Opened 8 months ago

Closed 8 months ago

#18448 closed enhancement (fixed)

wireshark-4.0.8

Reported by: Bruce Dubbs Owned by: pierre
Priority: normal Milestone: 12.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (4)

comment:1 by pierre, 8 months ago

Owner: changed from blfs-book to pierre
Status: newassigned

comment:2 by pierre, 8 months ago

Wireshark 4.0.8 Release Notes

The following vulnerabilities have been fixed:

wnpa-sec-2023-23 CBOR dissector crash. Issue 19144.

wnpa-sec-2023-24 BT SDP dissector infinite loop. Issue 19258.

wnpa-sec-2023-25 BT SDP dissector memory leak. Issue 19259.

wnpa-sec-2023-26 CP2179 dissector crash. Issue 19229.

The following bugs have been fixed:

TShark cannot capture to pipe on Windows correctly. Issue 17900.

Wireshark wrongly blames group membership when pcap capabilities are removed. Issue 18279.

Packet bytes window broken layout. Issue 18326.

RTP Player only shows waveform until sequence rollover. Issue 18829.

Valid Ethernet CFM DMM packets are shown as malformed. Issue 19198.

Crash on DICOM Export Objects window close. Issue 19207.

The QUIC dissector is reporting the quic_transport_parameters max_ack_delay with the title \"GREASE\" Issue 19209.

Preferences: Folder name editing behaves weirdly, cursor jumps. Issue 19213.

DHCPFO: Expert info list does not show all expert infos. Issue 19216.

Websocket packets not decoded and displayed for Field type=Custom and Field name websocket.payload.text. Issue 19220.

Cannot read pcapng file captured on OpenBSD and read on FreeBSD. Issue 19230.

UI: While capturing the Wireshark icon changes from green to blue when new file is created. Issue 19252.

Conversation: heap-use-after-free after wmem_leave_file_scope. Issue 19265.

IP Packets with DSCP 44 does not indicate "Voice-Admit" Issue 19270.

NAS 5GS Malformed Packet Decoding SOR transparent container PLMN ID and access technology list. Issue 19273.

UI: Auto scroll button in the toolbar is turned on when manually scrolling to the end of packet list. Issue 19274.

Updated Protocol Support

BT SDP, CBOR, CFM, CP2179, CQL, DHCPFO, DICOM, F1AP, GSM DTAP, IEEE 802.11, IPv4, NAS-5GS, PFCP, PKT CCC, QUIC, RTP, TFTP, WebSocket, and XnAP

comment:3 by pierre, 8 months ago

Security advisories at https://www.wireshark.org/security/

Personally, I am not impressed: It is possible to crash wireshark by injecting a malformed packet, or have the user read a malformed packet file... I guess if somebody can inject malformed packets to your network, then much worse things than crashing wireshark may happen!

comment:4 by pierre, 8 months ago

Resolution: fixed
Status: assignedclosed

Fixed at 0b8cb69c

Note: See TracTickets for help on using tickets.