Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Wireshark 2.6.7 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 27 Feb 2019 12:14:18 -0800
I'm proud to announce the release of Wireshark 2.6.7.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2019-06[1] ASN.1 BER and related dissectors crash. Bug
       15447[2]. CVE-2019-9209[3].

     • wnpa-sec-2019-07[4] TCAP dissector crash. Bug 15464[5].
       CVE-2019-9208[6].

     • wnpa-sec-2019-08[7] RPCAP dissector crash. Bug 15536[8].

   The following bugs have been fixed:

     • Alignment Lost after Editing Column. Bug 14177[9].

     • Crash on applying display filters or coloring rules on capture
       files containing non-UTF-8 data. Bug 14905[10].

     • tshark outputs debug information. Bug 15341[11].

     • Feature request - HTTP, add the field "request URI" to response.
       Bug 15344[12].

     • randpkt should be distributed with the Windows installer. Bug
       15395[13].

     • Memory leak with "-T ek" output format option. Bug 15406[14].

     • Display error in negative response time stats (gint displayed as
       unsigned). Bug 15416[15].

     • _epl_xdd_init not found. Bug 15419[16].

     • Decoding of MEGACO/H.248 request shows the Remote descriptor as
       "Local descriptor". Bug 15430[17].

     • Repeated NFS in Protocol Display field. Bug 15443[18].

     • RBM file dissector adds too many items to the tree, resulting in
       aborting the program. Bug 15448[19].

     • Wireshark heap out-of-bounds read in infer_pkt_encap. Bug
       15463[20].

     • Column width and hidden issues when switching profiles. Bug
       15466[21].

     • GTPv1-C SGSN Context Response / Forward Relocation Request decode
       GGSN address IPV6 issue. Bug 15485[22].

     • Lua Error on startup: init.lua: dofile has been disabled due to
       running Wireshark as superuser. Bug 15489[23].

     • DICOM ASSOCIATE Accept: Protocol Version. Bug 15495[24].

     • Multiple out-of-bounds reads in NetScaler trace handling
       (wiretap/netscaler.c). Bug 15497[25].

     • Wrong endianess when dissecting the "chain offset" in SMB2
       protocol header. Bug 15524[26].

     • Memory leak in mate_grammar.lemon’s recolonize function. Bug
       15525[27].

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 BER, BSSAP, BT Mesh, DICOM, DNP3, EPL, ETSI CAT, GTP, HTTP,
   IEEE 802.15.4, ISAKMP, MEGACO, MPLS Echo, RPC, RPCAP, SMB2, and TCAP

  New and Updated Capture File Support

   IxVeriWave, NetScaler, and Sniffer

  New and Updated Capture Interfaces support

   There is no new or updated capture file support in this release.

  Major API Changes

     • Lua: on Windows, file-related functions such as dofile now assume
       UTF-8 paths instead of the local code page. This is consistent
       with Linux and macOS and improves compatibility on non-English
       systems. (Bug 15118[28])

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html[29].

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[30] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About→Folders to
  find the default locations on your system.

 Known Problems

  The BER dissector might infinitely loop. Bug 1516[31].

  Capture filters aren’t applied when capturing from named pipes. Bug
  1814[32].

  Filtering tshark captures with read filters (-R) no longer works. Bug
  2234[33].

  Application crash when changing real-time option. Bug 4035[34].

  Wireshark and TShark will display incorrect delta times in some cases.
  Bug 4985[35].

  Wireshark should let you work with multiple capture files. Bug
  10488[36].

 Getting Help

  Community support is available on Wireshark’s Q&A site[37] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[38].

  Official Wireshark training and certification are available from
  Wireshark University[39].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[40].

