compatibility with PPPoE connections. See https://npcap.com/changelog
+
+o [macOS][GH#3127] Fix "dnet: Failed to open device en0" errors on macOS since
+  Nmap 7.96. [Daniel Miller]
 
 o Fixed an issue in FTP bounce scan where a single null byte is written past
   the end of the receive buffer. The issue is triggered by a malicious server
@@ -10,6 +23,9 @@ o [GH#3130] Fix a crash (stack exhaustion due to excessive recursion) in the
   parallel DNS resolver. Additionally, improved performance by processing
   responses that come after the request has timed out. [Daniel Miller]
 
+o [GH#2148] Fix the error, "Assertion failed: (datalink == DLT_EN10MB), function begin_sniffer, file scan_engine_raw.cc"
+  when using Nmap with certain VPN interfaces. [Daniel Miller]
+
 o [GH#2757] Fix a crash in traceroute when using randomly-generated decoys:
   "Assertion `source->ss_family == AF_INET' failed" [Daniel Miller]
 
@@ -18,24 +34,23 @@ o [GH#2899] When IP protocol scanning on IPv6 (-sO -6), skip protocol numbers
   used, these would fail the assertion "len == (u32) ntohs(ip6->ip6_plen)"
   [Daniel Miller]
 
-o [NSE][GH#3133] Fix the error "nse_nsock.cc:637: void receive_callback(nsock_pool, nsock_event, void*): Assertion `lua_status(L) == 1' failed."
-  when reading from an SSL connection. [Daniel Miller]
-
 o [GH#3086] Prevent TCP Connect scan (-sT) from leaking one socket per
   hostgroup, which led to progressively slower scans and assertion failures in
   other scan phases. [Daniel Miller]
 
+o [NSE][GH#3133] Fix the error "nse_nsock.cc:637: void receive_callback(nsock_pool, nsock_event, void*): Assertion `lua_status(L) == 1' failed."
+  when reading from an SSL connection. [Daniel Miller]
+
 o [NSE] Added NSE bindings for more libssh2 functions: channel_request,
   channel_request_pty_ex, channel_shell, and userauth_keyboard_interactive.
   ssh-brute will now use keyboard-interactive auth if password auth is not
   offered. [Daniel Miller, CrowdStrike]
 
+o [NSE][GH#3014] Fix dns-zone-transfer to handle nontraditional TLDs [Daniel Miller]
+
 o Fix a bug that was causing Nmap to send empty DNS packets for each target
   that was not found up instead of just skipping them for reverse DNS.
 
-o [macOS][GH#3127] Fix "dnet: Failed to open device en0" errors on macOS since
-  Nmap 7.96. [Daniel Miller]
-
 o [NSE] Fix/update/enhance tls.lua for newer TLSv1.3 ciphers, including
   post-quantum ciphersuites.
 

docs/man-xlate/nmap-de.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Autor" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 31.03.2023
+.\"      Date: 06.08.2025
 .\"    Manual: Nmap-Referenz-Handbuch
 .\"    Source: Nmap
 .\"  Language: German
 .\"
-.TH "NMAP" "1" "31.03.2023" "Nmap" "Nmap\-Referenz\-Handbuch"
+.TH "NMAP" "1" "06.08.2025" "Nmap" "Nmap\-Referenz\-Handbuch"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

docs/man-xlate/nmap-es.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Autor" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 12/04/2024
+.\"      Date: 06/08/2025
 .\"    Manual: Guía de referencia de Nmap
 .\"    Source: Nmap
 .\"  Language: Spanish
 .\"
-.TH "NMAP" "1" "12/04/2024" "Nmap" "Guía de referencia de Nmap"
+.TH "NMAP" "1" "06/08/2025" "Nmap" "Guía de referencia de Nmap"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

docs/man-xlate/nmap-fr.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Auteur" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 20/05/2025
+.\"      Date: 06/08/2025
 .\"    Manual: Guide de référence Nmap
 .\"    Source: Nmap
 .\"  Language: French
 .\"
-.TH "NMAP" "1" "20/05/2025" "Nmap" "Guide de référence Nmap"
+.TH "NMAP" "1" "06/08/2025" "Nmap" "Guide de référence Nmap"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

docs/man-xlate/nmap-ja.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [FIXME: author] [see http://docbook.sf.net/el/author]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 12/04/2024
+.\"      Date: 06/08/2025
 .\"    Manual: Nmap リファレンスガイド
 .\"    Source: Nmap
 .\"  Language: Japanese
 .\"
-.TH "NMAP" "1" "12/04/2024" "Nmap" "Nmap リファレンスガイド"
+.TH "NMAP" "1" "06/08/2025" "Nmap" "Nmap リファレンスガイド"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -93,7 +93,7 @@ Nmapの最新バージョンは、\m[blue]\fB\%https://nmap.org\fR\m[]から入
 .RS 4
 .\}
 .nf
-Nmap 7\&.95 ( https://nmap\&.org )
+Nmap 7\&.98 ( https://nmap\&.org )
 Usage: nmap [Scan Type(s)] [Options] {target specification}
 TARGET SPECIFICATION:
   Can pass hostnames, IP addresses, networks, etc\&.

