Wireshark-users: [Wireshark-users] Wireshark 4.2.5 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 15 May 2024 12:49:19 -0700
I'm proud to announce the release of Wireshark 4.2.5.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

  Wireshark is hosted by the Wireshark Foundation, a nonprofit which
  promotes protocol analysis education. Wireshark and the foundation
  depend on your contributions in order to do their work. If you or your
  organization would like to contribute or become a sponsor, please
  visit wiresharkfoundation.org[1].

 What’s New

  Bug Fixes

   If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will
   need to download and install[2] Wireshark 4.2.5 or later by hand.

   The following vulnerabilities have been fixed:

     • wnpa-sec-2024-07[3] MONGO and ZigBee TLV dissector infinite
       loops. Issue 19726[4]. CVE-2024-4854[5].

     • wnpa-sec-2024-08[6] The editcap command line utility could crash
       when chopping bytes from the beginning of a packet. Issue
       19724[7]. CVE-2024-4853[8].

     • wnpa-sec-2024-09[9] The editcap command line utility could crash
       when injecting secrets while writing multiple files. Issue
       19782[10]. CVE-2024-4855[11].

   The following bugs have been fixed:

     • Flow Graph scrolls in the wrong direction vertically when
       pressing Up/Down. Issue 12932[12].

     • TCP Stream Window Scaling not working in version 2.6.1 and later.
       Issue 15016[13].

     • TCP stream graphs (Window scaling) axis display is confusing.
       Issue 17425[14].

     • LUA get_dissector does not give the correct dissector under
       32-bit version. Issue 18367[15].

     • Lua: Segfault when registering a field or expert info twice.
       Issue 19194[16].

     • SSH can not decrypt when KEX is curve25519-sha256@xxxxxxxxxx[17].
       Issue 19240[18].

     • Wireshark crash related to Lua `DissectorTable.heuristic_new()`
       Issue 19603[19].

     • MATE fails to extract HTTP2 User-Agent header. Issue 19619[20].

     • Fuzz job issue: fuzz-2024-02-29-7169.pcap. Issue 19679[21].

     • Fuzz job issue: fuzz-2024-03-02-7158.pcap. Issue 19684[22].

     • Problem to Decode 5GC-N7 HTTP for payload Application/JSON. Issue
       19723[23].

     • Copying data as C String produces incorrect string. Issue
       19735[24].

     • Incorrect decoding of supported Tx HE-MCS. Issue 19737[25].

     • reordercap: Fix packet reordering with multiple IDB’s not at the
       beginning of a pcapng file. Issue 19740[26].

     • Wrong EPB lengths written if existing pcapng file has epb_hash
       options. Issue 19766[27].

     • On Windows, Export Displayed Packets dialog does not have
       "include depended upon packets" checkbox. Issue 19772[28].

     • vnd.3gpp.sms binary payload NOT decoded inside HTTP2 5GC. Issue
       19773[29].

     • NAS 5G message container dissection. Issue 19793[30].

     • Incorrect interpretation of algorithm name in packet-tls-utils.c.
       Issue 19801[31].

  New and Updated Features

   There are no new or updated features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   5co_legacy, 5co_rap, BT Mesh, CQL, DOCSIS MAC MGMT, E.212, EPL, FC
   FZS, GQUIC, GRPC, GSM RP, HTTP2, ICMPv6, IEEE 1905, IEEE 802.11,
   IPARS, JSON-3GPP, LAPD, LLDP, MATE, MONGO, NAS 5GS, NR-RRC, PER,
   PFCP, PTP, QUIC, SSH, TIPC, and ZBD

  New and Updated Capture File Support

   BLF and pcapng

  Updated File Format Decoding Support

   There is no updated file format support in this release.

 Prior Versions

  This document only describes the changes introduced in Wireshark
  4.2.5. You can find release notes for prior versions at the following
  locations:

    • Wireshark 4.2.4[32]

    • Wireshark 4.2.3[33]

    • Wireshark 4.2.2[34]

    • Wireshark 4.2.1[35]

    • Wireshark 4.2.0[36]

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[37] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use "Help › About
  Wireshark › Folders" or `tshark -G folders` to find the default
  locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’s Q&A site[38] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[39].

  Bugs and feature requests can be reported on the issue tracker[40].

  You can learn protocol analysis and meet Wireshark’s developers at
  SharkFest[41].

 How You Can Help

  The Wireshark Foundation helps as many people as possible understand
  their networks as much as possible. You can find out more and donate
  at wiresharkfoundation.org[42].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[43].

 References

   1. https://wiresharkfoundation.org
   2. https://www.wireshark.org/download.html
   3. https://www.wireshark.org/security/wnpa-sec-2024-07
   4. https://gitlab.com/wireshark/wireshark/-/issues/19726
   5. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4854
   6. https://www.wireshark.org/security/wnpa-sec-2024-08
   7. https://gitlab.com/wireshark/wireshark/-/issues/19724
   8. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4853
   9. https://www.wireshark.org/security/wnpa-sec-2024-09
  10. https://gitlab.com/wireshark/wireshark/-/issues/19782
  11. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4855
  12. https://gitlab.com/wireshark/wireshark/-/issues/12932
  13. https://gitlab.com/wireshark/wireshark/-/issues/15016
  14. https://gitlab.com/wireshark/wireshark/-/issues/17425
  15. https://gitlab.com/wireshark/wireshark/-/issues/18367
  16. https://gitlab.com/wireshark/wireshark/-/issues/19194
  17. https://gitlab.com/wireshark/wireshark/-/issues/19194
  18. https://gitlab.com/wireshark/wireshark/-/issues/19240
  19. https://gitlab.com/wireshark/wireshark/-/issues/19603
  20. https://gitlab.com/wireshark/wireshark/-/issues/19619
  21. https://gitlab.com/wireshark/wireshark/-/issues/19679
  22. https://gitlab.com/wireshark/wireshark/-/issues/19684
  23. https://gitlab.com/wireshark/wireshark/-/issues/19723
  24. https://gitlab.com/wireshark/wireshark/-/issues/19735
  25. https://gitlab.com/wireshark/wireshark/-/issues/19737
  26. https://gitlab.com/wireshark/wireshark/-/issues/19740
  27. https://gitlab.com/wireshark/wireshark/-/issues/19766
  28. https://gitlab.com/wireshark/wireshark/-/issues/19772
  29. https://gitlab.com/wireshark/wireshark/-/issues/19773
  30. https://gitlab.com/wireshark/wireshark/-/issues/19793
  31. https://gitlab.com/wireshark/wireshark/-/issues/19801
  32. https://www.wireshark.org/docs/relnotes/wireshark-4.2.4.html
  33. https://www.wireshark.org/docs/relnotes/wireshark-4.2.3.html
  34. https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html
  35. https://www.wireshark.org/docs/relnotes/wireshark-4.2.1.html
  36. https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html
  37. https://www.wireshark.org/download.html
  38. https://ask.wireshark.org/
  39. https://www.wireshark.org/lists/
  40. https://gitlab.com/wireshark/wireshark/-/issues
  41. https://sharkfest.wireshark.org
  42. https://wiresharkfoundation.org
  43. https://www.wireshark.org/faq.html


Digests

wireshark-4.2.5.tar.xz: 45014156 bytes
SHA256(wireshark-4.2.5.tar.xz)=55e793ab87a9a73aac44336235c92cb76c52180c469b362ed3a54f26fbb1261f
SHA1(wireshark-4.2.5.tar.xz)=03293699260d2492166ac805ef0c10b8a6b531e6

Wireshark-4.2.5-x64.exe: 86489296 bytes
SHA256(Wireshark-4.2.5-x64.exe)=3d921ee584d0984f694f60a771a6581a6f32a9de995a5cd4bca1931185a4e618
SHA1(Wireshark-4.2.5-x64.exe)=0e3c7b4dcd5c247c8f9726195a4d5a70b99f8b1b

Wireshark-4.2.5-arm64.exe: 67980200 bytes
SHA256(Wireshark-4.2.5-arm64.exe)=331a0925ee1e4d6d1b16af6982972631335fc238afe626903ed122e146830c5a
SHA1(Wireshark-4.2.5-arm64.exe)=e0b5789980c0f12e344f6b8820f49facd5b379c6

Wireshark-4.2.5-x64.msi: 62894080 bytes
SHA256(Wireshark-4.2.5-x64.msi)=65413e0733192979e168f8a11940828d1c2410ae21862f2e7012a3edb7e22ee1
SHA1(Wireshark-4.2.5-x64.msi)=e925d3cee2e604ab659e4da42df0880a6531151f

WiresharkPortable64_4.2.5.paf.exe: 53647808 bytes
SHA256(WiresharkPortable64_4.2.5.paf.exe)=1706e3c2d5e198270707641bbbde3042d8921cb95d2683633dd855fee921847d
SHA1(WiresharkPortable64_4.2.5.paf.exe)=ef0c034a38d77ead057dbb6444cce70f9a07815c

Wireshark 4.2.5 Arm 64.dmg: 65573656 bytes
SHA256(Wireshark 4.2.5 Arm 64.dmg)=72d670ad068ac46c1d16ffb5fc8e6b582136a0eed6fc278b9f36877311e4e4af
SHA1(Wireshark 4.2.5 Arm 64.dmg)=84fe8ed0cf40b861f8039d811a1bb1704f9e57db

Wireshark 4.2.5 Intel 64.dmg: 69328176 bytes
SHA256(Wireshark 4.2.5 Intel 64.dmg)=67a1ea88226c2f5699c3c6c36fb0006d84c62bdbfe5474dccff30860fd9f81b7
SHA1(Wireshark 4.2.5 Intel 64.dmg)=a72a8034474e42c4e20a0f05e464ddb1f3616c66

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Arm 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature