Wireshark-announce: [Wireshark-announce] Wireshark 2.9.0 is now available
Date Prev
·
Date Next
·
Thread Prev
·
Thread Next
From: Wireshark announcements <wireshark-announce@xxxxxxxxxxxxx>
Date: Wed, 12 Dec 2018 16:33:22 -0800
I'm proud to announce the release of Wireshark 2.9.0. This is an experimental release intended to test new features for Wireshark 3.0. What is Wireshark? Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. What’s New Many user interface improvements have been made. See the “New and Updated Features” section below for more details. Bug Fixes The following bugs have been fixed: Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419[1]) New and Updated Features The following features are new (or have been significantly updated) since version 2.6.0: • The Windows .exe installers now ship with Npcap instead of WinPcap. • Conversation timestamps are supported for UDP/UDP-Lite protocols • TShark now supports the -G elastic-mapping option which generates an ElasticSearch mapping file. • The “Capture Information” dialog has been added back (Bug 12004[2]). • The Ethernet and IEEE 802.11 dissectors no longer validate the frame check sequence (checksum) by default. • The TCP dissector gained a new “Reassemble out-of-order segments” preference to fix dissection and decryption issues in case TCP segments are received out-of-order. See the User’s Guide, chapter TCP Reassembly for details. • Decryption support for the new WireGuard dissector (Bug 15011[3], requires Libgcrypt 1.8). • The BOOTP dissector has been renamed to DHCP. With the exception of “bootp.dhcp”, the old “bootp.*” display filter fields are still supported but may be removed in a future release. • The SSL dissector has been renamed to TLS. As with BOOTP the old “ssl.*” display filter fields are supported but may be removed in a future release. • Coloring rules, IO graphs, Filter Buttons and protocol preference tables can now be copied from other profiles using a button in the corresponding configuration dialogs. • APT-X has been renamed to aptX. • When importing from hex dump, it’s now possible to add an ExportPDU header with a payload name. This calls the specific dissector directly without lower protocols. • The sshdump and ciscodump extcap interfaces can now use a proxy for the SSH connection. • Dumpcap now supports the -a packets:NUM and -b packets:NUM options. • Wireshark now includes a “No Reassembly” configuration profile. • Wireshark now supports the Russian language. • The build system now supports AppImage packages. • The Windows installers now ship with Qt 5.12.0. Previously they shipped with Qt 5.9.7. Removed Features and Support • The legacy (GTK+) user interface has been removed and is no longer supported. • Wireshark requires Qt 5.2 or later. Qt 4 is no longer supported. • Wireshark requires GLib 2.32 or later. • Building Wireshark requires CMake. Autotools is no longer supported. • TShark’s -z compare option was removed. New File Format Decoding Support Ruby Marshal format New Protocol Support Apple Wireless Direct Link (AWDL), BLIP Couchbase Mobile (BLIP), CDMA 2000, Cisco Meraki Discovery Protocol (MDP), Distributed Ruby (DRb), DXL, E1AP (5G), EVS (3GPP TS 26.445 A.2 EVS RTP), Exablaze trailers, General Circuit Services Notification Application Protocol (GCSNA), GLOW Lawo Emberplus Data format, GSM-R (User-to-User Information Element usage), HI3CCLinkData, ISO 13400-2 Diagnostic communication over Internet Protocol (DoIP), ITU-t X.696 Octet Encoding Rules (OER), Local Number Portability Database Query Protocol (ANSI), MsgPack, NGAP (5G), NR (5G) PDCP, Osmocom Generic Subscriber Update Protocol (GSUP), PKCS#10 (RFC2986 Certification Request Syntax), PROXY (v2), S101 Lawo Emberplus transport frame, Secure Reliable Transport Protocol (SRT), Spirent Test Center Signature decoding for Ethernet