-== June 28, 2002
+Wireshark 1.3.0 Release Notes
-Ethereal 0.9.5 has been released. This version fixes several potential
-security problems revealed since the release of 0.9.4. See the security
-advisory at http://www.ethereal.com/appnotes/enpa-sa-00005.html for
-more details.
+ ------------------------------------------------------------------
+What is Wireshark?
-New Features:
+ Wireshark is the world's most popular network protocol analyzer.
+ It is used for troubleshooting, analysis, development, and
+ education.
-The ability to read packet data from a pipe was enhanced. Printing
-under Windows now works.
+What's New
+ Bug Fixes
-New Protocols
+ The following vulnerabilities have been fixed. See the security
+ advisory for details and a workaround.
-802.3 LACP, Apache JServ, AODV6, DCERPC Browser, Java RMI, TAPI
+ o The NetFlow dissector could run off with your dog, crash your
+ truck, and write a country music song about the experience.
+ Versions affected: 0.99.5 to 1.0.8
-Updated Protocols
+ The following bugs have been fixed:
-ATM, BGP, BOOTP, DCE RPC, EPM, Frame Relay, GTP, L2TP, LMP, MAPI, MIP,
-MMSE, MTP3, NCP, NFS, NSPI, PPP, Q2931, RADIUS, RSVP, SCSI, SMB, SNA,
-SOCKS, SPOOLSS, SRVSVC, SunATM, TFTP, TNS, Token Ring, UCP, VJ TCP/IP,
-WCP, WEP, WSP, WTP
+ o Wireshark could crash without warning.
+ New and Updated Features
-Capture File Updates
+ The following features are new (or have been significantly
+ updated) since version 1.0:
+ o The packet list internals have been rewritten and are now more
+ efficient.
-Ethereal can now write LANalyzer files. The Sniffer, nettl, snoop,
-NetXRay, and libpcap code all received updates.
+ o Capturing from pipes on Windows has been improved.
+ New Protocol Support
-Download Sites
+ Updated Protocol Support
-The source code and Windows installer can be downloaded immediately from
-the following locations:
+ New and Updated Capture File Support
-Main site:
+Getting Wireshark
-Source:
+ Wireshark source code and installation packages are available from
+ the download page on the main web site.
- http://www.ethereal.com/distribution/ethereal-0.9.5.tar.gz
+ Vendor-supplied Packages
-Windows installer:
+ Most Linux and Unix vendors supply their own Wireshark packages.
+ You can usually install or upgrade Wireshark using the package
+ management system specific to that platform. A list of third-party
+ packages can be found on the download page on the Wireshark web
+ site.
- http://www.ethereal.com/distribution/win32/ethereal-setup-0.9.5.exe
+File Locations
-SourceForge:
+ Wireshark and TShark look in several different locations for
+ preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
+ These locations vary from platform to platform. You can use
+ About->Folders to find the default locations on your system.
- http://sourceforge.net/project/showfiles.php?group_id=255
+Known Problems
+ Wireshark may appear offscreen on multi-monitor Windows systems.
+ (Bug 553)
-The mirror sites listed at http://www.ethereal.com/download.html#sources
-should be updated shortly.
+ Wireshark might make your system disassociate from a wireless
+ network on OS X. (Bug 1315)
+ Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
+ Wireshark is unable to decrypt WPA group keys. (Bug 1420)
+ The BER dissector might infinitely loop. (Bug 1516)
+ Wireshark can't dynamically update the packet list. This means
+ that host name resolutions above a certain response time threshold
+ won't show up in the packet list. (Bug 1605)
+ Capture filters aren't applied when capturing from named pipes.
+ (Bug 1814)
+
+ Wireshark might freeze when reading from a pipe. (Bug 2082)
+
+ Capturing from named pipes might be delayed on Windows. (Bug 2200)
+
+ Filtering tshark captures with display filters (-R) no longer
+ works. (Bug 2234)
+
+Getting Help
+
+ Community support is available on the wireshark-users mailing
+ list. Subscription information and archives for all of Wireshark's
+ mailing lists can be found on the web site.
+
+ Commercial support, training, and development services are
+ available from CACE Technologies.
+
+Frequently Asked Questions
+
+ A complete FAQ is available on the Wireshark web site.