Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Wireshark 1.12.2 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 12 Nov 2014 12:33:07 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm proud to announce the release of Wireshark 1.12.2.

     __________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol
   analyzer. It is used for troubleshooting, analysis, development
   and education.
     __________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2014-20
       SigComp UDVM buffer overflow. ([2]Bug 10662)
       [3]CVE-2014-8710
     * [4]wnpa-sec-2014-21
       AMQP crash. ([5]Bug 10582) [6]CVE-2014-8711
     * [7]wnpa-sec-2014-22
       NCP crashes. ([8]Bug 10552, [9]Bug 10628) [10]CVE-2014-8712
       [11]CVE-2014-8713
     * [12]wnpa-sec-2014-23
       TN5250 infinite loops. ([13]Bug 10596) [14]CVE-2014-8714

   The following bugs have been fixed:
     * Wireshark determine packets of MMS protocol as a packets of
       T.125 protocol. ([15]Bug 10350)
     * 6LoWPAN Mesh headers not treated as encapsulating address.
       ([16]Bug 10462)
     * UCP dissector bug of operation 31 - PID 0639 not
       recognized. ([17]Bug 10463)
     * iSCSI dissector rejects PDUs with "expected data transfer
       length" > 16M. ([18]Bug 10469)
     * GTPv2: trigging_tree under Trace information has wrong
       length. ([19]Bug 10470)
     * openflow_v1 OFPT_FEATURES_REPLY parsed incorrectly.
       ([20]Bug 10493)
     * Capture files from a remote virtual interface on MacOS X
       10.9.5 aren't dissected correctly. ([21]Bug 10502)
     * Problem specifying protocol name for filtering. ([22]Bug
       10509)
     * LLDP TIA Network Policy Unknown Policy Flag Decode is not
       correct. ([23]Bug 10512)
     * Decryption of DCERPC with Kerberos encryption fails.
       ([24]Bug 10538)
     * Dissection of DECRPC NT sid28 shouldn't show expert info if
       tree is null. ([25]Bug 10542)
     * Attempt to render an SMS-DELIVER-REPORT instead of an
       SMS-DELIVER. ([26]Bug 10547)
     * IPv6 Calipso option length is not used properly. ([27]Bug
       10561)
     * The SPDY dissector couldn't dissecting packet correctly.
       ([28]Bug 10566)
     * IPv6 QuickStart option Nonce is read incorrectly. ([29]Bug
       10575)
     * IPv6 Mobility Option IPv6 Address/Prefix marks too many
       bytes for the address/prefix field. ([30]Bug 10576)
     * IPv6 Mobility Option Binding Authorization Data for FMIPv6
       Authenticator field is read beyond the option data.
       ([31]Bug 10577)
     * IPv6 Mobility Option Mobile Node Link Layer Identifier
       Link-layer Identifier field is read beyond the option data.
       ([32]Bug 10578)
     * Wrong offset for hf_mq_id_icf1 in packet-mq.c. ([33]Bug
       10597)
     * Malformed PTPoE announce packet. ([34]Bug 10611)
     * IPv6 Permanent Home Keygen Token mobility option includes
       too many bytes for the token field. ([35]Bug 10619)
     * IPv6 Redirect Mobility Option K and N bits are parsed
       incorrectly. ([36]Bug 10622)
     * IPv6 Care Of Test mobility option includes too many bytes
       for the Keygen Token field. ([37]Bug 10624)
     * IPv6 MESG-ID mobility option is parsed incorrectly.
       ([38]Bug 10625)
     * IPv6 AUTH mobility option parses Mobility SPI and
       Authentication Data incorrectly. ([39]Bug 10626)
     * IPv6 DNS-UPDATE-TYPE mobility option includes too many
       bytes for the MD identity field. ([40]Bug 10629)
     * IPv6 Local Mobility Anchor Address mobility option's code
       and reserved fields are parsed as 2 bytes instead of 1.
       ([41]Bug 10630)
     * WCCP v.2.01 extended assignment data element parsed wrong.
       ([42]Bug 10641)
     * DNS ISDN RR Sub Address field is read one byte early.
       ([43]Bug 10650)
     * TShark crashes when running with PDML on a specific packet.
       ([44]Bug 10651)
     * DNS A6 Address Suffix field is parsed incorrectly. ([45]Bug
       10652)
     * DNS response time: calculation incorrect. ([46]Bug 10657)
     * SMPP does not display properly the hour field in the
       Submit_sm Validity Period field. ([47]Bug 10672)
     * DNS Name Length for Zone RR on root is 6 and Label Count is
       1. ([48]Bug 10674)
     * DNS WKS RR Protocol field is read as 4 bytes instead of 1.
       ([49]Bug 10675)
     * IPv6 Mobility Option Context Request reads an extra
       request. ([50]Bug 10676)

