Wireshark-users: [Wireshark-users] Wireshark 2.4.8 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 18 Jul 2018 14:38:58 -0700
I'm proud to announce the release of Wireshark 2.4.8. __________________________________________________________________ What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. __________________________________________________________________ What's New Bug Fixes The following vulnerabilities have been fixed: * [1]wnpa-sec-2018-34 BGP dissector large loop. [2]Bug 13741. [3]CVE-2018-14342. * [4]wnpa-sec-2018-35 ISMP dissector crash. [5]Bug 14672. [6]CVE-2018-14344. * [7]wnpa-sec-2018-36 Multiple dissectors could crash. [8]Bug 14675. [9]CVE-2018-14340. * [10]wnpa-sec-2018-37 ASN.1 BER dissector crash. [11]Bug 14682. [12]CVE-2018-14343. * [13]wnpa-sec-2018-38 MMSE dissector infinite loop. [14]Bug 14738. [15]CVE-2018-14339. * [16]wnpa-sec-2018-39 DICOM dissector crash. [17]Bug 14742. [18]CVE-2018-14341. * [19]wnpa-sec-2018-40 Bazaar dissector infinite loop. [20]Bug 14841. [21]CVE-2018-14368. * [22]wnpa-sec-2018-41 HTTP2 dissector crash. [23]Bug 14869. [24]CVE-2018-14369. * [25]wnpa-sec-2018-42 CoAP dissector crash. [26]Bug 14966. [27]CVE-2018-14367. * [28]wnpa-sec-2018-43 IEEE 802.11 dissector crash. [29]Bug 14686. The following bugs have been fixed: * ISMP.EDP "Tuples" dissected incorrectly. ([30]Bug 4943) * Wireshark crashes when changing profiles. ([31]Bug 11648) * Crash when switching to TRANSUM enabled profile. ([32]Bug 13697) * Wireshark crashes with single quote string display filter. ([33]Bug 14084) * randpkt can write packets that libwiretap can't read. ([34]Bug 14107) * Crafted UDP packet causes large memory usage. ([35]Bug 14473) * Error received from dissect_wccp2_hash_assignment_info(). ([36]Bug 14573) * Extraction of SMB file results in wrong size. ([37]Bug 14662) * Crafted UDP packet causes large memory usage. ([38]Bug 14473) * IP address to name resolution doesn't work in TShark. ([39]Bug 14711) * proto_tree_add_protocol_format might leak memory. ([40]Bug 14719) * tostring for NSTime objects in lua gives wrong results. ([41]Bug 14720) * DICOM dissector needs to check for packet offset overflow. ([42]Bug 14742) * Formatting of OSI area addresses/address prefixes goes past the end of the area address/address prefix. ([43]Bug 14744) * ICMPv6 Router Renumbering - Packet Dissector - malformed. ([44]Bug 14755) * WiMAX HARQ MAP decoder segfaults when length is too short. ([45]Bug 14780) * HTTP PUT request following a HEAD request is not correctly decoded. ([46]Bug 14793) * SYNC PDU type 3 miss the last PDU length. ([47]Bug 14823) * Reversed 128 bits service UUIDs when Bluetooth Low Energy advertisement data are dissected. ([48]Bug 14843) * Issues with Wireshark when the user doesn't have permission to capture. ([49]Bug 14847) * Wrong description when LE Bluetooth Device Address type is dissected. ([50]Bug 14866) * LE Role advertisement type (0x1c) is not dissected properly according to the Bluetooth specification. ([51]Bug 14868) * Wireshark doesn't properly display (deliberately) invalid 220 responses from Postfix. ([52]Bug 14878) * DCE/RPC not dissected when "reserved for use by implementations" flag bits set. ([53]Bug 14942) * There's no option to include column headings when printing packets or exporting packet dissections with Qt Wireshark. ([54]Bug 14945) * CMake is unable to find LUA libraries. ([55]Bug 14983) New and Updated Features There are no new features in this release. New Protocol Support There are no new protocols in this release. Updated Protocol Support ASN.1 BER, Bazaar, BGP, Bluetooth, Bluetooth HCI_CMD, CIGI, CoAP, DCERPC, DICOM, GSM A GM, HTTP, HTTP2, ICMPv6, IEEE 1722, IEEE 802.11, IPv4, ISMP, LISP, MMSE, MTP3, MySQL, PPI GPS, Q.931, S1AP, SMB, SMTP, STUN, SYNC, T.30, TRANSUM, WAP, WCCP, WiMax HARQ Map Message, and WSP New and Updated Capture File Support There is no new or updated capture file support in this release. __________________________________________________________________ Getting Wireshark Wireshark source code and installation packages are available from [56]https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the [57]download page on the Wireshark web site. __________________________________________________________________ File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system. __________________________________________________________________ Known Problems Dumpcap might not quit if Wireshark or TShark crashes. ([58]Bug 1419) The BER dissector might infinitely loop. ([59]Bug 1516) Capture filters aren't applied when capturing from named pipes. ([60]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. ([61]Bug 2234) Application crash when changing real-time option. ([62]Bug 4035) Wireshark and TShark will display incorrect delta times in some cases. ([63]Bug 4985) Wireshark should let you work with multiple capture files. ([64]Bug 10488) __________________________________________________________________ Getting Help Community support is available on [65]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on [66]the web site. Official Wireshark training and certification are available from [67]Wireshark University. __________________________________________________________________ Frequently Asked Questions A complete FAQ is available on the [68]Wireshark web site. __________________________________________________________________ Last updated 2018-07-18 20:55:02 UTC References 1. https://www.wireshark.org/security/wnpa-sec-2018-34.html 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13741 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14342 4. https://www.wireshark.org/security/wnpa-sec-2018-35.html 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14672 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14344 7. https://www.wireshark.org/security/wnpa-sec-2018-36.html 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14675 9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14340 10. https://www.wireshark.org/security/wnpa-sec-2018-37.html 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682 12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14343 13. https://www.wireshark.org/security/wnpa-sec-2018-38.html 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14738 15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14339 16. https://www.wireshark.org/security/wnpa-sec-2018-39.html 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742 18. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14341 19. https://www.wireshark.org/security/wnpa-sec-2018-40.html 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14841 21. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14368 22. https://www.wireshark.org/security/wnpa-sec-2018-41.html 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14869 24. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14369 25. https://www.wireshark.org/security/wnpa-sec-2018-42.html 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14966 27. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14367 28. https://www.wireshark.org/security/wnpa-sec-2018-43.html 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14686 30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4943 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11648 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13697 33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14084 34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14107 35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14473 36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14573 37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14662 38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14473 39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14711 40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14719 41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14720 42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742 43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14744 44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14755 45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14780 46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14793 47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14823 48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14843 49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14847 50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14866 51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14868 52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14878 53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14942 54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14945 55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14983 56. https://www.wireshark.org/download.html 57. https://www.wireshark.org/download.html#thirdparty 58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 64. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 65. https://ask.wireshark.org/ 66. https://www.wireshark.org/lists/ 67. http://www.wiresharktraining.com/ 68. https://www.wireshark.org/faq.html Digests wireshark-2.4.8.tar.xz: 29096620 bytes SHA256(wireshark-2.4.8.tar.xz)=db8ed7828c157e4ffb91fb8c41fa5a2f37fd44259175951a5c37848bf641f5e8 RIPEMD160(wireshark-2.4.8.tar.xz)=9ef268c45c852bb6b19484e235e554d2676cc8d1 SHA1(wireshark-2.4.8.tar.xz)=b2842d12c3c9c1766f07a392218038dc649f32b0 Wireshark-win64-2.4.8.exe: 57928928 bytes SHA256(Wireshark-win64-2.4.8.exe)=6cadd43d684847398a65781ce72bf701b752314da8d90d36863daaec9a107638 RIPEMD160(Wireshark-win64-2.4.8.exe)=d4e8acbdbb1a678841e4f7e8c5b0f0d8ac07a6db SHA1(Wireshark-win64-2.4.8.exe)=1ec9ec6e1de381e7756b6cf5e9ab28a89694f60a Wireshark-win32-2.4.8.exe: 52732528 bytes SHA256(Wireshark-win32-2.4.8.exe)=9dfc5c1e4b5db82a32865c92ee770e19922233cf78344e07e25dde2f69bd03d3 RIPEMD160(Wireshark-win32-2.4.8.exe)=072de14d47042eb1f63129bcf42e5773d186cb62 SHA1(Wireshark-win32-2.4.8.exe)=e67c144acb52b69aeeeb95bac7f07d1ac5ea4985 Wireshark-win64-2.4.8.msi: 47046656 bytes SHA256(Wireshark-win64-2.4.8.msi)=b7f223537fafca51714828793a3b3ef78aec7e2a5c982a228c3af0fd11c34fa6 RIPEMD160(Wireshark-win64-2.4.8.msi)=ffba142cd0a2cbc76648a9d77d9c42c424f3763c SHA1(Wireshark-win64-2.4.8.msi)=b1443a26f8e3c76a81b7f5e530000d9ca9cbc404 Wireshark-win32-2.4.8.msi: 42004480 bytes SHA256(Wireshark-win32-2.4.8.msi)=315adc6dd1609aed99b6921489f66ec8f2b27f9f3b50011b535ea2e741806761 RIPEMD160(Wireshark-win32-2.4.8.msi)=9b2e3b1e4efd20862b5adc9cedbda565bb6f6ac7 SHA1(Wireshark-win32-2.4.8.msi)=c6c5c8ed317218f588bbf9accc7a713e5d0eba12 WiresharkPortable_2.4.8.paf.exe: 45424416 bytes SHA256(WiresharkPortable_2.4.8.paf.exe)=fbd9eb3b5250d9203dd38eb392ac6227a83d493077375c0ff64fd386bacc3434 RIPEMD160(WiresharkPortable_2.4.8.paf.exe)=bec53db153bf677bf47871e7b3d617d229a3a18e SHA1(WiresharkPortable_2.4.8.paf.exe)=8e38d8c385e829caf8ac1a1a53b42b10699e0579 Wireshark 2.4.8 Intel 64.dmg: 42524562 bytes SHA256(Wireshark 2.4.8 Intel 64.dmg)=25e59cada71d00a84377b553f7621c15164a333f9d45e242d4eede71a6577870 RIPEMD160(Wireshark 2.4.8 Intel 64.dmg)=2cbf655e2621f222ba57b5ba08aa7f0c4ab87cd3 SHA1(Wireshark 2.4.8 Intel 64.dmg)=6d14ecc17646e055df25f6fafa75a2b56ac3cf95 You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz
Attachment:
signature.asc
Description: OpenPGP digital signature
- Prev by Date: [Wireshark-users] Wireshark 2.6.2 is now available
- Next by Date: [Wireshark-users] Wireshark 2.2.16 is now available
- Previous by thread: [Wireshark-users] Wireshark 2.6.2 is now available
- Next by thread: [Wireshark-users] Wireshark 2.2.16 is now available
- Index(es):