Thema: Wireshark (Ex-Ethereal) ...

[SiLæncer]

Termshark is a network protocol analyzer that acts as a network sniffer. To be more precise, it allows you to capture packets from live networks or read them from a previously saved file. Therefore, it can be a powerful tool for anyone interested in analyzing the network traffic in real-time or learn minute details about the connection that enables the detection of anomalies, problems and trends.

MIT License

Changelog

    Termshark now provides a conversations view for the most common conversation types.
    Termshark now supports multiple live captures/interfaces on the command-line e.g. termshark -i eth0 -i eth1
    Termshark's packet hex view displays a scrollbar if the data doesn't fit in the space available.
    Termshark can show a capture file's properties using the capinfos binary (bundled with tshark).
    Termshark now supports extcap interfaces by default.

[close]

https://termshark.io/

[SiLæncer]

Changelog

    Bug Fixes:

    The following vulnerabilities have been fixed
    wnpa-sec-2020-03 LTE RRC dissector memory leak. Bug 16341.
    wnpa-sec-2020-04 WiMax DLMAP dissector crash. Bug 16368.
    wnpa-sec-2020-05 EAP dissector crash. Bug 16397.
    wnpa-sec-2020-06 WireGuard dissector crash. Bug 16394.
    The following bugs have been fixed
    Add (IETF) QUIC Dissector. Bug 13881.
    Support for CoAP over TCP and WebSockets (RFC 8323). Bug 15910.
    SMB IOCTL response packet with BUFFER_OVERFLOW status is dissected improperly. Bug 16261.
    Wireshark fails to build with GCC-9. Bug 16319.
    NVMe/TCP ICReq PDU Not Interpreted Correctly. Bug 16333.
    ICMP: No response if ICMP reply packet has an ICMP checksum of 0x0000. Bug 16334.
    Display filter parsing broken after upgrade from 3.0.7. Bug 16336.
    IPv4 fragment offset value is incorrect in IPv4 header decode. Bug 16344.
    RTCP frame length warning for SAT>IP APP packets. Bug 16345.
    RTP export to rtpdump file doesn’t work. Bug 16351.
    CFDP dissector skips a byte. Bug 16361.
    ISAKMP: IKEv2 transforms and proposal have critical bit (BUG). Bug 16364.
    No IPv4/IPv6 hosts in Resolved Addresses dialog. Bug 16366.
    Lack of Check for Updates option in the Windows GUI. Bug 16381.
    LLDP dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called. Bug 16387.
    LACP dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called. Bug 16388.

    Updated Protocol Support:

    ARTNET, CFDP, CoAP, EAP, GTP, ICMP, ICMPv6, IPv4, ISAKMP, LACP, LLDP, LTE RRC, NBAP, NVME-TCP, QUIC, RDM, RTCP, RTP, SMB, SOME/IP, TLS, WiMax DLMAP, and WireGuard

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-03 LTE RRC dissector memory leak. Bug 16341.
    wnpa-sec-2020-04 WiMax DLMAP dissector crash. Bug 16368.
    wnpa-sec-2020-05 EAP dissector crash. Bug 16397.

The following bugs have been fixed:

    Wireshark fails to build with GCC-9. Bug 16319.
    ICMP: No response if ICMP reply packet has an ICMP checksum of 0x0000. Bug 16334.
    IPv4 fragment offset value is incorrect in IPv4 header decode. Bug 16344.
    RTP export to rtpdump file doesn’t work. Bug 16351.
    ISAKMP: IKEv2 transforms and proposal have critical bit (BUG). Bug 16364.
    LLDP dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called. Bug 16387.
    LACP dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called. Bug 16388.

Updated Protocol Support

ARTNET, EAP, ICMP, ICMPv6, IPv4, ISAKMP, LACP, LLDP, LTE RRC, RDM, RTP, and WiMax DLMAP

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

Wireshark 3.2.0 to 3.2.2 might not update automatically on macOS in some cases. If you’re running those versions on macOS you might have to update to a later version manually. Bug 16416
Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-07 The BACapp dissector could crash. Bug 16474. CVE-2020-11647.

The following bugs have been fixed:

    Add (IETF) QUIC Dissector. Bug 13881.

