Wireshark-users: [Wireshark-users] Wireshark 1.4.1 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Mon, 11 Oct 2010 15:11:07 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.4.1.

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer.
   It is used for troubleshooting, analysis, development and
   education.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed. See the security
   advisory for details and a workaround.

     o The Penetration Test Team of NCNIPC (China) discovered that
       the ASN.1 BER dissector was susceptible to a stack overflow.
       (Bug 5230)

       Versions affected: All previous versions up to and including
       1.2.11 and 1.4.0.

   The following bugs have been fixed:

     o Wireshark may appear offscreen on multi-monitor Windows
       systems. (Bug 553)

     o Incorrect behavior using sorting in the packet list. (Bug
       2225)

     o Cooked-capture dissector should omit the source address field
       if empty. (Bug 2519)

     o MySQL dissector doesn't dissect MySQL stream. (Bug 2691)

     o Wireshark crashes if active display filter macro is renamed.
       (Bug 5002)

     o Incorrect dissection of MAP V2 PRN_ACK. (Bug 5076)

     o TCP bytes_in_flight becomes inflated with lost packets. (Bug
       5132)

     o Wireshark fails to start on Windows XP 64bit. (Bug 5160)

     o GTP header is exported in PDML with an incorrect size. (Bug
       5162)

     o Packet list hidden columns will not be parsed correctly from
       preferences file. (Bug 5163)

     o Wireshark does not display the t.38 graph. (Bug 5165)

     o Wireshark don't show mgcp calls in "Telephony → VoIP calls".
       (Bug 5167)

     o Wireshark 1.4.0 & VoIP calls "Prepare Filter" problem. (Bug
       5172)

     o GTPv2: IMSI is decoded improperly. (Bug 5179)

     o [NAS EPS] EPS Quality of Service IE decoding is wrong. (Bug
       5186)

     o Wireshark mistakenly writes "not all data available" for IPv4
       checksum. (Bug 5194)

     o GSM: Cell Channel Description, range 1024 format. (Bug 5214)

     o Wrong SDP interpretation on VoIP call flow chart. (Bug 5220)

     o The CLDAP attribute value on a CLDAP reply is no longer being
       decoded. (Bug 5239)

     o [NAS EPS] Traffic Flow Template IE dissection bugs. (Bug 5243)

     o [NAS EPS] Use Request Type IE defined in 3GPP 24.008. (Bug
       5246)

     o NTLMSSP_AUTH domain and username truncated to first letter
       with IE8/Windows7 (generating the NTLM packet). (Bug 5251)

     o IPv6 RH0: dest addr is to be used i.s.o. last RH address when
       0 segments remain. (Bug 5252)

     o EIGRP dissection error in Flags field in external route TLVs.
       (Bug 5261)

     o MRP packet is not correctly parsed in PROFINET multiple write
       record request. (Bug 5267)

     o MySQL Enhancement: support of Show Fields and bug fix. (Bug
       5271)

     o [NAS EPS] Fix TFT decoding when having several Packet Filters
       defined. (Bug 5274)

     o Crash if using ssl.debug.file with no password for
       ssl.keys_list. (Bug 5277)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 BER, ASN.1 PER, EIGRP, GSM A RR, GSM Management, GSM MAP,
   GTP, GTPv2, ICMPv6, Interlink, IPv4, IPv6, IPX, LDAP, LLC, MySQL,
   NAS EPS, NTLMSSP, PN-IO, PPP, RPC, SDP, SLL, SSL, TCP

  New and Updated Capture File Support

   There are no new or updated capture file formats in this release.

Getting Wireshark

   Wireshark source code and installation packages are available from
   http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages.
   You can usually install or upgrade Wireshark using the package
   management system specific to that platform. A list of third-party
   packages can be found on the download page on the Wireshark web
   site.

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About->Folders to find the default locations on your system.

Known Problems

   Wireshark might make your system disassociate from a wireless
   network on OS X 10.4. (Bug 1315)

   Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)

   The BER dissector might infinitely loop. (Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   (Bug 1814)

   Filtering tshark captures with display filters (-R) no longer
   works. (Bug 2234)

   The 64-bit Windows installer does not ship with the same libraries
   as the 32-bit installer. (Bug 3610)

   Hex pane display issue after startup. (Bug 4056)

   Packet list rows are oversized. (Bug 4357)

   Summary pane selected frame highlighting not maintained. (Bug
   4445)

Getting Help

   Community support is available on Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and
   archives for all of Wireshark's mailing lists can be found on the
   web site.

   Commercial support is available from CACE Technologies.

   Training is available from Wireshark University.

Frequently Asked Questions

   A complete FAQ is available on the Wireshark web site.


Digests

wireshark-1.4.1.tar.bz2: 20208926 bytes
MD5(wireshark-1.4.1.tar.bz2)=1719d20a10990e7c2cb261df7021aab6
SHA1(wireshark-1.4.1.tar.bz2)=8a3832b3a8cadbb0287fc4c1bcd22a75177df2fb
RIPEMD160(wireshark-1.4.1.tar.bz2)=6908437ff93d62c970f1dc8149a253ffffcb8479

wireshark-win32-1.4.1.exe: 19232444 bytes
MD5(wireshark-win32-1.4.1.exe)=a412723f11ef41f2429f6386543e6a55
SHA1(wireshark-win32-1.4.1.exe)=34a739a799688a26ea8128ce7352b20e473872c2
RIPEMD160(wireshark-win32-1.4.1.exe)=ca43154321319f2059b3e6367583e9ea7b3205e3

wireshark-win64-1.4.1.exe: 21496207 bytes
MD5(wireshark-win64-1.4.1.exe)=8135ee31bf348c279887aeae8fa622b5
SHA1(wireshark-win64-1.4.1.exe)=cebd9a7cd6c33234ab162acb312aff93d574f933
RIPEMD160(wireshark-win64-1.4.1.exe)=69cdc29d4026c7fc8a329fd0b33e1da315eb34b2

wireshark-1.4.1.u3p: 25542290 bytes
MD5(wireshark-1.4.1.u3p)=cd43c8be9f0086e076f7a7cac2b38cee
SHA1(wireshark-1.4.1.u3p)=3845e40a8eeeb6c38f448726dd0fb23ae6ca117d
RIPEMD160(wireshark-1.4.1.u3p)=845f7c14529bbf48200afa9d488e24a7a7a084a7

WiresharkPortable-1.4.1.paf.exe: 20167660 bytes
MD5(WiresharkPortable-1.4.1.paf.exe)=fb454ec146afb888e77092333b1e9859
SHA1(WiresharkPortable-1.4.1.paf.exe)=803d9d1a1eca47006a05064e8f7a7ab970f46f69
RIPEMD160(WiresharkPortable-1.4.1.paf.exe)=75a69e9c56623301725eecd4e6a6b74f3ad682a9

Wireshark 1.4.1 Intel 32.dmg: 47560286 bytes
MD5(Wireshark 1.4.1 Intel 32.dmg)=3e9b194d654932754e3ed69529535da0
SHA1(Wireshark 1.4.1 Intel 32.dmg)=0304e50ab0fe9cfdc465297db68acce0ccd1cbdd
RIPEMD160(Wireshark 1.4.1 Intel
32.dmg)=feab43db419997ae087f98a69659a7fa7819f3c4

Wireshark 1.4.1 Intel 64.dmg: 44074372 bytes
MD5(Wireshark 1.4.1 Intel 64.dmg)=3b48ad7353d621e682abd24a676106d1
SHA1(Wireshark 1.4.1 Intel 64.dmg)=eae1cbee6ea2aa7409e2e00c89c0f340673e739a
RIPEMD160(Wireshark 1.4.1 Intel
64.dmg)=83aae9f36da447195124aa58f79e0c0e941e7dc3

Wireshark 1.4.1 PPC 32.dmg: 50079323 bytes
MD5(Wireshark 1.4.1 PPC 32.dmg)=8ceae9e98541e6bfd012e449a452500d
SHA1(Wireshark 1.4.1 PPC 32.dmg)=1884fb7e2beda3a0f990aac87b019c90a3a48976
RIPEMD160(Wireshark 1.4.1 PPC
32.dmg)=fdcee45d84ea23802ce23f5fdf2c991936d56233

patch-wireshark-1.4.0-to-1.4.1.diff.bz2: 342283 bytes
MD5(patch-wireshark-1.4.0-to-1.4.1.diff.bz2)=c3cdf32824352237ce560cdca37d12fb
SHA1(patch-wireshark-1.4.0-to-1.4.1.diff.bz2)=a88a9b09d7ca403347f7f6413ed93f337a3f8da0
RIPEMD160(patch-wireshark-1.4.0-to-1.4.1.diff.bz2)=6ea22cbc4ca5d2e09bc0db5701d7c9de06c345de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyzi3sACgkQpw8IXSHylJqa3QCeMJh4+WnuDBJnktURZ8pDV+ym
QngAoKN2G4+LIa31tc9/m8xc3iHgxMnP
=nkYe
-----END PGP SIGNATURE-----