and FibreChannel (STCSIG, disabled by default), Sybase-specific portions of TDS, systemd Journal Export, TeamSpeak 3 DNS, TPM 2.0, Ubiquiti Discovery Protocol (UBDP), WireGuard, and XnAP (5G) Updated Protocol Support Too many protocols have been updated to list here. New and Updated Capture File Support RFC 7468 (PEM), Ruby marshal object files, systemd Journal Export, and Unigraf DPA-400 DisplayPort AUX channel monitor New and Updated Capture Interfaces support dpauxmon, an external capture interface (extcap) that captures DisplayPort AUX channel data from linux kernel drivers. sdjournal, an extcap that captures systemd journal entries. Major API Changes • Lua: the various logging functions (debug, info, message, warn and critical) have been removed. Use the print function instead for debugging purposes. Getting Wireshark Wireshark source code and installation packages are available from https://www.wireshark.org/download.html[4]. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page[5] on the Wireshark web site. File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system. Getting Help The User’s Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/[6] Community support is available on Wireshark’s Q&A site[7] and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site[8]. Bugs and feature requests can be reported on the bug tracker[9]. Official Wireshark training and certification are available from Wireshark University[10]. Frequently Asked Questions A complete FAQ is available on the Wireshark web site[11]. Last updated 2018-12-12 23:05:55 UTC References 1. 1 2. 2 3. 3 4. 4 5. 5 6. 6 7. 7 8. 8 9. 9 10. 10 11. 11 Digests wireshark-2.9.0.tar.xz: 29438416 bytes SHA256(wireshark-2.9.0.tar.xz)=5153d459b4598dc84836086ff3906bdf1ea4f0cfd9c25e015dfc23bfa4abc0b9 RIPEMD160(wireshark-2.9.0.tar.xz)=dedf3e96a5d2761b296d6ecca605fd905fb3e8f3 SHA1(wireshark-2.9.0.tar.xz)=1f09456e245520867aadcf71a44f867aeea342f1 Wireshark-win64-2.9.0.exe: 57572488 bytes SHA256(Wireshark-win64-2.9.0.exe)=b4fd5672ec0c83c611d5b6be48fe6e2a9e2b165b0b93ecdd2785af0863fb47d9 RIPEMD160(Wireshark-win64-2.9.0.exe)=34a7e6938161085f003531b354065d55bdca01ee SHA1(Wireshark-win64-2.9.0.exe)=22dbec605920556a2270a898cc28e16e10f43926 Wireshark-win32-2.9.0.exe: 52338360 bytes SHA256(Wireshark-win32-2.9.0.exe)=380dab41de197cdfd53127b3095062d94e43b8473df866a15b633aaaec251394 RIPEMD160(Wireshark-win32-2.9.0.exe)=45d05b522761ed3afc47f595c0f153993e370314 SHA1(Wireshark-win32-2.9.0.exe)=51411738c830b0749657e84b52a56085f5be3de2 Wireshark-win64-2.9.0.msi: 46362624 bytes SHA256(Wireshark-win64-2.9.0.msi)=1a912dfe2a195213e120b9a0352a2cc447ac7a4179ce7424ae7ef865893d6c46 RIPEMD160(Wireshark-win64-2.9.0.msi)=48ea03c228f15d5c53778c236b51f9a9c1d242bc SHA1(Wireshark-win64-2.9.0.msi)=fd22de2a0192d7e3923b56171d9bbf8aeefbd58b Wireshark-win32-2.9.0.msi: 41279488 bytes SHA256(Wireshark-win32-2.9.0.msi)=dd9a9541a3a0cbde66bbdba80ed828e4f7bc54371275e6d81c6402d546e140ee RIPEMD160(Wireshark-win32-2.9.0.msi)=653f13b5a08fb0059b671a23a3375ad9fbd03c3f SHA1(Wireshark-win32-2.9.0.msi)=7f4a628abb7743fa82eac82bbc3fdd4292d1e060 WiresharkPortable_2.9.0.paf.exe: 35237664 bytes SHA256(WiresharkPortable_2.9.0.paf.exe)=d5681828357aec6d46b739ecb5221a5e01ccdcce592d46e2f17c75f63f8c9174 RIPEMD160(WiresharkPortable_2.9.0.paf.exe)=0fb4cf792589b717039ae417a0e1194d8c1ca4b9 SHA1(WiresharkPortable_2.9.0.paf.exe)=5daef4e322ccd74d02bb4502919e2b77282fdd26 Wireshark 2.9.0 Intel 64.dmg: 177641795 bytes SHA256(Wireshark 2.9.0 Intel 64.dmg)=34bb5eb91a6bd1026a52ed59ab7ec26c24400f3c5cb012797ee501b24690000f RIPEMD160(Wireshark 2.9.0 Intel 64.dmg)=7dba71db8b1c744eea1350c7b63374f76da9c8c5 SHA1(Wireshark 2.9.0 Intel 64.dmg)=2abe373f2bdbdf17869589ed2dcab5140e8c3635 You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz
Attachment:
signature.asc
Description: OpenPGP digital signature