Opened 11 months ago

Closed 11 months ago

Last modified 9 months ago

#18088 closed enhancement (fixed)

wireshark-4.0.6

Reported by: Bruce Dubbs Owned by: blfs-book
Priority: normal Milestone: 12.0
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Bruce Dubbs, 11 months ago

Wireshark 4.0.6 Release Notes

Bug Fixes The following vulnerabilities have been fixed:

  • wnpa-sec-2023-12 Candump log file parser crash. CVE-2023-2855.

  • wnpa-sec-2023-13 BLF file parser crash. CVE-2023-2857.

  • wnpa-sec-2023-14 GDSDB dissector infinite loop.

  • wnpa-sec-2023-15 NetScaler file parser crash. CVE-2023-2858.

  • wnpa-sec-2023-16 VMS TCPIPtrace file parser crash. CVE-2023-2856.

  • wnpa-sec-2023-17 BLF file parser crash. CVE-2023-2854.

  • wnpa-sec-2023-18 RTPS dissector crash. CVE-2023-0666.

  • wnpa-sec-2023-19 IEEE C37.118 Synchrophasor dissector crash. CVE-2023-0668.

  • wnpa-sec-2023-20[26] XRA dissector infinite loop.

The following bugs have been fixed:

  • Conversations list has incorrect unit (bytes) in bit speed columns in the 3.7 development versions.

  • The media_type table should treat media types, e.g. application/3gppHal+json, as case-insensitive.

  • NNTP dissector bug.

  • Incorrect padding in BFCP decoder.

  • SPNEGO dissector bug.

  • SRT values are incorrect when applying a time shift.

  • Add warning that capturing is not supported in Wireshark installed from flatpak.

  • Opening Wireshark with -z io,stat option.

  • batadv dissector bug.
  • radiotap-gen build fails if pcap is not found.
  • [UDS] When filtering the uds.wdbi.data_identifier or uds.iocbi.data_identifier field is interpreted as 1 byte whereas it consists of 2 bytes.
  • Wireshark can’t save this capture in that format.
  • MSMMS parsing buffer overflow.
  • USB HID parser shows wrong label for usages Rx/Vx/Vbrx of usage page Generic Desktop Control.
  • "Follow → QUIC Stream" mixes data between streams.

New and Updated Features

  • The media type dissector table now properly treats media types and subtypes as case-insensitive automatically, per RFC 6838. Media types no longer need to be lower cased before registering or looking up in the table.

Updated Protocol Support

  • batadv, BFCP, CommunityID, COSE, GDSDB, H.265, HTTP, ILP, ISAKMP, MSMMS, NNTP, NR RRC, NTLMSSP, QUIC, RTPS, SPNEGO, Synphasor, TCP, UDS, ULP, USB HID, and XRA

New and Updated Capture File Support

  • BLF, Candump, NetScaler, and VMS TCPIPtrace

comment:2 by Bruce Dubbs, 11 months ago

Resolution: fixed
Status: newclosed

Fixed at commit 9c959d83a98f67698e76ec4846b999a161e31ebe

Security advisory updated.

comment:3 by Bruce Dubbs, 9 months ago

Milestone: 11.412.0

Milestone renamed

Note: See TracTickets for help on using tickets.