Ethereal-announce: [Ethereal-announce] Ethereal 0.99.0 is now available

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
From: Gerald Combs <gerald@xxxxxxxxxxxx>
Date: Mon, 24 Apr 2006 16:21:52 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ethereal 0.99.0 has been released.

What is Ethereal?

   Ethereal is the world's most popular network protocol analyzer. It
   is used for troubleshooting, analysis, development, and education.

What's New

  Bug Fixes

   Many security vulnerabilities have been fixed since the previous
   release. See the release notes and application advisory at

     http://www.ethereal.com/docs/release-notes/ethereal-0.99.0.html
     http://www.ethereal.com/appnotes/enpa-sa-00023.html

   for more details.

     o The H.248 dissector could crash. Versions affected: 0.10.14.
       CVE: CVE-2006-1937

     o The UMA dissector could go into an infinite loop. Versions
       affected: 0.10.12 - 0.10.14. CVE: CVE-2006-1933

     o The X.509if dissector could crash. Versions affected: 0.10.14.
       CVE: CVE-2006-1937

     o The SRVLOC dissector could crash. Versions affected: 0.10.0 -
       0.10.14. CVE: CVE-2006-1937

     o The H.245 dissector could crash. Versions affected: 0.10.13 -
       0.10.14. CVE: CVE-2006-1937

     o Ethereal's OID printing routine was susceptible to an
       off-by-one error. Versions affected: 0.10.14. CVE:
       CVE-2006-1932

     o The COPS dissector could overflow a buffer. Versions affected:
       0.9.15 - 0.10.14. CVE: CVE-2006-1935

     o The ALCAP dissector could overflow a buffer. Versions
       affected: 0.10.14. CVE: CVE-2006-1934

   Under a grant funded by the U.S. Department of Homeland Security,
   Coverity has uncovered a number of vulnerabilities in
   Ethereal:

     o The statistics counter could crash Ethereal. Versions
       affected: 0.10.10 - 0.10.14. CVE: CVE-2006-1937

     o Ethereal could crash while reading a malformed Sniffer
       capture. Versions affected: 0.8.12 - 0.10.14. CVE:
       CVE-2006-1938

     o An invalid display filter could crash Ethereal. Versions
       affected: 0.9.16 - 0.10.14. CVE: CVE-2006-1939

     o The general packet dissector could crash Ethereal. Versions
       affected: 0.10.9 - 0.10.14. CVE: CVE-2006-1937

     o The AIM dissector could crash Ethereal. Versions affected:
       0.10.7 - 0.10.14. CVE: CVE-2006-1937

     o The RPC dissector could crash Ethereal. Versions affected:
       0.9.8 - 0.10.14. CVE: CVE-2006-1939

     o The DCERPC dissector could crash Ethereal. Versions affected:
       0.9.16 - 0.10.14. CVE: CVE-2006-1939

     o The ASN.1 dissector could crash Ethereal. Versions affected:
       0.9.8 - 0.10.14. CVE: CVE-2006-1939

     o The SMB PIPE dissector could crash Ethereal. Versions
       affected: 0.8.20 - 0.10.14. CVE: CVE-2006-1938

     o The BER dissector could loop excessively. Versions affected:
       0.10.4 - 0.10.14. CVE: CVE-2006-1933

     o The SNDCP dissector could abort. Versions affected: 0.10.4 -
       0.10.14. CVE: CVE-2006-1940

     o The Network Instruments file code could overrun a buffer.
       Versions affected: 0.10.0 - 0.10.14. CVE: CVE-2006-1934

     o The NetXray/Windows Sniffer file code could overrun a buffer.
       Versions affected: 0.10.13 - 0.10.14. CVE: CVE-2006-1934

     o The GSM SMS dissector could crash Ethereal. Versions affected:
       0.9.16 - 0.10.14. CVE: CVE-2006-1939

     o The ALCAP dissector could overrun a buffer. Versions affected:
       0.10.14. CVE: CVE-2006-1934

     o The telnet dissector could overrun a buffer. Versions
       affected: 0.8.5 - 0.10.14. CVE: CVE-2006-1936

     o ASN.1-based dissectors could crash Ethereal. Versions
       affected: 0.9.10 - 0.10.14. CVE: CVE-2006-1939

     o The H.248 dissector could crash Ethereal. Versions affected:
       0.10.11 - 0.10.14. CVE: CVE-2006-1937

     o The DCERPC NT dissector could crash Ethereal. Versions
       affected: 0.9.14 - 0.10.14. CVE: CVE-2006-1939

     o The PER dissector could crash Ethereal. Versions affected:
       0.9.14 - 0.10.14. CVE: CVE-2006-1939

   Under Windows, Unicode characters in profile and configuration
   file paths could cause problems. Versions affected: 0.10.14.

