Wireshark-users: [Wireshark-users] Wireshark 1.10.1 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Fri, 26 Jul 2013 14:55:19 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.10.1.

     __________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol
   analyzer. It is used for troubleshooting, analysis, development
   and education.
     __________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2013-41
       The DCP ETSI dissector could crash. ([2]Bug 8717)
       Versions affected: 1.10.0, 1.8.0 to 1.8.7
       [3]CVE-2013-4083
     * [4]wnpa-sec-2013-42
       The P1 dissector could crash. Discovered by Laurent Butti.
       ([5]Bug 8826)
       Versions affected: 1.10.0
       [6]CVE-2013-4920
     * [7]wnpa-sec-2013-43
       The Radiotap dissector could crash. Discovered by Laurent
       Butti. ([8]Bug 8830)
       Versions affected: 1.10.0
       [9]CVE-2013-4921
     * [10]wnpa-sec-2013-44
       The DCOM ISystemActivator dissector could crash. Discovered
       by Laurent Butti. ([11]Bug 8828)
       Versions affected: 1.10.0
       [12]CVE-2013-4922 [13]CVE-2013-4923 [14]CVE-2013-4924
       [15]CVE-2013-4925 [16]CVE-2013-4926
     * [17]wnpa-sec-2013-45
       The Bluetooth SDP dissector could go into a large loop.
       Discovered by Laurent Butti. ([18]Bug 8831)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [19]CVE-2013-4927
     * [20]wnpa-sec-2013-46
       The Bluetooth OBEX dissector could go into an infinite
       loop. ([21]Bug 8875)
       Versions affected: 1.10.0
       [22]CVE-2013-4928
     * [23]wnpa-sec-2013-47
       The DIS dissector could go into a large loop. ([24]Bug
       8911)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [25]CVE-2013-4929
     * [26]wnpa-sec-2013-48
       The DVB-CI dissector could crash. Discovered by Laurent
       Butti. ([27]Bug 8916)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [28]CVE-2013-4930
     * [29]wnpa-sec-2013-49
       The GSM RR dissector (and possibly others) could go into a
       large loop. ([30]Bug 8923)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [31]CVE-2013-4931
     * [32]wnpa-sec-2013-50
       The GSM A Common dissector could crash. ([33]Bug 8940)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [34]CVE-2013-4932
     * [35]wnpa-sec-2013-51
       The Netmon file parser could crash. Discovered by G.
       Geshev. ([36]Bug 8742)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [37]CVE-2013-4933 [38]CVE-2013-4934
     * [39]wnpa-sec-2013-52
       The ASN.1 PER dissector could crash. Discovered by
       Oliver-Tobias Ripka. ([40]Bug 8722)
       Versions affected: 1.10.0, 1.8.0 to 1.8.8
       [41]CVE-2013-4935
     * [42]wnpa-sec-2013-53
       The PROFINET Real-Time dissector could crash. ([43]Bug
       8904)
       Versions affected: 1.10.0
       [44]CVE-2013-4936

   The following bugs have been fixed:
     * Mark retransmitted SYN and FIN packets as retransmissions.
     * Wireshark hides under Taskbar. ([45]Bug 3034)
     * IEEE 802.15.4 frame check sequence in "Chipcon mode" not
       displayed correctly. ([46]Bug 4507)
     * Mask in Lua ProtoField.uint32() does not work as expected.
       ([47]Bug 5734)
     * Crash when applying filter with Voip calls. ([48]Bug 6090)
     * Delta time regressions to tshark introduced with SVN 45071.
       ([49]Bug 8160)
     * Add MAC-DATA support to TETRA dissector and other minor
       improvements. ([50]Bug 8708)
     * Crash analyzing VoIP Calls (T38). ([51]Bug 8736)
     * Wireshark writes empty NRB FQDN which makes trace
       unloadable. ([52]Bug 8763)
     * Quick launch icon is absent, so it shows up as a generic
       icon. ([53]Bug 8773)
     * Wrong encoding for 2 pod files, UTF-8 characters in
       another. ([54]Bug 8774)
     * SCSI (SPC) sense key specific information field must not
       include SKSV. ([55]Bug 8782)
     * Wireshark crashes when closing Flow Graph with Graph
       Analysis opened. ([56]Bug 8793)
     * Wrong size of LLRP ProtocolID Parameter in Accessspec
       Parameter. ([57]Bug 8809)
     * Detection of IPv6 works only on Solaris 8. ([58]Bug 8813)
     * ip.opt.type triggers for TCP NOP option. ([59]Bug 8823)
     * DCOM-SYSACT dissector crash. ([60]Bug 8828)
     * Incorrect decoding of MPLS Echo Request with BGP FEC.
       ([61]Bug 8835)
     * Buggy IEC104 dissector caused by commit r48958. ([62]Bug
       8849)
     * ansi_637_tele dissector displays MSB as MBS for Call-Back
       Number. ([63]Bug 8851)
     * LISP Map-Notify flags I and R shown incorrectly. ([64]Bug
       8852)
     * ONTAP_V4 fhandle decoding leads to dissector bug. ([65]Bug
       8853)
     * Dropped bytes in imap dissector. ([66]Bug 8857)
     * Kismet drone/server dissector improvements. ([67]Bug 8864)
     * TShark iostat_draw sizeof mismatch. ([68]Bug 8888)
     * SCTP bytes graph crash. ([69]Bug 8889)
     * Patch to Wireshark/tshark usage info and man pages to
       document all timestamp (-t) options. ([70]Bug 8906)
     * Strange behavior of tree expand/collapse in packet details.
       ([71]Bug 8908)
     * Graph Filter field limited to 256 characters. ([72]Bug
       8909)
     * Filter doesn't support cflow ASN larger than 65535.
       ([73]Bug 8959)
     * Wireshark crashes when switching from a v1.11.0 profile to
       a v1.4.6 prof and then to a v1.5.1 prof. ([74]Bug 8884)
     * SIP stats shows incorrect values for Max/Ave setup times.
       ([75]Bug 8897)
     * NFSv4 delegation not reported correctly. ([76]Bug 8920)
     * Issue with Capture Options Adapter List. ([77]Bug 8932)
     * RFC 5844 - IPv4 Support for Proxy Mobile IPv6 - Mobility
       option IPv4 DHCP Support Mode Option malformed packet.
       ([78]Bug 8957)
     * RFC 3775 - Mobility Support in IPv6 - Mobility option PadN
       incorrectly highlights + 2 bytes. ([79]Bug 8958)
     * All mongodb query show as [Malformed Packet: MONGO].
       ([80]Bug 8960)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ANSI IS-637-A, ASN.1, ASN.1 PER, Bluetooth OBEX, Bluetooth SDB,
   DCERPC NDR, DCOM ISystemActivator, DCP ETSI, Diameter 3GPP,
   DIS, DVB-CI, Ethernet, GSM Common, GSM SMS, H.235, IEC104, IEEE
   802.15.4, IEEE 802a, IMAP, IP, KDSP, LISP, LLRP, MAC-LTE,,
   Mobile IPv6, MONGO, MPLS Echo, Netflow, NFS, NFSv4, P1,
   PDCP-LTE, PN-IO, PN-RT, PPP, Radiotap, RLC,, RLC-LTE,, SCSI,
   SIP, SMTP, SoulSeek, TCP, TETRA, and VNC

  New and Updated Capture File Support

   and Microsoft Network Monitor, pcap-ng.
     __________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available
   from [81]http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark
   packages. You can usually install or upgrade Wireshark using
   the package management system specific to that platform. A list
   of third-party packages can be found on the [82]download page
   on the Wireshark web site.
     __________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About->Folders to find the default locations on your system.
     __________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([83]Bug
   1419)

   The BER dissector might infinitely loop. ([84]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([85]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer
   works. ([86]Bug 2234)

   The 64-bit Windows installer does not support Kerberos
   decryption. ([87]Win64 development page)

   Application crash when changing real-time option. ([88]Bug
   4035)

   Hex pane display issue after startup. ([89]Bug 4056)

   Packet list rows are oversized. ([90]Bug 4357)

   Summary pane selected frame highlighting not maintained.
   ([91]Bug 4445)

   Wireshark and TShark will display incorrect delta times in some
   cases. ([92]Bug 4985)
     __________________________________________________________

Getting Help

   Community support is available on [93]Wireshark's Q&A site and
   on the wireshark-users mailing list. Subscription information
   and archives for all of Wireshark's mailing lists can be found
   on [94]the web site.

   Official Wireshark training and certification are available
   from [95]Wireshark University.
     __________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [96]Wireshark web site.
     __________________________________________________________

   Last updated 2013-07-26 10:29:26 PDT

References

   1. https://www.wireshark.org/security/wnpa-sec-2013-41
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4083
   4. https://www.wireshark.org/security/wnpa-sec-2013-42
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8826
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4920
   7. https://www.wireshark.org/security/wnpa-sec-2013-43
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8830
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4921
  10. https://www.wireshark.org/security/wnpa-sec-2013-44
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828
  12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4922
  13. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4923
  14. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4924
  15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4925
  16. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4926
  17. https://www.wireshark.org/security/wnpa-sec-2013-45
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8831
  19. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4927
  20. https://www.wireshark.org/security/wnpa-sec-2013-46
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8875
  22. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4928
  23. https://www.wireshark.org/security/wnpa-sec-2013-47
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8911
  25. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4929
  26. https://www.wireshark.org/security/wnpa-sec-2013-48
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8916
  28. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4930
  29. https://www.wireshark.org/security/wnpa-sec-2013-49
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8923
  31. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4931
  32. https://www.wireshark.org/security/wnpa-sec-2013-50
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8940
  34. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4932
  35. https://www.wireshark.org/security/wnpa-sec-2013-51
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8742
  37. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4933
  38. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4934
  39. https://www.wireshark.org/security/wnpa-sec-2013-52
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8722
  41. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4935
  42. https://www.wireshark.org/security/wnpa-sec-2013-53
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8904
  44. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4936
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3034
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4507
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5734
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6090
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8160
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8708
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8736
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8763
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8773
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8774
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8782
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8793
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8809
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8813
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8823
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8835
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8849
  63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8851
  64. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8852
  65. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8853
  66. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8857
  67. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8864
  68. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8888
  69. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8889
  70. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8906
  71. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8908
  72. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8909
  73. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8959
  74. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8884
  75. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8897
  76. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8920
  77. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8932
  78. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8957
  79. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8958
  80. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8960
  81. http://www.wireshark.org/download.html
  82. http://www.wireshark.org/download.html#thirdparty
  83. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  84. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  85. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  86. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  87. https://wiki.wireshark.org/Development/Win64
  88. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  89. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  90. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  91. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
  92. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  93. http://ask.wireshark.org/
  94. http://www.wireshark.org/lists/
  95. http://www.wiresharktraining.com/
  96. http://www.wireshark.org/faq.html


Digests

wireshark-1.10.1.tar.bz2: 26815901 bytes
MD5(wireshark-1.10.1.tar.bz2)=d8915cf7555e2bbb699020a8736631e7
SHA1(wireshark-1.10.1.tar.bz2)=7763c864c1e3a3b4e6b6947631392b35fefe4187
RIPEMD160(wireshark-1.10.1.tar.bz2)=669463f185fa8b9af4f18aaa1f7d426355ab5596

Wireshark-win64-1.10.1.exe: 28133528 bytes
MD5(Wireshark-win64-1.10.1.exe)=9a41338186422d7b8c62180c3c0551ef
SHA1(Wireshark-win64-1.10.1.exe)=53d6ae9712ef9082fa265044bf25a538194904f3
RIPEMD160(Wireshark-win64-1.10.1.exe)=45ab28cfbea276e53bc2cd6c5aff609fc2ef9e86

Wireshark-win32-1.10.1.exe: 22244496 bytes
MD5(Wireshark-win32-1.10.1.exe)=fd3974dfd6a0ddae946083f6b78d9228
SHA1(Wireshark-win32-1.10.1.exe)=b207dc15e1a3fe3a45fcad4975cd17f167220692
RIPEMD160(Wireshark-win32-1.10.1.exe)=e8cb591783a50838af55d56e7d332be5b653d09c

Wireshark-1.10.1.u3p: 30784803 bytes
MD5(Wireshark-1.10.1.u3p)=9c5ecdccbc03abec50bd98c833f5f781
SHA1(Wireshark-1.10.1.u3p)=ad130d47a990eb2b02387b8394bf8c648203333f
RIPEMD160(Wireshark-1.10.1.u3p)=e041863356a65c2521b337d7454acb2e7629a975

WiresharkPortable-1.10.1.paf.exe: 23602416 bytes
MD5(WiresharkPortable-1.10.1.paf.exe)=3f7396d146988dac1a7295c1d8ed9924
SHA1(WiresharkPortable-1.10.1.paf.exe)=8e323629a1405888b5e2b48d9803d64ce23e4d74
RIPEMD160(WiresharkPortable-1.10.1.paf.exe)=639f940b9a55d0ae812fbc0143a6daf69874eb7f

Wireshark 1.10.1 Intel 32.dmg: 19827212 bytes
MD5(Wireshark 1.10.1 Intel 32.dmg)=95019d12ced337784a0aacd8c54552c7
SHA1(Wireshark 1.10.1 Intel
32.dmg)=4006dcfd92cd68f0629f971f120e199c5d3c31a5
RIPEMD160(Wireshark 1.10.1 Intel
32.dmg)=d41f5477c80cc062cc3b430d85179635e2ebfc70

Wireshark 1.10.1 Intel 64.dmg: 24231730 bytes
MD5(Wireshark 1.10.1 Intel 64.dmg)=64d89d94c27aba81064019bc35250ca1
SHA1(Wireshark 1.10.1 Intel
64.dmg)=428f974cc5c71cced647d42a1d7997ba5cb49c3a
RIPEMD160(Wireshark 1.10.1 Intel
64.dmg)=fd0c84396ba517360da8ce12bea8affee94992f7

patch-wireshark-1.10.0-to-1.10.1.bz2: 782998 bytes
MD5(patch-wireshark-1.10.0-to-1.10.1.bz2)=24bc56199db5ce17c3f46c4977c9d334
SHA1(patch-wireshark-1.10.0-to-1.10.1.bz2)=70f2a181a2168895befb773004909e2d3cdbe37a
RIPEMD160(patch-wireshark-1.10.0-to-1.10.1.bz2)=d068e9717d59b514db755f891924b8e3806c59cc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlHy8EcACgkQpw8IXSHylJo07wCg2Ziw7YGxIX5ZAQC40UmFf90X
DKMAniAA8ID+3yHaejMTg5PFfhKhKnZ0
=T8KE
-----END PGP SIGNATURE-----