Wireshark-dev: [Wireshark-dev] Wireshark 2.2.6 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 12 Apr 2017 15:03:03 -0700
I'm proud to announce the release of Wireshark 2.2.6.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2017-12
       IMAP dissector crash ([2]Bug 13466) [3]CVE-2017-7703
     * [4]wnpa-sec-2017-13
       WBMXL dissector infinite loop ([5]Bug 13477) [6]CVE-2017-7702
     * [7]wnpa-sec-2017-14
       NetScaler file parser infinite loop ([8]Bug 13478) [9]CVE-2017-7700
     * [10]wnpa-sec-2017-15
       RPCoRDMA dissector infinite loop ([11]Bug 13558) [12]CVE-2017-7705
     * [13]wnpa-sec-2017-16
       BGP dissector infinite loop ([14]Bug 13557) [15]CVE-2017-7701
     * [16]wnpa-sec-2017-17
       DOF dissector infinite loop ([17]Bug 13453) [18]CVE-2017-7704
     * [19]wnpa-sec-2017-18
       PacketBB dissector crash ([20]Bug 13559)
     * [21]wnpa-sec-2017-19
       SLSK dissector long loop ([22]Bug 13576)
     * [23]wnpa-sec-2017-20
       SIGCOMP dissector infinite loop ([24]Bug 13578)
     * [25]wnpa-sec-2017-21
       WSP dissector infinite loop ([26]Bug 13581)

   The following bugs have been fixed:
     * T30 FCF byte decoding masks DTC, CIG and NCS. ([27]Bug 1918)
     * Wireshark gives decoding error during rnsap message dissection(SCCP
       reassembly). ([28]Bug 3360)
     * Added IEEE 802.15.4-2003 AES-CCM security modes
       (packet-ieee802154). ([29]Bug 4912)
     * Payload in 2 SCCP DT1 messages in the same frame isn't
       (sub)dissected. ([30]Bug 11130)
     * IEEE 802.15.4: an area of Payload IEs is dissected twice. ([31]Bug
       13068)
     * Qt UI: Wireshark crash when deleting IO graph string while it's in
       editing mode. ([32]Bug 13234)
     * Crash on exit due to an invalid frame data sequence state. ([33]Bug
       13433)
     * Access Violation using Lua dissector. ([34]Bug 13457)
     * Some bytes ignored in every packet in NetScaler packet trace when
       vmnames are included in packet headers. ([35]Bug 13459)
     * VOIP RTP stream Find Reverse button doesn't work. ([36]Bug 13462)
     * Lua dissector: ProtoField int&42; do not allow FT_HEX or FT_OCT,
       crash when set to FT_HEX_DEC or FT_DEC_HEX. ([37]Bug 13484)
     * GIOP LocateRequest v1.0 is improperly indicated as "malformed".
       ([38]Bug 13488)
     * Bug in ZigBee - Zone Status Change Notification. ([39]Bug 13493)
     * Packet exception in packet-ua3g and incomplete strings in
       packet-noe. ([40]Bug 13502)
     * Wrong BGP capability dissect. ([41]Bug 13521)
     * Endpoint statistics column labels seem incorrect. ([42]Bug 13526)
     * Strange automatic jump in packet details for a certain DNS response
       packet. ([43]Bug 13533)
     * When a Lua enum or bool preference is changed via context menu,
       prefs_changed isn't called with Qt Wireshark. ([44]Bug 13536)
     * IO Graph selects wrong packet or displays "Packet number x isn't
       displayed". ([45]Bug 13537)
     * tshark's -z endpoints,ip ignores optional filter. ([46]Bug 13538)
     * SSL: Handshake type in Info column not always separated by comma.
       ([47]Bug 13539)
     * libfuzzer: PEEKREMOTE dissector bug. ([48]Bug 13544)
     * libfuzzer: packetBB dissector bug (packetbb.msg.addr.valuecustom).
       ([49]Bug 13545)
     * libfuzzer: WSP dissector bug (wsp.header.x_wap_tod). ([50]Bug
       13546)
     * libfuzzer: MIH dissector bug. ([51]Bug 13547)
     * libfuzzer: DNS dissector bug. ([52]Bug 13548)
     * libfuzzer: WLCCP dissector bug. ([53]Bug 13549)
     * libfuzzer: TAPA dissector bug. ([54]Bug 13553)
     * libfuzzer: lapsat dissector bug. ([55]Bug 13554)
     * libfuzzer: wassp dissector bug. ([56]Bug 13555)
     * Illegal reassembly of GSM SMS packets. ([57]Bug 13572)
     * SSH Dissector uses incorrect length for protocol field
       (ssh.protocol). ([58]Bug 13574)
     * NBAP malformed packet for short Binding ID. ([59]Bug 13577)
     * libfuzzer: WSP dissector bug (wsp.header.x_up_1.x_up_proxy_tod).
       ([60]Bug 13579)
     * libfuzzer: asterix dissector bug (asterix.021_230_RA). ([61]Bug
       13580)
     * RTPproxy dissector adds multi lines to info column. ([62]Bug 13582)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASTERIX, BGP, BSSGP, BT AVRCP, BT HCI_CMD, BT HFP, BT PBAP, DNS, DOF,
   EAPOL-MKA, GIOP, GSM SMS, HTTP, ICMP, IEEE 802.11, IEEE 802.15.4, IMAP,
   ISIS LSP, iSNS, LAPSat, MIH, MySQL, NBAP, NBIFOM, PacketBB, PEEKREMOTE,
   RPCoRDMA, RTPproxy, SCCP, SIGCOMP, SLSK, SSH, SSL, T.30, TAPA, UA3G,
   WASSP, WBXML, WLCCP, WSP, and ZigBee ZCL IAS

  New and Updated Capture File Support

   There is no new or updated capture file support in this release.