   The Coverity audit turned up several UI-related bugs that could
   make Ethereal crash.

  New and Updated Features

   The following features are new (or have been significantly
   updated) since the last release:

     o The new command line tool dumpcap makes it possible to capture
       network data without the drawbacks of (t)ethereal (memory
       usage, security problems, ...) while keeping the benefit of
       advanced techniques like multiple (ringbuffer) files and
       alike.

       The man page of dumpcap in HTML format is available at
       http://www.ethereal.com/docs/man-pages/dumpcap.1.html.

     o The source distribution of Ethereal now supports SSL, IPsec
       ESP, and ISAKMP decryption. (This feature has not yet been
       enabled in the Windows installer.)

     o Win32: Catch hardware exceptions caused by buggy dissectors.
       If e.g. a NULL pointer exceptions occurs, Ethereal won't crash
       now but displays the exception and tries to continue decoding
       packets.

     o The Windows version of Ethereal now uses native open and save
       file dialogs.

       In related news, Ethereal now runs as a full-fledged Unicode
       application under Windows.

     o Recent versions of Ethereal were flagging packets with an
       incorrect TCP checksum as malformed. False positives were
       being triggered on systems that use TCP checksum offloading.
       We now check to see if the checksum is not 0x0000 before
       flagging the packet as malformed.

  Please Note

       If your system uses TCP checksum offloading and Ethereal still
       shows bad checksums for outgoing TCP packets and the checksums
       for outgoing TCP packets are not 0x0000, this could mean that
       your operating system is exposing kernel memory
       unnecessarily. If this is the case, you should report the
       problem to your OS vendor.

     o The expert analysis feature has been enhanced.

  New Protocol Support

   ACP133, E.212, Nortel LGE Monitor, OICQ

  Updated Protocol Support

   3G A11, 802.11, 802.1Q, 802.3 Slow Protocols, AIM, ALCAP, ANSI
   MAP, ASF, ASN.1 BER, ASN.1 PER, BACapp, BACnet, BFD, BGP, BPDU,
   BSSAP, BSSGP, Camel, CDP, CLNP, CMP, COPS, DCERPC (DCERPC, LSA,
   NT, PNP), DCOM (CBA, DCOM, Dispatch), DHCP, DIAMETER, DNS, DOCSIS
   DCC, eDonkey, Ethernet, FC, FCP, FIX, G.723, GIOP, GRE, GSM A, GSM
   MAP, GSSAPI, GTP, H.245, H.248, H.450, HTTP, IAPP, ICMPv6, iFCP,
   IP, IPMI, IPP, IPsec, IPv6, ISAKMP, iSCSI, ISUP, IuUP, Juniper
   GGSN, JXTA, K12, Kerberos, LAPD, LDAP, LLDP, LOOP, M3UA, MEGACO,
   MPLS, MS MMS, MS NLB, MS Proxy, MTP3, NBNS, NCP 2222, NDPS,
   Netflow, NFS, NJACK, NLM, NSIP, NTLMSSP, PN-DCP, POP, PPP, Q.931,
   Radiotap, RADIUS, RANAP, RNSAP, RPC, RSYNC, RTCP, RTP, SCCP, SCCP
   MG, SCSI, SDP, Sebek, SES, SIGCOMP, SIGCOMP UDVM, SIP, SKINNY,
   SMB2, SMB (Mailslot, PIPE, SMB), SMPP, SNDCP, SNMP, SOCKS, SPNEGO,
   SRVLOC, SSL, STUN, Syslog, T.38, TACACS, TCAP, TCP, TDS, Telnet,
   TIPC, UDP, UMA, WSP, X11, X.411, X.509, XML

  New and Updated Capture File Support

   iSeries, Snoop, Windows Sniffer

Getting Ethereal

  The source code, Windows and Solaris installers can be downloaded
  immediately from the following locations:

Main site:

Windows installer:

  http://www.ethereal.com/distribution/win32/ethereal-setup-0.99.0.exe

Source code:

  http://www.ethereal.com/distribution/ethereal-0.99.0.tar.gz
  http://www.ethereal.com/distribution/ethereal-0.99.0.tar.bz2

Source RPM:

  http://www.ethereal.com/distribution/rpms/

Solaris installers:

  http://www.ethereal.com/distribution/solaris/

SourceForge:

  http://sourceforge.net/project/showfiles.php?group_id=255


The mirror sites listed at

  http://www.ethereal.com/download.html#releases

should be updated shortly.

