Wireshark 2.6.5 released with fixes
wnpa-sec-2018-51 – The Wireshark dissection engine could crash.
wnpa-sec-2018-52 – The DCOM dissector could crash.
wnpa-sec-2018-53 – The LBMPDM dissector could crash.
wnpa-sec-2018-54 – The MMSE dissector could go into an infinite loop.
wnpa-sec-2018-55 – The IxVeriWave file parser could crash.
wnpa-sec-2018-56 – The PVFS dissector could crash.
All these vulnerabilities could be exploited by the attacker injecting a malformed packet or by reading a malformed packet trace file. These vulnerabilities affected the following Wireshark versions 2.6.0 to 2.6.4, 2.4.0 to 2.4.10, fixed with 2.6.5, 2.4.11 or later.
wnpa-sec-2018-57 – The ZigBee ZCL dissector could crash. Affected version 2.6.0 to 2.6.4, fixed with 2.6.5.
Other Bug Fixes – Wireshark 2.6.5
VoIP Calls dialogue doesn’t include RTP stream when preparing a filter.
Wireshark installs on macOS with permissions for /Library/Application Support/Wireshark that are too restrictive.
Closing Enabled Protocols dialogue crashes Wireshark.
Unable to Export Objects → HTTP after sorting columns.
DNS Response to NS query shows as a malformed packet.
Encrypted Alerts corresponds to a wrong selection in the packet bytes pane. Wireshark crashes/asserts with Qt 5.11.1 and assert/debugsymbols enabled.
ESP will not decode since 2.6.2 – works fine in 2.4.6 or 2.4.8.
text2pcap generates malformed packets when TCP, UDP or SCTP headers are added together with IPv6 header.
Wireshark tries to decode EAP-SIM Pseudonym Identity.
Infinite read loop when extcap exits with error and error message.
MATE unable to extract fields for PDU.
Malformed Packet: SV.
OPC UA Max nesting depth exceeded for a valid packet.
Also, the new version comes with the updated protocol support, Capture File Support and Interfaces support, reads the release notes. The new version can be downloaded from here.