docs/man-xlate/nmap-pt_BR.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Autor" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 12/04/2024
+.\"      Date: 06/08/2025
 .\"    Manual: Guia de Referência do Nmap
 .\"    Source: Nmap
 .\"  Language: Portuguese (Brazil)
 .\"
-.TH "NMAP" "1" "12/04/2024" "Nmap" "Guia de Referência do Nmap"
+.TH "NMAP" "1" "06/08/2025" "Nmap" "Guia de Referência do Nmap"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

docs/man-xlate/nmap-pt_PT.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Autor" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 31/03/2023
+.\"      Date: 06/08/2025
 .\"    Manual: Guia de Referência do Nmap
 .\"    Source: Nmap
 .\"  Language: Portuguese
 .\"
-.TH "NMAP" "1" "31/03/2023" "Nmap" "Guia de Referência do Nmap"
+.TH "NMAP" "1" "06/08/2025" "Nmap" "Guia de Referência do Nmap"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

docs/man-xlate/nmap-ru.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Автор" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 03/31/2023
+.\"      Date: 08/06/2025
 .\"    Manual: Справочное руководство Nmap
 .\"    Source: Nmap
 .\"  Language: Russian
 .\"
-.TH "nmap" "1" "03/31/2023" "Nmap" "Справочное руководство Nmap"
+.TH "nmap" "1" "08/06/2025" "Nmap" "Справочное руководство Nmap"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

docs/nmap.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Authors" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 05/07/2025
+.\"      Date: 08/06/2025
 .\"    Manual: Nmap Reference Guide
 .\"    Source: Nmap
 .\"  Language: English
 .\"
-.TH "NMAP" "1" "05/07/2025" "Nmap" "Nmap Reference Guide"
+.TH "NMAP" "1" "08/06/2025" "Nmap" "Nmap Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -119,7 +119,7 @@ This options summary is printed when Nmap is run with no arguments, and the late
 .RS 4
 .\}
 .nf
-Nmap 7\&.97 ( https://nmap\&.org )
+Nmap 7\&.98 ( https://nmap\&.org )
 Usage: nmap [Scan Type(s)] [Options] {target specification}
 TARGET SPECIFICATION:
   Can pass hostnames, IP addresses, networks, etc\&.

docs/nmap.usage.txt

@@ -1,4 +1,4 @@
-Nmap 7.97SVN ( https://nmap.org )
+Nmap 7.98 ( https://nmap.org )
 Usage: nmap [Scan Type(s)] [Options] {target specification}
 TARGET SPECIFICATION:
   Can pass hostnames, IP addresses, networks, etc.

docs/zenmap.1

@@ -2,12 +2,12 @@
 .\"     Title: zenmap
 .\"    Author: [see the "Authors" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 05/07/2025
+.\"      Date: 08/06/2025
 .\"    Manual: Zenmap Reference Guide
 .\"    Source: Zenmap
 .\"  Language: English
 .\"
-.TH "ZENMAP" "1" "05/07/2025" "Zenmap" "Zenmap Reference Guide"
+.TH "ZENMAP" "1" "08/06/2025" "Zenmap" "Zenmap Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

libdnet-stripped/m4/acinclude.m4

@@ -94,7 +94,7 @@ dnl
 AC_DEFUN([AC_DNET_BSD_BPF],
     [AC_MSG_CHECKING(for Berkeley Packet Filter)
     AC_CACHE_VAL(ac_cv_dnet_bsd_bpf,
-    if test -c /dev/bpf ; then
+    if test -c /dev/bpf -o -c /dev/bpf0 ; then
         ac_cv_dnet_bsd_bpf=yes
     else
         ac_cv_dnet_bsd_bpf=no

macosx/BUNDLING.md

@@ -27,13 +27,13 @@ And we'll start over together:
 	And add it to your _$PATH_, so you can run jhbuild without the absolute path:
 	
 	~~~~
-	$ export PATH=$HOME/.local/bin:$PATH
+	$ export PATH=$HOME/.new_local/bin:$PATH
 	~~~~
 	
 2.	In `~/.config/jhbuildrc-custom`, make sure that this line is setup properly:
 
 	~~~~
-	setup_sdk(target="10.14")
+	setup_sdk(target="10.15",architectures=["x86_64"])
 	~~~~
 	
 3.	Now do:

macosx/Makefile

@@ -138,5 +138,6 @@ clean: clean-nmap clean-ncat clean-nping
 	rm -f LICENSE.formatted
 	rm -f $(IMAGE_NAME)
 	rm -rf distribution.xml finalDist.xml nmap.pkg ncat.pkg ndiff.pkg nping.pkg zenmap.pkg
+	rm -f $(NMAP_TARBALL)
 
