Wireshark-users: [Wireshark-users] Wireshark 1.8.4 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 28 Nov 2012 14:05:47 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.8.4.

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer.
   It is used for troubleshooting, analysis, development and
   education.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.

     o wnpa-sec-2012-30

       Wireshark could leak potentially sensitive host name
       resolution information when working with multiple pcap-ng
       files. Discovered by Laura Chappell.

       Versions affected: 1.8.0 to 1.8.3.

     o wnpa-sec-2012-31

       The USB dissector could go into an infinite loop. (Bug 7787)

       Versions affected: 1.8.0 to 1.8.3, 1.6.0 to 1.6.11.

     o wnpa-sec-2012-32

       The sFlow dissector could go into an infinite loop. (Bug 7789)

       Versions affected: 1.8.0 to 1.8.3.

     o wnpa-sec-2012-33

       The SCTP dissector could go into an infinite loop. (Bug 7802)

       Versions affected: 1.8.0 to 1.8.3.

     o wnpa-sec-2012-34

       The EIGRP dissector could go into an infinite loop. (Bug 7800)

       Versions affected: 1.8.0 to 1.8.3.

     o wnpa-sec-2012-35

       The ISAKMP dissector could crash. (Bug 7855)

       Versions affected: 1.8.0 to 1.8.3, 1.6.0 to 1.6.11.

     o wnpa-sec-2012-36

       The iSCSI dissector could go into an infinite loop. (Bug 7858)

       Versions affected: 1.8.0 to 1.8.3, 1.6.0 to 1.6.11.

     o wnpa-sec-2012-37

       The WTP dissector could go into an infinite loop. (Bug 7869)

       Versions affected: 1.8.0 to 1.8.3, 1.6.0 to 1.6.11.

     o wnpa-sec-2012-38

       The RTCP dissector could go into an infinite loop. (Bug 7879)

       Versions affected: 1.8.0 to 1.8.3, 1.6.0 to 1.6.11.

     o wnpa-sec-2012-39

       The 3GPP2 A11 dissector could go into an infinite loop. (Bug
       7801)

       Versions affected: 1.8.0 to 1.8.3.

     o wnpa-sec-2012-40

       The ICMPv6 dissector could go into an infinite loop. (Bug
       7844)

       Versions affected: 1.8.0 to 1.8.3, 1.6.0 to 1.6.11.

   The following bugs have been fixed:

     o Menu and Title bars inaccessible using GTK2 (non-legacy) with
       two monitors. (Bug 553)

     o 802.11 Probe Response fails to parse. (Bug 1284)

     o Tshark - decimal symbol. (Bug 2880)

     o Malformed tpncp.dat file can crash Wireshark. (Bug 6665)

     o SSL decryption not work even with example capture file and
       key. (Bug 6869)

     o Info line is incorrect on SIP message containing another SIP
       message in body. (Bug 7780)

     o OOPS: dissector table "sctp.ppi" doesn't exist Protocol being
       registered is "Datagram Transport Layer Security". (Bug 7784)

     o Dissection of IEEE 802.11 Channel Switch Announcement element
       fails. (Bug 7797)

     o Invalid memory accesses when loading RADIUS captures. (Bug
       7803)

     o ISUP CIC should have format BASE_DEC, not BASE_HEX. (Bug 7848)

     o We don't handle pcap-ng files with IDBs that come after packet
       blocks. (Bug 7851)

     o '*' wildcard in the 'Src IP' or 'Dest IP' field of the ESP SA
       dialog does not work. (Bug 7866)

     o nas_eps dissector does not decode some esm message. (Bug 7912)

     o WLAN decryption status not updated after updating WEP/WPA
       keys. (Bug 7921)

     o IPv6 Option Pad1 Incorrect dissection. (Bug 7938)

     o Print GNUTLS error message if PEM import fails. (Bug 7948)

     o GSM classmark3 8-PSK decode error. (Bug 7964)

     o Parsing the Server Name Indication extension in SSL/TLS
       traffic reads some fields incorrectly. (Bug 7967)

     o Lua code crashes wireshark after update to 1.8.3. (Bug 7976)

     o 2 bugs in Ran-Information-Error Rim Container. (Bug 8000)

     o Misspelling (typo) in IPv6 display filter field name. (Bug
       8006)

     o Two BSSGP dissector bugs. (Bug 8008)

     o Core dump during SCTP association analysis. (Bug 8011)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   3GPP2 A11, BSSGP, EIGRP, FMP/NOTIFY, GSM A, ICMP, ICMPv6, IEEE
   802.11, IPsec, IPv6, ISAKMP, iSCSI, LTE RRC, NAS EPS, NDPS, Prism,
   RADIUS, RRC, RTCP, SCTP, sFlow, SIP, SMB2, SSL/TLS, TPNCP, USB

  New and Updated Capture File Support

   CommView NCF, iSeries, pcap-ng.

Getting Wireshark

   Wireshark source code and installation packages are available from
   http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages.
   You can usually install or upgrade Wireshark using the package
   management system specific to that platform. A list of third-party
   packages can be found on the download page on the Wireshark web
   site.

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About→Folders to find the default locations on your system.

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)

   The BER dissector might infinitely loop. (Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   (Bug 1814)

   Filtering tshark captures with display filters (-R) no longer
   works. (Bug 2234)

   The 64-bit Windows installer does not support Kerberos decryption.
   (Win64 development page)

   Application crash when changing real-time option. (Bug 4035)

   Hex pane display issue after startup. (Bug 4056)

   Packet list rows are oversized. (Bug 4357)

   Summary pane selected frame highlighting not maintained. (Bug
   4445)

   Wireshark and TShark will display incorrect delta times in some
   cases. (Bug 4985)

Getting Help

   Community support is available on Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and
   archives for all of Wireshark's mailing lists can be found on the
   web site.

   Official Wireshark training and certification are available from
   Wireshark University.

Frequently Asked Questions

   A complete FAQ is available on the Wireshark web site.


Digests

wireshark-1.8.4.tar.bz2: 24164286 bytes
MD5(wireshark-1.8.4.tar.bz2)=ce22aa0fe7ecb5af39c93ff905c7d026
SHA1(wireshark-1.8.4.tar.bz2)=00265d9196f030848c78025f30556cd014be843d
RIPEMD160(wireshark-1.8.4.tar.bz2)=73f00ccfe86239022679eb2c889bc4371a61942d

Wireshark-win32-1.8.4.exe: 20967680 bytes
MD5(Wireshark-win32-1.8.4.exe)=60ab55f541ad3f7443aeb6a4f40d42db
SHA1(Wireshark-win32-1.8.4.exe)=f430703d2eb258e242f604dbd4ccc276edceb3a7
RIPEMD160(Wireshark-win32-1.8.4.exe)=29553dc43ac7f1b88c1f6376096000b9443bb5c2

Wireshark-win64-1.8.4.exe: 26641872 bytes
MD5(Wireshark-win64-1.8.4.exe)=3ad27f8c8696727b839c06378be238a3
SHA1(Wireshark-win64-1.8.4.exe)=a2e4516476711221db3edaf66f490c8bb3fae955
RIPEMD160(Wireshark-win64-1.8.4.exe)=2a3c48f2efab5a610062901af3c21798b95fab7a

Wireshark-1.8.4.u3p: 28390010 bytes
MD5(Wireshark-1.8.4.u3p)=024440d6b5b577a072182d0087cc7648
SHA1(Wireshark-1.8.4.u3p)=c7308ab686b299b76808c7012997e8f92d6ff842
RIPEMD160(Wireshark-1.8.4.u3p)=de4028831644d14f25918a9aa148c5bc4c468f48

WiresharkPortable-1.8.4.paf.exe: 21982712 bytes
MD5(WiresharkPortable-1.8.4.paf.exe)=ddc683976227e3aa12f52abb125ad4c4
SHA1(WiresharkPortable-1.8.4.paf.exe)=a2f1a60bf7dddbd4f52493be69a294917ff65ce7
RIPEMD160(WiresharkPortable-1.8.4.paf.exe)=a3988c88385f002551263c90059754b0bd40369e

Wireshark 1.8.4 Intel 64.dmg: 21772874 bytes
MD5(Wireshark 1.8.4 Intel 64.dmg)=d766badd720f4ab81c4fea55ad4eb3ab
SHA1(Wireshark 1.8.4 Intel
64.dmg)=6287a8499130d9b5853f2a4a8055ca6db1590158
RIPEMD160(Wireshark 1.8.4 Intel
64.dmg)=b970b82a9b6a6d403e31c5d70693a423c5f298e8

Wireshark 1.8.4 Intel 32.dmg: 22088678 bytes
MD5(Wireshark 1.8.4 Intel 32.dmg)=9c2cf7b67cb8f6dad4adc36a8b34f09a
SHA1(Wireshark 1.8.4 Intel
32.dmg)=28b0a570c8ff3b1a8f8395ef08678b372aa88d50
RIPEMD160(Wireshark 1.8.4 Intel
32.dmg)=fd21b36db579a3693d1fe4b8b76614492b89a4e9

Wireshark 1.8.4 PPC 32.dmg: 22886742 bytes
MD5(Wireshark 1.8.4 PPC 32.dmg)=a034248098d1eb754c039c96e108913c
SHA1(Wireshark 1.8.4 PPC 32.dmg)=0a6bbddbb13e1eb15ad0ee96c6f3d87109ef94aa
RIPEMD160(Wireshark 1.8.4 PPC
32.dmg)=8c87209de4dac6bb435609e978da25b9b43c97e6

patch-wireshark-1.8.3-to-1.8.4.diff.bz2: 156695 bytes
MD5(patch-wireshark-1.8.3-to-1.8.4.diff.bz2)=7c3779962dc372e784991ba883df15e3
SHA1(patch-wireshark-1.8.3-to-1.8.4.diff.bz2)=b3778edb01befc809d3ceef35229db4dd338e589
RIPEMD160(patch-wireshark-1.8.3-to-1.8.4.diff.bz2)=59a7a5af7bee2d3136fec0ef2996c6521d23a6e5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlC2irsACgkQpw8IXSHylJrIygCeLm9jbKlJWv7sle/EK4Duhlt5
HD8AoMqK4cQA/lW6YUOmygHu+U4DRIOp
=g7ln
-----END PGP SIGNATURE-----