Wireshark-users: [Wireshark-users] Wireshark 3.4.0 is now available
Date Prev · Date Next · Thread Prev · Thread Next
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Thu, 29 Oct 2020 14:01:52 -0700
I'm proud to announce the release of Wireshark 3.4.0.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  Many improvements have been made. See the “New and Updated Features”
  section below for more details.

  New and Updated Features

   The following features are new (or have been significantly updated)
   since version 3.4.0rc1:

     • Nothing of note.

   The following features are new (or have been significantly updated)
   since version 3.3.1:

     • The Protobuf fields defined as google.protobuf.Timestamp type of
       Protobuf standard library can now be dissected as Wireshark
       fields of absolute time type.

   The following features are new (or have been significantly updated)
   since version 3.3.0:

     • The Windows installers now ship with Npcap 1.00. They previously
       shipped with Npcap 0.9997.

     • The Windows installers now ship with Qt 5.15.1. They previously
       shipped with Qt 5.12.8.

   The following features are new (or have been significantly updated)
   since version 3.2.0:

     • Windows executables and installers are now signed using SHA-2
       only[1].

     • Save RTP stream to .au supports any codec with 8000 Hz rate
       supported by Wireshark (shown in RTP player). If save of audio is
       not possible (unsupported codec or rate), silence of same length
       is saved and warning is shown.

     • Asynchronous DNS resolution is always enabled. As a result, the
       c-ares library is now a required dependency.

     • Protobuf fields can be dissected as Wireshark (header) fields
       that allows user input the full names of Protobuf fields or
       messages in Filter toolbar for searching.

     • Dissectors based on Protobuf can register themselves to a new
       'protobuf_field' dissector table, which is keyed with the full
       names of fields, for further parsing fields of BYTES or STRING
       type.

     • Wireshark is able to decode, play, and save iLBC payload on
       platforms where the iLBC library[2] is available.

     • Wireshark is able to decode, play, and save opus payload on
       platforms where the opus library[3] is available.

     • “Decode As” entries can now be copied from other profiles using a
       button in the dialog.

     • sshdump can now be copied to multiple instances. Each instance
       will show up a different interface and will have its own profile.

     • The main window now supports a packet diagram view, which shows
       each packet as a textbook-style diagram.

     • Filter buttons (“Preferences → Filter Buttons”) can be grouped by
       using “//” as a path separator in the filter button label.

     • IPP Over USB packets can now be dissected and displayed

  New Protocol Support

   Arinc 615A (A615A), Asphodel Protocol, AudioCodes Debug Recording
   (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol
   (MCP), Community ID Flow Hashing (CommunityID), DCE/RPC
   IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange
   Protocol (DLEP), EAP Generalized Pre-Shared Key (EAP-GPSK), EAP
   Password Authenticated Exchange (EAP-PAX), EAP Pre-Shared Key
   (EAP-PSK), EAP Shared-secret Authentication and Key Establishment
   (EAP-SAKE), Fortinet Single Sign-on (FSSO), FTDI Multi-Protocol
   Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol
   Version 3 (HTTP3), ILDA Digital Network (IDN), Java Debug Wire
   Protocol (JDWP), LBM Stateful Resolution Service (LBMSRS), Lithionics
   Battery Management, OBSAI UDP-based Communication Protocol (UDPCP),
   Palo Alto Heartbeat Backup (PA-HB-Bak), ScyllaDB RPC, Technically
   Enhanced Capture Module Protocol (TECMP), Tunnel Extensible
   Authentication Protocol (TEAP), UDP based FTP w/ multicast V5
   (UFTP5), and USB Printer (USBPRINTER)

  Updated Protocol Support

   Too many protocols have been updated to list here.

  New and Updated Capture File Support

   MP4 (ISO/IEC 14496-12)

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[4] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About → Folders
  to find the default locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’sQ&A site[5] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[6].

  Issues and feature requests can be reported on the issue tracker[7].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[8].

