WireShark 4.2.6 - 2024-07-17

December 5, 2023

The world's most popular network protocol analyzer.

What's New

Wireshark 4.2.0 Released

November 15, 2023

What’s New

This is the first major Wireshark release under the Wireshark Foundation, a nonprofit which hosts Wireshark and promotes protocol analysis education. The foundation depends on your contributions in order to do its work. If you or your employer would like to contribute or become a sponsor, please visit wiresharkfoundation.org.

Wireshark supports dark mode on Windows.

A Windows installer for Arm64 has been added.

Packet list sorting has been improved.

Wireshark and TShark are now better about generating valid UTF-8 output.

A new display filter feature for filtering raw bytes has been added.

Display filter autocomplete is smarter about not suggesting invalid syntax.

Tools › MAC Address Blocks can lookup a MAC address in the IEEE OUI registry.

The enterprises, manuf, and services configuration files have been compiled in for improved start-up times. These files are no longer available in the master branch in our source code repository. You can download the manuf file from our automated build directory.

The installation target no longer installs development headers by default.

The Wireshark installation is relocatable on Linux (and other ELF platforms with support for relative RPATHs).

Wireshark can be compiled on Windows using MSYS2. Check the Developer’s guide for instructions.

Wireshark can be cross-compiled for Windows using Linux. Check the Developer’s guide for instructions.

Tools › Browser (SSL Keylog) can launch your web browser with the SSLKEYLOGFILE environment variable set to the appropriate value.

Windows installer file names now have the format Wireshark-<version>-<architecture>.exe.

Wireshark now supports the Korean language.

Many other improvements have been made. See the “New and Updated Features” section below for more details.

Bug Fixes

The following bugs have been fixed:

Issue 18413 - RTP player do not play audio frequently on Windows builds with Qt6.

Issue 18510 - Playback marker does not move after resume with Qt6.

Info:

Quote

Hidden Content

Give reaction to this post to see the hidden content.

Link:

Quote

Hidden Content

Give reaction to this post to see the hidden content.

June 22, 2024

Wireshark 4.2.5 Release Notes

What is Wireshark?

Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

Wireshark is hosted by the Wireshark Foundation, a nonprofit which promotes protocol analysis education. Wireshark and the foundation depend on your contributions in order to do their work. If you or your organization would like to contribute or become a sponsor, please visit

Hidden Content

Give reaction to this post to see the hidden content.

.

What’s New

Bug Fixes

If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will need to

Hidden Content

Give reaction to this post to see the hidden content.

Wireshark 4.2.5 or later by hand.

The following vulnerabilities have been fixed:

Hidden Content
MONGO and ZigBee TLV dissector infinite loops.
Hidden Content
.
Hidden Content
.
Hidden Content
The editcap command line utility could crash when chopping bytes from the beginning of a packet.
Hidden Content
.
Hidden Content
.
Hidden Content
The editcap command line utility could crash when injecting secrets while writing multiple files.
Hidden Content
.
Hidden Content
.

The following bugs have been fixed:

Flow Graph scrolls in the wrong direction vertically when pressing Up/Down.
Hidden Content
.
TCP Stream Window Scaling not working in version 2.6.1 and later.
Hidden Content
.
TCP stream graphs (Window scaling) axis display is confusing.
Hidden Content
.
LUA get_dissector does not give the correct dissector under 32-bit version.
Hidden Content
.
Lua: Segfault when registering a field or expert info twice.
Hidden Content
.
SSH can not decrypt when KEX is [email protected].
Hidden Content
.
Wireshark crash related to Lua DissectorTable.heuristic_new()
Hidden Content
.
MATE fails to extract HTTP2 User-Agent header.
Hidden Content
.
Fuzz job issue: fuzz-2024-02-29-7169.pcap.
Hidden Content
.
Fuzz job issue: fuzz-2024-03-02-7158.pcap.
Hidden Content
.
Problem to Decode 5GC-N7 HTTP for payload Application/JSON.
Hidden Content
.
Copying data as C String produces incorrect string.
Hidden Content
.
Incorrect decoding of supported Tx HE-MCS.
Hidden Content
.
reordercap: Fix packet reordering with multiple IDB’s not at the beginning of a pcapng file.
Hidden Content
.
Wrong EPB lengths written if existing pcapng file has epb_hash options.
Hidden Content
.
On Windows, Export Displayed Packets dialog does not have "include depended upon packets" checkbox.
Hidden Content
.
vnd.3gpp.sms binary payload NOT decoded inside HTTP2 5GC.
Hidden Content
.
NAS 5G message container dissection.
Hidden Content
.
Incorrect interpretation of algorithm name in packet-tls-utils.c.
Hidden Content
.

Link:

Quote

Hidden Content

Give reaction to this post to see the hidden content.

August 5, 2024

Wireshark 4.2.6 Release Notes
What is Wireshark?

Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

Wireshark is hosted by the Wireshark Foundation, a nonprofit which promotes protocol analysis education. Wireshark and the foundation depend on your contributions in order to do their work. If you or your organization would like to contribute or become a sponsor, please visit wiresharkfoundation.org.
What’s New
Bug Fixes

If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will need to download and install Wireshark 4.2.6 or later by hand.

A regression in the TCP Stream Graph "Time Sequence (tcptrace)" receive window line behavior introduced in 4.2.5 and 4.0.15 has been fixed. Issue 19846

The following vulnerability has been fixed:

wnpa-sec-2024-10 SPRT dissector crash. Issue 19559.

The following bugs have been fixed:

RADIUS dissector’s dictionary loading broken in many ways. Issue 6466.

3.4 → 3.6.5 ASCII display is broken on CentOS 7. Issue 18096.

Funnel/Lua: Closing child window disconnects buttons of parent. Issue 18386.

Lua detection fails with Alpine Linux: missing: LUA_LIBRARIES. Issue 19841.

vnd.3gpp.5gnas payloads of type SMS not decoded inside HTTP2 5GC. Issue 19845.

TCP Stream Graphs green sliding window line not displayed correctly. Issue 19846.

Wireshark window doesn’t fully fit on screen on small resolutions and can’t be resized properly on Russian language. Issue 19861.

Wireshark started from command line doesn’t set gui.fileopen_remembered_dir correctly on Windows. Issue 19891.

Wireshark expects wrong length for DHCP Relay Agent Information Source Port Suboption. Issue 19909.

SIP P-Access-Network-Info header not correctly decoded. Issue 19917.

New and Updated Features

There are no new or updated features in this release.
New Protocol Support

There are no new protocols in this release.
Updated Protocol Support

DHCP, E.212, MySQL, NAS-5GS, PKT CCC, ProtoBuf, RADIUS, RLC-LTE, RTP, SIP, SPRT, Thrift, and Wi-SUN
New and Updated Capture File Support

log3gpp
Updated File Format Decoding Support

There is no updated file format support in this release.

Link:

Quote

Hidden Content

Give reaction to this post to see the hidden content.

Sign In

WireShark 4.2.6 - 2024-07-17

Recommended Posts

FunkyBuddha

FunkyBuddha

Wireshark 4.2.5 Release Notes

What is Wireshark?

What’s New

Bug Fixes

FunkyBuddha

Please sign in to comment

Browse

Activity