Wireshark-dev: [Wireshark-dev] Wireshark 2.6.8 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Mon, 8 Apr 2019 13:24:03 -0700
I'm proud to announce the release of Wireshark 2.6.8.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2019-09[1] NetScaler file parser crash. Bug 15497[2].
       CVE-2019-10895[3].

     • wnpa-sec-2019-10[4] SRVLOC dissector crash. Bug 15546[5].
       CVE-2019-10899[6].

     • wnpa-sec-2019-14[7] GSS-API dissector crash. Bug 15613[8].
       CVE-2019-10894[9].

     • wnpa-sec-2019-15[10] DOF dissector crash. Bug 15617[11].
       CVE-2019-10896[12].

     • wnpa-sec-2019-17[13] LDSS dissector crash. Bug 15620[14].
       CVE-2019-10901[15].

     • wnpa-sec-2019-18[16] DCERPC SPOOLSS dissector crash. Bug
       15568[17]. CVE-2019-10903[18].

   The following bugs have been fixed:

     • Wireshark uninstaller fails to remove
       styles\qwindowsvistastyle.dll. Bug 15469[19].

     • Duplicated TCP SEQ field in ICMP packets. Bug 15533[20].

     • GSM-A-RR variable bitmap decoding may report ARFCNs > 1023. Bug
       15549[21].

     • Possible buffer overflow in function ssl_md_final for crafted SSL
       3.0 sessions. Bug 15599[22].

     • NFS/NLM: Wrong lock byte range in the "Info" column. Bug
       15608[23].

     • randpkt -r causes segfault when count > 1. Bug 15627[24].

     • Packets with metadata but no data get the Protocol Info column
       overwritten. Bug 15630[25].

     • Buildbot crash output: fuzz-2019-03-23-1789.pcap. Bug 15634[26].

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   DCERPC SPOOLSS, DHCP, DOF, GSM A RR, GSS-API, HL7, IEEE 802.15.4, ISO
   14443, LDSS, NLM, SRVLOC, TCP, and TLS

  New and Updated Capture File Support

   NetScaler and pcap

  New and Updated Capture Interfaces support

   There is no new or updated capture file support in this release.

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html[27].

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[28] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About→Folders to
  find the default locations on your system.

 Known Problems

  The BER dissector might infinitely loop. Bug 1516[29].

  Capture filters aren’t applied when capturing from named pipes. Bug
  1814[30].

  Filtering tshark captures with read filters (-R) no longer works. Bug
  2234[31].

  Application crash when changing real-time option. Bug 4035[32].

  Wireshark and TShark will display incorrect delta times in some cases.
  Bug 4985[33].

  Wireshark should let you work with multiple capture files. Bug
  10488[34].

 Getting Help

  Community support is available on Wireshark’s Q&A site[35] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[36].

  Official Wireshark training and certification are available from
  Wireshark University[37].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[38].

  Last updated 2019-04-08 18:43:16 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2019-09
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10895
   4. https://www.wireshark.org/security/wnpa-sec-2019-10
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15546
   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10899
   7. https://www.wireshark.org/security/wnpa-sec-2019-14
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15613
   9. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10894
  10. https://www.wireshark.org/security/wnpa-sec-2019-15
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15617
  12. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10896
  13. https://www.wireshark.org/security/wnpa-sec-2019-17
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15620
  15. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10901
  16. https://www.wireshark.org/security/wnpa-sec-2019-18
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15568
  18. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10903
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15469
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15533
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15549
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15599
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15608
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15627
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15630
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15634
  27. https://www.wireshark.org/download.html
  28. https://www.wireshark.org/download.html#thirdparty
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  35. https://ask.wireshark.org/
  36. https://www.wireshark.org/lists/
  37. http://www.wiresharktraining.com/
  38. https://www.wireshark.org/faq.html


Digests

wireshark-2.6.8.tar.xz: 28421408 bytes
SHA256(wireshark-2.6.8.tar.xz)=b3d7dd57b637353dde2743b6ae1d12e3516ad832443d171f50f5c40312dab506
RIPEMD160(wireshark-2.6.8.tar.xz)=7d8e5eee99c90d9f98cf386de00a8fa117f8d172
SHA1(wireshark-2.6.8.tar.xz)=e54e34806a3f4d825c62c1c49c0be1d2104c5c9a

Wireshark-win32-2.6.8.exe: 54311768 bytes
SHA256(Wireshark-win32-2.6.8.exe)=2ed875aab384f6eda814b855d96721f44cdebea97a55f39f17588c81ed4cc77e
RIPEMD160(Wireshark-win32-2.6.8.exe)=e680446b0cd7c6b9401d7f6656f8027ecb37c05f
SHA1(Wireshark-win32-2.6.8.exe)=304fb306d1eb002315d6f0373dc34370c8eae07b

Wireshark-win64-2.6.8.exe: 60041144 bytes
SHA256(Wireshark-win64-2.6.8.exe)=d48f9ec173333b3fa781b1b3614ee1104a7ad377653357bd299d9fda2bc99ace
RIPEMD160(Wireshark-win64-2.6.8.exe)=6cb1eff4ca729fb53d370ff02d58f09aef99adbe
SHA1(Wireshark-win64-2.6.8.exe)=1834ee502a38940cbd3368a1020917a6b7fa1dbe

Wireshark-win64-2.6.8.msi: 49405952 bytes
SHA256(Wireshark-win64-2.6.8.msi)=a53963d4bb8113384f7fd2f037bff3c8b30109121302ea2962efa14da591ec4e
RIPEMD160(Wireshark-win64-2.6.8.msi)=e5f46212a6c1d8f4589745df5fec27817c451e63
SHA1(Wireshark-win64-2.6.8.msi)=52d0f8fa50502cbaa73ca91e67a67ff20bddf7a0

Wireshark-win32-2.6.8.msi: 43765760 bytes
SHA256(Wireshark-win32-2.6.8.msi)=df564145643207f6ca32cdeb8934a7d8a8fffd2619cb1c7646a8f59d5dac76fd
RIPEMD160(Wireshark-win32-2.6.8.msi)=9a49fc0161c14855ae6f1064a26c9a918429abf7
SHA1(Wireshark-win32-2.6.8.msi)=78386c0592cd9779f2bd93c18f407f2781ce0ff2

WiresharkPortable_2.6.8.paf.exe: 37504008 bytes
SHA256(WiresharkPortable_2.6.8.paf.exe)=bb59ff3230a5060259bce0f25ecd8a288a4a4c57df1c45a87a7010f827d052c5
RIPEMD160(WiresharkPortable_2.6.8.paf.exe)=0e77b04a6450d2c60966946941ba353d620c4617
SHA1(WiresharkPortable_2.6.8.paf.exe)=cd4a654b9b849e2d0d174a42585ffca85d833d0e

Wireshark 2.6.8 Intel 64.dmg: 108166221 bytes
SHA256(Wireshark 2.6.8 Intel
64.dmg)=1c2cd79d062c79a62d27599cb892bae7daf7ff4979f1fbcab4cd211787c07dfe
RIPEMD160(Wireshark 2.6.8 Intel
64.dmg)=10fe6b5b8dee71fc981e982adebaffae3b6ce70b
SHA1(Wireshark 2.6.8 Intel 64.dmg)=55f5812be738a648e642573dfdb127e9efeb5c04

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: signature.asc
Description: OpenPGP digital signature