Wireshark-users: [Wireshark-users] Wireshark 2.0.4 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Tue, 7 Jun 2016 13:58:01 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I'm proud to announce the release of Wireshark 2.0.4.
__________________________________________________________________
What is Wireshark?
Wireshark is the world's most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
__________________________________________________________________
What's New
Bug Fixes
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-29
The SPOOLS dissector could go into an infinite loop. Discovered by
the CESG.
* [2]wnpa-sec-2016-30
The IEEE 802.11 dissector could crash. ([3]Bug 11585)
* [4]wnpa-sec-2016-31
The IEEE 802.11 dissector could crash. Discovered by Mateusz
Jurczyk. ([5]Bug 12175)
* [6]wnpa-sec-2016-32
The UMTS FP dissector could crash. ([7]Bug 12191)
* [8]wnpa-sec-2016-33
Some USB dissectors could crash. Discovered by Mateusz Jurczyk.
([9]Bug 12356)
* [10]wnpa-sec-2016-34
The Toshiba file parser could crash. Discovered by iDefense Labs.
([11]Bug 12394)
* [12]wnpa-sec-2016-35
The CoSine file parser could crash. Discovered by iDefense Labs.
([13]Bug 12395)
* [14]wnpa-sec-2016-36
The NetScreen file parser could crash. Discovered by iDefense Labs.
([15]Bug 12396)
* [16]wnpa-sec-2016-37
The Ethernet dissector could crash. ([17]Bug 12440)
The following bugs have been fixed:
* Saving pcap capture file with ERF encapsulation creates an invalid
pcap file. ([18]Bug 3606)
* Questionable calling of Ethernet dissector by encapsulating
protocol dissectors. ([19]Bug 9933)
* Wireshark 1.12.0 does not dissect HTTP correctly. ([20]Bug 10335)
* Don't copy details of hidden columns. ([21]Bug 11788)
* RTP audio player crashes. ([22]Bug 12166)
* Crash when saving RTP audio Telephony->RTP->RTP
Streams->Analyze->Save->Audio. ([23]Bug 12211)
* Edit - preferences - add column field not showing dropdown for
choices. ([24]Bug 12321)
* Using _ws.expert in a filter can cause a crash. ([25]Bug 12335)
* Crash in SCCP dissector UAT (Qt UI only). ([26]Bug 12364)
* J1939 frame without data = malformed packet ? ([27]Bug 12366)
* The stream number in tshark's "-z follow,tcp,<stream number>"
option is 0-origin rather than 1-origin. ([28]Bug 12383)
* IP Header Length display filter should show calculated value.
([29]Bug 12387)
* Multiple file radio buttons should be check boxes. ([30]Bug 12388)
* Wrong check for getaddrinfo and gethostbyname on Solaris 11.
([31]Bug 12391)
* ICMPv6 dissector doesn't respect actual packet length. ([32]Bug
12400)
* Format DIS header timestamp mm:ss.nnnnnn. ([33]Bug 12402)
* RTP Stream Analysis can no longer be sorted in 2.0.3. ([34]Bug
12405)
* RTP Stream Analysis fails to complete in 2.0.3 when packets are
sliced. ([35]Bug 12406)
* Network-Layer Name Resolution uses first 32-bits of IPv6 DNS
address as IPv4 address in some circumstances. ([36]Bug 12412)
* BACnet decoder incorrectly flags a valid APDU as a "Malformed
Packet". ([37]Bug 12422)
* Valid ISUP messages marked with warnings. ([38]Bug 12423)
* Profile command line switch "-C" not working in Qt interface.
([39]Bug 12425)
* MRCPv2: info column not showing info correctly. ([40]Bug 12426)
* Diameter: Experimental result code 5142. ([41]Bug 12428)
* Tshark crashes when analyzing RTP due to pointer being freed not
allocated. ([42]Bug 12430)
* NFS: missing information in getattr for supported exclusive create
attributes. ([43]Bug 12435)
* Ethernet type field with a value of 9100 is shown as "Unknown".
([44]Bug 12441)
* Documentation does not include support for Windows Server 2012 R2.
([45]Bug 12455)
* Column preferences ruined too easily. ([46]Bug 12465)
* SMB Open andX extended response decoded incorrectly. ([47]Bug
12472)
* SMB NtCreate andX with extended response sometimes incorrect.
([48]Bug 12473)
* Viewing NFSv3 Data, checking SRTs doesn't work. ([49]Bug 12478)
* Make wireshark with Qt enabled buildable on ARM. ([50]Bug 12483)
Windows installers and PortableApps® packages are dual signed using
SHA-1 and SHA-256 in order to comply with [51]Microsoft Authenticode
policy. Windows 7 and Windows Server 2008 R2 users should ensure that
[52]update 3123479 is installed. Windows Vista and Windows Server 2008
users should ensure that [53]hotfix 2763674 is installed.
New and Updated Features
There are no new features in this release.