   -------------------------------------------------------------------

Digests

ethereal-0.99.0.tar.bz2: 8884587 bytes
MD5(ethereal-0.99.0.tar.bz2)=f9905b9d347acdc05af664a7553f7f76
SHA1(ethereal-0.99.0.tar.bz2)=466299ac49f21904ed91b93e81667f226637e868
RIPEMD160(ethereal-0.99.0.tar.bz2)=f86e21ae60d53e1ed60b61e58c2941ecfd4d8696

ethereal-0.99.0.tar.gz: 11284145 bytes
MD5(ethereal-0.99.0.tar.gz)=92490abe23df1b2078579c512c788f9d
SHA1(ethereal-0.99.0.tar.gz)=a5a824ed3b4d0c5511441cc924e8333a8628bc7a
RIPEMD160(ethereal-0.99.0.tar.gz)=33a19a57fb1df3455d693bc7731ad543972fd8c6

ethereal-setup-0.99.0.exe: 13053058 bytes
MD5(ethereal-setup-0.99.0.exe)=c61cd84500b60adc045e548dd1b2c228
SHA1(ethereal-setup-0.99.0.exe)=39b25256757ffc59c0577aa3291bbf8673e83a1c
RIPEMD160(ethereal-setup-0.99.0.exe)=a35343c2679f3bbf30871fa8bf9d66211a5390fa

ethereal-0.99.0-1.src.rpm: 11268280 bytes
MD5(ethereal-0.99.0-1.src.rpm)=060b7b9d416a9d3d7a35e9ffc359f588
SHA1(ethereal-0.99.0-1.src.rpm)=d3827a3a1c53d8648739b7471e45ca5146f1b2f7
RIPEMD160(ethereal-0.99.0-1.src.rpm)=e87d6f119ccb84be9c24e035b4ee55503d36fc98

ethereal-0.99.0-solaris2.8-sparc-local.bz2: 13737042 bytes
MD5(ethereal-0.99.0-solaris2.8-sparc-local.bz2)=400fecaa17006b08e33befa936f2b54a
SHA1(ethereal-0.99.0-solaris2.8-sparc-local.bz2)=299038e4e7df73e20eed67f7d78c4959ac317b45
RIPEMD160(ethereal-0.99.0-solaris2.8-sparc-local.bz2)=5004e9ff5918ed37033815af7060f59a4722f781

ethereal-0.99.0-solaris2.9-sparc-local.bz2: 13725364 bytes
MD5(ethereal-0.99.0-solaris2.9-sparc-local.bz2)=7c406279bcb13141642921edb7a9c05b
SHA1(ethereal-0.99.0-solaris2.9-sparc-local.bz2)=06d0d3caa91967b52ce09c5cd7d7ad197d35b8f0
RIPEMD160(ethereal-0.99.0-solaris2.9-sparc-local.bz2)=3e12a434497379524676f0a50d833f9fed74ed84

patch-ethereal-0.10.14-to-0.99.0.diff.bz2: 1282447 bytes
MD5(patch-ethereal-0.10.14-to-0.99.0.diff.bz2)=64ed94711c4f7e1e1b81111d81cbf938
SHA1(patch-ethereal-0.10.14-to-0.99.0.diff.bz2)=72fd5b423082266689380335430e78fec13ac76c
RIPEMD160(patch-ethereal-0.10.14-to-0.99.0.diff.bz2)=e4b522ca7acbbcc1b5ca560cbbfb84a9862171cb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFETUFukXaEuZt2wEERAtStAJ9tm7dk/9IjsISLBoCLH4cVY2L86wCguJG8
6HZRcqLqSiC9d5/bncdqnH4=
=xL6R
-----END PGP SIGNATURE-----