Opened 6 years ago

Closed 6 years ago

#7305 closed enhancement (fixed)

wireshark-2.0.1

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.9
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Security Release

https://www.wireshark.org/download/src/all-versions/wireshark-2.0.1.tar.bz2

https://www.wireshark.org/download/src/all-versions/SIGNATURES-2.0.1.txt

MD5(wireshark-2.0.1.tar.bz2)=c1610ab2238965363b811e5188750fb1

https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=NEWS;hb=refs/heads/master-2.0

                         Wireshark 2.0.1 Release Notes
    __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2015-31
       NBAP dissector crashes. ([2]Bug 11602, [3]Bug 11835, [4]Bug 11841)
     * [5]wnpa-sec-2015-37
       NLM dissector crash.
     * [6]wnpa-sec-2015-39
       BER dissector crash.
     * [7]wnpa-sec-2015-40
       Zlib decompression crash. ([8]Bug 11548)
     * [9]wnpa-sec-2015-41
       SCTP dissector crash. ([10]Bug 11767)
     * [11]wnpa-sec-2015-42
       802.11 decryption crash. ([12]Bug 11790, [13]Bug 11826)
     * [14]wnpa-sec-2015-43
       DIAMETER dissector crash. ([15]Bug 11792)
     * [16]wnpa-sec-2015-44
       VeriWave file parser crashes. ([17]Bug 11789, [18]Bug 11791)
     * [19]wnpa-sec-2015-45
       RSVP dissector crash. ([20]Bug 11793)
     * [21]wnpa-sec-2015-46
       ANSI A & GSM A dissector crashes. ([22]Bug 11797)
     * [23]wnpa-sec-2015-47
       Ascend file parser crash. ([24]Bug 11794)
     * [25]wnpa-sec-2015-48
       NBAP dissector crash. ([26]Bug 11815)
     * [27]wnpa-sec-2015-49
       RSL dissector crash. ([28]Bug 11829)
     * [29]wnpa-sec-2015-50
       ZigBee ZCL dissector crash. ([30]Bug 11830)
     * [31]wnpa-sec-2015-51
       Sniffer file parser crash. ([32]Bug 11827)
     * [33]wnpa-sec-2015-52
       NWP dissector crash. ([34]Bug 11726)
     * [35]wnpa-sec-2015-53
       BT ATT dissector crash. ([36]Bug 11817)
     * [37]wnpa-sec-2015-54
       MP2T file parser crash. ([38]Bug 11820)
     * [39]wnpa-sec-2015-55
       MP2T file parser crash. ([40]Bug 11821)
     * [41]wnpa-sec-2015-56
       S7COMM dissector crash. ([42]Bug 11823)
     * [43]wnpa-sec-2015-57
       IPMI dissector crash. ([44]Bug 11831)
     * [45]wnpa-sec-2015-58
       TDS dissector crash. ([46]Bug 11846)
     * [47]wnpa-sec-2015-59
       PPI dissector crash. ([48]Bug 11876)
     * [49]wnpa-sec-2015-60
       MS-WSP dissector crash. ([50]Bug 11931)

   The Windows installers are now built using NSIS 2.50 in order to avoid
   [51]DLL hijacking flaws.