 .PHONY: clean export-% stage-%

macosx/openssl.modules

@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE moduleset SYSTEM "moduleset.dtd" [
-<!ENTITY nmap_version "7.95SVN">
-<!ENTITY openssl_version "3.0.16">
+<!ENTITY nmap_version "7.98">
+<!ENTITY openssl_version "3.0.17">
 <!ENTITY libpcap_version "1.10.5">
 <!ENTITY libssh2_version "1.11.1">
 ]>

ncat/docs/ncat.1

@@ -2,12 +2,12 @@
 .\"     Title: Ncat
 .\"    Author: [see the "Authors" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 05/07/2025
+.\"      Date: 08/06/2025
 .\"    Manual: Ncat Reference Guide
 .\"    Source: Ncat
 .\"  Language: English
 .\"
-.TH "NCAT" "1" "05/07/2025" "Ncat" "Ncat Reference Guide"
+.TH "NCAT" "1" "08/06/2025" "Ncat" "Ncat Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -43,7 +43,7 @@ Among Ncat\*(Aqs vast number of features there is the ability to chain Ncats tog
 .RS 4
 .\}
 .nf
-Ncat 7\&.97 ( https://nmap\&.org/ncat )
+Ncat 7\&.98 ( https://nmap\&.org/ncat )
 Usage: ncat [options] [hostname] [port]
 
 Options taking a time assume seconds\&. Append \*(Aqms\*(Aq for milliseconds,

ncat/docs/ncat.usage.txt

@@ -1,4 +1,4 @@
-Ncat 7.97SVN ( https://nmap.org/ncat )
+Ncat 7.98 ( https://nmap.org/ncat )
 Usage: ncat [options] [hostname] [port]
 
 Options taking a time assume seconds. Append 'ms' for milliseconds,
@@ -45,6 +45,14 @@ Options taking a time assume seconds. Append 'ms' for milliseconds,
       --proxy-type <type>    Specify proxy type ("http", "socks4", "socks5")
       --proxy-auth <auth>    Authenticate with HTTP or SOCKS proxy server
       --proxy-dns <type>     Specify where to resolve proxy destination
+      --ssl                  Connect or listen with SSL
+      --ssl-cert             Specify SSL certificate file (PEM) for listening
+      --ssl-key              Specify SSL private key (PEM) for listening
+      --ssl-verify           Verify trust and domain name of certificates
+      --ssl-trustfile        PEM file containing trusted SSL certificates
+      --ssl-ciphers          Cipherlist containing SSL ciphers to use
+      --ssl-servername       Request distinct server name (SNI)
+      --ssl-alpn             ALPN protocol list to use
       --version              Display Ncat's version information and exit
 
 See the ncat(1) manpage for full options, descriptions and usage examples

ncat/ncat.h

@@ -79,7 +79,7 @@
 /* Ncat information for output, etc. */
 #define NCAT_NAME "Ncat"
 #define NCAT_URL "https://nmap.org/ncat"
-#define NCAT_VERSION "7.97SVN"
+#define NCAT_VERSION "7.98"
 
 #ifndef __GNUC__
 #ifndef __attribute__

ndiff/docs/ndiff.1

@@ -2,12 +2,12 @@
 .\"     Title: ndiff
 .\"    Author: [see the "Authors" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 05/07/2025
+.\"      Date: 08/06/2025
 .\"    Manual: User Commands
 .\"    Source: Ndiff
 .\"  Language: English
 .\"
-.TH "NDIFF" "1" "05/07/2025" "Ndiff" "User Commands"
+.TH "NDIFF" "1" "08/06/2025" "Ndiff" "User Commands"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

nping/configure

@@ -2785,6 +2785,8 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 
 
+
+
 # Check whether --with-localdirs was given.
 if test ${with_localdirs+y}
 then :

nping/docs/nping.1

@@ -2,12 +2,12 @@
 .\"     Title: nping
 .\"    Author: [see the "Authors" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 05/07/2025
+.\"      Date: 08/06/2025
 .\"    Manual: Nping Reference Guide
 .\"    Source: Nping
 .\"  Language: English
 .\"
-.TH "NPING" "1" "05/07/2025" "Nping" "Nping Reference Guide"
+.TH "NPING" "1" "08/06/2025" "Nping" "Nping Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

nping/nping.h

@@ -265,7 +265,7 @@
 /* General tunable defines  **************************************************/
 #define NPING_NAME "Nping"
 #define NPING_URL "https://nmap.org/nping"
-#define NPING_VERSION "0.7.97SVN"
+#define NPING_VERSION "0.7.98"
 
 
 #define DEFAULT_VERBOSITY VB_0

nsock/src/engine_kqueue.c

@@ -158,9 +158,6 @@ int kqueue_iod_register(struct npool *nsp, struct niod *iod, struct nevent *nse,
 }
 
 int kqueue_iod_unregister(struct npool *nsp, struct niod *iod) {
-  int sd;
-  struct kqueue_engine_info *kinfo = (struct kqueue_engine_info *)nsp->engine_data;
-
   /* some IODs can be unregistered here if they're associated to an event that was
    * immediately completed */
   if (IOD_PROPGET(iod, IOD_REGISTERED)) {