New File Format Decoding Support
There are no new file formats in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AFS, ANSI IS-637 A, BACapp, BT BNEP, Cisco FabricPath MiM, CSN.1,
DCERPC SPOOLS, DIS, Ethernet, GSM A RR, ICMPv6, IEEE 802.11, IPv4,
ISUP, J1939, JXTA, LAPSat, LPADm, LTE-RRC, MRCPv2, NFS, OpenFlow,
SGsAP, SMB, STT, TZSP, UMTS FP, and USB
New and Updated Capture File Support
Aethra, Catapult DCT2000, CoSine, DBS Etherwatch, ERF, iSeries, Ixia
IxVeriWave, NetScreen, Toshiba, and VMS TCPIPtrace
New and Updated Capture Interfaces support
There are no new or updated capture interfaces supported in this
release.
__________________________________________________________________
Getting Wireshark
Wireshark source code and installation packages are available from
[54]https://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You
can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages can be
found on the [55]download page on the Wireshark web site.
__________________________________________________________________
File Locations
Wireshark and TShark look in several different locations for preference
files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
vary from platform to platform. You can use About->Folders to find the
default locations on your system.
__________________________________________________________________
Known Problems
Dumpcap might not quit if Wireshark or TShark crashes. ([56]Bug 1419)
The BER dissector might infinitely loop. ([57]Bug 1516)
Capture filters aren't applied when capturing from named pipes.
([58]Bug 1814)
Filtering tshark captures with read filters (-R) no longer works.
([59]Bug 2234)
Resolving ([60]Bug 9044) reopens ([61]Bug 3528) so that Wireshark no
longer automatically decodes gzip data when following a TCP stream.
Application crash when changing real-time option. ([62]Bug 4035)
Hex pane display issue after startup. ([63]Bug 4056)
Packet list rows are oversized. ([64]Bug 4357)
Wireshark and TShark will display incorrect delta times in some cases.
([65]Bug 4985)
The 64-bit version of Wireshark will leak memory on Windows when the
display depth is set to 16 bits ([66]Bug 9914)
Wireshark should let you work with multiple capture files. ([67]Bug
10488)
Dell Backup and Recovery (DBAR) makes many Windows applications crash,
including Wireshark. ([68]Bug 12036)
__________________________________________________________________
Getting Help
Community support is available on [69]Wireshark's Q&A site and on the
wireshark-users mailing list. Subscription information and archives for
all of Wireshark's mailing lists can be found on [70]the web site.
Official Wireshark training and certification are available from
[71]Wireshark University.
__________________________________________________________________
Frequently Asked Questions
A complete FAQ is available on the [72]Wireshark web site.
__________________________________________________________________
Last updated 2016-06-07 20:37:09 UTC
References
1. https://www.wireshark.org/security/wnpa-sec-2016-29.html
2. https://www.wireshark.org/security/wnpa-sec-2016-30.html
3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585
4. https://www.wireshark.org/security/wnpa-sec-2016-31.html
5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175
6. https://www.wireshark.org/security/wnpa-sec-2016-32.html
7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12191
8. https://www.wireshark.org/security/wnpa-sec-2016-33.html
9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356
10. https://www.wireshark.org/security/wnpa-sec-2016-34.html
11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12394
12. https://www.wireshark.org/security/wnpa-sec-2016-35.html
13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12395
14. https://www.wireshark.org/security/wnpa-sec-2016-36.html
15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12396
16. https://www.wireshark.org/security/wnpa-sec-2016-37.html
17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12440
18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3606
19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9933
20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10335
21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11788
22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12166
23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12211
24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12321
25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12335
26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12364
27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12366
28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12383
29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12387
30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12388
31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12391
32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12400
33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12402
34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12405
35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12406
36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12412
37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12422
38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12423
39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12425
40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12426
41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12428
42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12430
43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12435
44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12441
45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12455
46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12465
47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12472
48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12473
49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12478
50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12483
51.
