Wireshark-dev: [Wireshark-dev] Wireshark 4.2.3 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 14 Feb 2024 13:25:41 -0800
I'm proud to announce the release of Wireshark 4.2.3.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

  Wireshark is hosted by the Wireshark Foundation, a nonprofit which
  promotes protocol analysis education. Wireshark and the foundation
  depend on your contributions in order to do their work. If you or your
  organization would like to contribute or become a sponsor, please
  visit wiresharkfoundation.org[1].

 What’s New

  Bug Fixes

   If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will
   need to download and install[2] Wireshark 4.2.3 or later by hand.

   The following bugs have been fixed:

     • Capture start fails when file set enabled and file extension not
       supplied if directory contains a period. Issue 14614[3].

     • Cannot drag and move custom filter buttons in toolbar. Issue
       19447[4].

     • Not equal won’t work when used with wlan.addr. Issue 19449[5].

     • sshdump fails to connect with private key (ssh-rsa) Issue
       19510[6].

     • ChmodBPF installation fails on macOS Sonoma 14.1.2. Issue
       19527[7].

     • Windows installers should check for Windows 8.1. Issue 19569[8].

     • Fuzz job crash output: fuzz-2024-01-05-7725.pcap. Issue 19570[9].

     • Fuzz job crash output: fuzz-2024-01-06-7734.pcap. Issue
       19578[10].

     • Incorrect recursion depth assert failure when dissecting a
       legitimate GOOSE message. Issue 19580[11].

     • OPC UA - large read request is reported as malformed in 4.2.1 but
       not in 4.0.12. Issue 19581[12].

     • TFTP dissector bug type listed as netscii instead of netascii
       doesn’t show all TFTP packets including TFTP blocks. Issue
       19589[13].

     • SMB1 replies from LAN Drive app only show up as NBSS Continuation
       Message. Issue 19593[14].

     • ciscodump - older SSH key exchange algorithms not supported.
       Issue 19594[15].

     • Problem decoding LAPB/X.25/FTAM after adding X.75 decoding. Issue
       19595[16].

     • Wireshark Filter not working. Issue 19604[17].

     • CFLOW: failure to decode 0 length data fields of IPFIX variable
       length data types. Issue 19605[18].

     • Copy …​as Printable Text Feature Missing in 4.1/4.2. Issue
       19607[19].

     • Export Objects - HTTP is missing some HTTP/2 files in a two-pass
       analysis. Issue 19609[20].

     • ASAM-CMP Plugin: Malformed message, length mismatch if vendor
       defined data of status messages has odd length. Issue 19626[21].

     • OSS-Fuzz 66561: wireshark:fuzzshark_ip_proto-udp:
       Null-dereference READ in wmem_map_lookup. Issue 19642[22].

  New and Updated Features

   There are no new or updated features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASAM CMP, CAN, CFLOW, CMIP, CMP, DAP, DICOM, DISP, E2AP, GLOW, GOOSE,
   GTP, GTPv2, H.225, H.245, H.248, HTTP2, IEEE 1609.2, IEEE 1722, IPv4,
   IPv6, ISO 15765, ISUP, ITS, Kerberos, LDAP, MMS, NBT, NRUP,
   openSAFETY, P22, P7, PARLAY, RTMPT, RTP, SCSI, SOME/IP, T.38, TCP,
   TECMP, TFTP, WOW, X.509if, X.509sat, X.75, X11, Z39.50, and ZigBee
   Green Power

  New and Updated Capture File Support

   pcap and pcapng

 Prior Versions

  This document only describes the changes introduced in Wireshark
  4.2.3. You can find release notes for prior versions at the following
  locations:

    • Wireshark 4.2.2[23]

    • Wireshark 4.2.1[24]

    • Wireshark 4.2.0[25]

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[26] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use "Help › About
  Wireshark › Folders" or `tshark -G folders` to find the default
  locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’s Q&A site[27] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[28].

  Bugs and feature requests can be reported on the issue tracker[29].

  You can learn protocol analysis and meet Wireshark’s developers at
  SharkFest[30].

 How You Can Help

  The Wireshark Foundation helps as many people as possible understand
  their networks as much as possible. You can find out more and donate
  at wiresharkfoundation.org[31].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[32].

