Wireshark-users: [Wireshark-users] Wireshark 1.6.3 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Tue, 01 Nov 2011 12:44:23 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.6.3.

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer.
   It is used for troubleshooting, analysis, development and
   education.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.

     o wnpa-sec-2011-17

       The CSN.1 dissector could crash. (Bug 6351)

       Versions affected: 1.6.0 to 1.6.2.

     o wnpa-sec-2011-18

       Huzaifa Sidhpurwala of Red Hat Security Response Team
       discovered that the Infiniband dissector could dereference a
       NULL pointer. (Bug 6476)

       Versions affected: 1.4.0 to 1.4.9, 1.6.0 to 1.6.2.

     o wnpa-sec-2011-19

       Huzaifa Sidhpurwala of Red Hat Security Response Team
       discovered a buffer overflow in the ERF file reader. (Bug
       6479)

       Versions affected: 1.4.0 to 1.4.9, 1.6.0 to 1.6.2.

   The following bugs have been fixed:

     o Assertion failed when doing File->Quit->Save during live
       capture. (Bug 1710)

     o Wrong PCEP XRO sub-object decoding. (Bug 3778)

     o Wireshark window takes very long time to show up if invalid
       network file path is at recent file list (Bug 3810)

     o Decoding [Status Records] Timestamp Sequence Field in Bundle
       Protocol fails if over 32 bits. (Bug 4109)

     o ISUP party number dissection. (Bug 5221)

     o wireshark-1.4.2 crashes when testing the example python
       dissector because of a dissector count assertion. (Bug 5431)

     o Ethernet packets with both VLAN tag and LLC header no longer
       displayed correctly. (Bug 5645)

     o SLL encapsuled 802.1Q VLAN is not dissected. (Bug 5680)

     o Wireshark crashes when attempting to open a file via drag &
       drop when there's already a file open. (Bug 5987)

     o Adding and removing custom HTTP headers requires a restart.
       (Bug 6241)

     o Can't read full 64-bit SNMP values. (Bug 6295)

     o Dissection fails for frames with Gigamon Header and VLAN. (Bug
       6305)

     o RTP Stream Analysis does not work for TURN-encapsulated RTP.
       (Bug 6322)

     o packet-csn1.c doesn't process CSN_CHOICE entries properly.
       (Bug 6328)

     o BACnet property time-synchronization-interval (204) name shown
       incorrectly as time-synchronization-recipients. (Bug 6336)

     o GUI crash on invalid IEEE 802.11 GAS frame. (Bug 6345)

     o [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347)

     o ICMPv6 router advertisement Prefix Information Flag R "Router
       Address" missing. (Bug 6350)

     o Export -> Object -> HTTP -> save all: Error on saving files.
       (Bug 6362)

     o Inner tag of 802.1ad frames not parsed properly. (Bug 6366)

     o Added cursor type decoding to MySQL dissector. (Bug 6396)

     o Incorrect identification of UDP-encapsulated NAT-keepalive
       packets. (Bug 6414)

     o WPA IE pairwise cipher suite dissector uses incorrect
       value_string list. (Bug 6420)

     o S1AP protocol can't decode IPv6 transportLayerAddress. (Bug
       6435)

     o RTPS2 dissector doesn't handle 0 in the octestToNextHeader
       field. (Bug 6449)

     o packet-ajp13 fix, cleanup, and enhancement. (Bug 6452)

     o Network Instruments Observer file format bugs. (Bug 6453)

     o Wireshark crashes when using "Open Recent" 2 times in a row.
       (Bug 6457)

     o Wireshark packet_gsm-sms, display bug: Filler bits in TP-User
       Data Header. (Bug 6469)

     o wireshark unable to decode NetFlow options which have system
       scope size != 4 bytes. (Bug 6471)

     o Display filter Expression Dialog Box Error. (Bug 6472)

     o text_import_scanner.l missing. (Bug 6531)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE
   802.11, IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP,
   S1AP, SSL

  New and Updated Capture File Support

   Endace ERF.

Getting Wireshark

   Wireshark source code and installation packages are available from
   http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages.
   You can usually install or upgrade Wireshark using the package
   management system specific to that platform. A list of third-party
   packages can be found on the download page on the Wireshark web
   site.

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About→Folders to find the default locations on your system.

Known Problems

   Wireshark might make your system disassociate from a wireless
   network on OS X 10.4. (Bug 1315)

   Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)

   The BER dissector might infinitely loop. (Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   (Bug 1814)

   Filtering tshark captures with display filters (-R) no longer
   works. (Bug 2234)

   The 64-bit Windows installer does not ship with libsmi. (Win64
   development page)

   Application crash when changing real-time option. (Bug 4035)

   Hex pane display issue after startup. (Bug 4056)

   Packet list rows are oversized. (Bug 4357)

   Summary pane selected frame highlighting not maintained. (Bug
   4445)

   Wireshark and TShark will display incorrect delta times in some
   cases. (Bug 4985 and bug 5580)

Getting Help

   Community support is available on Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and
   archives for all of Wireshark's mailing lists can be found on the
   web site.

   Training is available from Wireshark University.

Frequently Asked Questions

   A complete FAQ is available on the Wireshark web site.


Digests

wireshark-1.6.3.tar.bz2: 21468737 bytes
MD5(wireshark-1.6.3.tar.bz2) =
    5012 c75c 379f fd47 fbcf 395d 9a6e 417e
SHA1(wireshark-1.6.3.tar.bz2) =
    de73 a101 1a9e dfa9 a1df be2d 05e3 2fbd 702a 0cab
RIPEMD160(wireshark-1.6.3.tar.bz2) =
    96f2 21a2 fc47 c4bb 2974 08a0 1e8d 9f8b 0a59 fc3b

wireshark-win32-1.6.3.exe: 19572375 bytes
MD5(wireshark-win32-1.6.3.exe) =
    22eb 6b17 ee32 4ab9 9f7c f645 1333 08eb
SHA1(wireshark-win32-1.6.3.exe) =
    03b5 093f f4d2 3be8 794e 216b 6469 f65b 35ff 65d7
RIPEMD160(wireshark-win32-1.6.3.exe) =
    810b c79b 393d 1a8c 43cf deb4 2007 1bd5 4a26 c0cc

wireshark-win64-1.6.3.exe: 22751981 bytes
MD5(wireshark-win64-1.6.3.exe) =
    cee7 5f51 12f3 b8b7 1efb 5029 2646 d609
SHA1(wireshark-win64-1.6.3.exe) =
    6a68 82db 0f83 2ee3 6d39 b1d2 fb6f c2c0 ffdf 1919
RIPEMD160(wireshark-win64-1.6.3.exe) =
    e02e 15d2 42fa 1f1c 83e0 a00a a60c ad99 73a1 49a6

wireshark-1.6.3.u3p: 26070268 bytes
MD5(wireshark-1.6.3.u3p) =
    9e2e ba9e bef8 d77c bc0b 2848 6ab3 5d1a
SHA1(wireshark-1.6.3.u3p) =
    bc52 8649 875b d6ed 5349 4e02 78e5 0d09 5035 f8fd
RIPEMD160(wireshark-1.6.3.u3p) =
    1bf2 1e36 2de1 5794 3e76 70d8 4524 2090 ae5d 78f2

WiresharkPortable-1.6.3.paf.exe: 20472953 bytes
MD5(WiresharkPortable-1.6.3.paf.exe) =
    8bd7 039e 93d5 b218 7e06 2c3d 9ade 97c5
SHA1(WiresharkPortable-1.6.3.paf.exe) =
    d419 58fa 061d 3baa 1f0f e1b2 4a4a c9b0 0381 a302
RIPEMD160(WiresharkPortable-1.6.3.paf.exe) =
    34bc 5cfa f809 0952 9553 2841 a752 fe2f aec4 54d9

Wireshark 1.6.3 Intel 32.dmg: 20476340 bytes
MD5(Wireshark 1.6.3 Intel 32.dmg) =
    c62b cbab 205d 67ad 569e 2bde 7748 dafb
SHA1(Wireshark 1.6.3 Intel 32.dmg) =
    0d48 9517 d4a0 075e 479f c300 2a42 9fc0 3db2 0f5e
RIPEMD160(Wireshark 1.6.3 Intel 32.dmg) =
    f54d 08fd e5db 987a 6e8f 6adb a736 64d5 9807 671a

Wireshark 1.6.3 Intel 64.dmg: 20279544 bytes
MD5(Wireshark 1.6.3 Intel 64.dmg) =
    76f8 6955 4ad1 a63a 127c 71a2 592a 9a59
SHA1(Wireshark 1.6.3 Intel 64.dmg) =
    0038 662f 09de 69f3 1f66 bc9f 7726 87c0 68f4 74bc
RIPEMD160(Wireshark 1.6.3 Intel 64.dmg) =
    6e96 d2de 28c7 f974 c2e8 7f5f af24 d987 1495 44fe

Wireshark 1.6.3 PPC 32.dmg: 21164310 bytes
MD5(Wireshark 1.6.3 PPC 32.dmg) =
    030f 9bc4 f229 03f5 7e06 b628 d555 1831
SHA1(Wireshark 1.6.3 PPC 32.dmg) =
    d571 c152 fd53 82d9 b33d fc50 c719 9207 4d2b ed52
RIPEMD160(Wireshark 1.6.3 PPC 32.dmg) =
    d055 1119 af24 4197 b248 884d c24b d3b0 55c0 024e

patch-wireshark-1.6.2-to-1.6.3.diff.bz2: 608958 bytes
MD5(patch-wireshark-1.6.2-to-1.6.3.diff.bz2) =
    2c84 22a8 7eac 49bf 41c7 2cdd 93de 371c
SHA1(patch-wireshark-1.6.2-to-1.6.3.diff.bz2) =
    1408 5aba 2a2e b332 656c 3ec3 14f1 887b e945 5e79
RIPEMD160(patch-wireshark-1.6.2-to-1.6.3.diff.bz2) =
    a19e 9d1c d0c8 a896 2c65 4910 1a84 7eb3 e062 bd89
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk6wTBcACgkQpw8IXSHylJqnhgCfXqMy+iBO5fE0PyxHrglnL1Yb
QbsAoLebLcAi6LqfQXQXLXgNZbas1eek
=UKqG
-----END PGP SIGNATURE-----