http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx
52. https://support.microsoft.com/en-us/kb/3123479
53. https://support.microsoft.com/en-us/kb/2763674
54. https://www.wireshark.org/download.html
55. https://www.wireshark.org/download.html#thirdparty
56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
64. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
65. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
66. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9914
67. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
68. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
69. https://ask.wireshark.org/
70. https://www.wireshark.org/lists/
71. http://www.wiresharktraining.com/
72. https://www.wireshark.org/faq.html
Digests
wireshark-2.0.4.tar.bz2: 31121258 bytes
SHA256(wireshark-2.0.4.tar.bz2)=9ea9c82da9942194ebc8fc5c951a02e6d179afa7472cb6d96ca76154510de1a5
RIPEMD160(wireshark-2.0.4.tar.bz2)=c767f062c421e15cde8f1d83c8fcd7c2c2a138eb
SHA1(wireshark-2.0.4.tar.bz2)=9d76a28ba4f7566bef1aefbb2868e1ddcb93e999
MD5(wireshark-2.0.4.tar.bz2)=622928dc6cb31c227c672ec3ec697f28
Wireshark-win64-2.0.4.exe: 47578216 bytes
SHA256(Wireshark-win64-2.0.4.exe)=3306b9b52e251f0f989eb78a19b298eeced6ebab85e9e167aeaeb1453728bde9
RIPEMD160(Wireshark-win64-2.0.4.exe)=a52f51b9d84b745635aab2cf885e3f4f3b131628
SHA1(Wireshark-win64-2.0.4.exe)=13983ad5b244e9db8154888d5f25ad850deb8a6c
MD5(Wireshark-win64-2.0.4.exe)=7b686baf4404271132219a505c936a4a
Wireshark-win32-2.0.4.exe: 43987120 bytes
SHA256(Wireshark-win32-2.0.4.exe)=9f4b818affdb7cda21128d46774afc85e6bdd82e09597c84940bd1451df3d259
RIPEMD160(Wireshark-win32-2.0.4.exe)=a385411e6a1caf2acb306cfef5a7bfac6b2e8391
SHA1(Wireshark-win32-2.0.4.exe)=4cd730a25b58dc2f289a8d1ca5d684d8b81664d9
MD5(Wireshark-win32-2.0.4.exe)=cf652ea77d3cbf30d8d866f30215052d
WiresharkPortable_2.0.4.paf.exe: 43671848 bytes
SHA256(WiresharkPortable_2.0.4.paf.exe)=9586b49faf201643115769d3c72fb0c8ee6c7a791797ffa3570adbd5cbf4d6a9
RIPEMD160(WiresharkPortable_2.0.4.paf.exe)=14645af3d30dd69f2ee946136129f3404a94e22b
SHA1(WiresharkPortable_2.0.4.paf.exe)=046ddbae023c9691f00586cfe89184290e5fcc9e
MD5(WiresharkPortable_2.0.4.paf.exe)=ad5726e4e7450e7ddb3e0d293d32a21d
Wireshark 2.0.4 Intel 64.dmg: 31689834 bytes
SHA256(Wireshark 2.0.4 Intel
64.dmg)=b78531be77099f4d4b08a1a0fea6dbb777b739ee82255cc83f7de47137ef1627
RIPEMD160(Wireshark 2.0.4 Intel
64.dmg)=3079f32fcf95a99560b9d26d63d9a9d6ac758645
SHA1(Wireshark 2.0.4 Intel 64.dmg)=0f48d5dd644f56544a145a1195763e5ca22b9b8b
MD5(Wireshark 2.0.4 Intel 64.dmg)=3671126b80029b798f0270766cb3f687
Wireshark 2.0.4 Intel 32.dmg: 32415649 bytes
SHA256(Wireshark 2.0.4 Intel
32.dmg)=52dd39ab2c200d80a3eeeabd8d4c41a109815280f2c51db080c104b3075f4ecd
RIPEMD160(Wireshark 2.0.4 Intel
32.dmg)=db425b89d92ab0759eb4d6f626b8ba948d9565db
SHA1(Wireshark 2.0.4 Intel 32.dmg)=a75793af4e8fb7d0cd6196e5288f05a5eff10861
MD5(Wireshark 2.0.4 Intel 32.dmg)=880f31ca32bda60cb6459d0d87522275
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJXVzVZAAoJEIIkSnjm/q7qkPcP/0/NAKYJ6wjXjUcKc+j0jqc1
+KIpmrn80W5K8n8W1d9cglcrjp4N1sVywz7e3IYGA4+flLm9e2WK6byIJxLKb/fc
vDdCnrZ6o1DtgBGyyZRRXFPHnW1CNxyQomWUhMKPSHoSEWWT4C0bH0j0U5CoZ5jX
26Ap2WZPSQ+8Qq2pePwXLE9f3i6soQHi0G3moUI5uv1ZaLn8/5fyQ05f4MxzPU4n
ByJhuSAeI3miCQUkXyu1zlrl2kHEn8OZbttYn5/W6qI2OQYX+xIXKLuXjmJNEZUf
ACHQ6BTd1InGoh1Sl8pWD0fYRyqLfXO1W2elDl39i0sTcm/QaDJFuU4r0OhB+G/9
t1NJ5OVQsCH2wcX8O3McjEVLAQ3wYPR9BUtqkhkhRMQ0NQXPUguEFyM9ek4NUPYx
a/aayksmqm1xnlRTSZqvSDazEuaR93CwOLFF9v5qilPCmSxZj0g+EIVphCAVyTOi
BO0pBJUamAirh5pnDcXl9gLUTK5OBtO9u/GZ+uFzGlZI9eDNM3rlQEBMDj2ubi1m
aHg8jqhmL+5QcjeEH6jO874D4ZN5ybhplGNRQiM4F9Xfdfw895ARsr/w8ap2TaRp
kATrnfP9pFhyJnz3gOhSlpWJz+43yH15AWajSxpnGtN+drMv+bQ6Pb6h4+UzOFe+
V67BFtrDmDgpQYaJgG92
=+pkT
-----END PGP SIGNATURE-----
- Prev by Date: Re: [Wireshark-users] Window scaling
- Next by Date: [Wireshark-users] Wireshark 1.12.12 is now available
- Previous by thread: Re: [Wireshark-users] Wireshark, Ubuntu, and mystery UDP packets
- Next by thread: [Wireshark-users] Wireshark 1.12.12 is now available
- Index(es):