Wireshark-dev: [Wireshark-dev] Wireshark 4.0.6 is now available

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 24 May 2023 13:28:39 -0700
I'm proud to announce the release of Wireshark 4.0.6.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  We do not ship official 32-bit Windows packages for Wireshark 4.0 and
  later. If you need to use Wireshark on that platform, we recommend
  using the latest 3.6 release. Issue 17779[1]

  If you’re running Wireshark on macOS and upgraded to macOS 13 from an
  earlier version, you will likely have to open and run the “Uninstall
  ChmodBPF” package, then open and run “Install ChmodBPF” in order to
  reset the ChmodBPF Launch Daemon. Issue 18734[2].

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2023-12[3] Candump log file parser crash. Issue
       19062[4].

     • wnpa-sec-2023-13[5] BLF file parser crash. Issue 19063[6].

     • wnpa-sec-2023-14[7] GDSDB dissector infinite loop. Issue
       19068[8].

     • wnpa-sec-2023-15[9] NetScaler file parser crash. Issue 19081[10].

     • wnpa-sec-2023-16[11] VMS TCPIPtrace file parser crash. Issue
       19083[12].

     • wnpa-sec-2023-17[13] BLF file parser crash. Issue 19084[14].

     • wnpa-sec-2023-18[15] RTPS dissector crash. Issue 19085[16].
       CVE-2023-0666[17].

     • wnpa-sec-2023-19[18] IEEE C37.118 Synchrophasor dissector crash.
       Issue 19087[19]. CVE-2023-0668[20].

     • IEEE-C37.118 parsing buffer overflow. Issue 19087[21].

   The following bugs have been fixed:

     • Conversations list has incorrect unit (bytes) in bit speed
       columns in the 3.7 development versions. Issue 18211[22].

     • The media_type table should treat media types, e.g.
       application/3gppHal+json, as case-insensitive. Issue 18611[23].

     • NNTP dissector bug. Issue 18981[24].

     • Incorrect padding in BFCP decoder. Issue 18890[25].

     • SPNEGO dissector bug. Issue 18991[26].

     • SRT values are incorrect when applying a time shift. Issue
       18999[27].

     • Add warning that capturing is not supported in Wireshark
       installed from flatpak. Issue 19008[28].

     • Opening Wireshark with -z io,stat option. Issue 19042[29].

     • batadv dissector bug. Issue 19047[30].

     • radiotap-gen build fails if pcap is not found. Issue 19059[31].

     • [UDS] When filtering the uds.wdbi.data_identifier or
       uds.iocbi.data_identifier field is interpreted as 1 byte whereas
       it consists of 2 bytes. Issue 19078[32].

     • Wireshark can’t save this capture in that format. Issue
       19080[33].

     • MSMMS parsing buffer overflow. Issue 19086[34].

     • USB HID parser shows wrong label for usages Rx/Vx/Vbrx of usage
       page Generic Desktop Control. Issue 19095[35].

  New and Updated Features

   There are no new or updated features in this release.

  Removed Features and Support

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

     • The media type dissector table now properly treats media types
       and subtypes as case-insensitive automatically, per RFC 6838.
       Media types no longer need to be lower cased before registering
       or looking up in the table.

   batadv BFCP CommunityID COSE GDSDB H.265 HTTP ILP ISAKMP MSMMS NNTP
   NR RRC NTLMSSP RTPS SPNEGO Synphasor TCP UDS ULP USB HID

  New and Updated Capture File Support

   BLF, Candump, NetScaler, and VMS TCPIPtrace

  New File Format Decoding Support

   There is no new or updated file format support in this release.

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[36] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use "Help › About
  Wireshark › Folders" or `tshark -G folders` to find the default
  locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’s Q&A site[37] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[38].

  Bugs and feature requests can be reported on the issue tracker[39].

  You can learn protocol analysis and meet Wireshark’s developers at
  SharkFest[40].

 How You Can Help

  The Wireshark Foundation helps as many people as possible understand
  their networks as much as possible. You can find out more and donate
  at wiresharkfoundation.org[41].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[42].

 References

   1. https://gitlab.com/wireshark/wireshark/-/issues/17779
   2. https://gitlab.com/wireshark/wireshark/-/issues/18734
   3. https://www.wireshark.org/security/wnpa-sec-2023-12
   4. https://gitlab.com/wireshark/wireshark/-/issues/19062
   5. https://www.wireshark.org/security/wnpa-sec-2023-13
   6. https://gitlab.com/wireshark/wireshark/-/issues/19063
   7. https://www.wireshark.org/security/wnpa-sec-2023-14
   8. https://gitlab.com/wireshark/wireshark/-/issues/19068
   9. https://www.wireshark.org/security/wnpa-sec-2023-15
  10. https://gitlab.com/wireshark/wireshark/-/issues/19081
  11. https://www.wireshark.org/security/wnpa-sec-2023-16
  12. https://gitlab.com/wireshark/wireshark/-/issues/19083
  13. https://www.wireshark.org/security/wnpa-sec-2023-17
  14. https://gitlab.com/wireshark/wireshark/-/issues/19084
  15. https://www.wireshark.org/security/wnpa-sec-2023-18
  16. https://gitlab.com/wireshark/wireshark/-/issues/19085
  17. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0666
  18. https://www.wireshark.org/security/wnpa-sec-2023-19
  19. https://gitlab.com/wireshark/wireshark/-/issues/19087
  20. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0668
  21. https://gitlab.com/wireshark/wireshark/-/issues/19087
  22. https://gitlab.com/wireshark/wireshark/-/issues/18211
  23. https://gitlab.com/wireshark/wireshark/-/issues/18611
  24. https://gitlab.com/wireshark/wireshark/-/issues/18981
  25. https://gitlab.com/wireshark/wireshark/-/issues/18890
  26. https://gitlab.com/wireshark/wireshark/-/issues/18991
  27. https://gitlab.com/wireshark/wireshark/-/issues/18999
  28. https://gitlab.com/wireshark/wireshark/-/issues/19008
  29. https://gitlab.com/wireshark/wireshark/-/issues/19042
  30. https://gitlab.com/wireshark/wireshark/-/issues/19047
  31. https://gitlab.com/wireshark/wireshark/-/issues/19059
  32. https://gitlab.com/wireshark/wireshark/-/issues/19078
  33. https://gitlab.com/wireshark/wireshark/-/issues/19080
  34. https://gitlab.com/wireshark/wireshark/-/issues/19086
  35. https://gitlab.com/wireshark/wireshark/-/issues/19095
  36. https://www.wireshark.org/download.html
  37. https://ask.wireshark.org/
  38. https://www.wireshark.org/lists/
  39. https://gitlab.com/wireshark/wireshark/-/issues
  40. https://sharkfest.wireshark.org
  41. https://wiresharkfoundation.org
  42. https://www.wireshark.org/faq.html


Digests

wireshark-4.0.6.tar.xz: 41583088 bytes
SHA256(wireshark-4.0.6.tar.xz)=0079097a1b17ebc7250a73563f984c13327dac5016b7d53165810fbcca4bd884
SHA1(wireshark-4.0.6.tar.xz)=a60b6f8063df2a711932ba869ae86e6476087cf0

Wireshark-win64-4.0.6.exe: 78782704 bytes
SHA256(Wireshark-win64-4.0.6.exe)=9820c6f8cb42d0c10a83ac62e0125ed600855eedf7ef5980535944dda3b3bb60
SHA1(Wireshark-win64-4.0.6.exe)=af6cf1369e716e031b5768cfe7c355415825148a

Wireshark-win64-4.0.6.msi: 52224000 bytes
SHA256(Wireshark-win64-4.0.6.msi)=d37ce2a48b42df2b81d56d6d3c80a5b71b9602da171f46c6c54f500250e1e1c1
SHA1(Wireshark-win64-4.0.6.msi)=f9f108f029e9209c664520cdb17dbfe30c786da1

WiresharkPortable64_4.0.6.paf.exe: 45561352 bytes
SHA256(WiresharkPortable64_4.0.6.paf.exe)=8e49f3c593b230008fdeead2568cdca721aa5a93b69a3f60564841b924416a9a
SHA1(WiresharkPortable64_4.0.6.paf.exe)=8fcd5efe5789fec4f62a1a5c5f3c143116f4b4de

Wireshark 4.0.6 Arm 64.dmg: 64623820 bytes
SHA256(Wireshark 4.0.6 Arm 64.dmg)=62fac39ba7848d19dff39804fd906908d9417157dfbcd6a9d4aac27956254f2e
SHA1(Wireshark 4.0.6 Arm 64.dmg)=aca72f197da67adf0581bea4752a0df8de452819

Wireshark 4.0.6 Intel 64.dmg: 68114622 bytes
SHA256(Wireshark 4.0.6 Intel 64.dmg)=3c0d75cd363dc9753c57dd109683447ea0eedb97cab75108db18d387be5b92eb
SHA1(Wireshark 4.0.6 Intel 64.dmg)=7731f1d7b3f18b105c8cf318ce45e144c734e0a2

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz