Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] Wireshark 3.2.1 is now available

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 15 Jan 2020 12:05:12 -0800
I'm proud to announce the release of Wireshark 3.2.1.


 What is Wireshark?

  Wireshark is the world’s most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What’s New

    • The Windows installers now ship with Npcap 0.9986. They previously
      shipped with Npcap 0.9984.

  Bug Fixes

   The following vulnerabilities have been fixed:

     • wnpa-sec-2020-01[1] WASSP dissector crash. Bug 16324[2].
       CVE-2020-7044[3].

   The following bugs have been fixed:

     • Incorrect parsing of USB CDC packets. Bug 14587[4].

     • Wireshark fails to create directory if parent directory does not
       yet exist. Bug 16143[5].

     • Buildbot crash output: randpkt-2019-11-30-22633.pcap. Bug
       16240[6].

     • Closing Flow Graph closes (crashes) main GUI window. Bug
       16260[7].

     • Wireshark interprets websocket frames after HTTP handshake in a
       wrong way. Bug 16274[8].

     • A-bis/OML: IPA Destination IP Address attribute contains inverted
       value (endianness). Bug 16282[9].

     • wiretap/log3gpp.c: 2 * leap before looking ?. Bug 16283[10].

     • Opening shell terminal prints Wireshark: Permission denied. Bug
       16284[11].

     • h264: SPS frame_crop_right_offset shown in UI as
       frame_crop_left_offset. Bug 16285[12].

     • BGP: update of "Sub-TLV Length" by draft-ietf-idr-tunnel-encaps.
       Bug 16294[13].

     • SPNEGO+GSS-API+Kerberos+ap-options dissection produces "Unknown
       Bit(s)" expert message. Bug 16301[14].

     • USB Audio feature unit descriptor is incorrectly dissected. Bug
       16305[15].

     • Compiling the .y files fails with Berkeley YACC. Bug 16306[16].

     • PDB files in Windows installer. Bug 16307[17].

     • NAS-5GS 5GS network feature support lacks MCSI, EMCN3 two fields
       (octet 4). Bug 16310[18].

     • Option to change “Packet List” columns header right click pop-up
       menu behavior. Bug 16317[19].

     • DLT: Dissector does not parse multiple DLT messages in single UDP
       packet. Bug 16321[20].

     • ISAKMP Dissection: Enhance Source id and Destination ID field of
       GDOI SA TEK payload for non IP ID type. Bug 16233[21].

     • DOIP: Typo in "identifcation request messages". Bug 16325[22].

     • Toolbar "?" help button - no text/help displayed. Bug 16327[23].

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   802.11 Radiotap, ASN.1 BER, BGP, DLT, DOIP, GSM A RR, GSM A-bis/OML,
   H264, HTTP, IEC 60870-5-104, IEEE 802.11, IPv4, ISAKMP, NAS 5GS,
   rtnetlink, SIP, TIPC, USB Audio, USB CDC, and WASSP

  New and Updated Capture File Support

   3gpp phone log

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[24] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About→Folders to
  find the default locations on your system.

 Getting Help

  The User’s Guide, manual pages and various other documentation can be
  found at https://www.wireshark.org/docs/

  Community support is available on Wireshark’s Q&A site[25] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark’s mailing lists can be found on the web site[26].

  Bugs and feature requests can be reported on the bug tracker[27].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[28].

  Last updated 2020-01-15 18:13:27 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2020-01
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16324
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7044
   4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14587
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16143
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16240
   7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16260
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16274
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16282
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16283
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16284
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16285
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16294
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16301
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16305
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16306
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16307
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16310
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16317
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16321
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16233
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16325
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16327
  24. https://www.wireshark.org/download.html#thirdparty
  25. https://ask.wireshark.org/
  26. https://www.wireshark.org/lists/
  27. https://bugs.wireshark.org/
  28. https://www.wireshark.org/faq.html


Digests

wireshark-3.2.1.tar.xz: 31522124 bytes
SHA256(wireshark-3.2.1.tar.xz)=589f640058d6408ebbd695a80ebbd6e7bd99d8db64ecda253d27100dfd27e85b
RIPEMD160(wireshark-3.2.1.tar.xz)=decbaf93645bd2b5283b5307b4730a6967116e3b
SHA1(wireshark-3.2.1.tar.xz)=d0b8eb3e01264afb98ec151d7114ed14cf174ced

Wireshark-win64-3.2.1.exe: 60054504 bytes
SHA256(Wireshark-win64-3.2.1.exe)=7c69778b9f35fa5335dc5b8e6e1cbbe2e18a7fdfe77b47edb7402206c93ee5d4
RIPEMD160(Wireshark-win64-3.2.1.exe)=28ae37dca5a7b6584cfa8618ca735221e7bd9603
SHA1(Wireshark-win64-3.2.1.exe)=9d1b731fea3ebe8840c8c6eecc0bbaf6ce9f7100

Wireshark-win32-3.2.1.exe: 54755072 bytes
SHA256(Wireshark-win32-3.2.1.exe)=20d8861550367ae6ba588a34eabcd149090a5a2da9f2849a2609857929dd5513
RIPEMD160(Wireshark-win32-3.2.1.exe)=e1f1dc2fcd4788948718fe16d271d330eeb8691c
SHA1(Wireshark-win32-3.2.1.exe)=c2f0e86283a463149012da38b89869d29f6f4b65

Wireshark-win32-3.2.1.msi: 42926080 bytes
SHA256(Wireshark-win32-3.2.1.msi)=9ff38be33feefa9c08b2c06f60d0630b5674a1c1d92ac1454beb6e071411d60d
RIPEMD160(Wireshark-win32-3.2.1.msi)=e822c270679c844b0d68660b37bad8c4404e2972
SHA1(Wireshark-win32-3.2.1.msi)=7956c6629a12aa68c48f128f75bed8611edc2a6f

Wireshark-win64-3.2.1.msi: 48230400 bytes
SHA256(Wireshark-win64-3.2.1.msi)=23e6b6f3c348d860d8ec12088c8094434c4c3bc3897f7e3ae949939ec24ccc2d
RIPEMD160(Wireshark-win64-3.2.1.msi)=89e5676d0129841c3fe1c9e802831b11e1a95a9e
SHA1(Wireshark-win64-3.2.1.msi)=6861d5221b5c8bcc44fef7af141e195cc88d17ca

WiresharkPortable_3.2.1.paf.exe: 36534000 bytes
SHA256(WiresharkPortable_3.2.1.paf.exe)=82ba51f4568071341d7484f92033939647c275537180419fe49617adbb3b3c9e
RIPEMD160(WiresharkPortable_3.2.1.paf.exe)=37086e00dad1abc223e6c2ed561525f5545d0d97
SHA1(WiresharkPortable_3.2.1.paf.exe)=983378044b9672338357c66cd63fdb9fe40401df

Wireshark 3.2.1 Intel 64.dmg: 96254431 bytes
SHA256(Wireshark 3.2.1 Intel 64.dmg)=a1b08841676b626e3dee42274ad321b90c31eccda6808c59ee5ea644e3782cb4
RIPEMD160(Wireshark 3.2.1 Intel 64.dmg)=a4e88414580b29563dd0b44cc2acb0132d9f315f
SHA1(Wireshark 3.2.1 Intel 64.dmg)=1b43fedae40e99006508476927357df203e88f10

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

Attachment: signature.asc
Description: OpenPGP digital signature