I'm proud to announce the release of Wireshark 2.4.4. __________________________________________________________________
What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. __________________________________________________________________ What's New Bug Fixes The following vulnerabilities have been fixed: * [1]wnpa-sec-2018-01 Multiple dissectors could crash. ([2]Bug 14253) [3]CVE-2018-5336 * [4]wnpa-sec-2018-03 The IxVeriWave file parser could crash. ([5]Bug 14297) [6]CVE-2018-5334 * [7]wnpa-sec-2018-04 The WCP dissector could crash. ([8]Bug 14251) [9]CVE-2018-5335 Prior to this release dumpcap enabled the Linux kernel's BPF JIT compiler via the net.core.bpf_jit_enable sysctl. This could make systems more vulnerable to Spectre variant 1 ([10]CVE-2017-5753) and this feature has been removed ([11]Bug 14313). The following bugs have been fixed: * Some keyboard shortcut mix-up has been resolved by assigning new shortcuts to Edit -> Copy methods. * Remote interfaces are not saved. ([12]Bug 8557) * Additional grouping in Expert Information dialog. ([13]Bug 11753) * First start with non-empty extcap folder after install or reboot hangs at "initializing tap listeners". ([14]Bug 12845) * Can't hide expert categories in Expert Information. ([15]Bug 13831) * Expert info dialog should have "Collapse All"/"Expand All" options. ([16]Bug 13842) * SIP Statistics extract does not work. ([17]Bug 13942) * Service Response Time - SCSI dialog crashes. ([18]Bug 14144) * Wireshark & Tshark 2.4.2 core dumps with segmentation fault. ([19]Bug 14194) * SSH remote capture promiscuous mode. ([20]Bug 14237) * SOCKS pseudo header displays incorrect Version value. ([21]Bug 14262) * Only first variable of list is dissected in NTP Control request message. ([22]Bug 14268) * NTP Authenticator field dissection fails if padding is used. ([23]Bug 14269) * BSSAP packet dissector issue - BSSAP_UPLINK_TUNNEL_REQUEST message. ([24]Bug 14289) * "[Malformed Packet]" for Mobile IP (MIP) protocol. ([25]Bug 14292) * There is a potential buffer underflow in File_read_line function in epan/wslua/wslua_file.c file. ([26]Bug 14295) * Saving a temporary capture file may not result in the temporary file being removed. ([27]Bug 14298) New and Updated Features There are no new features in this release. New Protocol Support There are no new protocols in this release. Updated Protocol Support Bluetooth, BSSAP, BT ATT, BT HCI, BT SMP, MIP, NTP, SCTP, SOCKS, UDS, and WCP New and Updated Capture File Support Ixia IxVeriWave __________________________________________________________________ Getting Wireshark Wireshark source code and installation packages are available from [28]https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the [29]download page on the Wireshark web site. __________________________________________________________________ File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system. __________________________________________________________________ Known Problems Dumpcap might not quit if Wireshark or TShark crashes. ([30]Bug 1419) The BER dissector might infinitely loop. ([31]Bug 1516) Capture filters aren't applied when capturing from named pipes. ([32]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. ([33]Bug 2234) Application crash when changing real-time option. ([34]Bug 4035) Wireshark and TShark will display incorrect delta times in some cases. ([35]Bug 4985) Wireshark should let you work with multiple capture files. ([36]Bug 10488) __________________________________________________________________ Getting Help Community support is available on [37]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on [38]the web site. Official Wireshark training and certification are available from [39]Wireshark University. __________________________________________________________________ Frequently Asked Questions A complete FAQ is available on the [40]Wireshark web site. __________________________________________________________________ Last updated 2018-01-11 17:57:46 UTC References 1. https://www.wireshark.org/security/wnpa-sec-2018-01.html 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5336 4. https://www.wireshark.org/security/wnpa-sec-2018-03.html 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5334 7. https://www.wireshark.org/security/wnpa-sec-2018-04.html 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251 9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5335 10. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14313 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8557 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11753 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12845 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13831 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13842 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13942 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14144 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14194 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14237 21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14262 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14268 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14269 24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14289 25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14292 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295 27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14298 28. https://www.wireshark.org/download.html 29. https://www.wireshark.org/download.html#thirdparty 30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 37. https://ask.wireshark.org/ 38. https://www.wireshark.org/lists/ 39. http://www.wiresharktraining.com/ 40. https://www.wireshark.org/faq.html Digests wireshark-2.4.4.tar.xz: 28818372 bytes SHA256(wireshark-2.4.4.tar.xz)=049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58 RIPEMD160(wireshark-2.4.4.tar.xz)=ee062bc380db3efce21640774bf6cb5c327b8b27 SHA1(wireshark-2.4.4.tar.xz)=cefc8e6666ee2f73d7f96f2708d582c57abb486f Wireshark-win32-2.4.4.exe: 52697912 bytes SHA256(Wireshark-win32-2.4.4.exe)=1f93c1df271aeaa60161d67abd9e17f48f07f1a7cfc84c3c09076be23b2a845e RIPEMD160(Wireshark-win32-2.4.4.exe)=93ce703dc83c6cc0c23ade12a59bcbaa6088b8ba SHA1(Wireshark-win32-2.4.4.exe)=1d14fb39f382909587ac9ce65477f1702570cb3a Wireshark-win64-2.4.4.exe: 57913704 bytes SHA256(Wireshark-win64-2.4.4.exe)=f532b664921a317c151ef0fb2b4e7badcdb9ecd5a969d38bd54568a6a0a18c68 RIPEMD160(Wireshark-win64-2.4.4.exe)=137f4225a15183bacc9c4c51522a99b624095c39 SHA1(Wireshark-win64-2.4.4.exe)=e7890e6445118a9238cab51cf89407c6fdd2235d Wireshark-win64-2.4.4.msi: 47095808 bytes SHA256(Wireshark-win64-2.4.4.msi)=38293816156d0aa51302e09fa2901a24913eb8e1b8cebee9bb90b318d85343f5 RIPEMD160(Wireshark-win64-2.4.4.msi)=5b50bc5d30dad6f5e9eac8539da57c373f5c291d SHA1(Wireshark-win64-2.4.4.msi)=70c0be5ff3d5d61428e7b07885a979d12e82ea6b Wireshark-win32-2.4.4.msi: 41943040 bytes SHA256(Wireshark-win32-2.4.4.msi)=0407314ae45c391ca6cccddf428b8f452e6dbbfee13143d4cb178f643e8a5a8b RIPEMD160(Wireshark-win32-2.4.4.msi)=22b168509f5bf9e8df2013aed781686ad89959b8 SHA1(Wireshark-win32-2.4.4.msi)=003c2d7c3670b19b4397fc9855683e65ea12ea56 WiresharkPortable_2.4.4.paf.exe: 45378496 bytes SHA256(WiresharkPortable_2.4.4.paf.exe)=4c6c0481ed216e797351fc38ba63754e37ac4cb2686595204f9be00d3b5dd4bb RIPEMD160(WiresharkPortable_2.4.4.paf.exe)=773aa2c4fc2cd4126fd3da06da3066c27e45cd79 SHA1(WiresharkPortable_2.4.4.paf.exe)=f484dd8d2bba9ccaefe187c0e50f30c231141bce Wireshark 2.4.4 Intel 64.dmg: 35240389 bytes SHA256(Wireshark 2.4.4 Intel 64.dmg)=eb6d9a304b2697a90f267bd8734926a9fe37939aab8394a550cd4c272dd15e11 RIPEMD160(Wireshark 2.4.4 Intel 64.dmg)=9cdf3614de288ae38170fae1d540bb3b874f997b SHA1(Wireshark 2.4.4 Intel 64.dmg)=c1e169fbf3797a082b638cd8415d20f63d476131 You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz
signature.asc
Description: OpenPGP digital signature
___________________________________________________________________________ Sent via: Wireshark-announce mailing list <wireshark-announce@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-announce Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-announce mailto:wireshark-announce-requ...@wireshark.org?subject=unsubscribe