 References

   1. https://wiresharkfoundation.org
   2. https://www.wireshark.org/download.html
   3. https://gitlab.com/wireshark/wireshark/-/issues/14614
   4. https://gitlab.com/wireshark/wireshark/-/issues/19447
   5. https://gitlab.com/wireshark/wireshark/-/issues/19449
   6. https://gitlab.com/wireshark/wireshark/-/issues/19510
   7. https://gitlab.com/wireshark/wireshark/-/issues/19527
   8. https://gitlab.com/wireshark/wireshark/-/issues/19569
   9. https://gitlab.com/wireshark/wireshark/-/issues/19570
  10. https://gitlab.com/wireshark/wireshark/-/issues/19578
  11. https://gitlab.com/wireshark/wireshark/-/issues/19580
  12. https://gitlab.com/wireshark/wireshark/-/issues/19581
  13. https://gitlab.com/wireshark/wireshark/-/issues/19589
  14. https://gitlab.com/wireshark/wireshark/-/issues/19593
  15. https://gitlab.com/wireshark/wireshark/-/issues/19594
  16. https://gitlab.com/wireshark/wireshark/-/issues/19595
  17. https://gitlab.com/wireshark/wireshark/-/issues/19604
  18. https://gitlab.com/wireshark/wireshark/-/issues/19605
  19. https://gitlab.com/wireshark/wireshark/-/issues/19607
  20. https://gitlab.com/wireshark/wireshark/-/issues/19609
  21. https://gitlab.com/wireshark/wireshark/-/issues/19626
  22. https://gitlab.com/wireshark/wireshark/-/issues/19642
  23. https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html
  24. https://www.wireshark.org/docs/relnotes/wireshark-4.2.1.html
  25. https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html
  26. https://www.wireshark.org/download.html
  27. https://ask.wireshark.org/
  28. https://www.wireshark.org/lists/
  29. https://gitlab.com/wireshark/wireshark/-/issues
  30. https://sharkfest.wireshark.org
  31. https://wiresharkfoundation.org
  32. https://www.wireshark.org/faq.html


Digests

wireshark-4.2.3.tar.xz: 44970016 bytes
SHA256(wireshark-4.2.3.tar.xz)=958bd5996f543d91779b1a4e7e952dcd7b0245fe82194202c3333a8f78795811
SHA1(wireshark-4.2.3.tar.xz)=b9d2bc4dbcf59c7295fa6cc98f5210a4e98a0b4e

Wireshark-4.2.3-arm64.exe: 67875712 bytes
SHA256(Wireshark-4.2.3-arm64.exe)=e6f10cfd71512c73ce8efcd436eaa811bf643cb45a31d25d9f7878bdd3aeb952
SHA1(Wireshark-4.2.3-arm64.exe)=a1e50f3b743ff9ffde7e66c6399d317c5872e7c7

Wireshark-4.2.3-x64.exe: 86371496 bytes
SHA256(Wireshark-4.2.3-x64.exe)=3bf71d8753e3033376de95b8cde58d3f2a1a60e529b1dbdadfe907500c1f6525
SHA1(Wireshark-4.2.3-x64.exe)=cd1ed1b825d825ed526a822a8237e8970dd53ff2

Wireshark-4.2.3-x64.msi: 62910464 bytes
SHA256(Wireshark-4.2.3-x64.msi)=565b2ec6aff533eb0059b3d7c7a512b62327edd2c29a6f5146a76bbf8227f072
SHA1(Wireshark-4.2.3-x64.msi)=b6317a1af15a3e0a6439fa3971ab6588b8509738

WiresharkPortable64_4.2.3.paf.exe: 53536936 bytes
SHA256(WiresharkPortable64_4.2.3.paf.exe)=d115c2cd5cc7b198d798d4734ecebb4bd47ad64b3051d5f3c0689f52e3fda0d0
SHA1(WiresharkPortable64_4.2.3.paf.exe)=f72a3cd0999c01fde8db3fd3ea6ddb5ff9ad4a76

Wireshark 4.2.3 Arm 64.dmg: 65590438 bytes
SHA256(Wireshark 4.2.3 Arm 64.dmg)=b11d86f650f4f751fbff4d741b16cbe2d57a35d8b83e87dcbd159c6980eff7ff
SHA1(Wireshark 4.2.3 Arm 64.dmg)=1ffeee06f4cb0c8852321c248a9b5dcd2503c93c

Wireshark 4.2.3 Intel 64.dmg: 69388046 bytes
SHA256(Wireshark 4.2.3 Intel 64.dmg)=cea02d3d36c1cb8568abeb42a50b5169a26fd179a3726f4451e167c61243b846
SHA1(Wireshark 4.2.3 Intel 64.dmg)=6d280914b3ac8eae7cad1073335ebba824d6de32

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature