Wireshark-dev: [Wireshark-dev] Wireshark 2.6.4 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Thu, 11 Oct 2018 15:52:16 -0700
I'm proud to announce the release of Wireshark 2.6.4.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2018-47[1] MS-WSP dissector crash. Bug 15119[2].
       CVE-2018-18227[3].

     • wnpa-sec-2018-48[4] Steam IHS Discovery dissector memory leak.
       Bug 15171[5]. CVE-2018-18226[6].

     • wnpa-sec-2018-49[7] CoAP dissector crash. Bug 15172[8].
       CVE-2018-18225[9].

     • wnpa-sec-2018-50[10] OpcUA dissector crash. CVE-2018-12086[11].

   The following bugs have been fixed:

     • HTTP2 dissector decodes first SSL record only. Bug 11173[12].

     • Undocumented sub-option for -N option in man page and tshark -N
       help. Bug 14826[13].

     • Mishandling of Port Control Protocol option padding. Bug
       14950[14].

     • MGCP: parameter lines are case-insensitive. Bug 15008[15].

     • Details of 2nd sub-VSA in bundled RADIUS VSA are incorrect. Bug
       15073[16].

     • Heuristic DPLAY dissector fails to recognize DPLAY packets. Bug
       15092[17].

     • gsm_rlcmac_dl dissector exception. Bug 15112[18].

     • dfilter_buttons file under user-created profile. Bug 15114[19].

     • Filter buttons disappear when using pre-2.6 profile. Bug
       15121[20].

     • PROFINET Information element AM_DeviceIdentification in Asset
       Management Info block is decoded wrongly. Bug 15140[21].

     • Hw dest addr column shows incorrect address. Bug 15144[22].

     • Windows dumpcap -i TCP@<ip-address> fails on pcapng stream. Bug
       15149[23].

     • Wildcard expansion doesn’t work on Windows 10 for command-line
       programs in cmd.exe or PowerShell. Bug 15151[24].

     • SSL Reassembly Error New fragment past old data limits. Bug
       15158[25].

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 PER, Bluetooth HCI_SCO, CoAP, DPLAY, IEEE 802.11, Kafka,
   Message Analyzer, MGCP, MS-WSP, Netmon, OpcUa, PCP, PNIO, RADIUS,
   Steam IHS Discovery, and TLS

  New and Updated Capture File Support

   There is no new or updated capture file support in this release.

   Ascend and pcapng

  New and Updated Capture Interfaces support

   There is no new or updated capture file support in this release.

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html[26].

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[27] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About→Folders to
  find the default locations on your system.

 Known Problems

  The BER dissector might infinitely loop. Bug 1516[28].

  Capture filters aren’t applied when capturing from named pipes. Bug
  1814[29].

  Filtering tshark captures with read filters (-R) no longer works. Bug
  2234[30].

  Application crash when changing real-time option. Bug 4035[31].

  Wireshark and TShark will display incorrect delta times in some cases.
  Bug 4985[32].

  Wireshark should let you work with multiple capture files. Bug
  10488[33].

 Getting Help

  Community support is available on Wireshark’s Q&A site[34] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[35].

  Official Wireshark training and certification are available from
  Wireshark University[36].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[37].

  Last updated 2018-10-11 22:38:57 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2018-47
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18227
   4. https://www.wireshark.org/security/wnpa-sec-2018-48
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171
   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18226
   7. https://www.wireshark.org/security/wnpa-sec-2018-49
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172
   9. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18225
  10. https://www.wireshark.org/security/wnpa-sec-2018-50
  11. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12086
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11173
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14826
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14950
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15008
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15073
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15092
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15112
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15114
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15121
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15140
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15144
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15149
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15151
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15158
  26. https://www.wireshark.org/download.html
  27. https://www.wireshark.org/download.html#thirdparty
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  34. https://ask.wireshark.org/
  35. https://www.wireshark.org/lists/
  36. http://www.wiresharktraining.com/
  37. https://www.wireshark.org/faq.html


Digests

wireshark-2.6.4.tar.xz: 28218232 bytes
SHA256(wireshark-2.6.4.tar.xz)=a06b007e6343f148b8b93443b2fcfc9bb3204311cd268565d54d1b71660bc861
RIPEMD160(wireshark-2.6.4.tar.xz)=719cab381d824672e0f5e4b1c7a20de8863b28a6
SHA1(wireshark-2.6.4.tar.xz)=89ef68c2696b6b424cc65bb63a1be085fe7bd776

Wireshark-win32-2.6.4.exe: 53791520 bytes
SHA256(Wireshark-win32-2.6.4.exe)=e2a75ec989c8c9c00cd197be7f137707fbc924899fdae2e50e5515b27e7d0ed5
RIPEMD160(Wireshark-win32-2.6.4.exe)=29f2145f3adbf6a3843ac8254e9f2f10f99f4a47
SHA1(Wireshark-win32-2.6.4.exe)=0e24a5436e8fd67718395955526ed33a33602671

Wireshark-win64-2.6.4.exe: 59534280 bytes
SHA256(Wireshark-win64-2.6.4.exe)=3ca543a311a9ec3f9b2045768ead78af3acd19f8fa447aae9885712c5f8aaddb
RIPEMD160(Wireshark-win64-2.6.4.exe)=046e6a80423124a3f108dabafb15c4569806cd3c
SHA1(Wireshark-win64-2.6.4.exe)=dc591ec27efbbd2c8380977b54ea3bb098c9d7ba

Wireshark-win32-2.6.4.msi: 43290624 bytes
SHA256(Wireshark-win32-2.6.4.msi)=20d280fc4b408f6a435e2dc79aefe0f37c82e0ccf46d83ad73eb946e024d5406
RIPEMD160(Wireshark-win32-2.6.4.msi)=454e9c321db9f580f58768da5cbee20df2058c85
SHA1(Wireshark-win32-2.6.4.msi)=0bbf4a9d9252b278377a36137c675fa3d0b84454

Wireshark-win64-2.6.4.msi: 48910336 bytes
SHA256(Wireshark-win64-2.6.4.msi)=ecfd6cd94b78312f7c195852d9cc0cb9d611795b566ccda7a9ada9579fd34007
RIPEMD160(Wireshark-win64-2.6.4.msi)=73a7ad4248ed93b3035b17d6aa0b3e128249f8b4
SHA1(Wireshark-win64-2.6.4.msi)=977725db376f9e81cc1bde7f7a307f87acdc2074

WiresharkPortable_2.6.4.paf.exe: 37024056 bytes
SHA256(WiresharkPortable_2.6.4.paf.exe)=68a7329733bc0a9ed6dd073bc25886863d7e22ab7cd75b2ae60899a044cad417
RIPEMD160(WiresharkPortable_2.6.4.paf.exe)=6f19d28957c53b65de397795e5f5c2496d23b6a1
SHA1(WiresharkPortable_2.6.4.paf.exe)=c79c09f4153d5eec24e985afac82021cbfc6a9a2

Wireshark 2.6.4 Intel 64.dmg: 168568106 bytes
SHA256(Wireshark 2.6.4 Intel
64.dmg)=3c347c3ffdbab2d7a358bb4a231e18ef730eb87175c80db7e2fd61b25e8a6d51
RIPEMD160(Wireshark 2.6.4 Intel
64.dmg)=226997747055fcaff89d430762f7c16d06cbcce4
SHA1(Wireshark 2.6.4 Intel 64.dmg)=cf32dcaf919b79b6d8cd35d22ca891d45540d787

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: signature.asc
Description: OpenPGP digital signature