Wireshark-dev: [Wireshark-dev] Wireshark 3.4.1 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 9 Dec 2020 18:06:49 -0800
I'm proud to announce the release of Wireshark 3.4.1.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  Bug Fixes

     • wnpa-sec-2020-16[1] Kafka dissector memory leak. Bug 16739[2].
       CVE-2020-26418[3].

     • wnpa-sec-2020-17[4] USB HID dissector crash. Bug 16958[5].
       CVE-2020-26421[6].

     • wnpa-sec-2020-18[7] RTPS dissector memory leak. Bug 16994[8].
       CVE-2020-26420[9].

     • wnpa-sec-2020-19[10] Multiple dissector memory leak. Bug
       17032[11]. CVE-2020-26419[12].

   The following bugs have been fixed:

  New and Updated Features

     • Lua TvbRanges do not support truncated captures where
       tvb_captured_length < tvb_reported_length Bug 15655[13].

     • IETF QUIC TLS decryption errors when a NAT rebinding happens for
       a connection Bug 16915[14].

     • IETF QUIC TLS decryption error with key update Bug 16916[15].

     • IETF QUIC TLS decryption error after the second key update Bug
       16920[16].

     • SOME/IP: Wrong dissection of parameters after Array Bug
       16951[17].

     • Can editcap properly corrupt pcapng file with systemd journal
       export block? Bug 16965[18].

     • Lua: abort() called in lua_tap_draw() and lua_tap_reset() on
       script errors Bug 16974[19].

     • Crash when a GIOP ior.txt file is present Bug 16984[20].

     • Protobuf: failed to parse .proto file contains negative enum
       values or option values of number type Bug 16988[21].

     • MMRP dissector bug Bug 17005[22].

     • QUIC: "Loss bits" capability Bug 17010[23].

     • Stdin capture fails on Windows Bug 17018[24].

     • SSTP no longer recognized Bug 17024[25].

     • RFC2190 encapsulated H.263 bitfields masked wrong in Mode A Bug
       17025[26].

     • Packet list bytes text character cursor is misaligned Bug
       17033[27].

     • SOME/IP: Resetting offset of static_array Bug 17057[28].

     • editcap fails when splitting into multiple pcapng files Bug
       17060[29].

     • SMB Dissector for TRANS2_QUERY_FS_INFO displays truncated FS Name
       & Label Bug 17064[30].

     • Wireshark does not display Arabic, Greek, some other characters
       correctly Bug 17070[31].

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ACDR, DOCSIS, Ericsson HDLC, F5 Ethernet Trailer, GIOP, GSM A, GSM
   RLC MAC, HTTP, IEEE 802.11, Kafka, LLC, MBIM, MMRP, NAS 5GS, NAS EPS,
   Nordic BLE, ProtoBuf, QUIC, Radiotap, RFC 2190, RTCP, RTPS, S1AP,
   SMB, SMB2, SOME/IP, STUN, and USB Video

  New and Updated Capture File Support

   pcapng

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[32] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About → Folders
  to find the default locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’sQ&A site[33] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[34].

  Issues and feature requests can be reported on the issue tracker[35].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[36].

  Last updated 2020-12-09 22:15:23 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2020-16
   2. https://gitlab.com/wireshark/wireshark/-/issues/16739
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26418
   4. https://www.wireshark.org/security/wnpa-sec-2020-17
   5. https://gitlab.com/wireshark/wireshark/-/issues/16958
   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26421
   7. https://www.wireshark.org/security/wnpa-sec-2020-18
   8. https://gitlab.com/wireshark/wireshark/-/issues/16994
   9. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26420
  10. https://www.wireshark.org/security/wnpa-sec-2020-19
  11. https://gitlab.com/wireshark/wireshark/-/issues/17032
  12. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26419
  13. https://gitlab.com/wireshark/wireshark/-/issues/15655
  14. https://gitlab.com/wireshark/wireshark/-/issues/16915
  15. https://gitlab.com/wireshark/wireshark/-/issues/16916
  16. https://gitlab.com/wireshark/wireshark/-/issues/16920
  17. https://gitlab.com/wireshark/wireshark/-/issues/16951
  18. https://gitlab.com/wireshark/wireshark/-/issues/16965
  19. https://gitlab.com/wireshark/wireshark/-/issues/16974
  20. https://gitlab.com/wireshark/wireshark/-/issues/16984
  21. https://gitlab.com/wireshark/wireshark/-/issues/16988
  22. https://gitlab.com/wireshark/wireshark/-/issues/17005
  23. https://gitlab.com/wireshark/wireshark/-/issues/17010
  24. https://gitlab.com/wireshark/wireshark/-/issues/17018
  25. https://gitlab.com/wireshark/wireshark/-/issues/17024
  26. https://gitlab.com/wireshark/wireshark/-/issues/17025
  27. https://gitlab.com/wireshark/wireshark/-/issues/17033
  28. https://gitlab.com/wireshark/wireshark/-/issues/17057
  29. https://gitlab.com/wireshark/wireshark/-/issues/17060
  30. https://gitlab.com/wireshark/wireshark/-/issues/17064
  31. https://gitlab.com/wireshark/wireshark/-/issues/17070
  32. https://www.wireshark.org/download.html#thirdparty
  33. https://ask.wireshark.org/
  34. https://www.wireshark.org/lists/
  35. https://gitlab.com/wireshark/wireshark/-/issues
  36. https://www.wireshark.org/faq.html


