Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Wireshark 1.8.7 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Fri, 17 May 2013 14:58:56 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.8.7.

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer.
   It is used for troubleshooting, analysis, development and
   education.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.

     o wnpa-sec-2013-23

       The RELOAD dissector could go into an infinite loop.
       Discovered by Evan Jensen. (Bug 8364, (Bug 8546)

       Versions affected: 1.8.0 to 1.8.6.

       CVE-2013-2486

       CVE-2013-2487

     o wnpa-sec-2013-24

       The GTPv2 dissector could crash. (Bug 8493)

       Versions affected: 1.8.0 to 1.8.6.

     o wnpa-sec-2013-25

       The ASN.1 BER dissector could crash. (Bug 8599)

       Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14.

     o wnpa-sec-2013-26

       The PPP CCP dissector could crash. (Bug 8638)

       Versions affected: 1.8.0 to 1.8.6.

     o wnpa-sec-2013-27

       The DCP ETSI dissector could crash. Discovered by Evan Jensen.
       (Bug 8231, bug 8540, bug 8541)

       Versions affected: 1.8.0 to 1.8.6.

     o wnpa-sec-2013-28

       The MPEG DSM-CC dissector could crash. (Bug 8481)

       Versions affected: 1.8.0 to 1.8.6.

     o wnpa-sec-2013-29

       The Websocket dissector could crash. Discovered by Moshe
       Kaplan. (Bug 8448, Bug 8499)

       Versions affected: 1.8.0 to 1.8.6.

     o wnpa-sec-2013-30

       The MySQL dissector could go into an infinite loop. Discovered
       by Moshe Kaplan. (Bug 8458)

       Versions affected: 1.8.0 to 1.8.6.

     o wnpa-sec-2013-31

       The ETCH dissector could go into a large loop. Discovered by
       Moshe Kaplan. (Bug 8464)

       Versions affected: 1.8.0 to 1.8.6.

   The following bugs have been fixed:

     o The Windows installer and uninstaller does a better job of
       detecting running executables.

     o Library mismatch when compiling on a system with an older
       Wireshark version. (Bug 6011)

     o SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO. (Bug 7359)

     o A console window is never opened. (Bug 7755)

     o GSM_MAP show malformed Packets when two IMSI. (Bug 7882)

     o Fix include and libs search path when cross compiling. (Bug
       7926)

     o PER dissector crash. (Bug 8197)

     o pcap-ng: name resolution block is not written to file on save.
       (Bug 8317)

     o Incorrect RTP statistics (Lost Packets indication not ok).
       (Bug 8321)

     o Decoding of GSM MAP E164 Digits. (Bug 8450)

     o Silent installer and uninstaller not silent. (Bug 8451)

     o Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to
       placate recent autotools. (Bug 8452)

     o Wifi details are not stored in the Decryption Key Management
       dialog (post 1.8.x). (Bug 8446)

     o IO Graph should not be limited to 100k points (NUM_IO_ITEMS).
       (Bug 8460)

     o geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit
       field truncated to 23 bits. (Bug 8532)

     o IRC message with multiple params causes malformed packet
       exception. (Bug 8548)

     o Part of Ping Reply Message in ICMPv6 Reply Message is marked
       as "Malformed Packet". (Bug 8554)

     o MP2T wiretap heuristic overriding ERF. (Bug 8556)

     o Cannot read content of Ran Information Application Error Rim
       Container. (Bug 8559)

     o Endian error and IP:Port error when decoding BT-DHT response
       message. (Bug 8572)

     o "ACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY" should be
       "ACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY". (Bug 8575)

     o wireshark crashes while displaying I/O Graph. (Bug 8583)

     o GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded)
       incorrectly. (Bug 8596)

     o DTLS 1.2 uses wrong PRF. (Bug 8608)

     o RTP DTMF digits are no longer displayed in VoIP graph
       analysis. (Bug 8610)

     o Universal port not accepted in RSA Keys List window. (Bug
       8618)

     o Wireshark Dissector bug with HSRP Version 2. (Bug 8622)

     o LISP control packet incorrectly identified as LISP data based
       when UDP source port is 4341. (Bug 8627)

     o Bad tcp checksum not detected. (Bug 8629)

     o AMR Frame Type uses wrong Value String. (Bug 8681)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   AMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson
   A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave,
   IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP,
   SIP, SSL/TLS, TCP, UA3G

  New and Updated Capture File Support

   Endace ERF, NetScreen snoop.

Getting Wireshark

   Wireshark source code and installation packages are available from
   http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages.
   You can usually install or upgrade Wireshark using the package
   management system specific to that platform. A list of third-party
   packages can be found on the download page on the Wireshark web
   site.

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About→Folders to find the default locations on your system.

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)

   The BER dissector might infinitely loop. (Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   (Bug 1814)

   Filtering tshark captures with display filters (-R) no longer
   works. (Bug 2234)

   The 64-bit Windows installer does not support Kerberos decryption.
   (Win64 development page)

   Application crash when changing real-time option. (Bug 4035)

   Hex pane display issue after startup. (Bug 4056)

   Packet list rows are oversized. (Bug 4357)

   Summary pane selected frame highlighting not maintained. (Bug
   4445)

   Wireshark and TShark will display incorrect delta times in some
   cases. (Bug 4985)

Getting Help

   Community support is available on Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and
   archives for all of Wireshark's mailing lists can be found on the
   web site.

   Official Wireshark training and certification are available from
   Wireshark University.

Frequently Asked Questions

   A complete FAQ is available on the Wireshark web site.


Digests

wireshark-1.8.7.tar.bz2: 24273700 bytes
MD5(wireshark-1.8.7.tar.bz2)=f4198728a20aa40752906031e08544f8
SHA1(wireshark-1.8.7.tar.bz2)=c131ce10555e608e691aa36190c8d5a1b271c955
RIPEMD160(wireshark-1.8.7.tar.bz2)=c9a2b59441a517e4943a2b7e3e994694125b1759

Wireshark-win32-1.8.7.exe: 20868704 bytes
MD5(Wireshark-win32-1.8.7.exe)=7aee0d82ed4efa3e709aa9e42a86c34c
SHA1(Wireshark-win32-1.8.7.exe)=95f42bfaee23351b504aca3fa57e29c0c2cd3227
RIPEMD160(Wireshark-win32-1.8.7.exe)=a95e303f9176d754d86a8f8198a801cba5c3e04f

Wireshark-win64-1.8.7.exe: 26549232 bytes
MD5(Wireshark-win64-1.8.7.exe)=a832cae3e9d0e312c3c1241a970f1080
SHA1(Wireshark-win64-1.8.7.exe)=845da671608323ca3154c03e47365e26fce80d69
RIPEMD160(Wireshark-win64-1.8.7.exe)=696f0c8090bcb22e7c2c641925db7b6958ce5df1

Wireshark-1.8.7.u3p: 28621210 bytes
MD5(Wireshark-1.8.7.u3p)=e38ae665e9a6799961c75e1c794b0241
SHA1(Wireshark-1.8.7.u3p)=5feb3b235ffe38315b94bd1de1fd269249737853
RIPEMD160(Wireshark-1.8.7.u3p)=162f88f661a31fd1902ece049b6d8a4937dd18f7

WiresharkPortable-1.8.7.paf.exe: 22051216 bytes
MD5(WiresharkPortable-1.8.7.paf.exe)=5f7624d355520650b1d61f86552ef06c
SHA1(WiresharkPortable-1.8.7.paf.exe)=7fbba81263fb957f37a8694ab36f39aa2d0dda7c
RIPEMD160(WiresharkPortable-1.8.7.paf.exe)=f1ee0f1aff528a88aad79024df371560a593f963

Wireshark 1.8.7 PPC 32.dmg: 22938629 bytes
MD5(Wireshark 1.8.7 PPC 32.dmg)=2df64ff6c884f8c9aa036be0ac850dc4
SHA1(Wireshark 1.8.7 PPC 32.dmg)=fac403ed5616d4f3736dc26ad6b46b43d92eeca5
RIPEMD160(Wireshark 1.8.7 PPC
32.dmg)=a3a2de3aeac6bfce17f95ed1bc803277cab504b5

Wireshark 1.8.7 Intel 64.dmg: 21653924 bytes
MD5(Wireshark 1.8.7 Intel 64.dmg)=8615eade01f43e6229d83a3148bd5566
SHA1(Wireshark 1.8.7 Intel
64.dmg)=3816f7a1d9fdea109a02c49d559f804516ebab6d
RIPEMD160(Wireshark 1.8.7 Intel
64.dmg)=847401b192639fd9ae85c4f2fe33cf6fc25df077

Wireshark 1.8.7 Intel 32.dmg: 19734453 bytes
MD5(Wireshark 1.8.7 Intel 32.dmg)=4c5e9c6ae11d0db53cb101acf06fe96f
SHA1(Wireshark 1.8.7 Intel
32.dmg)=5aaf4924318705e041041f2af4145966b63f4baf
RIPEMD160(Wireshark 1.8.7 Intel
32.dmg)=e324792142ea8a76f6f949b3fbe998dba7290c84

patch-wireshark-1.8.6-to-1.8.7.diff.bz2: 238913 bytes
MD5(patch-wireshark-1.8.6-to-1.8.7.diff.bz2)=898cc367b1ca964d13d5add01abd7dc3
SHA1(patch-wireshark-1.8.6-to-1.8.7.diff.bz2)=44668ceb45fc4953d9f782c61abcd67bd75cb8d1
RIPEMD160(patch-wireshark-1.8.6-to-1.8.7.diff.bz2)=43047d437df36cefce63d295fbbde1973d4867f7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlGWqCAACgkQpw8IXSHylJrVcACgkdCrVv8oME+n7xT8nMXJpe1R
hLcAnizCuOZjoSmRJZOCkIzBmbJ/FcIp
=Pjbu
-----END PGP SIGNATURE-----