diff options
Diffstat (limited to '')
| -rw-r--r-- | doc/dumpcap.adoc | 4 | ||||
| -rw-r--r-- | doc/rawshark.adoc | 2 | ||||
| -rw-r--r-- | doc/release-notes.adoc | 211 | ||||
| -rw-r--r-- | doc/tshark.adoc | 6 | ||||
| -rw-r--r-- | doc/wireshark.adoc | 6 | ||||
| -rw-r--r-- | docbook/attributes.adoc | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/capinfos-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/dumpcap-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/editcap-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/mergecap-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/rawshark-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/reordercap-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/text2pcap-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/tshark-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/wireshark-h.txt | 2 | ||||
| -rw-r--r-- | docbook/wsug_src/wsug_capture.adoc | 4 | ||||
| -rw-r--r-- | docbook/wsug_src/wsug_io.adoc | 2 |
17 files changed, 210 insertions, 45 deletions
diff --git a/doc/dumpcap.adoc b/doc/dumpcap.adoc index 672599bc..a9998d2a 100644 --- a/doc/dumpcap.adoc +++ b/doc/dumpcap.adoc @@ -107,8 +107,8 @@ fills up, *Dumpcap* will switch writing to the next file and so on. The created filenames are based on the filename given with the *-w* option, the number of the file and on the creation date and time, e.g. -outfile_00001_20230714120117.pcapng, -outfile_00002_20230714120523.pcapng, ... +outfile_00001_20240714120117.pcapng, +outfile_00002_20240714120523.pcapng, ... With the __files__ option it's also possible to form a "ring buffer". This will fill up new files until the number of files specified, diff --git a/doc/rawshark.adoc b/doc/rawshark.adoc index 9a28edac..a52e594a 100644 --- a/doc/rawshark.adoc +++ b/doc/rawshark.adoc @@ -226,7 +226,7 @@ could use *%D: %S (%N)*. -v|--version:: Print the full version information and exit. -include::dissection-options.adoc[tags=!tshark;!decode_as] +include::dissection-options.adoc[tags=**;!tshark;!decode_as] include::diagnostic-options.adoc[] diff --git a/doc/release-notes.adoc b/doc/release-notes.adoc index b735d998..bb66460d 100644 --- a/doc/release-notes.adoc +++ b/doc/release-notes.adoc @@ -12,29 +12,32 @@ include::../docbook/attributes.adoc[] Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. -Wireshark is hosted by the Wireshark Foundation, a nonprofit which promotes protocol analysis educaton. +Wireshark is hosted by the Wireshark Foundation, a nonprofit which promotes protocol analysis education. Wireshark and the foundation depend on your contributions in order to do their work. -If you or your employer would like to contribute or become a sponsor, please visit https://wiresharkfoundation.org[wiresharkfoundation.org]. +If you or your organization would like to contribute or become a sponsor, please visit https://wiresharkfoundation.org[wiresharkfoundation.org]. == What’s New === Bug Fixes -This release fixes a software update issue on Windows which causes Wireshark to hang if you are upgrading from version 4.2.0 or 4.2.1. -If you are experiencing this issue you will need to https://www.wireshark.org/download.html[download and install] Wireshark 4.2.2 or later. +If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will need to https://www.wireshark.org/download.html[download and install] Wireshark {wireshark-version} or later by hand. -// The following vulnerabilities have been fixed: +The following vulnerabilities have been fixed: -// * wssalink:2024-06[] -// Foo dissector {crash,infinite loop,memory leak}. -// wsbuglink:xxx[]. -// cveidlink:2024-xxx[]. -// Fixed in master: xxx -// Fixed in release-4.2: xxx -// Fixed in release-4.0: xxx -// Fixed in release-3.6: xxx +* wssalink:2024-06[] +T.38 dissector crash. +wsbuglink:19695[]. +cveidlink:2024-2955[]. +// Fixed in master: 6fd3af5e99 +// Fixed in release-4.2: 7be4bbb413d +// Fixed in release-4.0: c04f268605c +// Fixed in release-3.6: n/a // CVSS AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H -// CWE-125 +// CWE-762 +// * Fuzz job crash: fuzz-2024-03-07-7208.pcap. wsbuglink:19695[]. + +Additionally, CVE-2024-24478, CVE-2024-24479, and CVE-2024-24476 were recently assigned to Wireshark without any