    Rename profile name loses list selection. Bug 15966.

    Dissector bug warning dissecting TLS Certificate Request with many names. Bug 16202.

    Only ACKs, but no DATA frames are visible in -> TCP Stream Graph -> Time Sequence (tcptrace). Bug 16281.

    Copy>Description does not work properly for all tree items. Bug 16323.

    Importing profiles in Windows - zip files fail and from directory crashes Wireshark. Bug 16410.

    Packet List selection is gone when adding or removing a display filter. Bug 16414.

    Check for updates, and auto-update, not working in 3.2.1. Bug 16416.

    f5ethtrailer: TLS trailer creates incorrect CLIENT keylog entries. Bug 16417.

    Buildbot crash output: randpkt-2020-03-04-18423.pcap. Bug 16424.

    File open dialog shows garbled time stamps. Bug 16429.

    RTCP Bye without optional reason reported as [Malformed Packet]. Bug 16434.

    [oss-fuzz] #20732: Undefined-shift in dissect_rtcp. Bug 16445.

    SOMEIP: SOME/IP-SD dissector fails to register SOME/IP ports, if IPv6 is being used (BUG). Bug 16448.

    tshark logs: "…​could not be opened: Too many open files.". Bug 16457.

    Typo in About Wireshark > Keyboard Shortcuts > Unignore All Displayed. Bug 16472.

    Buildbot crash output: randpkt-2020-04-02-31746.pcap. Bug 16477.

New and Updated Features

There are no new features in this release.
New Protocol Support

There are no new protocols in this release.
Updated Protocol Support

AFS, BACapp, Bluetooth, CoAP, Diameter3GPP, F5 Ethernet trailer, GSM RLC MAC, ISIS, ISIS CLV, ISIS HELLO, ISIS LSP, ISIS SNP, NAS 5GS, NR RRC, pcap, QUIC, RPCAP, RTCP, SOME/IP-SD, TLS, and WSP
New and Updated Capture File Support

pcap

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-07 The BACapp dissector could crash. Bug 16474. CVE-2020-11647.

The following bugs have been fixed:

    RTCP Bye without optional reason reported as [Malformed Packet]. Bug 16434.

    [oss-fuzz] #20732: Undefined-shift in dissect_rtcp. Bug 16445.

    tshark logs: "…​could not be opened: Too many open files.". Bug 16457.

    Typo in About Wireshark > Keyboard Shortcuts > Unignore All Displayed. Bug 16472.

    [oss-fuzz] #21541: Stack-overflow in fAbstractSyntaxNType. Bug 16474.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

AFS, BACapp, Bluetooth, Diameter3GPP, Modbus/TCP, NAS 5GS, pcap, and RTCP
New and Updated Capture File Support

pcap

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

The Windows installers now ship with Qt 5.12.8. They previously shipped with Qt 5.12.6.

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-08 The NFS dissector could crash. Bug 16476.

The following bugs have been fixed:

    PVS-Studio analyser long list of issues. Bug 16335.

    pcapng file dissector incorrectly computes nanoseconds from timestamps because it assumes the resolution is in nanoseconds. Bug 16440.

    Read of uninitialized memory in detect_camins_file. Bug 16458.

    Read of uninitialized memory in lanalyzer_read_trace_record. Bug 16459.

    Range parameter on numeric parameter in extcap plugin doesn’t work. Bug 16510.

    capinfos "Capture duration" output is truncated if there are more than 11 digits of seconds and fractions of a second. Bug 16519.

    MIME Files Format/pcapng: Simple Packet Block parsed incorrectly. Bug 16526.

    Buildbot crash output: fuzz-2020-05-13-12195.pcap. Bug 16564.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

AoE, APRS, ASN.1 BER, FTP, GSM SMS, Infiniband, ISObus VT, MAC LTE, NFS, ONC RPC, OSC, pcapng, PDCP LTE, SDP, SIP, Snort, STUN, and UMTS FP

New and Updated Capture File Support

Camins, Catapult DCT 2000, Lanalyzer, and MPEG

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

The Windows installers now ship with Qt 5.12.8. They previously shipped with Qt 5.12.6.

