Wireshark 4.6.6 has been released for Linux, featuring important security patches that address crashes in the ROHC dissector and a buffer overflow vulnerability in MACsec. The release also modifies the discovery process for third-party extcap plugins to default to a specific directory, while allowing for manual overrides through environment variables. Additionally, the update includes improved protocol decoders for Kafka, SIP, and industrial standards, as well as support for native JSON capture files. Users are encouraged to update their installations to benefit from these enhancements and security fixes before conducting network analysis
Wireshark 4.6.6 released
Wireshark 4.6.6 arrives on Linux with essential security patches that prevent crashes in the ROHC dissector and fix a MACsec buffer overflow vulnerability. The release restructures how third-party extcap plugins are discovered, now defaulting to /usr/libexec/wireshark/extcap while allowing manual overrides via environment variables. Network analysts will also benefit from updated protocol decoders for Kafka, SIP, and industrial standards alongside native JSON capture file support.