coordination with the Wireshark project. +As far as we can determine, each one is based on invalid assumptions and we have requested that they be rejected. The following bugs have been fixed: @@ -43,11 +46,16 @@ The following bugs have been fixed: //* cveidlink:2014-2486[] //* Wireshark grabs your ID at 3 am, goes to Waffle House, and insults people. -* sharkd is not installed by the Windows installer. wsbuglink:19556[]. -* Fuzz job crash output: fuzz-2024-01-01-7740.pcap. wsbuglink:19558[]. -* Can't open a snoop file from the Open dialog box unless I select \"All files\" as the file type. wsbuglink:19565[]. -* Add s4607 dissector to \"decode as\" wsbuglink:19566[]. -* Updater for 4.2.1 hangs. wsbuglink:19568[]. +* Extcap with configuration never starts; "Configure all extcaps before start of capture." is shown instead. wsbuglink:18487[]. +* Packet Dissection CSV Export includes last column even if hidden. wsbuglink:19666[]. +* Inject TLS secrets closes Wireshark on Windows. wsbuglink:19667[]. +* Fuzz job issue: fuzz-2024-02-27-7196.pcap. wsbuglink:19674[]. +* Wireshark crashes when adding another port to the HTTP dissector. wsbuglink:19677[]. +* Fuzz job issue: fuzz-2024-03-03-7204.pcap. wsbuglink:19685[]. +* Fuzz job issue: randpkt-2024-03-05-8004.pcap. wsbuglink:19688[]. +* When adding a new row to a table an error report may be inserted. wsbuglink:19705[]. +* '--export-objects' does not work as expected on tshark version later than 3.2.10. wsbuglink:19715[]. +* Fuzz job issue: fuzz-2024-03-21-7215.pcap. wsbuglink:19717[]. === New and Updated Features @@ -57,8 +65,6 @@ There are no new or updated features in this release. // === Removed Dissectors -// === New File Format Decoding Support - === New Protocol Support @@ -67,12 +73,158 @@ There are no new protocols in this release. === Updated Protocol Support // Add one protocol per line between the -- delimiters. -// ag -A1 '(define PSNAME|proto_register_protocol[^_])' $(git diff --name-only v4.2.2.. | ag packet- | sort -u) +// ag -A1 '(define PSNAME|proto_register_protocol[^_])' $(git diff --name-only v4.2.4.. | ag packet- | sort -u) [commaize] -- +6LoWPAN +AllJoyn +AFP +AMQP +ASAP +Babel +BACnet +Banana +BEEP +Bencode +BFCP +BGP +BT-DHT +BT BNEP +BT SDP +BVLC +CIP +CMIP +CMP +COROSYNC/TOTEMSRP +COSE +CQL +CSN.1 +DAP +DCCP +DICOM +DCOM +DHCPv6 +DISP +DOCSIS MAC MGMT +DOF +DVB-S2 +E2AP +EDONKEY +ENRP +ErlDP +Etch +EXTREME MESH +FC-SWILS +GNW +GIOP +GLOW +GOOSE +GQUIC +GSM A-bis OML +GSUP +GTPv2 +H.223 +H.225.0 +H.245 +H.248 +H.264 +H.265 +HSMS +ICMPv6 +ICQ +IEEE1609dot2 +IPP +IPPUSB +ISAKMP +iSCSI +ISIS LSP +ISO 7816 +ISUP +ITS +JSON 3GPP +JXTA +Kafka +KINK +KNX/IP +LDAP +LDP +5GLI +LISP TCP +LISP +LLRP +LwM2M-TLV +M2UA +M3UA +MAC-LTE +MBIM +MMS +MONGO +MPEG PES +MPLS Echo +MQ PCF +MQTT-SN +MSDP +MsgPack +MS-WSP +NAS-5GS +CFLOW +NETLINK +NHRP +OpenFlow +OpenWire +OPSI +OSC +P22 +P7 +PANA +PIM +ProtoBuf +PROXY +Q.2931 +QNET +RDP +RESP +RPL +RSL RSVP +RTLS +RTMPT RTPS -STANAG 4607 +S7COMM +SCTP +SIMULCRYPT +SoulSeek +SMB2 +SML +SNA +SNMP +Socks +SolarEdge +SOME/IP +SUA +T.38 +TCAP +TEAP +TFTP +Thread +Thrift +TN5250 +USBHID +USBVIDEO +VP9 +WASSP +WLCCP +WTP +X.509IF +X.509SAT +XML +XMPP +YAMI +Z39.50 +ZigBee ZCL +Gryphon +PNIO +WiMAX ASN CP -- === New and Updated Capture File Support @@ -83,6 +235,17 @@ There is no new or updated capture file support in this release. // -- // -- +=== Updated File Format Decoding Support + +// There is no updated file format support in this release. +// Add one file type per line between the -- delimiters. +[commaize] +-- +BLF +JPEG +RBM +-- + // === New and Updated Capture Interfaces support // === New and Updated Codec support @@ -94,6 +257,8 @@ There is no new or updated capture file support in this release. This document only describes the changes introduced in Wireshark {wireshark-version}. You can find release notes for prior versions at the following locations: +* https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html[Wireshark 4.2.3] +* https://www.wireshark.org/docs/relnotes/wireshark-4.2.2.html[Wireshark 4.2.2] * https://www.wireshark.org/docs/relnotes/wireshark-4.2.1.html[Wireshark 4.2.1] * https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html[Wireshark 4.2.0] diff --git a/doc/tshark.adoc b/doc/tshark.adoc index 6f086d6f..543579d5 100644 --- a/doc/tshark.adoc +++ b/doc/tshark.adoc @@ -215,7 +215,7 @@ fills up, *TShark* will switch writing to the next file and so on. The created filenames are based on the filename given with the *-w* option, the number of the file and on the creation date and time, -e.g. outfile_00001_20230714120117.pcap, outfile_00002_20230714120523.pcap, ... +e.g. outfile_00001_20240714120117.pcap, outfile_00002_20240714120523.pcap, ... With the __files__ option it's also possible to form a "ring buffer". This will fill up new files until the number of files specified, @@ -252,7 +252,7 @@ packets. *nametimenum*:__value__ Choose between two save filename templates. If __value__ is 1, make running file number part before start time part; this is -the original and default behaviour (e.g. log_00001_20230714164426.pcap). If +the original and default behaviour (e.g. log_00001_20240714164426.pcap). If __value__ is greater than 1, make start time part before running number part (e.g. log_20210828164426_00001.pcap). The latter makes alphabetical sorting order equal to creation time order, and keeps related multiple file sets in @@ -2252,7 +2252,7 @@ Output JSON containing elapsed times for each pass tshark does to process a capt file and the sum elapsed time for all passes. The per-pass output contains the total elapsed time and aggregate counters for per-packet operations (dissection and filtering). -include::dissection-options.adoc[tag=!not_tshark] +include::dissection-options.adoc[tags=**;!not_tshark] include::diagnostic-options.adoc[] diff --git a/doc/wireshark.adoc b/doc/wireshark.adoc index ca34f549..24434827 100644 --- a/doc/wireshark.adoc +++ b/doc/wireshark.adoc @@ -209,7 +209,7 @@ fills up, *Wireshark* will switch writing to the next file and so on. The created filenames are based on the filename given with the *-w* flag, the number of the file and on the creation date and time, -e.g. outfile_00001_20230714120117.pcap, outfile_00002_20230714120523.pcap, ... +e.g. outfile_00001_20240714120117.pcap, outfile_00002_20240714120523.pcap, ... With the __files__ option it's also possible to form a "ring buffer". This will fill up new files until the number of files specified, @@ -923,7 +923,7 @@ Show IEEE 802.11 network and station statistics. *-z* wsp,stat[,<filter>]:: Show WSP packet counters. -include::dissection-options.adoc[tag=!tshark] +include::dissection-options.adoc[tags=**;!tshark] include::diagnostic-options.adoc[] @@ -962,7 +962,7 @@ menu:File[File Set,List Files]:: Show a dialog box that lists all files of the file set matching the currently loaded file. A file set is a compound of files resulting from a capture using the "multiple files" / "ringbuffer" mode, recognizable by the filename pattern, -e.g.: Filename_00001_20230714101530.pcap. +e.g.: Filename_00001_20240714101530.pcap. menu:File[File Set,Next File]:: diff --git a/docbook/attributes.adoc b/docbook/attributes.adoc index 3076ab11..7c7085e4 100644 --- a/docbook/attributes.adoc +++ b/docbook/attributes.adoc @@ -1,6 +1,6 @@ // Common attributes -:wireshark-version: 4.2.2 +:wireshark-version: 4.2.4 :logray-version: 0.9.0 // Required for btn, kbd:, and menu: macros. diff --git a/docbook/wsug_src/capinfos-h.txt b/docbook/wsug_src/capinfos-h.txt index fa422fce..533aa77e 100644 --- a/docbook/wsug_src/capinfos-h.txt +++ b/docbook/wsug_src/capinfos-h.txt @@ -1,4 +1,4 @@ -Capinfos (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Capinfos (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Print various information (infos) about capture files. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/dumpcap-h.txt b/docbook/wsug_src/dumpcap-h.txt index 23441e8e..bd81eecf 100644 --- a/docbook/wsug_src/dumpcap-h.txt +++ b/docbook/wsug_src/dumpcap-h.txt @@ -1,4 +1,4 @@ -Dumpcap (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Dumpcap (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Capture network packets and dump them into a pcapng or pcap file. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/editcap-h.txt b/docbook/wsug_src/editcap-h.txt index 0b8a5b53..2f8299fb 100644 --- a/docbook/wsug_src/editcap-h.txt +++ b/docbook/wsug_src/editcap-h.txt @@ -1,4 +1,4 @@ -Editcap (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Editcap (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Edit and/or translate the format of capture files. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/mergecap-h.txt b/docbook/wsug_src/mergecap-h.txt index d2c5231c..ce75957c 100644 --- a/docbook/wsug_src/mergecap-h.txt +++ b/docbook/wsug_src/mergecap-h.txt @@ -1,4 +1,4 @@ -Mergecap (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Mergecap (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Merge two or more capture files into one. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/rawshark-h.txt b/docbook/wsug_src/rawshark-h.txt index 1302dea0..f088b94d 100644 --- a/docbook/wsug_src/rawshark-h.txt +++ b/docbook/wsug_src/rawshark-h.txt @@ -1,4 +1,4 @@ -Rawshark (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Rawshark (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Dump and analyze network traffic. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/reordercap-h.txt b/docbook/wsug_src/reordercap-h.txt index eb8ab5de..ad4ee8d1 100644 --- a/docbook/wsug_src/reordercap-h.txt +++ b/docbook/wsug_src/reordercap-h.txt @@ -1,4 +1,4 @@ -Reordercap (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Reordercap (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Reorder timestamps of input file frames into output file. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/text2pcap-h.txt b/docbook/wsug_src/text2pcap-h.txt index 9066427e..938f5e5d 100644 --- a/docbook/wsug_src/text2pcap-h.txt +++ b/docbook/wsug_src/text2pcap-h.txt @@ -1,4 +1,4 @@ -Text2pcap (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Text2pcap (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Generate a capture file from an ASCII hexdump of packets. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/tshark-h.txt b/docbook/wsug_src/tshark-h.txt index 84bb1c17..37a0d363 100644 --- a/docbook/wsug_src/tshark-h.txt +++ b/docbook/wsug_src/tshark-h.txt @@ -1,4 +1,4 @@ -TShark (Wireshark) 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +TShark (Wireshark) 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Dump and analyze network traffic. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/wireshark-h.txt b/docbook/wsug_src/wireshark-h.txt index 320d579a..5e3edb99 100644 --- a/docbook/wsug_src/wireshark-h.txt +++ b/docbook/wsug_src/wireshark-h.txt @@ -1,4 +1,4 @@ -Wireshark 4.2.1 (v4.2.1rc0-11-gae025b2614ce) +Wireshark 4.2.4 (v4.2.4rc0-1-g9dbb5482ef05) Interactively dump and analyze network traffic. See https://www.wireshark.org for more information. diff --git a/docbook/wsug_src/wsug_capture.adoc b/docbook/wsug_src/wsug_capture.adoc index c7ef8f1b..3029c6c3 100644 --- a/docbook/wsug_src/wsug_capture.adoc +++ b/docbook/wsug_src/wsug_capture.adoc @@ -490,8 +490,8 @@ Information about the folders used for capture files can be found in |File Name|“Create a new file...”|“Use a ring buffer...”|Mode|Resulting filename(s) used |-|-|-|Single temporary file|wiresharkXXXXXX.pcap[ng] (where XXXXXX is a unique 6 character alphanumeric sequence) |foo.cap|-|-|Single named file|foo.cap -|foo.cap|x|-|Multiple files, continuous|foo_00001_20230714110102.cap, foo_00002_20230714110318.cap, ... -|foo.cap|x|x|Multiple files, ring buffer|foo_00001_20230714110102.cap, foo_00002_20230714110318.cap, ... +|foo.cap|x|-|Multiple files, continuous|foo_00001_20240714110102.cap, foo_00002_20240714110318.cap, ... +|foo.cap|x|x|Multiple files, ring buffer|foo_00001_20240714110102.cap, foo_00002_20240714110318.cap, ... |=== Single temporary file:: diff --git a/docbook/wsug_src/wsug_io.adoc b/docbook/wsug_src/wsug_io.adoc index ed3a488a..df8fced7 100644 --- a/docbook/wsug_src/wsug_io.adoc +++ b/docbook/wsug_src/wsug_io.adoc @@ -704,7 +704,7 @@ some features to handle these file sets in a convenient way. .How does Wireshark detect the files of a file set? **** A filename in a file set uses the format Prefix_Number_DateTimeSuffix which -might look something like `test_00001_20230714183910.pcap`. All files of a file +might look something like `test_00001_20240714183910.pcap`. All files of a file set share the same prefix (e.g., “test”) and suffix (e.g., “.pcap”) and a varying middle part. |