Wireshark-dev: [Wireshark-dev] Wireshark 3.4.3 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Fri, 29 Jan 2021 11:43:00 -0800
I'm proud to announce the release of Wireshark 3.4.3.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  The Windows installers now ship with Npcap 1.10. They previously
  shipped with Npcap 1.00.

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2021-01[1] USB HID dissector memory leak. Bug 17124[2].
       CVE-2021-22173[3].

     • wnpa-sec-2021-02[4] USB HID dissector crash. Bug 17165[5].
       CVE-2021-22174[6].

   The following bugs have been fixed:

     • SIP response single-line multiple Contact-URIs decoding error Bug
       13752[7].

     • Adding filter while "Telephony→VoIP Calls→Flow Sequence" open
       causes OOB memory reads and potential crashes. Bug 16952[8].

     • QUIC packet not fully dissected Bug 17077[9].

     • SOMEIP-SD hidden entries are off Bug 17091[10].

     • Problem with calculation on UDP checksum in SRv6 Bug 17097[11].

     • Dark mode not working in Wireshark 3.4.2 on macOS Bug 17098[12].

     • Wireshark 3.4.0: build failure on older MacOS releases, due to
       'CLOCK_REALTIME' Bug 17101[13].

     • TECMP: Status Capture Module messages shows 3 instead of 2 bytes
       for HW version Bug 17133[14].

     • Documentation - editorial error - README.dissector bad reference
       Bug 17141[15].

     • Cannot save capture with comments to a format that doesn’t
       support it (no pop-up) Bug 17146[16].

     • AUTOSAR-NM: PNI TF-String wrong way around Bug 17154[17].

     • Fibre Channel parsing errors even with the fix for #17084 Bug
       17168[18].

     • f5ethtrailer: Won’t find a trailer after an FCS that begins with
       a 0x00 byte Bug 17171[19].

     • f5ethtrailer: legacy format, low noise only, no vip name trailers
       no longer detected Bug 17172[20].

     • Buildbot crash output: fuzz-2021-01-22-3387835.pcap Bug
       17174[21].

     • Dissection error on large ZVT packets Bug 17177[22].

     • TShark crashes with -T ek option Bug 17179[23].

  New and Updated Features

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   AUTOSAR-NM, DHCPv6, DoIP, FC ELS, GQUIC, IPv6, NAS 5GS, NAS EPS,
   QUIC, SIP, SOME/IP-SD, TECMP, TLS, TPNCP, USB HID, and ZVT

  New and Updated Capture File Support

   f5ethtrailer and pcapng

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[24] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About → Folders
  to find the default locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’sQ&A site[25] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[26].

  Issues and feature requests can be reported on the issue tracker[27].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[28].

  Last updated 2021-01-29 18:02:26 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2021-01
   2. https://gitlab.com/wireshark/wireshark/-/issues/17124
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22173
   4. https://www.wireshark.org/security/wnpa-sec-2021-02
   5. https://gitlab.com/wireshark/wireshark/-/issues/17165
   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22174
   7. https://gitlab.com/wireshark/wireshark/-/issues/13752
   8. https://gitlab.com/wireshark/wireshark/-/issues/16952
   9. https://gitlab.com/wireshark/wireshark/-/issues/17077
  10. https://gitlab.com/wireshark/wireshark/-/issues/17091
  11. https://gitlab.com/wireshark/wireshark/-/issues/17097
  12. https://gitlab.com/wireshark/wireshark/-/issues/17098
  13. https://gitlab.com/wireshark/wireshark/-/issues/17101
  14. https://gitlab.com/wireshark/wireshark/-/issues/17133
  15. https://gitlab.com/wireshark/wireshark/-/issues/17141
  16. https://gitlab.com/wireshark/wireshark/-/issues/17146
  17. https://gitlab.com/wireshark/wireshark/-/issues/17154
  18. https://gitlab.com/wireshark/wireshark/-/issues/17168
  19. https://gitlab.com/wireshark/wireshark/-/issues/17171
  20. https://gitlab.com/wireshark/wireshark/-/issues/17172
  21. https://gitlab.com/wireshark/wireshark/-/issues/17174
  22. https://gitlab.com/wireshark/wireshark/-/issues/17177
  23. https://gitlab.com/wireshark/wireshark/-/issues/17179
  24. https://www.wireshark.org/download.html#thirdparty
  25. https://ask.wireshark.org/
  26. https://www.wireshark.org/lists/
  27. https://gitlab.com/wireshark/wireshark/-/issues
  28. https://www.wireshark.org/faq.html


Digests

wireshark-3.4.3.tar.xz: 32287304 bytes
SHA256(wireshark-3.4.3.tar.xz)=f467cc77f0fc73fce0b854cdbc292f132d4879fca69d417eccad5f967fbf262b
RIPEMD160(wireshark-3.4.3.tar.xz)=6b4174c94fa9f111937ad075a5a7265fc98b0f41
SHA1(wireshark-3.4.3.tar.xz)=7dec4332f21827e360b5830d1d6d566365796a67

Wireshark-win64-3.4.3.exe: 61482312 bytes
SHA256(Wireshark-win64-3.4.3.exe)=3bb02427d9c29d7fc04bf011f2e4ebd4f23ebe68f275f51d4ae36ee167b6cb03
RIPEMD160(Wireshark-win64-3.4.3.exe)=137d9615b4aceb2ea48be43c2c87fbfef5d77f1c
SHA1(Wireshark-win64-3.4.3.exe)=506cd5ed2973b23106b067c3dd84dd82988c25a6

Wireshark-win32-3.4.3.exe: 56533576 bytes
SHA256(Wireshark-win32-3.4.3.exe)=6f99517f1e3c35be1de40ab9d333e6b3f053a60b7622798b171fef9e0da33c95
RIPEMD160(Wireshark-win32-3.4.3.exe)=f7fbf73dbf8a3aeda68898b71472ef465933a5a4
SHA1(Wireshark-win32-3.4.3.exe)=bf62c9b95863d77e85456d63f9341be6d744427b

Wireshark-win32-3.4.3.msi: 44769280 bytes
SHA256(Wireshark-win32-3.4.3.msi)=4a9e8dce82fb265fccf13e5864312f8af8dc199dfe8bd8b044683323a12064a3
RIPEMD160(Wireshark-win32-3.4.3.msi)=6db7ad54a15e4a16b6213645a5a3ccd1fa73f11c
SHA1(Wireshark-win32-3.4.3.msi)=e3e412933b2b4ac1c53e39ad7f2d4573216727bf

Wireshark-win64-3.4.3.msi: 49803264 bytes
SHA256(Wireshark-win64-3.4.3.msi)=191d7a4403689e94cd89c4468b0f8ee5e5ed81addac6faedd2912a5803a898d1
RIPEMD160(Wireshark-win64-3.4.3.msi)=13ec6d4cb59098574f790dc8efc52ef3062916c6
SHA1(Wireshark-win64-3.4.3.msi)=2c172244fe5c8edb78f03aa82f159a646dc19650

WiresharkPortable_3.4.3.paf.exe: 115216256 bytes
SHA256(WiresharkPortable_3.4.3.paf.exe)=e14e92708d99c691f8647cb23b8e43e6fc6ffdf2a417f0044684e94ea156b041
RIPEMD160(WiresharkPortable_3.4.3.paf.exe)=8b1f254f484d6911aa90b90c609daa484d039812
SHA1(WiresharkPortable_3.4.3.paf.exe)=b8dd1401ca77a3aab2245e95bc88266132fedc87

Wireshark 3.4.3 Intel 64.dmg: 130901551 bytes
SHA256(Wireshark 3.4.3 Intel 64.dmg)=d3574ea99758abed0fddacec8dcaf1e3c6b767e6e3651b93f4315d6d0d41c8f8
RIPEMD160(Wireshark 3.4.3 Intel 64.dmg)=dbfa7f7d6433790fff6e4e7fdafd8b64ed6b8da9
SHA1(Wireshark 3.4.3 Intel 64.dmg)=f44c22c86dcad1a9978f02da3aecee34f1ccbba8

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: OpenPGP_signature
Description: OpenPGP digital signature