  New and Updated Features

   There are no new features in this release.

   The Windows installers no longer include previews of Wireshark
   2. If you want to try the new user interface, please download a
   development (1.99) installer.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   6LoWPAN, AMQP, ANSI IS-637-A, Bluetooth HCI, CoAP, DCERPC
   (all), DCERPC NT, DNS, GSM MAP, GTPv2, H.223, HPSW, HTTP2, IEEE
   802.11, IPv6, iSCSI, Kerberos, LBT-RM, LLDP, MIH, Mobile IPv6,
   MQ, NCP, OpcUa, OpenFlow, PKTAP, PTPoE, SigComp, SMB2, SMPP,
   SPDY, Stanag 4607, T.125, UCP, USB CCID, and WCCP

  New and Updated Capture File Support

   Catapult DCT2000, HP-UX nettl, Ixia IxVeriWave, pcap, pcap-ng,
   RADCOM, and Sniffer (DOS)
     __________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available
   from [51]http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark
   packages. You can usually install or upgrade Wireshark using
   the package management system specific to that platform. A list
   of third-party packages can be found on the [52]download page
   on the Wireshark web site.
     __________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About->Folders to find the default locations on your system.
     __________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([53]Bug
   1419)

   The BER dissector might infinitely loop. ([54]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([55]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer
   works. ([56]Bug 2234)

   The 64-bit Windows installer does not support Kerberos
   decryption. ([57]Win64 development page)

   Resolving ([58]Bug 9044) reopens ([59]Bug 3528) so that
   Wireshark no longer automatically decodes gzip data when
   following a TCP stream.

   Application crash when changing real-time option. ([60]Bug
   4035)

   Hex pane display issue after startup. ([61]Bug 4056)

   Packet list rows are oversized. ([62]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some
   cases. ([63]Bug 4985)
     __________________________________________________________

Getting Help

   Community support is available on [64]Wireshark's Q&A site and
   on the wireshark-users mailing list. Subscription information
   and archives for all of Wireshark's mailing lists can be found
   on [65]the web site.

   Official Wireshark training and certification are available
   from [66]Wireshark University.
     __________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [67]Wireshark web site.
     __________________________________________________________

   Last updated 2014-11-12 12:31:46 PST

References

   1. https://www.wireshark.org/security/wnpa-sec-2014-20.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10662
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710
   4. https://www.wireshark.org/security/wnpa-sec-2014-21.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10582
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711
   7. https://www.wireshark.org/security/wnpa-sec-2014-22.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10552
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10628
  10. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712
  11. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713
  12. https://www.wireshark.org/security/wnpa-sec-2014-23.html
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10596
  14. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10350
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10462
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10463
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10469
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10470
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10493
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10502
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10509
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10512
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10538
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10542
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10547
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10561
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10566
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10575
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10576
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10577
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10578
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10597
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10611
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10619
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10622
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10624
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10625
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10626
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10629
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10630
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10641
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10650
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10651
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10652
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10657
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10672
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10674
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10675
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10676
  51. http://www.wireshark.org/download.html
  52. http://www.wireshark.org/download.html#thirdparty
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  57. http://wiki.wireshark.org/Development/Win64
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  64. http://ask.wireshark.org/
  65. http://www.wireshark.org/lists/
  66. http://www.wiresharktraining.com/
  67. http://www.wireshark.org/faq.html