  Last updated 2020-10-29 19:22:48 UTC

 References

   1. https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-s
  igning-support-requirement-for-windows-and-wsus
   2. https://github.com/TimothyGu/libilbc
   3. https://opus-codec.org/
   4. https://www.wireshark.org/download.html#thirdparty
   5. https://ask.wireshark.org/
   6. https://www.wireshark.org/lists/
   7. https://gitlab.com/wireshark/wireshark/-/issues
   8. https://www.wireshark.org/faq.html


Digests

wireshark-3.4.0.tar.xz: 32502760 bytes
SHA256(wireshark-3.4.0.tar.xz)=67e4ebbd9153fc589fd67dc21b93176674c73adc3d5a43934c3ac69d8594a8ae
RIPEMD160(wireshark-3.4.0.tar.xz)=cd79a56fdc433109b104ffacd43ba2825999c864
SHA1(wireshark-3.4.0.tar.xz)=6fdf4f394c287f1e21b48c5293ec1a6e6b627996

Wireshark-win64-3.4.0.exe: 61372520 bytes
SHA256(Wireshark-win64-3.4.0.exe)=32113e083409de888468e0bfe74ba98e6d618f9685a56a06f15b0506fdf4e462
RIPEMD160(Wireshark-win64-3.4.0.exe)=d5bc42e6cda6c0b48d01b1f67cfbed991abf4a35
SHA1(Wireshark-win64-3.4.0.exe)=e2dd1f2364d58f93fd44f7330a3068d5bed00154

Wireshark-win32-3.4.0.exe: 56426880 bytes
SHA256(Wireshark-win32-3.4.0.exe)=638d59e9bebe7289ebee6e493051304ccc5bc22f8f4d9800ff8bdb9966c52ed8
RIPEMD160(Wireshark-win32-3.4.0.exe)=1eff0cf458742f6e5fd9913c57e62203b492ce95
SHA1(Wireshark-win32-3.4.0.exe)=1cca54b2066e93416497cafea308c454853fe555

Wireshark-win64-3.4.0.msi: 49704960 bytes
SHA256(Wireshark-win64-3.4.0.msi)=a3ab64f0fe2c8d5579ad227b70425bfe55002fca115cd9ae85f4f3962a12e46d
RIPEMD160(Wireshark-win64-3.4.0.msi)=e587a670c7b33dedb8274347d6203170971b30d2
SHA1(Wireshark-win64-3.4.0.msi)=e7d6b5405a71e4e6e9db30934b4acbff37180409

Wireshark-win32-3.4.0.msi: 44670976 bytes
SHA256(Wireshark-win32-3.4.0.msi)=285b4b4062e01ad0ce44d7754b0d8edd344ee5a9afcfc39f56df1be5e04c47e9
RIPEMD160(Wireshark-win32-3.4.0.msi)=59c67a3fa6dc9548aebf3eb8960cb9b9af6e78d0
SHA1(Wireshark-win32-3.4.0.msi)=dec5938b8360f9e188bc4165809526cc147a4d08

WiresharkPortable_3.4.0.paf.exe: 114903832 bytes
SHA256(WiresharkPortable_3.4.0.paf.exe)=f63dcbc719e5b02eb57f8ca6abec1daa6ffb476dacf5a09a2c705a8e55b55129
RIPEMD160(WiresharkPortable_3.4.0.paf.exe)=a6f59c40f9117cf4904003fd8f7fe0bfcb48f47c
SHA1(WiresharkPortable_3.4.0.paf.exe)=75898c92549e361e728fa7a6874fc3d90c19f388

Wireshark 3.4.0 Intel 64.dmg: 127581931 bytes
SHA256(Wireshark 3.4.0 Intel 64.dmg)=b0a09d499de618de8f17a0456047dd3839b78c3a57e64b6caf5a55ae5c398d8a
RIPEMD160(Wireshark 3.4.0 Intel 64.dmg)=28e3f9ff139bb92949dabd069916fe6485d9ff47
SHA1(Wireshark 3.4.0 Intel 64.dmg)=5bd85ca4f1ba191378e018e25a608958955f9924

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: OpenPGP_0x82244A78E6FEAEEA_and_old_rev.asc
Description: application/pgp-keys

Attachment: OpenPGP_signature
Description: OpenPGP digital signature