Digests

wireshark-3.4.1.tar.xz: 32470004 bytes
SHA256(wireshark-3.4.1.tar.xz)=f8165211f5b4a4f6708df73ef9be51df917927f2da78348b32d3a6eb5fc458a3
RIPEMD160(wireshark-3.4.1.tar.xz)=1b5e1fee340c149b70dbe8e8cf935518b06656e8
SHA1(wireshark-3.4.1.tar.xz)=3c9a24b8954d712a189f997131e283fbd0b606bc

Wireshark-win32-3.4.1.exe: 56544496 bytes
SHA256(Wireshark-win32-3.4.1.exe)=7fb41f10b7b55fe7208504a1b3ba54346995592f223d85073fafb721b7ae43e8
RIPEMD160(Wireshark-win32-3.4.1.exe)=5d333fb127c12c4bf9ca1a497e3b44bd8398e8a2
SHA1(Wireshark-win32-3.4.1.exe)=82a043157828565e10534791874341914563784a

Wireshark-win64-3.4.1.exe: 61466856 bytes
SHA256(Wireshark-win64-3.4.1.exe)=a078a0d97ed271a97fad294654b581b16db9926e80fd66c916b079d8fece1d45
RIPEMD160(Wireshark-win64-3.4.1.exe)=34eba5e05371fdbab9a43a5490fc0641923f8483
SHA1(Wireshark-win64-3.4.1.exe)=8d44d796c5b40a2fbbc93a553d932724669b681c

Wireshark-win32-3.4.1.msi: 44761088 bytes
SHA256(Wireshark-win32-3.4.1.msi)=384d36b8d0a96e785ef79ba83ed35c9628571471a22faad3f88d3f16c5dd5ead
RIPEMD160(Wireshark-win32-3.4.1.msi)=c200f5a7f7d358198e753e79dc884c8baef0a9aa
SHA1(Wireshark-win32-3.4.1.msi)=2df5374db72f65b7a13f34252e995bbc98de9836

Wireshark-win64-3.4.1.msi: 49778688 bytes
SHA256(Wireshark-win64-3.4.1.msi)=fec6cc2f9df755e7b3d5aa04e6483cdaf3acb06a6aaa7ec84568f13d374a2df2
RIPEMD160(Wireshark-win64-3.4.1.msi)=8e8b9d09c3fd0b58cc4a9c34cd24fd251b8efe3f
SHA1(Wireshark-win64-3.4.1.msi)=0c05bd26fbf877b450c90997cfc3fe2cf1592c55

WiresharkPortable_3.4.1.paf.exe: 114716632 bytes
SHA256(WiresharkPortable_3.4.1.paf.exe)=3b1ef47fd88aa17e586be57f096213c3ee1a0ae5eace46eba4abfb8a8450219b
RIPEMD160(WiresharkPortable_3.4.1.paf.exe)=56f45264fb188ba799659f501a4006b5062b3540
SHA1(WiresharkPortable_3.4.1.paf.exe)=f726b13570150bc2d4441ca8ff3cff97aa773325

Wireshark 3.4.1 Intel 64.dmg: 127368038 bytes
SHA256(Wireshark 3.4.1 Intel 64.dmg)=a5bb21db6410c3151f48afc39e0d0e4a270bb87b8102e8b9348df3e3455bb241
RIPEMD160(Wireshark 3.4.1 Intel 64.dmg)=93e87bd6ab58d4ddc727e5d52f6f94ddc29e354f
SHA1(Wireshark 3.4.1 Intel 64.dmg)=33f6b2b6d11d9efaea14916645803327ada1de41

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz