Wireshark-dev: [Wireshark-dev] Wireshark 2.4.14 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Mon, 8 Apr 2019 13:24:29 -0700
I'm proud to announce the release of Wireshark 2.4.14.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2019-09 NetScaler file parser crash. [2]Bug 15497.
       [3]CVE-2019-10895.
     * [4]wnpa-sec-2019-10 SRVLOC dissector crash. [5]Bug 15546.
       [6]CVE-2019-10899.
     * [7]wnpa-sec-2019-14 GSS-API dissector crash. [8]Bug 15613.
       [9]CVE-2019-10894.
     * [10]wnpa-sec-2019-15 DOF dissector crash. [11]Bug 15617.
       [12]CVE-2019-10896.
     * [13]wnpa-sec-2019-17 LDSS dissector crash. [14]Bug 15620.
       [15]CVE-2019-10901.
     * [16]wnpa-sec-2019-18 DCERPC SPOOLSS dissector crash. [17]Bug 15568.
       [18]CVE-2019-10903.

   The following bugs have been fixed:
     * GSM-A-RR variable bitmap decoding may report ARFCNs > 1023. [19]Bug
       15549.

     * Possible buffer overflow in function ssl_md_final for crafted SSL
       3.0 sessions. [20]Bug 15599.
     * randpkt -r causes segfault when count > 1. [21]Bug 15627.
     * Packets with metadata but no data get the Protocol Info column
       overwritten. [22]Bug 15630.

     * Buildbot crash output: fuzz-2019-03-23-1789.pcap. [23]Bug 15634.

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   DCERPC SPOOLSS, DOF, GSM A RR, GSS-API, HL7, IEEE 802.15.4, ISO 14443,
   LDSS, SRVLOC, and TLS

  New and Updated Capture File Support

   NetScaler, and pcap

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [24]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [25]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([26]Bug 1419)

   The BER dissector might infinitely loop. ([27]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([28]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([29]Bug 2234)

   Application crash when changing real-time option. ([30]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([31]Bug 4985)

   Wireshark should let you work with multiple capture files. ([32]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [33]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [34]the web site.

   Official Wireshark training and certification are available from
   [35]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [36]Wireshark web site.
     __________________________________________________________________

   Last updated 2019-04-08 18:44:49 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2019-09.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10895
   4. https://www.wireshark.org/security/wnpa-sec-2019-10.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15546
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10899
   7. https://www.wireshark.org/security/wnpa-sec-2019-14.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15613
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10894
  10. https://www.wireshark.org/security/wnpa-sec-2019-15.html
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15617
  12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10896
  13. https://www.wireshark.org/security/wnpa-sec-2019-17.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15620
  15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10901
  16. https://www.wireshark.org/security/wnpa-sec-2019-18.html
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15568
  18. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10903
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15549
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15599
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15627
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15630
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15634
  24. https://www.wireshark.org/download.html
  25. https://www.wireshark.org/download.html#thirdparty
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  33. https://ask.wireshark.org/
  34. https://www.wireshark.org/lists/
  35. http://www.wiresharktraining.com/
  36. https://www.wireshark.org/faq.html


Digests

wireshark-2.4.14.tar.xz: 29167308 bytes
SHA256(wireshark-2.4.14.tar.xz)=0e616f5d75888995e608878e1bb8b753c80608385336c0d492a776c2af11b09b
RIPEMD160(wireshark-2.4.14.tar.xz)=062fc0b2f65f9f65826485b493dcd9297f59c72b
SHA1(wireshark-2.4.14.tar.xz)=c454fb7db5cf6f8b631be83f2e7eb5b0a8580fe1

Wireshark-win64-2.4.14.exe: 58015560 bytes
SHA256(Wireshark-win64-2.4.14.exe)=90ba990e0bdae13785b5dc2ca6ac5e2825381cc3f464da82d946a4c4886939cd
RIPEMD160(Wireshark-win64-2.4.14.exe)=310f76b59b211f446d74ed192deccf747d4d5982
SHA1(Wireshark-win64-2.4.14.exe)=e73038cd92e6e48930d6d780537db7a227b97ce0

Wireshark-win32-2.4.14.exe: 52819416 bytes
SHA256(Wireshark-win32-2.4.14.exe)=245d8845ca6928bee4173253dc2ccddde5f61c306692881a502259122175d97b
RIPEMD160(Wireshark-win32-2.4.14.exe)=687dd384a1ae5216737e5d1a5ed5f0eeb8354c52
SHA1(Wireshark-win32-2.4.14.exe)=7f9558d90b65402a06e769632d8d1c31b6d50286

Wireshark-win64-2.4.14.msi: 47124480 bytes
SHA256(Wireshark-win64-2.4.14.msi)=644e9310cd0c457a9390a949401bf77e2902de80763c8f4a2ed5afb30725be18
RIPEMD160(Wireshark-win64-2.4.14.msi)=e5e52f7b1b2ef6837a0d8c720a2311ee2cef43b9
SHA1(Wireshark-win64-2.4.14.msi)=8da44af9ca8414d58efc0a653b51e16e7be2f6fa

Wireshark-win32-2.4.14.msi: 42070016 bytes
SHA256(Wireshark-win32-2.4.14.msi)=ad886fbc311a0d011bda823f085528f298423c7f6c5b935a4e8d4f76142986ea
RIPEMD160(Wireshark-win32-2.4.14.msi)=b6b8534692c97c767abb99c7626e73dd47f064dc
SHA1(Wireshark-win32-2.4.14.msi)=365ba1356beb095d58e46a5e6f9b663d9840b4b0

WiresharkPortable_2.4.14.paf.exe: 45471320 bytes
SHA256(WiresharkPortable_2.4.14.paf.exe)=efe6eba8c69c93347d50debfe9f2c64239e31cbad296d2f0aa6fc97835a10898
RIPEMD160(WiresharkPortable_2.4.14.paf.exe)=d6fc496d2c161189d127c5932eb6b6caf1a56c63
SHA1(WiresharkPortable_2.4.14.paf.exe)=406674d371028e07e117b013315b0abf367cbdef

Wireshark 2.4.14 Intel 64.dmg: 42593636 bytes
SHA256(Wireshark 2.4.14 Intel
64.dmg)=f2df1d1ea1a88f83a9d300ad546df98b5e3dcd608cc06a0ffd101e9e81259db4
RIPEMD160(Wireshark 2.4.14 Intel
64.dmg)=c32fa021be43c15987e300766c53e37f0ec8246d
SHA1(Wireshark 2.4.14 Intel 64.dmg)=3f867e407d18f724f0105bcf4fd4de9c140e724d

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: signature.asc
Description: OpenPGP digital signature