The Windows installers now ship with Npcap 0.9991 They previously shipped with Npcap 0.9989

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-08 The NFS dissector could crash. Bug 16476.

The following bugs have been fixed:

    SDP dissector does not parse sprop-parameter-sets field. Bug 16322.

    PVS-Studio analyser long list of issues. Bug 16335.

    Can’t have duplicate personal and global profile names. Bug 16423.

    pcapng file dissector incorrectly computes nanoseconds from timestamps because it assumes the resolution is in nanoseconds. Bug 16440.

    Read of uninitialized memory in detect_camins_file. Bug 16458.

    Read of uninitialized memory in lanalyzer_read_trace_record. Bug 16459.

    capture -> options -> select interface -> (choose) -> SEGV. Bug 16489.

    SOMEIP: SOME/IP dissector ignores the length field configuration of structs. Bug 16490.

    Packet List Pane doesn’t consume the entire pane. Bug 16491.

    Range parameter on numeric parameter in extcap plugin doesn’t work. Bug 16510.

    Export Packet Dissections not working on Windows (Wireshark 3.2.x). Bug 16516.

    capinfos "Capture duration" output is truncated if there are more than 11 digits of seconds and fractions of a second. Bug 16519.

    MIME Files Format/pcapng: Simple Packet Block parsed incorrectly. Bug 16526.

    SOMEIP: SOME/IP-SD unique id is not unique for eventgroup types (BUG). Bug 16549.

    Buildbot crash output: fuzz-2020-05-13-12195.pcap. Bug 16564.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

AoE, APRS, ASN.1 BER, DIS, DTLS, FTP, GSM SMS, H.264, IMAP, Infiniband, ISObus VT, Kafka, LSD, MAC LTE, NAS 5GS, NFS, ONC RPC, OSC, pcapng, PDCP LTE, RADIUS, RLC LTE, RTSP, SDP, SIP, Snort, SOMEIP, STUN, TLS, and UMTS FP

New and Updated Capture File Support

Camins, Catapult DCT 2000, Lanalyzer, and MPEG

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

Bug Fixes

The following vulnerabilities have been fixed:

The following bugs have been fixed:

    Windows Uninstall does not remove all files in Program Files. Bug 16601.

    The "relative sequence number" is same as "raw sequence number" when tcp.analyze_sequence_numbers:FALSE. Bug 16604.

    Decode as not working correctly with multiple user profiles. Bug 16635.

    Wireshark can misdissect the HE Radiotap field if it’s ever dissected one with any value unknown. Bug 16636.

    Buildbot crash output: fuzz-2020-06-19-5981.pcap. Bug 16639.

    Buildbot crash output: fuzz-2020-06-20-7665.pcap. Bug 16642.

    mergecap man page contains invalid formatting. Bug 16652.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

ASTERIX, CoAP, GSM RR, GTPv2, R3, Radiotap, RTPS, and TCP

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

The Windows installers now ship with Npcap 0.9994. They previously shipped with Npcap 0.9991.

The Windows installers now ship with USBPcap 1.5.4.0. They previously shipped with USBPcap 1.5.3.0.

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-09 GVCP dissector infinite loop. Bug 16029. CVE-2020-15466.

The following bugs have been fixed:

    Add decryption support for QUIC IETF version 0xfaceb001 and 0xfaceb002. Bug 16378.

    Windows Uninstall does not remove all files in Program Files. Bug 16601.

    The "relative sequence number" is same as "raw sequence number" when tcp.analyze_sequence_numbers:FALSE. Bug 16604.

    Importing profiles from a different Windows PC fails. Bug 16608.

    Decode as not working correctly with multiple user profiles. Bug 16635.

    Wireshark can misdissect the HE Radiotap field if it’s ever dissected one with any value unknown. Bug 16636.

    Buildbot crash output: fuzz-2020-06-19-5981.pcap. Bug 16639.

    Buildbot crash output: fuzz-2020-06-20-7665.pcap. Bug 16642.

    mergecap man page contains invalid formatting. Bug 16652.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

CoAP, GSM RR, GTPv2, GVCP, LTE RRC, NAS-5GS, NGAP, QUIC, R3, Radiotap, RTPS, and TCP

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-10 Kafka dissector crash. Bug 16672. CVE-2020-17498.

The following bugs have been fixed:

    Kafka dissector fails parsing FETCH responses. Bug 16623.

    Dissector for ASTERIX Category 001 / 210 does not recognize bit 1 as extension. Bug 16662.

    "invalid timestamp" for Systemd Journal Export Block. Bug 16664.

    Decoding Extended Emergency number list IE length. Bug 16668.

    Some macOS Bluetooth PacketLogger capture files aren’t recognized as PacketLogger files (regression, bisected). Bug 16670.

    Short IMSIs (5 digits) lead to wrong decoding+warning. Bug 16676.

    Decoding of PFCP IE 'PFD Contents' results in "malformed packet". Bug 16704.

    RFH2 Header with 32 or less bytes of NameValue will not parse out that info. Bug 16733.

    CDP: Port ID TLV followed by Type 1009 TLV triggers [Malformed Packet]. Bug 16742.

    tshark crashed when processing opcda. Bug 16746.

    tshark with --export-dicom gives “Segmentation fault (core dumped)”. Bug 16748.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

ASTERIX, BSSAP, CDP, CoAP, DCERPC SPOOLSS, DCOM, DICOM, DVB-S2, E.212, GBCS, GSM RR, GSM SMS, IEEE 802.11, Kafka, MQ, Nano, NAS 5GS, NIS+, NR RRC, PacketLogger, PFCP, RTPS, systemd Journal, TDS, TN3270, and TN5250

New and Updated Capture File Support

PacketLogger and pcapng

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

Bug Fixes

The following vulnerabilities have been fixed:

The following bugs have been fixed:

    Dissector for ASTERIX Category 001 / 210 does not recognize bit 1 as extension. Bug 16662.

    "invalid timestamp" for Systemd Journal Export Block. Bug 16664.

    Short IMSIs (5 digits) lead to wrong decoding+warning. Bug 16676.

    Decoding of PFCP IE 'PFD Contents' results in "malformed packet". Bug 16704.

    RFH2 Header with 32 or less bytes of NameValue will not parse out that info. Bug 16733.

    CDP: Port ID TLV followed by Type 1009 TLV triggers [Malformed Packet]. Bug 16742.

    tshark crashed when processing opcda. Bug 16746.

    tshark with --export-dicom gives “Segmentation fault (core dumped)”. Bug 16748.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

ASTERIX, BSSAP, CDP, DCERPC SPOOLSS, DCOM, DVB-S2, E.212, GBCS, GSM RR, GSM SMS, IEEE 802.11, MQ, Nano, NIS+, PFCP, RTPS, systemd Journal, TDS, TN3270, and TN5250

New and Updated Capture File Support

There is no new or updated capture file support in this release.

New and Updated Capture Interfaces support

pcapng

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

New and Updated Features

The following features are new (or have been significantly updated) since version 3.2.0:

    Windows executables and installers are now signed using SHA-2 only.

    Save RTP stream to .au supports any codec with 8000 Hz rate supported by Wireshark (shown in RTP player). If save of audio is not possible (unsupported codec or rate), silence of same length is saved and warning is shown.

    Asynchronous DNS resolution is always enabled. As a result, the c-ares library is now a required dependency.

    Protobuf fields can be dissected as Wireshark (header) fields that allows user input the full names of Protobuf fields or messages in Filter toolbar for searching.

    Dissectors based on Protobuf can register themselves to a new 'protobuf_field' dissector table, which is keyed with the full names of fields, for further parsing fields of BYTES or STRING type.

    Wireshark is able to decode, play, and save iLBC payload on platforms where the iLBC library is available.

    “Decode As” entries can now be copied from other profiles using a button in the dialog.

    sshdump can now be copied to multiple instances. Each instance will show up a different interface and will have its own profile.

    The main window now supports a packet diagram view, which shows each packet as a textbook-style diagram.

New Protocol Support

Arinc 615A (A615A), Asphodel Protocol, AudioCodes Debug Recording (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol (MCP), DCE/RPC IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange Protocol (DLEP), Fortinet Single Sign-on (FSSO), FTDI Multi-Protocol Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol Version 3 (HTTP3), Java Debug Wire Protocol (JDWP), LBM Stateful Resolution Service (LBMSRS), Lithionics Battery Management, OBSAI UDP-based Communication Protocol (UDPCP), Palo Alto Heartbeat Backup (PA-HB-Bak), ScyllaDB RPC, Technically Enhanced Capture Module Protocol (TECMP), Tunnel Extensible Authentication Protocol (TEAP), UDP based FTP w/ multicast V5 (UFTP5), and USB Printer (USBPRINTER)

Updated Protocol Support

Too many protocols have been updated to list here.

New and Updated Capture File Support

MP4 (ISO/IEC 14496-12)

New Protocol Support

Arinc 615A (A615A), Asphodel Protocol, AudioCodes Debug Recording (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol (MCP), DCE/RPC IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange Protocol (DLEP), Fortinet Single Sign-on (FSSO), FTDI Multi-Protocol Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol Version 3 (HTTP3), Java Debug Wire Protocol (JDWP), LBM Stateful Resolution Service (LBMSRS), Lithionics Battery Management, OBSAI UDP-based Communication Protocol (UDPCP), Palo Alto Heartbeat Backup (PA-HB-Bak), ScyllaDB RPC, Technically Enhanced Capture Module Protocol (TECMP), Tunnel Extensible Authentication Protocol (TEAP), UDP based FTP w/ multicast V5 (UFTP5), and USB Printer (USBPRINTER)

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

This is expected to be the final release of the Wireshark 3.0 branch. It will reach its official end of life when Wireshark 3.4.0 is released. If you are still using Wireshark 3.0 you are encouraged to upgrade to Wireshark 3.2 or 3.4.

The Windows installers now ship with Qt 5.12.9. They previously shipped with Qt 5.12.8.

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-11 MIME Multipart dissector crash. Bug 16741. Fixed in master: 2411eae9ed Fixed in master-3.2: 21f082cb6e Fixed in master-3.0: 14e274f3be Fixed in master-2.6: 5803c7b87b

    wnpa-sec-2020-12 TCP dissector crash. Bug 16816. Fixed in master: c4634b1e99 Fixed in master-3.2: e9b727595b Fixed in master-3.0: 7f3fe6164a Fixed in master-2.6: 9d7ab8b46f

    wnpa-sec-2020-13 BLIP dissector crash. Bug 16866. Fixed in master: 4a94842710 Fixed in master-3.2: 594d312b12 Fixed in master-3.0: 2fb6002559 Fixed in master-2.6: n/a

The following bugs have been fixed:

    Buildbot crash output: randpkt-2019-04-01-28345.pcap Bug 15661.

    Buildbot crash output: fuzz-2020-07-28-5905.pcap Bug 16741.

    S1-U data forwarding info and S103 PDN data forwarding info IE’s showing improper value Bug 16777.

    The client timestamp is parsed error for Google QUIC (version Q039) Bug 16839.

    Wireshark fails to detect libssh >= 0.9.5 Bug 16845.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

AARP, BLIP, BSSMAP, GQUIC, GSM A RR, GTPv2, MIME Multipart, NCP, NDS, PFCP, PROFINET, Q.933, S1AP, TACACS+, TCP, and X2AP

New and Updated Capture File Support

There is no new or updated capture file support in this release.

New and Updated Capture Interfaces support

There is no new or updated capture file support in this release.

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

What’s New

The Windows installers now ship with Npcap 0.9997. They previously shipped with Npcap 0.9994.

The Windows installers now ship with Qt 5.12.9. They previously shipped with Qt 5.12.8.

Bug Fixes

The following vulnerabilities have been fixed:

    wnpa-sec-2020-11 MIME Multipart dissector crash. Bug 16741. Fixed in master: 2411eae9ed Fixed in master-3.2: 21f082cb6e Fixed in master-3.0: 14e274f3be Fixed in master-2.6: 5803c7b87b

    wnpa-sec-2020-12 TCP dissector crash. Bug 16816. Fixed in master: c4634b1e99 Fixed in master-3.2: e9b727595b Fixed in master-3.0: 7f3fe6164a Fixed in master-2.6: 9d7ab8b46f

    wnpa-sec-2020-13 BLIP dissector crash. Bug 16866. Fixed in master: 4a94842710 Fixed in master-3.2: 594d312b12 Fixed in master-3.0: 2fb6002559 Fixed in master-2.6: n/a

The following bugs have been fixed:

    HTTP dissector fails to display correct UTF-16 XML Bug 9069.