Digests

wireshark-1.12.2.tar.bz2: 29138867 bytes
MD5(wireshark-1.12.2.tar.bz2)=2f2a16be8b087227cb17733c72288ae4
SHA1(wireshark-1.12.2.tar.bz2)=0598fe285725f97045d7d08e6bde04686044b335
RIPEMD160(wireshark-1.12.2.tar.bz2)=dffefcc516348e24ba903922007e17b9f01aabdc

Wireshark-win64-1.12.2.exe: 29812640 bytes
MD5(Wireshark-win64-1.12.2.exe)=ac8cbcae6a3ab1e4f8879cdad9561e64
SHA1(Wireshark-win64-1.12.2.exe)=f7c44c40de28ef1eb7ee29572f68a7a3629dea1c
RIPEMD160(Wireshark-win64-1.12.2.exe)=af5c836ad54abfcc4db5a8f8d66cb66c298f9b1d

Wireshark-win32-1.12.2.exe: 23571488 bytes
MD5(Wireshark-win32-1.12.2.exe)=0130952ed8b4553a049e2541fe42ced8
SHA1(Wireshark-win32-1.12.2.exe)=7fd4dc488b0014500fe40dc079d2d3feda21d5e3
RIPEMD160(Wireshark-win32-1.12.2.exe)=aaa2c2b207f86301cd64a4a45f2a8e7f051f9024

WiresharkPortable-1.12.2.paf.exe: 29863288 bytes
MD5(WiresharkPortable-1.12.2.paf.exe)=d2dd63792b6efaf3892c6ca8e8dbd304
SHA1(WiresharkPortable-1.12.2.paf.exe)=784a2b8c22c2559a2f5e88e4369804d6e01492e5
RIPEMD160(WiresharkPortable-1.12.2.paf.exe)=b67d3754ea44f540f7ae32736feca38014ed8a7c

Wireshark 1.12.2 Intel 32.dmg: 21804829 bytes
MD5(Wireshark 1.12.2 Intel 32.dmg)=083aa56cfe320662b0c45a7223b585a4
SHA1(Wireshark 1.12.2 Intel
32.dmg)=7a8895cc033b55b2258a99251e79c3b7a5c66735
RIPEMD160(Wireshark 1.12.2 Intel
32.dmg)=b232423f7d6caaf29f70e41436d9c3c6a8b12105

Wireshark 1.12.2 Intel 64.dmg: 26375047 bytes
MD5(Wireshark 1.12.2 Intel 64.dmg)=f7ee521f0103bc088d221f7a3329b54f
SHA1(Wireshark 1.12.2 Intel
64.dmg)=13ce527a3b4a248e09b790ee1bb27defbbb06f5f
RIPEMD160(Wireshark 1.12.2 Intel
64.dmg)=3ee8581574e5af44ea8b67d12d40c625643990e7

patch-wireshark-1.12.1-to-1.12.2.bz2: 260965 bytes
MD5(patch-wireshark-1.12.1-to-1.12.2.bz2)=d68c6ed0f7320816d7514b7368a0d0cd
SHA1(patch-wireshark-1.12.1-to-1.12.2.bz2)=a76c15576af2fcbb4c8aacfb028d896ed75689f4
RIPEMD160(patch-wireshark-1.12.1-to-1.12.2.bz2)=1d36000e4375a0f22520231bdc62d49781e7c26c
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlRjxAMACgkQpw8IXSHylJrzXACeIYwtzKsgKt3J/iO+WASwP0Is
Zr8AoIkHAvMvPPQgjdG5PZ7zQVTzaxr3
=Pg5q
-----END PGP SIGNATURE-----