   The following bugs have been fixed:
     * Zooming out (Ctrl+-) too far crashes Wireshark. ([52]Bug 8854)
     * IPv6 Mobility Header Link-Layer Address Mobility Option is parsed
       incorrectly. ([53]Bug 10627)
     * About -> Plugins should be a scrollable. ([54]Bug 11427)
     * Profile change leaves prior profile residue. ([55]Bug 11493)
     * Wireshark crashes when using the VoIP player. ([56]Bug 11596)
     * Incorrect presentation of Ascend-Data-Filter (RADIUS attribute
       242). ([57]Bug 11630)
     * Not possible to stop a capture with invalid filter. ([58]Bug 11667)
     * "No interface selected" when having a valid capture filter.
       ([59]Bug 11671)
     * Malformed packet with IPv6 mobility header. ([60]Bug 11728)
     * Wireshark crashes dissecting Profinet NRT (DCE-RPC) packet.
       ([61]Bug 11730)
     * All fields in the packet detail pane of a "new packet" window are
       expanded by default. ([62]Bug 11731)
     * Malformed packets with SET_CUR in the USBVIDEO (UVC) decoding.
       ([63]Bug 11736)
     * Display filters arranges columns incorrectly. ([64]Bug 11737)
     * Scrolling and navigating using the trackpad on Mac OS X could be
       much better. ([65]Bug 11738)
     * Lua Proto() does not validate arguments. ([66]Bug 11739)
     * Pointers to deallocated memory when redissecting. ([67]Bug 11740)
     * Suggestion for re-phrasing the TCP Window Full message. ([68]Bug
       11741)
     * Can't parse MPEG-2 Transport Streams generated by the Logik
       L26DIGB21 TV. ([69]Bug 11749)
     * Qt UI on Windows crashes when changing to next capture file.
       ([70]Bug 11756)
     * First displayed frame not updated when changing profile. ([71]Bug
       11757)
     * LDAP decode shows invalid number of results for searchResEntry
       packets. ([72]Bug 11761)
     * Crash when escape to Follow TCP -> Save. ([73]Bug 11763)
     * USBPcap prevents mouse and keyboard from working. ([74]Bug 11766)
     * Y-axis in RTP graph is in microseconds. ([75]Bug 11784)
     * "Delta time displayed" column in Wireshark doesn't work well, but
       Wireshark-gtk does. ([76]Bug 11786)
     * UDP 12001 SNA Data no longer shown in EBCDIC. ([77]Bug 11787)
     * Wireshark Portable is not starting (no messages at all). ([78]Bug
       11800)
     * IPv6 RPL Routing Header with length of 8 bytes still reads an
       address. ([79]Bug 11803)
     * g_utf8_validate assertion when reassembling GSM SMS messages
       encoded in UCS2. ([80]Bug 11809)
     * Calling plugin_if_goto_frame when there is no file loaded causes a
       Protection Exception. ([81]Bug 11810)
     * Qt UI SIGSEGV before main() in initializer for colors_. ([82]Bug
       11833)
     * Unable to add a directory to "GeoIP Database Paths". ([83]Bug
       11842)
     * C++ Run time error when filtering on Expert limit to display
       filter. ([84]Bug 11848)
     * Widening the window doesn't correctly widen the rightmost column.
       ([85]Bug 11849)
     * SSL V2 Client Hello no longer dissected in Wireshark 2.0. ([86]Bug
       11851)
     * PacketBB (RFC5444) dissector displays IPv4 addresses incorrectly.
       ([87]Bug 11852)
     * SMTP over port 587 shows identical content for fields "Username"
       and "Password" when not decoding base-64-encoded authentication
       information. ([88]Bug 11853)
     * Converting of EUI64 address to string does not take offset into
       account. ([89]Bug 11856)
     * CIP segment dissection causes PDML assertion/failure. ([90]Bug
       11863)
     * In Import from Hex Dump, an attempt to enter the timestamp format
       manually crashes the application. ([91]Bug 11873)
     * Follow Stream directional selector not readable. ([92]Bug 11887)
     * Coloring rule custom colors not saved. ([93]Bug 11888)
     * Total number of streams not correct in Follow TCP Stream dialog.
       ([94]Bug 11889)
     * Command line switch -Y for display filter does not work. ([95]Bug
       11891)
     * Creating Debian package doesn't work. ([96]Bug 11893)
     * Visual C++ Runtime Library Error "The application has requested the
       Runtime to terminate it in an unusual way." when you do not wait
       until Conversations is completely updated before applying "Limit to
       display filter". ([97]Bug 11900)
     * dpkg-buildpackage relocation R_X86_64_PC32 against symbol. ([98]Bug
       11901)
     * Bits view in Packet Bytes pane is not persistent. ([99]Bug 11903)
     * ICMP Timestamp days, hours, minutes, seconds is incorrect.
       ([100]Bug 11910)
     * MPEG2TS NULL pkt: AFC: "Should be 0 for NULL packets" wrong.
       ([101]Bug 11921)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   6LoWPAN, ANSI A, ASN.1 BER, BT ATT, CIP, CLNP, DIAMETER, DNS, ENIP,
   ERF, GSM A, GSM SMS, HiSLIP, ICMP, IEEE 802.11, IEEE 802.11 Radio,
   IPMI, IPv4, IPv6, ISUP, L2TP, LDAP, Link (ethertype), MIP6, MP2T,
   MS-WSP, NBAP, NWP, PacketBB, PPI, QUIC, RADIUS, RSL, RSVP, S7COMM,
   SCSI, SCTP, SMTP, SSL, TCP, TDS, USB, VRT, and ZigBee ZCL

  New and Updated Capture File Support

   Ascend, ERF, MP2T, Sniffer, and VeriWave

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([104]Bug 1419)

   The BER dissector might infinitely loop. ([105]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([106]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([107]Bug 2234)

   Resolving ([108]Bug 9044) reopens ([109]Bug 3528) so that Wireshark no
   longer automatically decodes gzip data when following a TCP stream.

