Wireshark-users: [Wireshark-users] Wireshark 3.6.1 is now available
Date Prev
·
Date Next
·
Thread Prev
·
Thread Next
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 29 Dec 2021 13:08:27 -0800
I'm proud to announce the release of Wireshark 3.6.1. What is Wireshark? Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. What’s New Bug Fixes The following vulnerabilities have been fixed: • wnpa-sec-2021-17[1] RTMPT dissector infinite loop. Issue 17745[2]. CVE-2021-4185[3]. • wnpa-sec-2021-18[4] BitTorrent DHT dissector infinite loop. Issue 17754[5]. CVE-2021-4184[6]. • wnpa-sec-2021-19[7] pcapng file parser crash. Issue 17755[8]. CVE-2021-4183[9]. • wnpa-sec-2021-20[10] RFC 7468 file parser infinite loop. Issue 17801[11]. CVE-2021-4182[12]. • wnpa-sec-2021-21[13] Sysdig Event dissector crash. CVE-2021-4181[14]. • wnpa-sec-2021-22[15] Kafka dissector infinite loop. Issue 17811[16]. The following bugs have been fixed: • Allow sub-second timestamps in hexdumps Issue 15562[17]. • GRPC: An unnecessary empty Protobuf tree item is displayed if the GRPC message body length is 0 Issue 17675[18]. • Can’t install "ChmodBPF.pkg" or "Add Wireshark to the system path.pkg" on M1 MacBook Air Monterey without Rosetta 2 Issue 17757[19]. • TECMP: LIN Payload is cut off by 1 byte Issue 17760[20]. • Wireshark crashes if a 64 bit field of type BASE_CUSTOM is applied as a column Issue 17762[21]. • Command line option "-o console.log.level" causes wireshark and tshark to exit on start Issue 17763[22]. • Setting WIRESHARK_LOG_LEVEL=debug breaks interface capture Issue 17764[23]. • Unable to build without tshark Issue 17766[24]. • IEEE 802.11 action frames are not getting parsed and always seen as malformed Issue 17767[25]. • IEC 60870-5-101 link address field is 1 byte, but should have configurable length of 0,1 or 2 bytes Issue 17775[26]. • dfilter: 'tcp.port not in {1}' crashes Wireshark Issue 17785[27]. New and Updated Features • The 'console.log.level' preference was removed in Wireshark 3.6.0. This release adds an '-o console.log.level:' backward-compatibilty option on the CLI that maps to the new logging sub-system. Note that this does not have bitmask semantics and does not correspond to any actual preference. It is just a transition mechanism for users that were relying on this CLI option and will be removed in the future. To see the new diagnostic output options consult the manpages or the output of '--help'. New Protocol Support There are no new protocols in this release. Updated Protocol Support ANSI A I/F, AT, BitTorrent DHT, FF, GRPC, IEC 101/104, IEEE 802.11, IEEE 802.11 Radiotap, IPsec, Kafka, QUIC, RTMPT, RTSP, SRVLOC, Sysdig Event, and TECMP New and Updated Capture File Support BLF and RFC 7468 New File Format Decoding Support There is no new or updated file format support in this release. Getting Wireshark Wireshark source code and installation packages are available from https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page[28] on the Wireshark web site. File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use Help › About Wireshark › Folders or tshark -G folders to find the default locations on your system. Getting Help The User’s Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/ Community support is available on Wireshark’s Q&A site[29] and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site[30]. Bugs and feature requests can be reported on the issue tracker[31]. Frequently Asked Questions A complete FAQ is available on the Wireshark web site[32]. Last updated 2021-12-29 19:11:55 UTC References 1. https://www.wireshark.org/security/wnpa-sec-2021-17 2. https://gitlab.com/wireshark/wireshark/-/issues/17745 3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4185 4. https://www.wireshark.org/security/wnpa-sec-2021-18 5. https://gitlab.com/wireshark/wireshark/-/issues/17754 6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4184 7. https://www.wireshark.org/security/wnpa-sec-2021-19 8. https://gitlab.com/wireshark/wireshark/-/issues/17755 9. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4183 10. https://www.wireshark.org/security/wnpa-sec-2021-20 11. https://gitlab.com/wireshark/wireshark/-/issues/17801 12. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4182 13. https://www.wireshark.org/security/wnpa-sec-2021-21 14. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4181 15. https://www.wireshark.org/security/wnpa-sec-2021-22 16. https://gitlab.com/wireshark/wireshark/-/issues/17811 17. https://gitlab.com/wireshark/wireshark/-/issues/15562 18. https://gitlab.com/wireshark/wireshark/-/issues/17675 19. https://gitlab.com/wireshark/wireshark/-/issues/17757 20. https://gitlab.com/wireshark/wireshark/-/issues/17760 21. https://gitlab.com/wireshark/wireshark/-/issues/17762 22. https://gitlab.com/wireshark/wireshark/-/issues/17763 23. https://gitlab.com/wireshark/wireshark/-/issues/17764 24. https://gitlab.com/wireshark/wireshark/-/issues/17766 25. https://gitlab.com/wireshark/wireshark/-/issues/17767 26. https://gitlab.com/wireshark/wireshark/-/issues/17775 27. https://gitlab.com/wireshark/wireshark/-/issues/17785 28. https://www.wireshark.org/download.html 29. https://ask.wireshark.org/ 30. https://www.wireshark.org/lists/ 31. https://gitlab.com/wireshark/wireshark/-/issues 32. https://www.wireshark.org/faq.html Digests wireshark-3.6.1.tar.xz: 39632140 bytes SHA256(wireshark-3.6.1.tar.xz)=0434eda8fb6bf88e2b42a67eb5d1de254a67d505bec3bb51fee9d7cad7925a38 RIPEMD160(wireshark-3.6.1.tar.xz)=04bf556bcb1313b323cfcd1fbee2df281a7de4db SHA1(wireshark-3.6.1.tar.xz)=ce592bc9b71491793cfe0b6c456727a4be04b805 Wireshark-win64-3.6.1.exe: 77397160 bytes SHA256(Wireshark-win64-3.6.1.exe)=1bec695388724ce8d40d0403b150706daa9991e088d240779b9b16e60241ec31 RIPEMD160(Wireshark-win64-3.6.1.exe)=b8b37fc0a80855f1e09da1d80336d1b6d1da83b0 SHA1(Wireshark-win64-3.6.1.exe)=0f3d9c8729c016952a56aa883255a1f367d343f7 Wireshark-win32-3.6.1.exe: 61293672 bytes SHA256(Wireshark-win32-3.6.1.exe)=f2a315f304156b7b0874ce6971a3c526264b35f515f58f27b622f9509cfcd26c RIPEMD160(Wireshark-win32-3.6.1.exe)=3e74e0f8aeb8cb69fd141782624348f320c7eaa6 SHA1(Wireshark-win32-3.6.1.exe)=c98c38ccc0cfc0bb1a129c8f4477560801574b7d Wireshark-win32-3.6.1.msi: 45436928 bytes SHA256(Wireshark-win32-3.6.1.msi)=177fd53740429ec3887d62efa99bb28d17fe9454899fcab447b3beaf04013d7c RIPEMD160(Wireshark-win32-3.6.1.msi)=bc38e5acfec61ec15aa2b41bd02c3cc4c166afc8 SHA1(Wireshark-win32-3.6.1.msi)=41a5364ff473373bf8c512f1e9b96e604af39b1d Wireshark-win64-3.6.1.msi: 50946048 bytes SHA256(Wireshark-win64-3.6.1.msi)=c2b32b5ba00caa9168b32f19ffbcfd9ce351c379661533a4096ae0b063550131 RIPEMD160(Wireshark-win64-3.6.1.msi)=f6b049eeb306b991787c5ba9c7f1aaeef30573e9 SHA1(Wireshark-win64-3.6.1.msi)=f3b1c81a5e772ae1b32f45e3c9896d7d2e1a19b8 WiresharkPortable32_3.6.1.paf.exe: 39516080 bytes SHA256(WiresharkPortable32_3.6.1.paf.exe)=0dc6b9a6604f1d6bfe9b2d290db13e3d87615d6e402f3ff252c0b025ac367a1c RIPEMD160(WiresharkPortable32_3.6.1.paf.exe)=2c4e0d90d1a508a3c607e774871fc1910ee0ee3c SHA1(WiresharkPortable32_3.6.1.paf.exe)=b41711ae3731ae0842808af9a3afc56cad1abe04 WiresharkPortable64_3.6.1.paf.exe: 44267152 bytes SHA256(WiresharkPortable64_3.6.1.paf.exe)=feb2594c9aa564b04cacf078e9ca56642ace29a82215d5916b89ca3ae4039cf7 RIPEMD160(WiresharkPortable64_3.6.1.paf.exe)=946fb7ef1542d6658e3c068c77938e16dbf40425 SHA1(WiresharkPortable64_3.6.1.paf.exe)=3486ed5f3ca9d519ea8178736347283be8cc43d7 Wireshark 3.6.1 Arm 64.dmg: 140000615 bytes SHA256(Wireshark 3.6.1 Arm 64.dmg)=878bd09f9bfb6e058e37020902eea92d3111480b4db3114357219042ff126fde RIPEMD160(Wireshark 3.6.1 Arm 64.dmg)=8ed0977c4ca561c813d25d59a5ee3d00dbbaffee SHA1(Wireshark 3.6.1 Arm 64.dmg)=a3b8a53e4c770f6377208c169c2933de328a347b Wireshark 3.6.1 Intel 64.dmg: 138727831 bytes SHA256(Wireshark 3.6.1 Intel 64.dmg)=f348d9fc1f67f4bf75aef3c45aca864dfc9b43cac488b86af8a7b85c671eb46e RIPEMD160(Wireshark 3.6.1 Intel 64.dmg)=d592e1a3c45d7d445d3991218b2cae3a11ecd76a SHA1(Wireshark 3.6.1 Intel 64.dmg)=b04a11c42674b34c2c9a690db0fb92c4bfab761f You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature