Wireshark-announce: [Wireshark-announce] Wireshark 3.3.1 is now available
Date Prev · Date Next · Thread Prev · Thread Next
From: Wireshark announcements <wireshark-announce@xxxxxxxxxxxxx>
Date: Thu, 1 Oct 2020 12:15:41 -0700
I'm proud to announce the release of Wireshark 3.3.1.


 This is an experimental release intended to test new features for
 Wireshark 3.4.

 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  Many improvements have been made. See the “New and Updated Features”
  section below for more details.

  New and Updated Features

   The following features are new (or have been significantly updated)
   since version 3.3.0:

     • The Windows installers now ship with Npcap 1.00. They previously
       shipped with Npcap 0.9997.

     • The Windows installers now ship with Qt 5.15.1. They previously
       shipped with Qt 5.12.8.

   The following features are new (or have been significantly updated)
   since version 3.2.0:

     • Windows executables and installers are now signed using SHA-2
       only[1].

     • Save RTP stream to .au supports any codec with 8000 Hz rate
       supported by Wireshark (shown in RTP player). If save of audio is
       not possible (unsupported codec or rate), silence of same length
       is saved and warning is shown.

     • Asynchronous DNS resolution is always enabled. As a result, the
       c-ares library is now a required dependency.

     • Protobuf fields can be dissected as Wireshark (header) fields
       that allows user input the full names of Protobuf fields or
       messages in Filter toolbar for searching.

     • Dissectors based on Protobuf can register themselves to a new
       'protobuf_field' dissector table, which is keyed with the full
       names of fields, for further parsing fields of BYTES or STRING
       type.

     • Wireshark is able to decode, play, and save iLBC payload on
       platforms where the iLBC library[2] is available.

     • “Decode As” entries can now be copied from other profiles using a
       button in the dialog.

     • sshdump can now be copied to multiple instances. Each instance
       will show up a different interface and will have its own profile.

     • The main window now supports a packet diagram view, which shows
       each packet as a textbook-style diagram.

     • Filter buttons (“Preferences → Filter Buttons”) can be grouped by
       using “//” as a path separator in the filter button label.

  New Protocol Support

   Arinc 615A (A615A), Asphodel Protocol, AudioCodes Debug Recording
   (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol
   (MCP), Community ID Flow Hashing (CommunityID), DCE/RPC
   IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange
   Protocol (DLEP), EAP Generalized Pre-Shared Key (EAP-GPSK), EAP
   Password Authenticated Exchange (EAP-PAX), EAP Pre-Shared Key
   (EAP-PSK), EAP Shared-secret Authentication and Key Establishment
   (EAP-SAKE), Fortinet Single Sign-on (FSSO), FTDI Multi-Protocol
   Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol
   Version 3 (HTTP3), ILDA Digital Network (IDN), ILDA Digital Network
   (IDN), Java Debug Wire Protocol (JDWP), LBM Stateful Resolution
   Service (LBMSRS), Lithionics Battery Management, OBSAI UDP-based
   Communication Protocol (UDPCP), Palo Alto Heartbeat Backup
   (PA-HB-Bak), ScyllaDB RPC, Technically Enhanced Capture Module
   Protocol (TECMP), Tunnel Extensible Authentication Protocol (TEAP),
   UDP based FTP w/ multicast V5 (UFTP5), and USB Printer (USBPRINTER)

  Updated Protocol Support

   Too many protocols have been updated to list here.

  New and Updated Capture File Support

   MP4 (ISO/IEC 14496-12)

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[3] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About → Folders
  to find the default locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’sQ&A site[4] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[5].

  Bugs and feature requests can be reported on the issue tracker[6].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[7].