   Application crash when changing real-time option. ([110]Bug 4035)

   Hex pane display issue after startup. ([111]Bug 4056)

   Packet list rows are oversized. ([112]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([113]Bug 4985)

   The 64-bit version of Wireshark will leak memory on Windows when the
   display depth is set to 16 bits ([114]Bug 9914)

   Wireshark should let you work with multiple capture files. ([115]Bug
   10488)
     __________________________________________________________________

   Last updated 2015-12-29 19:26:11 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2015-31.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
   3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835
   4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11841
   5. https://www.wireshark.org/security/wnpa-sec-2015-37.html
   6. https://www.wireshark.org/security/wnpa-sec-2015-39.html
   7. https://www.wireshark.org/security/wnpa-sec-2015-40.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548
   9. https://www.wireshark.org/security/wnpa-sec-2015-41.html
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11767
  11. https://www.wireshark.org/security/wnpa-sec-2015-42.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826
  14. https://www.wireshark.org/security/wnpa-sec-2015-43.html
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792
  16. https://www.wireshark.org/security/wnpa-sec-2015-44.html
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791
  19. https://www.wireshark.org/security/wnpa-sec-2015-45.html
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11793
  21. https://www.wireshark.org/security/wnpa-sec-2015-46.html
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797
  23. https://www.wireshark.org/security/wnpa-sec-2015-47.html
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11794
  25. https://www.wireshark.org/security/wnpa-sec-2015-48.html
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11815
  27. https://www.wireshark.org/security/wnpa-sec-2015-49.html
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11829
  29. https://www.wireshark.org/security/wnpa-sec-2015-50.html
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11830
  31. https://www.wireshark.org/security/wnpa-sec-2015-51.html
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
  33. https://www.wireshark.org/security/wnpa-sec-2015-52.html
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726
  35. https://www.wireshark.org/security/wnpa-sec-2015-53.html
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817
  37. https://www.wireshark.org/security/wnpa-sec-2015-54.html
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11820
  39. https://www.wireshark.org/security/wnpa-sec-2015-55.html
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11821
  41. https://www.wireshark.org/security/wnpa-sec-2015-56.html
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823
  43. https://www.wireshark.org/security/wnpa-sec-2015-57.html
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11831
  45. https://www.wireshark.org/security/wnpa-sec-2015-58.html
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846
  47. https://www.wireshark.org/security/wnpa-sec-2015-59.html
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876
  49. https://www.wireshark.org/security/wnpa-sec-2015-60.html
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931
  51. http://nsis.sourceforge.net/Docs/AppendixF.html
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8854
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10627
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11427
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11493
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11596
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11630
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11667
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11671
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11728
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11730
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11731
  63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11736
  64. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11737
  65. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11738
  66. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11739
  67. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11740
  68. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11741
  69. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11749
  70. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11756
  71. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11757
  72. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11761
  73. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11763
  74. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11766
  75. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11784
  76. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11786
  77. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11787
  78. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11800
  79. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11803
  80. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11809
  81. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11810
  82. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11833
  83. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11842
  84. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11848
  85. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11849
  86. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11851
  87. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11852
  88. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11853
  89. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11856
  90. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11863
  91. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11873
  92. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11887
  93. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11888
  94. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11889
  95. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11891
  96. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11893
  97. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11900
  98. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11901
  99. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11903
 100. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11910
 101. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11921
 102. https://www.wireshark.org/download.html
 103. https://www.wireshark.org/download.html#thirdparty
 104. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
 105. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
 106. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
 107. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
 108. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
 109. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
 110. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
 111. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
 112. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
 113. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
 114. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9914
 115. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
 116. https://ask.wireshark.org/
 117. https://www.wireshark.org/lists/
 118. http://www.wiresharktraining.com/
 119. https://www.wireshark.org/faq.html

Change History (3)

comment:1 by Fernando de Oliveira, 6 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 6 years ago

Fixed at r16772.

comment:3 by Fernando de Oliveira, 6 years ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.