  Last updated 2019-02-27 18:45:24 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2019-06
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9209
   4. https://www.wireshark.org/security/wnpa-sec-2019-07
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9208
   7. https://www.wireshark.org/security/wnpa-sec-2019-08
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14177
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14905
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15341
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15344
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15395
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15406
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15416
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15419
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15430
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15443
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15448
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15463
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15466
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15485
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15489
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15495
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15524
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15525
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15118
  29. https://www.wireshark.org/download.html
  30. https://www.wireshark.org/download.html#thirdparty
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  37. https://ask.wireshark.org/
  38. https://www.wireshark.org/lists/
  39. http://www.wiresharktraining.com/
  40. https://www.wireshark.org/faq.html


Digests

wireshark-2.6.7.tar.xz: 28420060 bytes
SHA256(wireshark-2.6.7.tar.xz)=747b3e7a37414942959f76f198be49dcbcca936bda538c4408942ce71bfd2b71
RIPEMD160(wireshark-2.6.7.tar.xz)=4d27f7d67a9b8d11270c6fcf135eb5ad7648d462
SHA1(wireshark-2.6.7.tar.xz)=6d601a140b369618e5ac3acab736a1b8de8d5432

Wireshark-win64-2.6.7.exe: 60017936 bytes
SHA256(Wireshark-win64-2.6.7.exe)=ba016a14b9b99777dffd25f1a496395c4e662abb1ae8dcc252582e15cc11e20c
RIPEMD160(Wireshark-win64-2.6.7.exe)=2b86daf6cd3fea9aff87fdeaf812e2038600295e
SHA1(Wireshark-win64-2.6.7.exe)=6d08ec82f73672078b34560567ee35a2a3c80cd2

Wireshark-win32-2.6.7.exe: 54312360 bytes
SHA256(Wireshark-win32-2.6.7.exe)=efb0c94288f27ebdaf4ea7c051e399e80bcb97c4050786fa0156115861fe8ea3
RIPEMD160(Wireshark-win32-2.6.7.exe)=0b940d4978f1c04f5f18408f0ce19a2082947469
SHA1(Wireshark-win32-2.6.7.exe)=159716c4ee2969e673d1f13d1f00bfb3608b9343

Wireshark-win64-2.6.7.msi: 49393664 bytes
SHA256(Wireshark-win64-2.6.7.msi)=f527632f7f29bac6330f8847414f06ef79ecf6b2e40c37eb4c3c256c1421e719
RIPEMD160(Wireshark-win64-2.6.7.msi)=d0841ace2ac1e8ecb0c75c0113902f4c628e5ace
SHA1(Wireshark-win64-2.6.7.msi)=a76f4150f4520a5249f932d250221a13518e05be

Wireshark-win32-2.6.7.msi: 43745280 bytes
SHA256(Wireshark-win32-2.6.7.msi)=38eb93acb4128a83e9d62268d211cbc6c845df1b327a568872e910a3faf35c9b
RIPEMD160(Wireshark-win32-2.6.7.msi)=bf8d3ac103104b79535cf8a2f9f9b81265579028
SHA1(Wireshark-win32-2.6.7.msi)=32a4b5548049ec446b37fdfb87941e193e8fe2a0

WiresharkPortable_2.6.7.paf.exe: 37500928 bytes
SHA256(WiresharkPortable_2.6.7.paf.exe)=8bbae646957c9e8b7ea4d1764f048d19364cc89faefc37bb7db5328d48131921
RIPEMD160(WiresharkPortable_2.6.7.paf.exe)=86863bfc58ba710d90551b6acad05a5b51ca588c
SHA1(WiresharkPortable_2.6.7.paf.exe)=af950cccbfe5f29f9cc626343666d75f986c9e63

Wireshark 2.6.7 Intel 64.dmg: 108153377 bytes
SHA256(Wireshark 2.6.7 Intel
64.dmg)=609b51b54a566917e0b4e1a4f0e1e8f1161a178bcef6a6da4b99189288c0c0c2
RIPEMD160(Wireshark 2.6.7 Intel
64.dmg)=c3604626f81c269bba0179fbfa6db00d398e9d3a
SHA1(Wireshark 2.6.7 Intel 64.dmg)=87583c19c4507bf265348acc8f8a9fef556f6dac

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: signature.asc
Description: OpenPGP digital signature