Wireshark-dev: [Wireshark-dev] Wireshark 2.0.14 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Tue, 18 Jul 2017 11:30:32 -0700
I'm proud to announce the release of Wireshark 2.0.14.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2017-13
       WBMXL dissector infinite loop ([2]Bug 13477, [3]Bug 13796)
       [4]CVE-2017-7702, [5]CVE-2017-11410
       Note: This is an update for a fix in Wireshark 2.2.6 and 2.0.12.

     * [6]wnpa-sec-2017-28
       openSAFETY dissector memory exhaustion ([7]Bug 13649, [8]Bug 13755)
       [9]CVE-2017-9350, [10]CVE-2017-11411
       Note: This is an update for a fix in Wireshark 2.2.7.

     * [11]wnpa-sec-2017-34
       AMQP dissector crash. ([12]Bug 13780) [13]CVE-2017-11408
     * [14]wnpa-sec-2017-35
       MQ dissector crash. ([15]Bug 13792) [16]CVE-2017-11407
     * [17]wnpa-sec-2017-36
       DOCSIS infinite loop. ([18]Bug 13797) [19]CVE-2017-11406
     * [20]wnpa-sec-2017-37
       GPRS LLC large loop. ([21]Bug 13603) [22]CVE-2017-11409

   The following bugs have been fixed:
     * Regression in SCCP fragments handling. ([23]Bug 13651)
     * TCAP SRT incorrectly matches TC_BEGINs and TC_ENDs. ([24]Bug 13739)
     * Dissector for WSMP (IEEE 1609.3) not current. ([25]Bug 13766)
     * DAAP dissector dissect_daap_one_tag recursion stack exhausted.
       ([26]Bug 13799)
     * Malformed DCERPC PNIO packet decode, exception handler invalid
       pointer reference. ([27]Bug 13811)
     * It seems SPVID was decoded from wrong field. ([28]Bug 13821)
     * README.dissectors: Add notes about predefined string structures not
       available to plugin authors. ([29]Bug 13828)
     * cmake/modules/FindZLIB.cmake doesn't find inflatePrime. ([30]Bug
       13850)
     * [oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type
       int in packet-btrfcomm.c:314:37. ([31]Bug 13783)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   AMQP, BSSMAP, BT RFCOMM, DAAP, DOCSIS, GPRS LLC, ISIS LSP, MQ,
   OpenSafety, OSPF, PROFINET IO, SCCP, TCAP, TCP, UMTS FP, UMTS RLC,
   WBMXL, and WSMP

  New and Updated Capture File Support

   pcap

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [32]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [33]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([34]Bug 1419)

   The BER dissector might infinitely loop. ([35]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([36]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([37]Bug 2234)

   Application crash when changing real-time option. ([38]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([39]Bug 4985)

   Wireshark should let you work with multiple capture files. ([40]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([41]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [42]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [43]the web site.

   Official Wireshark training and certification are available from
   [44]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [45]Wireshark web site.
     __________________________________________________________________

   Last updated 2017-07-18 18:13:15 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2017-13.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13477
   3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13796
   4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7702
   5. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11410
   6. https://www.wireshark.org/security/wnpa-sec-2017-28.html
   7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13755
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9350
  10. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11411
  11. https://www.wireshark.org/security/wnpa-sec-2017-34.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
  13. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11408
  14. https://www.wireshark.org/security/wnpa-sec-2017-35.html
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13792
  16. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11407
  17. https://www.wireshark.org/security/wnpa-sec-2017-36.html
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13797
  19. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11406
  20. https://www.wireshark.org/security/wnpa-sec-2017-37.html
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603
  22. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11409
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13651
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13739
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13766
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13821
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13828
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13850
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13783
  32. https://www.wireshark.org/download.html
  33. https://www.wireshark.org/download.html#thirdparty
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
  42. https://ask.wireshark.org/
  43. https://www.wireshark.org/lists/
  44. http://www.wiresharktraining.com/
  45. https://www.wireshark.org/faq.html


Digests

wireshark-2.0.14.tar.bz2: 31340436 bytes
SHA256(wireshark-2.0.14.tar.bz2)=88d8712ebbc4bc53125071a54649c5b3b85b38845621a35ab9cc2c8b4a4f5b41
RIPEMD160(wireshark-2.0.14.tar.bz2)=145c091b134a5047cab5c18a64579565a3ee3c97
SHA1(wireshark-2.0.14.tar.bz2)=0927b5b9b703cc5f6eb3738a23c638791c33f0f6
MD5(wireshark-2.0.14.tar.bz2)=b52e27737b16034b7a216d74a4e8fc4b

Wireshark-win32-2.0.14.exe: 44183984 bytes
SHA256(Wireshark-win32-2.0.14.exe)=5eef34d278402606b7bd7cadb00f17f96d5e351f3f0e5e09397eed08b1fff927
RIPEMD160(Wireshark-win32-2.0.14.exe)=332fd11e76c45b9d1289e590150985eceb3afa1e
SHA1(Wireshark-win32-2.0.14.exe)=6b5df406bb058ab733e30a4b6a83610832ac9c5b
MD5(Wireshark-win32-2.0.14.exe)=fa69dba1c42edcccbde0ffdda86985c1

Wireshark-win64-2.0.14.exe: 47813416 bytes
SHA256(Wireshark-win64-2.0.14.exe)=598fe83142d8061220d5907c26fc7932e1828a9ad65d15f0e20b1ffe9ba208b5
RIPEMD160(Wireshark-win64-2.0.14.exe)=23d92ef479cba94285e8e6f939d7110ae2de1fea
SHA1(Wireshark-win64-2.0.14.exe)=4d5913de2de2cb4def79cb1e8439e268d6347e1f
MD5(Wireshark-win64-2.0.14.exe)=f9364f53f845a344ae7881b8d72b3256

WiresharkPortable_2.0.14.paf.exe: 43873416 bytes
SHA256(WiresharkPortable_2.0.14.paf.exe)=528a0b43a496cc185cfcca4954b3c3621be75e76e384b97d5d27ccbc87be378c
RIPEMD160(WiresharkPortable_2.0.14.paf.exe)=0ebd8557100620552154c00fe65210a56952973b
SHA1(WiresharkPortable_2.0.14.paf.exe)=0af0d31d4520ef5a3fcc40d59e9d7f99715fda3e
MD5(WiresharkPortable_2.0.14.paf.exe)=a08e130519eae80649be15887580bde1

Wireshark 2.0.14 Intel 64.dmg: 32360010 bytes
SHA256(Wireshark 2.0.14 Intel
64.dmg)=e6a0b2a8dc4748337cb486f9574e076135658d12331ee8ad17c07ed74c3be19f
RIPEMD160(Wireshark 2.0.14 Intel
64.dmg)=173fd4fcce019b245b22bdb58145d9d546c453dc
SHA1(Wireshark 2.0.14 Intel 64.dmg)=6e81b725e11059977cd4c0a6ce913b650481d10a
MD5(Wireshark 2.0.14 Intel 64.dmg)=ea621648d4473a572ada36470a6b30aa

Wireshark 2.0.14 Intel 32.dmg: 32538115 bytes
SHA256(Wireshark 2.0.14 Intel
32.dmg)=b57865d71f20821e61fe8ffc3c2a685be5bfe90b84f623d312110358d02fac9b
RIPEMD160(Wireshark 2.0.14 Intel
32.dmg)=2f1005a83708f0deefec64938f2b828c77949d0f
SHA1(Wireshark 2.0.14 Intel 32.dmg)=f57f5235b949ffdaac2f941f9582d8bc081f64aa
MD5(Wireshark 2.0.14 Intel 32.dmg)=de0425d06c73357784501f796b2a341a

Attachment: signature.asc
Description: OpenPGP digital signature