Wireshark-users: [Wireshark-users] Wireshark 4.0.1 is now available

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 26 Oct 2022 12:04:05 -0700
I'm proud to announce the release of Wireshark 4.0.1.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  We do not ship official 32-bit Windows packages for Wireshark 4.0 and
  later. If you need to use Wireshark on that platform, we recommend
  using the latest 3.6 release. Issue 17779[1]

    • The Windows installers now ship with Qt 5.12.2. They previously
      shipped with Qt 6.2.3.

  Bug Fixes

   The following bugs have been fixed:

     • Comparing a boolean field against 1 always succeeds on big-endian
       machines. Issue 12236[2].

     • Qt: MaxMind GeoIP columns not added to Endpoints table. Issue
       18320[3].

     • Fuzz job crash output: fuzz-2022-10-04-7131.pcap. Issue 18402[4].

     • The RTP player might not play audio on Windows. Issue 18413[5].

     • Wireshark 4.0 breaks display filter expression with > sign. Issue
       18418[6].

     • Capture filters not working when using SSH capture and dumpcap.
       Issue 18420[7].

     • Packet diagram field values are not terminated. Issue 18428[8].

     • Packet bytes not displayed completely if scrolling. Issue
       18438[9].

     • Fuzz job crash output: fuzz-2022-10-13-7166.pcap. Issue
       18467[10].

     • Decoding bug H.245 userInput Signal. Issue 18468[11].

     • CFDP dissector doesn’t handle \"destination filename\" only.
       Issue 18495[12].

     • Home page capture button doesn’t pop up capture options dialog.
       Issue 18506[13].

     • Missing dot in H.248 protocol name. Issue 18513[14].

     • Missing dot for protocol H.264 in protocol column. Issue
       18524[15].

     • Fuzz job crash output: fuzz-2022-10-23-7240.pcap. Issue
       18534[16].

  New and Updated Features

  Removed Features and Support

     • The experimental display filter syntax for literals using angle
       brackets <…​> that was introduced in Wireshark 4.0.0 has been
       removed. For byte arrays a colon prefix can be used instead. See
       the User’s Guide[17] for details.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 PER, CFDP, Diameter, DirectPlay, F5 Ethernet Trailer, GTP,
   H.223, H.248, H.264, H.265, IEEE 802.11, IPv4, MBIM, O-RAN FH CUS,
   PFCP, RTCP, SCTP, SMB, TCP, and TRANSUM

  New and Updated Capture File Support

   BLF

  New File Format Decoding Support

   There is no new or updated file format support in this release.

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[18] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use "Help › About
  Wireshark › Folders" or `tshark -G folders` to find the default
  locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’s Q&A site[19] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[20].

  Bugs and feature requests can be reported on the issue tracker[21].

  You can learn protocol analysis and meet Wireshark’s developers at
  SharkFest[22].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[23].

 References

   1. https://gitlab.com/wireshark/wireshark/-/issues/17779
   2. https://gitlab.com/wireshark/wireshark/-/issues/12236
   3. https://gitlab.com/wireshark/wireshark/-/issues/18320
   4. https://gitlab.com/wireshark/wireshark/-/issues/18402
   5. https://gitlab.com/wireshark/wireshark/-/issues/18413
   6. https://gitlab.com/wireshark/wireshark/-/issues/18418
   7. https://gitlab.com/wireshark/wireshark/-/issues/18420
   8. https://gitlab.com/wireshark/wireshark/-/issues/18428
   9. https://gitlab.com/wireshark/wireshark/-/issues/18438
  10. https://gitlab.com/wireshark/wireshark/-/issues/18467
  11. https://gitlab.com/wireshark/wireshark/-/issues/18468
  12. https://gitlab.com/wireshark/wireshark/-/issues/18495
  13. https://gitlab.com/wireshark/wireshark/-/issues/18506
  14. https://gitlab.com/wireshark/wireshark/-/issues/18513
  15. https://gitlab.com/wireshark/wireshark/-/issues/18524
  16. https://gitlab.com/wireshark/wireshark/-/issues/18534
  17. https://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDispla
  yFilterSection.html#_some_protocol_names_can_be_ambiguous
  18. https://www.wireshark.org/download.html
  19. https://ask.wireshark.org/
  20. https://www.wireshark.org/lists/
  21. https://gitlab.com/wireshark/wireshark/-/issues
  22. https://sharkfest.wireshark.org
  23. https://www.wireshark.org/faq.html


Digests

wireshark-4.0.1.tar.xz: 41282116 bytes
SHA256(wireshark-4.0.1.tar.xz)=b3b002f99d13bbf47f9ed3be7eb372cb0c2454bd0faea29a756819ce019ffdc2
SHA1(wireshark-4.0.1.tar.xz)=dfd83a3b589c690e79e5dafe60a62be72152c2c0

Wireshark-win64-4.0.1.exe: 78685424 bytes
SHA256(Wireshark-win64-4.0.1.exe)=39a544884be9fd40eb2c83f2440cd5efdc43a04f8ccd230379905c157c9b532e
SHA1(Wireshark-win64-4.0.1.exe)=0529c4be1602c3e9b1932cc4a41120beb557974b

Wireshark-win64-4.0.1.msi: 52121600 bytes
SHA256(Wireshark-win64-4.0.1.msi)=5f89e2547880642f1b6f1e81fdbbeb73b8b18ab7e4cf913890215ce343d43afa
SHA1(Wireshark-win64-4.0.1.msi)=a9d6af821074e766cb6b616adc1a1ee392218179

WiresharkPortable64_4.0.1.paf.exe: 45460832 bytes
SHA256(WiresharkPortable64_4.0.1.paf.exe)=9d044dda88600399acb9a534a36457bf018a548289d603fe7a6f07a4b5934ae8
SHA1(WiresharkPortable64_4.0.1.paf.exe)=9ab84e45c3c7e863c56f40025d93b2570bc7bef2

Wireshark 4.0.1 Arm 64.dmg: 62674571 bytes
SHA256(Wireshark 4.0.1 Arm 64.dmg)=0a751a5780d76bacd10ffebaa8a3984fdf9d6a5773b68b7ff002eea189506c62
SHA1(Wireshark 4.0.1 Arm 64.dmg)=d4c391b03200d1fca42e75b51bd913623cc7dbda

Wireshark 4.0.1 Intel 64.dmg: 65647561 bytes
SHA256(Wireshark 4.0.1 Intel 64.dmg)=ebcd964f791b59734559ba3859cd58ba354d36d51d59f13fda710197f057355b
SHA1(Wireshark 4.0.1 Intel 64.dmg)=10f48f154c6587f85f4c1b7ce589f0a52953e2f0

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: OpenPGP_signature
Description: OpenPGP digital signature