1 files changed, 102 insertions, 180 deletions
diff --git a/doc/release-notes.adoc b/doc/release-notes.adoc
index bb66460..137c591 100644
--- a/doc/release-notes.adoc
+++ b/doc/release-notes.adoc
@@ -24,20 +24,52 @@ If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will need to https:
 
 The following vulnerabilities have been fixed:
 
-* wssalink:2024-06[]
-T.38 dissector crash.
-wsbuglink:19695[].
-cveidlink:2024-2955[].
-// Fixed in master: 6fd3af5e99
-// Fixed in release-4.2: 7be4bbb413d
-// Fixed in release-4.0: c04f268605c
-// Fixed in release-3.6: n/a
-// CVSS AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+* wssalink:2024-07[]
+MONGO and ZigBee TLV dissector infinite loops.
+wsbuglink:19726[].
+cveidlink:2024-4854[].
+// Fixed in master: 38c0efcee8, 9ab952b964
+// Fixed in release-4.2: e9965fe303, cb267b4e52
+// Fixed in release-4.0: dd5b3b36d3e
+// Fixed in release-3.6: 40ed7e814bc
+// CVSS AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
+// CWE-835
+// * Fuzz job crash: fuzz-2024-03-30-7212.pcap. wsbuglink:19726[].
+
+* wssalink:2024-08[]
+The editcap command line utility could crash when chopping bytes from the beginning of a packet.
+wsbuglink:19724[].
+cveidlink:2024-4853[].
+// Fixed in master: 7c744e7933
+// Fixed in release-4.2: 3911c7b7d2
+// Fixed in release-4.0: c10a98d2669
+// Fixed in release-3.6: 683166c81bc
+// CVSS AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
 // CWE-762
-// * Fuzz job crash: fuzz-2024-03-07-7208.pcap. wsbuglink:19695[].
-
-Additionally, CVE-2024-24478, CVE-2024-24479, and CVE-2024-24476 were recently assigned to Wireshark without any coordination with the Wireshark project.
-As far as we can determine, each one is based on invalid assumptions and we have requested that they be rejected.
+// * The "handle_chopping" function in "editcap.c:2595" has a heap overflow vulnerability. wsbuglink:19724[].
+
+* wssalink:2024-09[]
+The editcap command line utility could crash when injecting secrets while writing multiple files.
+wsbuglink:19782[].
+cveidlink:2024-4855[].
+// Fixed in master: be3550b3b1
+// Fixed in release-4.2: 32bde22d9b
+// Fixed in release-4.0: f6cb547426d
+// Fixed in release-3.6: xxx
+// CVSS AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
+// CWE-416
+// * The "wtap_block_foreach_option" function on wiretap/file_access.c:2693 has a SEGV vulnerability. wsbuglink:19784[].
+
+// * wssalink:2024-10[]
+// Foo dissector {crash,infinite loop,memory leak}.
+// wsbuglink:xxx[].
+// cveidlink:2024-xxx[].
+// Fixed in master: xxx
+// Fixed in release-4.2: xxx
+// Fixed in release-4.0: xxx
+// Fixed in release-3.6: xxx
+// CVSS AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+// CWE-125
 
 The following bugs have been fixed:
 
@@ -46,16 +78,25 @@ The following bugs have been fixed:
 //* cveidlink:2014-2486[]
 //* Wireshark grabs your ID at 3 am, goes to Waffle House, and insults people.
 
-* Extcap with configuration never starts; "Configure all extcaps before start of capture." is shown instead. wsbuglink:18487[].
-* Packet Dissection CSV Export includes last column even if hidden. wsbuglink:19666[].
-* Inject TLS secrets closes Wireshark on Windows. wsbuglink:19667[].
-* Fuzz job issue: fuzz-2024-02-27-7196.pcap. wsbuglink:19674[].
-* Wireshark crashes when adding another port to the HTTP dissector. wsbuglink:19677[].
-* Fuzz job issue: fuzz-2024-03-03-7204.pcap. wsbuglink:19685[].
-* Fuzz job issue: randpkt-2024-03-05-8004.pcap. wsbuglink:19688[].
-* When adding a new row to a table an error report may be inserted. wsbuglink:19705[].
-* '--export-objects' does not work as expected on tshark version later than 3.2.10. wsbuglink:19715[].
-* Fuzz job issue: fuzz-2024-03-21-7215.pcap. wsbuglink:19717[].
+* Flow Graph scrolls in the wrong direction vertically when pressing Up/Down. wsbuglink:12932[].
+* TCP Stream Window Scaling not working in version 2.6.1 and later. wsbuglink:15016[].
+* TCP stream graphs (Window scaling) axis display is confusing. wsbuglink:17425[].
+* LUA get_dissector does not give the correct dissector under 32-bit version. wsbuglink:18367[].
+* Lua: Segfault when registering a field or expert info twice. wsbuglink:19194[].
+* SSH can not decrypt when KEX is curve25519-sha256@libssh.org. wsbuglink:19240[].
+* Wireshark crash related to Lua `DissectorTable.heuristic_new()` wsbuglink:19603[].
+* MATE fails to extract HTTP2 User-Agent header. wsbuglink:19619[].
+* Fuzz job issue: fuzz-2024-02-29-7169.pcap. wsbuglink:19679[].
+* Fuzz job issue: fuzz-2024-03-02-7158.pcap. wsbuglink:19684[].
+* Problem to Decode 5GC-N7 HTTP  for payload Application/JSON. wsbuglink:19723[].
+* Copying data as C String produces incorrect string. wsbuglink:19735[].
+* Incorrect decoding of supported Tx HE-MCS. wsbuglink:19737[].
+* reordercap: Fix packet reordering with multiple IDB's not at the beginning of a pcapng file. wsbuglink:19740[].
+* Wrong EPB lengths written if existing pcapng file has epb_hash options. wsbuglink:19766[].
+* On Windows, Export Displayed Packets dialog does not have "include depended upon packets" checkbox. wsbuglink:19772[].
+* vnd.3gpp.sms binary payload NOT decoded inside HTTP2 5GC. wsbuglink:19773[].
+* NAS 5G message container dissection. wsbuglink:19793[].
+* Incorrect interpretation of algorithm name in packet-tls-utils.c. wsbuglink:19801[].
 
 === New and Updated Features
 
@@ -73,179 +114,59 @@ There are no new protocols in this release.
 === Updated Protocol Support
 
 // Add one protocol per line between the -- delimiters.
-// ag -A1 '(define PSNAME|proto_register_protocol[^_])' $(git diff --name-only v4.2.4.. | ag packet- | sort -u)
+// ag -A1 '(define PSNAME|proto_register_protocol[^_])' $(git diff --name-only v4.2.5.. | ag packet- | sort -u)
 [commaize]
 --
-6LoWPAN
-AllJoyn
-AFP
-AMQP
-ASAP
-Babel
-BACnet
-Banana
-BEEP
-Bencode
-BFCP
-BGP
-BT-DHT
-BT BNEP
-BT SDP
-BVLC
-CIP
-CMIP
-CMP
-COROSYNC/TOTEMSRP
-COSE
+5co_legacy
+5co_rap
+BT Mesh
 CQL
-CSN.1
-DAP
-DCCP
-DICOM
-DCOM
-DHCPv6
-DISP
 DOCSIS MAC MGMT
-DOF
-DVB-S2
-E2AP
-EDONKEY
-ENRP
-ErlDP
-Etch
-EXTREME MESH
-FC-SWILS
-GNW
-GIOP
-GLOW
-GOOSE
+E.212
+EPL
+FC FZS
 GQUIC
-GSM A-bis OML
-GSUP
-GTPv2
-H.223
-H.225.0
-H.245
-H.248
-H.264
-H.265
-HSMS
+GRPC
+GSM RP
+HTTP2
 ICMPv6
-ICQ
-IEEE1609dot2
-IPP
-IPPUSB
-ISAKMP
-iSCSI
-ISIS LSP
-ISO 7816
-ISUP
-ITS
-JSON 3GPP
-JXTA
-Kafka
-KINK
-KNX/IP
-LDAP
-LDP
-5GLI
-LISP TCP
-LISP
-LLRP
-LwM2M-TLV
-M2UA
-M3UA
-MAC-LTE
-MBIM
-MMS
+IEEE 1905
+IEEE 802.11
+IPARS
+JSON-3GPP
+LAPD
+LLDP
+MATE
 MONGO
-MPEG PES
-MPLS Echo
-MQ PCF
-MQTT-SN
-MSDP
-MsgPack
-MS-WSP
-NAS-5GS
-CFLOW
-NETLINK
-NHRP
-OpenFlow
-OpenWire
-OPSI
-OSC
-P22
-P7
-PANA
-PIM
-ProtoBuf
-PROXY
-Q.2931
-QNET
-RDP
-RESP
-RPL
-RSL
-RSVP
-RTLS
-RTMPT
-RTPS
-S7COMM
-SCTP
-SIMULCRYPT
-SoulSeek
-SMB2
-SML
-SNA
-SNMP
-Socks
-SolarEdge
-SOME/IP
-SUA
-T.38
-TCAP
-TEAP
-TFTP
-Thread
-Thrift
-TN5250
-USBHID
-USBVIDEO
-VP9
-WASSP
-WLCCP
-WTP
-X.509IF
-X.509SAT
-XML
-XMPP
-YAMI
-Z39.50
-ZigBee ZCL
-Gryphon
-PNIO
-WiMAX ASN CP
+NAS 5GS
+NR-RRC
+PER
+PFCP
+PTP
+QUIC
+SSH
+TIPC
+ZBD
 --
 
 === New and Updated Capture File Support
 
-There is no new or updated capture file support in this release.
-// Add one file type per line between the -- delimiters.
-// [commaize]
-// --
-// --
-
-=== Updated File Format Decoding Support
-
-// There is no updated file format support in this release.
+// There is no new or updated capture file support in this release.
 // Add one file type per line between the -- delimiters.
 [commaize]
 --
 BLF
-JPEG
-RBM
+pcapng
 --
 
+=== Updated File Format Decoding Support
+
+There is no updated file format support in this release.
+// Add one file type per line between the -- delimiters.
+// [commaize]
+// --
+// --
+
 // === New and Updated Capture Interfaces support
 
 // === New and Updated Codec support
@@ -257,7 +178,8 @@ RBM
 This document only describes the changes introduced in Wireshark {wireshark-version}.
 You can find release notes for prior versions at the following locations:
 
-* https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html[Wireshark 4.2.3]
+* https://www.wireshark.org/docs/relnotes/wireshark-4.2.4.html[Wireshark 4.2.4]
+* https://www.wireshark.org/docs/relnotes/wireshark-4.2.3.html[Wireshark 4.2.3]
 * https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html[Wireshark 4.2.2]
 * https://www.wireshark.org/docs/relnotes/wireshark-4.2.1.html[Wireshark 4.2.1]
 * https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html[Wireshark 4.2.0]