Wireshark-dev: [Wireshark-dev] Wireshark 2.2.13 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Fri, 23 Feb 2018 13:03:44 -0800
I'm proud to announce the release of Wireshark 2.2.13. __________________________________________________________________ What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. __________________________________________________________________ What's New Bug Fixes The following vulnerabilities have been fixed: * [1]wnpa-sec-2018-05 The IEEE 802.11 dissector could crash. [2]Bug 14442, [3]CVE-2018-7335 * [4]wnpa-sec-2018-06 Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors ([5]Bug 14444), along with the DICOM ([6]Bug 14411), DMP ([7]Bug 14408), LLTD ([8]Bug 14419), OpenFlow ([9]Bug 14420), RELOAD ([10]Bug 14445), RPCoRDMA ([11]Bug 14449), RPKI-Router ([12]Bug 14414), S7COMM ([13]Bug 14423), SCCP ([14]Bug 14413), Thread ([15]Bug 14428), Thrift ([16]Bug 14379), USB ([17]Bug 14421), and WCCP ([18]Bug 14412) dissectors were susceptible. * [19]wnpa-sec-2018-07 The UMTS MAC dissector could crash. [20]Bug 14339, [21]CVE-2018-7334 * [22]wnpa-sec-2018-09 The FCP dissector could crash. [23]Bug 14374, [24]CVE-2018-7336 * [25]wnpa-sec-2018-10 The SIGCOMP dissector could crash. [26]Bug 14398, [27]CVE-2018-7320 * [28]wnpa-sec-2018-11 The pcapng file parser could crash. [29]Bug 14403, [30]CVE-2018-7420 * [31]wnpa-sec-2018-12 The IPMI dissector could crash. [32]Bug 14409, [33]CVE-2018-7417 * [34]wnpa-sec-2018-13 The SIGCOMP dissector could crash. [35]Bug 14410, [36]CVE-2018-7418 * [37]wnpa-sec-2018-14 The NBAP disssector could crash. [38]Bug 14443, [39]CVE-2018-7419 The following bugs have been fixed: * Change placement of "double chevron" in Filter Toolbar to eliminate overlap. ([40]Bug 14121) * GET MAX LUN wLength decoded as big-endian - USB Mass Storage. ([41]Bug 14360) * Buildbot crash output: fuzz-2018-01-28-15874.pcap. ([42]Bug 14371) * [oss-fuzz] #6028 RPC_NETLOGON: Direct-leak in g_malloc (generate_hash_key). ([43]Bug 14407) New and Updated Features There are no new features in this release. New File Format Decoding Support There are no new file formats in this release. New Protocol Support There are no new protocols in this release. Updated Protocol Support ASN.1 BER, BOOTP/DHCP, DCE RPC NETLOGON, DICOM, DIS, DMP, DOCSIS, FCP, IAX2, IEEE 802.11, IPMI, LLTD, NBAP, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, SIGCOMP, Thread, Thrift, UMTS MAC, USB, USB Mass Storage, and WCCP New and Updated Capture File Support pcapng New and Updated Capture Interfaces support There are no new or updated capture interfaces supported in this release. Major API Changes There are no major API changes in this release. __________________________________________________________________ Getting Wireshark Wireshark source code and installation packages are available from [44]https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the [45]download page on the Wireshark web site. __________________________________________________________________ File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system. __________________________________________________________________ Known Problems Dumpcap might not quit if Wireshark or TShark crashes. ([46]Bug 1419) The BER dissector might infinitely loop. ([47]Bug 1516) Capture filters aren't applied when capturing from named pipes. ([48]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. ([49]Bug 2234) Application crash when changing real-time option. ([50]Bug 4035) Wireshark and TShark will display incorrect delta times in some cases. ([51]Bug 4985) Wireshark should let you work with multiple capture files. ([52]Bug 10488) __________________________________________________________________ Getting Help Community support is available on [53]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on [54]the web site. Official Wireshark training and certification are available from [55]Wireshark University. __________________________________________________________________ Frequently Asked Questions A complete FAQ is available on the [56]Wireshark web site. __________________________________________________________________ Last updated 2018-02-23 19:32:20 UTC References 1. https://www.wireshark.org/security/wnpa-sec-2018-05.html 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7335 4. https://www.wireshark.org/security/wnpa-sec-2018-06.html 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14411 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14445 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14379 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14412 19. https://www.wireshark.org/security/wnpa-sec-2018-07.html 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339 21. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7334 22. https://www.wireshark.org/security/wnpa-sec-2018-09.html 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374 24. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7336 25. https://www.wireshark.org/security/wnpa-sec-2018-10.html 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398 27. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7320 28. https://www.wireshark.org/security/wnpa-sec-2018-11.html 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403 30. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7420 31. https://www.wireshark.org/security/wnpa-sec-2018-12.html 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409 33. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7417 34. https://www.wireshark.org/security/wnpa-sec-2018-13.html 35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410 36. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7418 37. https://www.wireshark.org/security/wnpa-sec-2018-14.html 38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443 39. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7419 40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14121 41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14360 42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14371 43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14407 44. https://www.wireshark.org/download.html 45. https://www.wireshark.org/download.html#thirdparty 46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 53. https://ask.wireshark.org/ 54. https://www.wireshark.org/lists/ 55. http://www.wiresharktraining.com/ 56. https://www.wireshark.org/faq.html Digests wireshark-2.2.13.tar.bz2: 32420199 bytes SHA256(wireshark-2.2.13.tar.bz2)=be090fb0fee5f890b352d2317666d43ab055056faead5f802dc44f5d8bd1cd2b RIPEMD160(wireshark-2.2.13.tar.bz2)=83a910f43351ca25d941d27a1ecb445651f7c96d SHA1(wireshark-2.2.13.tar.bz2)=02556f82d9c4a0a9d4f183b662181fc81dc77a67 Wireshark-win64-2.2.13.exe: 56155984 bytes SHA256(Wireshark-win64-2.2.13.exe)=0d766eed8c8cf1ba65adbaba68fccc25d9ffbd86cf7fb300a04c56cd319354e4 RIPEMD160(Wireshark-win64-2.2.13.exe)=992b3127f923e6f60637bdbb6aec8ec16d14b117 SHA1(Wireshark-win64-2.2.13.exe)=9d30a543aa0f4495b96838d56914d8491dc22ec8 Wireshark-win32-2.2.13.exe: 44660056 bytes SHA256(Wireshark-win32-2.2.13.exe)=cb1f3e51487932a3a901f6fd5fb0b28c276cb1d1530c7df681db1835671b4951 RIPEMD160(Wireshark-win32-2.2.13.exe)=cc19fa35e890b0f8a6d29dd05911b997b06b922a SHA1(Wireshark-win32-2.2.13.exe)=1a43d038e6d1351dae876d23c6e03f3e600c5ed7 WiresharkPortable_2.2.13.paf.exe: 46292896 bytes SHA256(WiresharkPortable_2.2.13.paf.exe)=e7298850b99f913b887313c394fa222a1d691d269c4025281463ae508178c060 RIPEMD160(WiresharkPortable_2.2.13.paf.exe)=411678cdf9326cb994bcfba654f28ee8b27f202e SHA1(WiresharkPortable_2.2.13.paf.exe)=173bde10931b6f06f701e0dd5692a6c2e87752b3 Wireshark 2.2.13 Intel 64.dmg: 39971586 bytes SHA256(Wireshark 2.2.13 Intel 64.dmg)=17a8ee0b82f74539f131f4e137f1c2733c7e316e9760c7cbab28a3f2d566f43a RIPEMD160(Wireshark 2.2.13 Intel 64.dmg)=1a1681acc300e763282d8cf43ffb416fee10f0aa SHA1(Wireshark 2.2.13 Intel 64.dmg)=2411ac14dd75f6d3f1d58501be0fe1768953a180 You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz
Attachment:
signature.asc
Description: OpenPGP digital signature
- Prev by Date: [Wireshark-dev] Wireshark 2.4.5 is now available
- Next by Date: [Wireshark-dev] Why does Gerritt sometimes allow a merge but other times want a cherry-pick?
- Previous by thread: [Wireshark-dev] Wireshark 2.4.5 is now available
- Next by thread: [Wireshark-dev] Why does Gerritt sometimes allow a merge but other times want a cherry-pick?
- Index(es):