Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] Wireshark 1.8.11 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Fri, 01 Nov 2013 13:43:52 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.8.11.

     __________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol
   analyzer. It is used for troubleshooting, analysis, development
   and education.
     __________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2013-61
       The IEEE 802.15.4 dissector could crash. ([2]Bug 9139)
       Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
       [3]CVE-2013-6336
     * [4]wnpa-sec-2013-62
       The NBAP dissector could crash. Discovered by Laurent
       Butti. ([5]Bug 9168)
       Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
       [6]CVE-2013-6337
     * [7]wnpa-sec-2013-63
       The SIP dissector could crash. ([8]Bug 9228)
       Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
       [9]CVE-2013-6338
     * [10]wnpa-sec-2013-64
       The OpenWire dissector could go into a large loop.
       Discovered by Murali. ([11]Bug 9248)
       Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
       [12]CVE-2013-6339
     * [13]wnpa-sec-2013-65
       The TCP dissector could crash. ([14]Bug 9263)
       Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10
       [15]CVE-2013-6340

   The following bugs have been fixed:
     * new_packet_list: EAP-TLS reassemble does not happen when
       NEW_PACKET_LIST is toggled. ([16]Bug 5349)
     * The value of SEND_TO_UE in the DIAMETER Gx dictionary for
       Packet-Filter-Usage AVP is 0 instead of 1. ([17]Bug 9126)
     * Bssgp => SGSN-INVOKE-TRACE use the wrong function...
       ([18]Bug 9157)
     * Files with pcap-ng Simple Packet Blocks can't be read.
       ([19]Bug 9200)
     * Wireshark lua dissector unable to load for
       media_type=application/octet-stream. ([20]Bug 9296)
     * Wireshark crash when dissecting packet with NTLMSSP.
       ([21]Bug 9299)
     * DCERPC data_blobs are not correctly dissected when NDR64
       encoding is used. ([22]Bug 9301)
     * multiple PDU in the same DCERPC packet are not correctly
       decrypted. ([23]Bug 9302)
     * The tshark summary line doesn't display the frame number or
       displays it sporadically. ([24]Bug 9317)
     * Fix dissection of PTP Management messages. ([25]Bug 9262)
     * Duplicate IRC header field abbreviation breaks filter
       (example: irc.response.command). ([26]Bug 9360)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   BSSGP, DCERPC, DCERPC NT, DIAMETER, Ethernet, EtherNet/IP, IEEE
   802.15.4, IRC, NBAP, NTLMSSP, OpenWire, SIP, and WiMax

  New and Updated Capture File Support

   and .

  Getting Wireshark

   Wireshark source code and installation packages are available
   from [27]http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark
   packages. You can usually install or upgrade Wireshark using
   the package management system specific to that platform. A list
   of third-party packages can be found on the [28]download page
   on the Wireshark web site.
     __________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About->Folders to find the default locations on your system.
     __________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([29]Bug
   1419)

   The BER dissector might infinitely loop. ([30]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([31]Bug 1814)

   Filtering tshark captures with display filters (-R) no longer
   works. ([32]Bug 2234)

   The 64-bit Windows installer does not support Kerberos
   decryption. ([33]Win64 development page)

   Application crash when changing real-time option. ([34]Bug
   4035)

   Hex pane display issue after startup. ([35]Bug 4056)

   Packet list rows are oversized. ([36]Bug 4357)

   Summary pane selected frame highlighting not maintained.
   ([37]Bug 4445)

   Wireshark and TShark will display incorrect delta times in some
   cases. ([38]Bug 4985)
     __________________________________________________________

Getting Help

   Community support is available on [39]Wireshark's Q&A site and
   on the wireshark-users mailing list. Subscription information
   and archives for all of Wireshark's mailing lists can be found
   on [40]the web site.

   Official Wireshark training and certification are available
   from [41]Wireshark University.
     __________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [42]Wireshark web site.
     __________________________________________________________

   Last updated 2013-11-01 09:29:10 PDT

References

   1. https://www.wireshark.org/security/wnpa-sec-2013-61.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9139
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6336
   4. https://www.wireshark.org/security/wnpa-sec-2013-62.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9168
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6337
   7. https://www.wireshark.org/security/wnpa-sec-2013-63.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9228
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6338
  10. https://www.wireshark.org/security/wnpa-sec-2013-64.html
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9248
  12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6339
  13. https://www.wireshark.org/security/wnpa-sec-2013-65.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9263
  15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6340
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5349
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9126
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9157
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9200
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9296
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9299
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9301
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9302
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9317
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9262
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9360
  27. http://www.wireshark.org/download.html
  28. http://www.wireshark.org/download.html#thirdparty
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  33. https://wiki.wireshark.org/Development/Win64
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  39. http://ask.wireshark.org/
  40. http://www.wireshark.org/lists/
  41. http://www.wiresharktraining.com/
  42. http://www.wireshark.org/faq.html


Digests

wireshark-1.8.11.tar.bz2: 24131276 bytes
MD5(wireshark-1.8.11.tar.bz2)=64ffd695dfbae347ce9f7fce91c376b5
SHA1(wireshark-1.8.11.tar.bz2)=caa681a11ef09a408735eab854ff4d5ccae94b6d
RIPEMD160(wireshark-1.8.11.tar.bz2)=8416f6dddf615c8d2f33cc1883d4d3e855a4e267

Wireshark-win32-1.8.11.exe: 20750720 bytes
MD5(Wireshark-win32-1.8.11.exe)=8378443500ef7230b8a82c49f422ba85
SHA1(Wireshark-win32-1.8.11.exe)=7858e8de13181e93b24908d7ed513721368a33c2
RIPEMD160(Wireshark-win32-1.8.11.exe)=5c1221a13e13c054aadcf91af5830b54bb655bac

Wireshark-win64-1.8.11.exe: 26413184 bytes
MD5(Wireshark-win64-1.8.11.exe)=05f08f5aa35ee9d6e3af946cb69abe0f
SHA1(Wireshark-win64-1.8.11.exe)=1e3f4d20a07cc5f6e53d3b3afab17ce7d8727f78
RIPEMD160(Wireshark-win64-1.8.11.exe)=a5a5cef515520a183c32a38e26c99cab87526c82

Wireshark-1.8.11.u3p: 28441936 bytes
MD5(Wireshark-1.8.11.u3p)=0c0d753d547cef42ee8c815beb7f555d
SHA1(Wireshark-1.8.11.u3p)=6d776bd0b109cf86f55c4ec1dd28a94b21d80d63
RIPEMD160(Wireshark-1.8.11.u3p)=7297122c8690e874a97fa16b8cec65ad3a93624b

WiresharkPortable-1.8.11.paf.exe: 21932928 bytes
MD5(WiresharkPortable-1.8.11.paf.exe)=0ff6dcaaecc17cc3ae4c1938fa1986ec
SHA1(WiresharkPortable-1.8.11.paf.exe)=d94b510bbfae2d2ecbd243c38974da3cb8ba6324
RIPEMD160(WiresharkPortable-1.8.11.paf.exe)=7e7c89941134a081da25deab5abb21acecd3fa4f

Wireshark 1.8.11 PPC 32.dmg: 22768102 bytes
MD5(Wireshark 1.8.11 PPC 32.dmg)=10137c155e0ad2469cc8bb0e59c0257f
SHA1(Wireshark 1.8.11 PPC 32.dmg)=93d4eea269b3521764fac6ade2819a98aa99b286
RIPEMD160(Wireshark 1.8.11 PPC
32.dmg)=c64799ad15045364347b0900c5a527652251c8d5

Wireshark 1.8.11 Intel 32.dmg: 18303127 bytes
MD5(Wireshark 1.8.11 Intel 32.dmg)=5f7628253090968bf69c1aceccf4248f
SHA1(Wireshark 1.8.11 Intel
32.dmg)=24bb4cc976ece7092bb11b7a5bff4c3feb96af22
RIPEMD160(Wireshark 1.8.11 Intel
32.dmg)=ad32536604827c57c4a3bb64cb1efbe85a789eb3

Wireshark 1.8.11 Intel 64.dmg: 21802514 bytes
MD5(Wireshark 1.8.11 Intel 64.dmg)=ac1dfcad48bd69159ffa629116acb883
SHA1(Wireshark 1.8.11 Intel
64.dmg)=56b0518617de8e4a26e69099cb3f5d456fe54bbf
RIPEMD160(Wireshark 1.8.11 Intel
64.dmg)=34c333c31d11da6b0cbc6126d75a4454084ab053

patch-wireshark-1.8.10-to-1.8.11.diff.bz2: 60457 bytes
MD5(patch-wireshark-1.8.10-to-1.8.11.diff.bz2)=a9905c95c33f72e9f86df49d84d41b02
SHA1(patch-wireshark-1.8.10-to-1.8.11.diff.bz2)=98ef72b62d5cb06fab3f398f9c3ee9a7e185c186
RIPEMD160(patch-wireshark-1.8.10-to-1.8.11.diff.bz2)=cfd9e4b203d95109c54d3dd267563e33cc190321
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlJ0EogACgkQpw8IXSHylJqxRgCgop8EnvXJu3cMmcHTdXgutrfp
bMsAnjmZ3EVXVx+2oIwL++etFbBlvKZc
=aCOI
-----END PGP SIGNATURE-----