    TFTP dissector does not track conversations correctly. Source file and Destination File redundant or disagree. Bug 10305.

    Dissector skips DICOM command Bug 13110.

    Editcap time adjustment doesn’t work when both infile and outfile are ERF Bug 16578.

    dissect_tds7_colmetadata_token() has wrong return value if count is 0 Bug 16682.

    "total block length …​ is too small" for Systemd Journal Export Block Bug 16734.

    MNC 11 is showing Mobile Network Code (MNC): NTT DoCoMo Tokai Inc. (11) But its belonging to Rakuten Network Bug 16755.

    DICOM object extraction: discrepancy between tshark and wireshark Bug 16771.

    S1-U data forwarding info and S103 PDN data forwarding info IE’s showing improper value Bug 16777.

    Wireshark crashes while opening a capture Bug 16780.

    Changing preferences via Decode As does not call callback Bug 16787.

    Decoding of PFCP IE 'Remote GTP-U Peer' is incorrect Bug 16805.

    Ng-enb not decoded correctly for Target Identification IE for GTPV2 Bug 16822.

    The client timestamp is parsed error for Google QUIC (version Q039) Bug 16839.

    NAS-5G : PDU session reactivation result Bug 16842.

    Wireshark fails to detect libssh >= 0.9.5 Bug 16845.

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

Aeron, AFP, BLIP, BSSMAP, C12.22, DICOM, E.212, GQUIC, GSM A RR, GTPv2, GVSP, IPX SAP, MIME Multipart, MMS, NAS-5GS, NCP, NDS, PFCP, PROFINET, Q.708, Q.933, RTCP, S1AP, TACACS+, TCP, TDS, TDS7, X2AP, and XML

New and Updated Capture File Support

pcapng

[close]

http://www.wireshark.org/

[SiLæncer]

Changelog

    Bug Fixes:

    wnpa-sec-2020-16 Kafka dissector memory leak. Bug 16739. CVE-2020-26418.
    wnpa-sec-2020-17 USB HID dissector crash. Bug 16958. CVE-2020-26421.
    wnpa-sec-2020-18 RTPS dissector memory leak. Bug 16994. CVE-2020-26420.
    wnpa-sec-2020-19 Multiple dissector memory leak. Bug 17032. CVE-2020-26419.

    New and Updated Features:

    IETF QUIC TLS decryption errors when a NAT rebinding happens for a connection Bug 16915.
    IETF QUIC TLS decryption error with key update Bug 16916.
    IETF QUIC TLS decryption error after the second key update Bug 16920.
    SOME/IP: Wrong dissection of parameters after Array Bug 16951.
    Can editcap properly corrupt pcapng file with systemd journal export block? Bug 16965.
    Crash when a GIOP ior.txt file is present Bug 16984.
    Protobuf: failed to parse .proto file contains negative enum values or option values of number type Bug 16988.
    MMRP dissector bug Bug 17005.
    QUIC: "Loss bits" capability Bug 17010.
    Stdin capture fails on Windows Bug 17018.
    SSTP no longer recognized Bug 17024.
    RFC2190 encapsulated H.263 bitfields masked wrong in Mode A Bug 17025.
    editcap fails when splitting into multiple pcapng files Bug 17060.

    Updated Protocol Support:

    ACDR, DOCSIS, Ericsson HDLC, F5 Ethernet Trailer, GIOP, GSM A, GSM RLC MAC, HTTP, IEEE 802.11, Kafka, LLC, MBIM, MMRP, NAS 5GS, NAS EPS, Nordic BLE, ProtoBuf, QUIC, Radiotap, RFC 2190, RTCP, RTPS, S1AP, SOME/IP, STUN, and USB Video

    New and Updated Capture File Support:

    pcapng

[close]

http://www.wireshark.org/