  Last updated 2020-10-01 17:05:15 UTC

 References

   1. https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-s
  igning-support-requirement-for-windows-and-wsus
   2. https://github.com/TimothyGu/libilbc
   3. https://www.wireshark.org/download.html#thirdparty
   4. https://ask.wireshark.org/
   5. https://www.wireshark.org/lists/
   6. https://gitlab.com/wireshark/wireshark/-/issues
   7. https://www.wireshark.org/faq.html


Digests

wireshark-3.3.1.tar.xz: 32876876 bytes
SHA256(wireshark-3.3.1.tar.xz)=5c1ea231bb105391685e6c5989f95d4ee3d77032a6285f2bc2c7c6ba9cb7d070
RIPEMD160(wireshark-3.3.1.tar.xz)=77eb8335b37036236a4ca4cb40cf27bb5549aefa
SHA1(wireshark-3.3.1.tar.xz)=e9e9f20b8aabc4a73b7501e8a14e3c2148adca51

Wireshark-win64-3.3.1.exe: 61756616 bytes
SHA256(Wireshark-win64-3.3.1.exe)=28f5fe73488e7267757567e3ca969c257038f717f9516ff32215c104f92ba9f1
RIPEMD160(Wireshark-win64-3.3.1.exe)=ea3b8ceea6e7635f843da85b4e88178b3ee56e70
SHA1(Wireshark-win64-3.3.1.exe)=9a9873b04161144cc6146362c62fe0ecce43cfd2

Wireshark-win32-3.3.1.exe: 56822936 bytes
SHA256(Wireshark-win32-3.3.1.exe)=e1c7cef1086d383a07432c39694ea35b5d19bb5906b851af3eff6ae96d16bedf
RIPEMD160(Wireshark-win32-3.3.1.exe)=d7ecbda43b297ed3af815d34d3a436dbcf9c41ec
SHA1(Wireshark-win32-3.3.1.exe)=fc5f9a2b01fe3d138302a779cafed95d502e3f07

Wireshark-win32-3.3.1.msi: 44490752 bytes
SHA256(Wireshark-win32-3.3.1.msi)=a3ee29f828cc61e086342c4304b4fc25423e342ed626a2b3fbd70cbb4c56273b
RIPEMD160(Wireshark-win32-3.3.1.msi)=5df1f8bfd7bbc1b8481b4b1b2be58f5d24369cca
SHA1(Wireshark-win32-3.3.1.msi)=55cdb100c45ad20a5b9d9d38fdda1562d02504b5

Wireshark-win64-3.3.1.msi: 49545216 bytes
SHA256(Wireshark-win64-3.3.1.msi)=63d31cee2c325e7c0ce86f678039ec1f9d2d242990b5345dc93a138a00f93093
RIPEMD160(Wireshark-win64-3.3.1.msi)=02654a96c61e791a16349fc50bbf9212f7330553
SHA1(Wireshark-win64-3.3.1.msi)=9af8252a728adb0f74c48956e576811285d82642

WiresharkPortable_3.3.1.paf.exe: 114612584 bytes
SHA256(WiresharkPortable_3.3.1.paf.exe)=5104082549ae75e31c13cfda93375207d3ee670c1030206a275d5eade247776a
RIPEMD160(WiresharkPortable_3.3.1.paf.exe)=d718465921e67ece24eb2e50a4dd79ddd3a975ee
SHA1(WiresharkPortable_3.3.1.paf.exe)=1713e3ed22e83f1b8c859784427c4de27c0a3b87

Wireshark 3.3.1 Intel 64.dmg: 127337935 bytes
SHA256(Wireshark 3.3.1 Intel 64.dmg)=210a0749598c2e462237e12c273987e5a52294bc387cd51f6c0b4aebf9842bbf
RIPEMD160(Wireshark 3.3.1 Intel 64.dmg)=f3053fcf8c53d2e3c3b85f0b8ef9691b27052b55
SHA1(Wireshark 3.3.1 Intel 64.dmg)=09a989c87ecd4eb9307f834a6fb24360a77c70e3

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: signature.asc
Description: OpenPGP digital signature