   NetScaler, and pcapng

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.

  Major API Changes

   There are no major API changes in this release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [63]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [64]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([65]Bug 1419)

   The BER dissector might infinitely loop. ([66]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([67]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([68]Bug 2234)

   Application crash when changing real-time option. ([69]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([70]Bug 4985)

   Wireshark should let you work with multiple capture files. ([71]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([72]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [73]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [74]the web site.

   Official Wireshark training and certification are available from
   [75]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [76]Wireshark web site.
     __________________________________________________________________

   Last updated 2017-04-12 19:39:54 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2017-12.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13466
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7703
   4. https://www.wireshark.org/security/wnpa-sec-2017-13.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13477
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7702
   7. https://www.wireshark.org/security/wnpa-sec-2017-14.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13478
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7700
  10. https://www.wireshark.org/security/wnpa-sec-2017-15.html
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13558
  12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7705
  13. https://www.wireshark.org/security/wnpa-sec-2017-16.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557
  15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7701
  16. https://www.wireshark.org/security/wnpa-sec-2017-17.html
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13453
  18. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7704
  19. https://www.wireshark.org/security/wnpa-sec-2017-18.html
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559
  21. https://www.wireshark.org/security/wnpa-sec-2017-19.html
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13576
  23. https://www.wireshark.org/security/wnpa-sec-2017-20.html
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13578
  25. https://www.wireshark.org/security/wnpa-sec-2017-21.html
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1918
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3360
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4912
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11130
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13068
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13234
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13433
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13457
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13459
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13462
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13484
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13488
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13493
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13502
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13521
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13526
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13533
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13536
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13537
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13538
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13539
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13544
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13545
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13546
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13547
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13548
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13549
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13553
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13554
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13555
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13572
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13574
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13577
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13579
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13580
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13582
  63. https://www.wireshark.org/download.html
  64. https://www.wireshark.org/download.html#thirdparty
  65. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  66. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  67. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  68. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  69. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  70. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  71. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  72. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
  73. https://ask.wireshark.org/
  74. https://www.wireshark.org/lists/
  75. http://www.wiresharktraining.com/
  76. https://www.wireshark.org/faq.html


Digests

wireshark-2.2.6.tar.bz2: 32317335 bytes
SHA256(wireshark-2.2.6.tar.bz2)=f627d51eda85f5ae5f5c8c9fc1f6539ffc2a270dd7500dc7f67490a8534ca849
RIPEMD160(wireshark-2.2.6.tar.bz2)=12574c3536c621164215a5a3c1840d87489cc189
SHA1(wireshark-2.2.6.tar.bz2)=608c0ece0d7c0f9c82f031e69c87c0de57c3f0dd
MD5(wireshark-2.2.6.tar.bz2)=2cd9a35c2df8c32668c1776784f074df

Wireshark-win32-2.2.6.exe: 44522984 bytes
SHA256(Wireshark-win32-2.2.6.exe)=d43a3194d4cb6899bda39fb24e43bbfd8497d6c2794658f69955b7d6a111a796
RIPEMD160(Wireshark-win32-2.2.6.exe)=8ac37da27beaaeb6b982459c22c203ec5ad1e5f0
SHA1(Wireshark-win32-2.2.6.exe)=710a1540fb39b15db7db7c2fa652ab80eeca296c
MD5(Wireshark-win32-2.2.6.exe)=32807564710c35f67b10750f4d570b6a

Wireshark-win64-2.2.6.exe: 49385272 bytes
SHA256(Wireshark-win64-2.2.6.exe)=faa10fe979440aa231478b8ad35ae5810020f814438e735e6edd57611465c405
RIPEMD160(Wireshark-win64-2.2.6.exe)=b584223cea4db8f2cabd04e7654732cb3696d26c
SHA1(Wireshark-win64-2.2.6.exe)=cdbb1b95293238dce38c3e1a8940b99daf48fbdc
MD5(Wireshark-win64-2.2.6.exe)=74ce176674b5c7e26874f2a8f3c55153

WiresharkPortable_2.2.6.paf.exe: 46147304 bytes
SHA256(WiresharkPortable_2.2.6.paf.exe)=d884196b54e198621d8b2e0315edd54ee7e38efa9acdd1bfe97841f87e63d878
RIPEMD160(WiresharkPortable_2.2.6.paf.exe)=bce2be0909bfe84d075d0ed852d8663d3fcde5ae
SHA1(WiresharkPortable_2.2.6.paf.exe)=4d25cd67b46b27ab55b6b47b5752b4b9507e008d
MD5(WiresharkPortable_2.2.6.paf.exe)=a019ab377c55dcf9df7692c2aa44fb23

Wireshark 2.2.6 Intel 64.dmg: 32858564 bytes
SHA256(Wireshark 2.2.6 Intel
64.dmg)=efe30c1729543ae95ce22ad89d41251fee94e38d3d72a4f7a2a25e86a8bc66fe
RIPEMD160(Wireshark 2.2.6 Intel
64.dmg)=e9cf275b5531905366d27ffc65482dcde4c7e35b
SHA1(Wireshark 2.2.6 Intel 64.dmg)=d38a9b38f4a662da6299fd9301f22d3b877b002e
MD5(Wireshark 2.2.6 Intel 64.dmg)=f52d767768925ebae7b7e70bf86ca974

Attachment: signature.asc
Description: OpenPGP digital signature