Wireshark 2.2.8 available now for Linux, macOS, and Windows

Jul 19, 2017 23:41 GMT  ·  By

Wireshark, the world’s most popular network protocol analyzer, an open-source and cross-platform network tool used for troubleshooting, development, analysis, and education purposes, has been updated today to version 2.2.8.

Wireshark 2.2.8 comes about one and a half months after the 2.2.7 release to patch security vulnerabilities that have been discovered in the application lately, including a WBMXL dissector infinite loop, an openSAFETY dissector memory exhaustion, an AMQP dissector crash, a DOCSIS infinite loop, and an MQ dissector crash.

The update also improves support for several protocols, including SMB2, TCP, TCAP, IEEE 802.11, IP, AMQP, LTE RRC, SCCP, BGP, BSSMAP, GSM A GM, BT RFCOMM, DAAP, OSPF, DOCSIS, E.212, FDDI, WSMP, GSM BSSMAP, WBXML, ISIS LSP, UMTS FP, MQ, OpenSafety, SGSAP, PROFINET IO, Y.1711, RANAP, and UMTS RLC.

Bug fixes, updated capture file support

A total of 19 issues were resolved in Wireshark 2.2.8, improving handling of SCCP fragments, adds the ability to automatically save name resolutions to PCAP-NG NRB, makes SPVID to be decoded from right field, and updates BGP to correctly decode COMMUNITIES whose length is larger than 255.

It also looks like Wireshark is now capable of displaying details for 5120 or greater in Statistics -> Packet Lengths, adds support for export objects to display files from an SMB2 capture, improves the Y.1711 dissector to no longer reverse defect type order, and fixes various other minor issues. Study the attached changelog for more details.

The capture file support was improved as well for pcap and pcap-ng in Wireshark 2.2.8, which is a recommended update for all users running version 2.2.7 or a previous one. You can download Wireshark 2.2.8 for GNU/Linux, macOS, and Microsoft Windows operating systems right now through our web portal.

Wireshark 2.2.8 Changelog