-$Id: NEWS,v 1.145 2004/05/13 09:04:14 ulfl Exp $
+$Id$
-== May ??, 2004
+== December 27, 2005
+
+Ethereal 0.10.14 has been released.
+
+ Bug Fixes
+
+ Three security vulnerabilities have been fixed since the previous
+ release. See the [1]application advisory for more details.
+
+ o The IRC dissector could go into an infinite loop. Versions
+ affected: 0.10.13.
+
+ o The GTP dissector could go into an infinite loop. Versions
+ affected: 0.9.1 to 0.10.13.
+
+ o iDefense found a buffer overflow in the OSPF dissector.
+ Versions affected: 0.8.20 to 0.10.13.
+
+ New and Updated Features
+
+ The following features are new (or have been significantly
+ updated) since the last release:
+
+ o The Windows installer now ships with GTK+ 2.6 instead of GTK+
+ 2.4. This should fix several long-standing bugs.
+
+ o If you're loading a saved capture file and press "Cancel",
+ Ethereal will now display the packets read up to that point.
+ In previous versions, Ethereal would abort the attempt
+ completely and clear the packet list.
+
+ This means that if you're loding a huge capture file, you can
+ stop loading in the middle and still be able to analyze part
+ of the file.
+
+ o The maximum number of files allowed in a ring buffer has been
+ increased from 1024 to 10,000.
+
+ o OID to name resolution has been improved.
+
+ o TCP graphs now handle upper and lower bounds better.
+
+ New Protocol Support
+
+ 3Com Netjack200, CDT, CIGI, DAP, DISP, DOP, DSP, FTBP, MS NLB,
+ NBAP, NCP SSS, NCS, NHRP, P_Mul, RNSAP, SMB2, STANAG 5066, TIPC,
+ UDP-Lite, X.501
+
+ Updated Protocol Support
+
+ ACSE, AIM, ALCAP, AMR, ANSI MAP, BER, BitTorrent, BOOTP, CAMEL,
+ CMP, CMS, COPS, CRMF, DCCP, DCERPC (DCERPC, DSSETUP, INITSHUTDOWN,
+ NT, WINREG), DEC DNA RT, DNP, DTP, eDonkey, ENIP, ESS, Etheric,
+ FC-DNS, FC-FZS, FMIPv6, GRE, GSM A, GSM MAP, GTP, H.225, H.235,
+ H.245, H.248, H.263, H.450, IAPP, IEEE 802.11, INAP, IP, IPv6,
+ IRC, ISIS LSP, ISUP, IUUP, Juniper, LLDP, M3UA, MIP, MIPv6,
+ Modbus/TCP, MTP3, NCP, NDPS, NDS, NEMO, NMAS, NTLMSSP, OSPF, PER,
+ PN-DCP, PPP CHAP, PPPoE, PVFS2, Q.931, RADIUS, RANAP, RDT, RLOGIN,
+ RMT, ROS, RTCP, RTP, RTSE, S4406, SCCP, SCTP, SES, SIP, SMB,
+ SNDCP, SRVLOC, STUN, T.38, UMA, WINS Replication, X.411, X.420,
+ X.509
+
+ New and Updated Capture File Support
+
+ DOS Sniffer, Endace ERF, HP-UX nettl, IBM iSeries traces,
+ Tektronix K12
+
+Getting Ethereal
+
+ Microsoft Windows
+
+ Download ethereal-setup-0.10.14.exe from the [2]Windows download
+ area on the main web site. Double-click the installer executable.
+
+ Sun Solaris
+
+ Download the appropriate package from the [3]Solaris download area
+ on the main web site. Uncompress the package using bzip2, and
+ install it using pkgadd.
+
+ Source Code
+
+ Download ethereal-0.10.14.tar.gz from the [4]main download area on
+ the web site. Extract the package using tar and gzip. Run
+ "configure ; make ; make install".
+
+ Vendor-supplied Packages
+
+ Most Linux and Unix vendors supply their own Ethereal packages.
+ You can install or upgrade Ethereal using the package management
+ system specific to that platform. A list of third-party packages
+ can be found on the [5]download page on the Ethereal web site.
+
+File Locations
+
+ Ethereal and Tethereal look in several different locations for
+ preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
+ These locations vary from platform to platform. You can use
+ About->Folders to find the default locations on your system.
+
+Known Problems
+
+ On Windows systems the packet list scroll bar can sometimes
+ disappear or become unusable. Until the problem is fixed you can
+ work around it by resizing the packet list or the main window.
+ ([6]Bug #220)
+
+Getting Help
+
+ Community support is available on the ethereal-users mailing list.
+ Subscription information and archives for all of Ethereal's
+ mailing lists can be found on [7]the web site. There is also an
+ [8]IRC channel dedicated to Ethereal.
+
+ Commercial support, training, and development services are
+ available from [9]Ethereal Software.
+
+Frequently Asked Questions
+
+ A complete FAQ is available on the [10]Ethereal web site.
+
+References
+
+ Visible links
+ 1. http://www.ethereal.com/appnotes/enpa-sa-00022.html
+ 2. http://www.ethereal.com/docs/distribution/win32/
+ 3. http://www.ethereal.com/docs/distribution/solaris/
+ 4. http://www.ethereal.com/docs/distribution/
+ 5. http://www.ethereal.com/download.html#otherplat
+ 6. http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220
+ 7. http://www.ethereal.com/lists/
+ 8. irc://irc.freenode.net/ethereal
+ 9. http://www.etherealsoft.com/
+ 10. http://www.ethereal.com/faq.html
+
+== October 17, 2005
+
+Ethereal 0.10.13 has been released.
+
+ Bug Fixes
+
+ Several security vulnerabilities have been fixed since the previous
+ release. See the [1]application advisory for more details.
+
+ o The ISAKMP dissector could exhaust system memory. Versions affected:
+ 0.10.11 to 0.10.12.
+
+ o The FC-FCS dissector could exhaust system memory. Versions affected:
+ 0.9.0 to 0.10.12.
+
+ o The RSVP dissector could exhaust system memory. Versions affected:
+ 0.9.4 to 0.10.12.
+
+ o The ISIS LSP dissector could exhaust system memory. Versions affected:
+ 0.8.18 to 0.10.12.
+
+ o The IrDA dissector could crash. Versions affected: 0.10.0 to 0.10.12.
+
+ o The SLIMP3 dissector could overflow a buffer. Versions affected: 0.9.1
+ to 0.10.12.
+
+ o The BER dissector was susceptible to an infinite loop. Versions
+ affected: 0.10.3 to 0.10.12.
+
+ o The SCSI dissector could dereference a null pointer and crash.
+ Versions affected: 0.10.3 to 0.10.12.
+
+ o If the "Dissect unknown RPC program numbers" option was enabled, the
+ ONC RPC dissector might be able to exhaust system memory. This option
+ is disabled by default. Versions affected: 0.7.7 to 0.10.12.
+
+ o The sFlow dissector could dereference a null pointer and crash.
+ Versions affected: 0.9.14 to 0.10.12.
+
+ o The RTnet dissector could dereference a null pointer and crash.
+ Versions affected: 0.10.8 to 0.10.12.
+
+ o The SigComp UDVM could go into an infinite loop or crash. Versions
+ affected: 0.10.12.
+
+ o If SMB transaction payload reassembly is enabled the SMB dissector
+ could crash. This preference is disabled by default. Versions
+ affected: 0.9.7 to 0.10.12.
+
+ o The X11 dissector could attempt to divide by zero. Versions affected:
+ 0.10.1 to 0.10.12.
+
+ o The AgentX dissector could overflow a buffer. Versions affected:
+ 0.10.10 to 0.10.12.
+
+ o The WSP dissector could free an invalid pointer. Versions affected:
+ 0.10.1 to 0.10.12.
+
+ o iDEFENSE found a buffer overflow in the SRVLOC dissector. Versions
+ affected: 0.10.0 to 0.10.12.
+
+ When trying to save a flow graph, Ethereal could crash.
+
+ When viewing protocol hierarchy statistics, Ethereal and Tethereal could
+ crash.
+
+ The PCRE library that ships with the Windows installer has been upgraded
+ from version 4.4 to 6.3 in response to a [2]security vulnerability.
+
+ New and Updated Features
+
+ The following features are new (or have been significantly updated) since
+ the last release:
+
+ o The timestamp display precision of the Packet List can be adjusted
+ now. The precision will be automatically adjusted depending on the
+ file format loaded, e.g. libpcap typically uses microsecond resolution
+ displayed like "0.000000". In addition you can adjust the precision
+ manually through the View/Time Display Format menu items.
+
+ o The WinPcap version 3.1 installer was released since the last Ethereal
+ release. The version included in the Ethereal Windows installer has
+ been updated from 3.1 beta 4 to 3.1. If you want to upgrade WinPcap
+ separately or install a different version you can download it from:
+ [3]the WinPcap web site.
+
+ o The behavior of the display filter "ip.checksum_bad" has changed.
+ Instead of merely checking for its presence you must now make sure it
+ is set, e.g. instead of using "ip.checksum_bad" you must now use
+ "ip.checksum_bad == 1".
+
+ o A new capture file format "Nanosecond libpcap (Ethereal)" was added.
+ It is very similar to the common libpcap file format but is capable of
+ keeping nanosecond resolution timestamps. This format is currently
+ supported only by Ethereal.
+
+ o Ethereal's memory managment has been greatly improved.
+
+ o Ethereal can now save gzip-compressed capture files.
+
+ New Protocol Support
+
+ CIMD, CISCOWL-L2, DCCP, EDP, GNM, LLDP, ROS, RTSE, STANAG 4406, WINS
+ Replication, X.411, X.420
+
+ Updated Protocol Support
+
+ 802.11 Radiotap, A11, AARP, ACSE, ACtrace, AFP, AFS, AgentX, AIM, AJP13,
+ ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI IS-683-A, ANSI IS-801, ANSI MAP,
+ AOE, AppleTalk, Armagetronad, ARP, ASAP, ASN.1, BACapp, BER, BGP,
+ BitTorrent, BOOTP, CAMEL, CLNP, CMIP, CMP, CMS, COPS, CRMF, CSM_ENCAPS,
+ DAAP, DCERPC (ATSVC, DCE_DFS, FLDB, INITSHUTDOWN, LSA, NETLOGON, NT, SAMR,
+ SPOOLSS, WINREG), DCM, DCOM, DHCP Failover, DIAMETER, ENRP, ESS, FC, FCCT,
+ FCDNS, FCELS, FCFCS, FCFZS, FCP, FCSWILS, FTAM, GIOP, GPRS LLC, GSM, GTP,
+ H1, H.225, H.235, H.245, H.248, H.261, H.263, H.450, HSRP, HTTP, IAX2,
+ IEEE 802.11, IEEE 802.3, IEEE 802.3 Slow protocols, IP, IP/IEEE1394, IRC,
+ IrDA, ISAKMP, iSCSI, ISIS, ISUP, Jabber, JFIF, Juniper, JXTA, K12,
+ Kerberos, LDAP, LDP, LLC, LPD, MAP_DialoguePDU, MDSHDR, Media, MEGACO,
+ MGCP, MIME multipart, MMS, MOUNT, MQ, MSMMS, NBNS, NDMP, NS_CERT_EXTS,
+ OCSP, OPSI, OSPF, PARLAY, PER, PKINIT, PKIX, PN-RT, PPP, PRES, PTP,
+ RADIUS, RDT, RPC, RSVP, RTCP, RTnet, RTSP, SCCP, SCSI, SCTP, SES, sFlow,
+ SIGCOMP, SIP, SliMP3, SMB, SMPP, SMRSE, SNA, SNMP, SPNEGO, SRVLOC, STUN,
+ T.38, TCAP, TCP, Text, TPKT, UMA, WBXML, WLANCERTEXTN, WSP, X11, X.25,
+ X.509, XML, YMSG
+
+ New and Updated Capture File Support
+
+ 5Views, AiroPeek, ERF, EtherPeek, i4btrace, LANAlyzer, Libpcap, Windows
+ Sniffer, Tektronix K12
+
+Getting Ethereal
+
+ Microsoft Windows
+
+ Download ethereal-setup-0.10.13.exe from the [4]Windows download area on
+ the main web site. Double-click the installer executable.
+
+ Sun Solaris
+
+ Download the appropriate package from the [5]Solaris download area on the
+ main web site. Uncompress the package using bzip2, and install it using
+ pkgadd.
+
+ Source Code
+
+ Download ethereal-0.10.13.tar.gz from the [6]main download area on the web
+ site. Extract the package using tar and gzip. Run "configure ; make ; make
+ install".
+
+ Vendor-supplied Packages
+
+ Most Linux and Unix vendors supply their own Ethereal packages. You can
+ install or upgrade Ethereal using the package management system specific
+ to that platform. A list of third-party packages can be found on the
+ [7]download page on the Ethereal web site.
+
+File Locations
+
+ Ethereal and Tethereal look in several different locations for preference
+ files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary
+ from platform to platform. You can use About->Folders to find the default
+ locations on your system.
+
+Known Problems
+
+ On Windows systems the packet list scroll bar can sometimes disappear or
+ become unusable. Until the problem is fixed you can work around it by
+ resizing the packet list or the main window. ([8]Bug #220)
+
+Getting Help
+
+ Community support is available on the ethereal-users mailing list.
+ Subscription information and archives for all of Ethereal's mailing lists
+ can be found on [9]the web site. There is also an [10]IRC channel
+ dedicated to Ethereal.
+
+ Commercial support, training, and development services are available from
+ [11]Ethereal Software.
+
+Frequently Asked Questions
+
+ A complete FAQ is available on the [12]Ethereal web site.
+
+References
+
+ Visible links
+ 1. http://www.ethereal.com/appnotes/enpa-sa-00021.html
+ 2. http://www.securityfocus.com/bid/14620
+ 3. http://www.winpcap.org/
+ 4. http://www.ethereal.com/docs/distribution/win32/
+ 5. http://www.ethereal.com/docs/distribution/solaris/
+ 6. http://www.ethereal.com/docs/distribution/
+ 7. http://www.ethereal.com/download.html#otherplat
+ 8. http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220
+ 9. http://www.ethereal.com/lists/
+ 10. irc://irc.freenode.net/ethereal
+ 11. http://www.etherealsoft.com/
+ 12. http://www.ethereal.com/faq.html
+
+== July 26, 2005
+
+Ethereal 0.10.12 has been released.
+
+Our testing program has turned up several more security issues:
+
+ The LDAP dissector could free static memory and crash.
+ Versions affected: 0.8.5 to 0.10.11
+
+ The AgentX dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The 802.3 dissector could go into an infinite loop.
+ Versions affected: 0.8.16 to 0.10.11
+
+ The PER dissector could abort.
+ Versions affected: 0.10.5 to 0.10.11
+
+ The DHCP dissector could go into an infinite loop.
+ Versions affected: 0.10.7 to 0.10.11
+
+ The BER dissector could abort or loop infinitely.
+ Version affected: 0.10.11
+
+ The MEGACO dissector could go into an infinite loop.
+ Versions affected: 0.9.14 to 0.10.11
+
+ The GIOP dissector could dereference a null pointer.
+ Versions affected: 0.8.20 to 0.10.11
+
+ The SMB dissector was susceptible to a buffer overflow.
+ Versions affected: 0.9.12 to 0.10.11
+
+ The WBXML could dereference a null pointer.
+ Versions affected: 0.10.1 to 0.10.11
+
+ The H1 dissector could go into an infinite loop.
+ Versions affected: 0.8.15 to 0.10.11
+
+ The DOCSIS dissector could cause a crash.
+ Versions affected: 0.9.13 to 0.10.11
+
+ The SMPP dissector could go into an infinite loop.
+ Versions affected: 0.10.1 to 0.10.11
+
+ SCTP graphs could crash.
+ Version affected: 0.10.11
+
+ The HTTP dissector could crash.
+ Versions affected: 0.10.4 to 0.10.11
+
+ The SMB dissector could go into a large loop.
+ Versions affected: 0.9.0 to 0.10.11
+
+ The DCERPC dissector could crash.
+ Versions affected: 0.9.16 to 0.10.11.
+
+ Several dissectors could crash while reassembling packets.
+ Versions affected: 0.9.0 to 0.10.11
+
+
+ Steve Grubb at Red Hat found the following issues:
+
+ The CAMEL dissector could dereference a null pointer.
+ Version affected: 0.10.11
+
+ The DHCP dissector could crash.
+ Versions affected: 0.10.4 to 0.10.11
+
+ The CAMEL dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The PER dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The RADIUS dissector could crash.
+ Versions affected: 0.9.4 to 0.10.11
+
+ The Telnet dissector could crash.
+ Versions affected: 0.9.10 to 0.10.11
+
+ The IS-IS LSP dissector could crash.
+ Versions affected: 0.8.19 to 0.10.11
+
+ The NCP dissector could crash.
+ Versions affected: 0.9.15 to 0.10.11
+
+
+ iDEFENSE found the following issues:
+
+ Several dissectors were susceptible to a format string overflow.
+ Versions affected: 0.9.4 to 0.10.11
+
+
+ Ethereal uses the zlib compression library. Security vulnerabilities
+ have been discovered in zlib 1.2.1 and 1.2.2. The Windows installer
+ now ships with zlib 1.2.3, which fixes these vulnerabilities.
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00020.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ The Windows installer now includes the WinPcap 3.1 beta 4 installer.
+ You don't have to download and install it separately.
+
+ RADIUS dictionaries are now included.
+
+ A lot of documentation was updated
+
+ Some command line parameters have changed, see the Ethereal / Tethereal
+ manual pages
+
+ A "File/File Set" submenu was added to better handle multiple files
+ (such as ring buffers).
+
+ Flow graphs can now be created for any protocol.
+
+ Memory management has been greatly improved.
+
+ JXTA has been added to the conversations menu.
+
+ When compiled with MIT/Heimdal Kerberos AND if keytab files are
+ provided, Ethereal can now decrypt and dissect both SecureLDAP and
+ encrypted DCE/RPC.
+
+ TCP Sequence graphs should now work for all captures and all
+ encapsulation types.
+
+
+New protocol support
+
+ ACSE, ARMAGETRONAD, AudioCodes trunk trace, CSM_ENCAPS, DEC DNA Routing,
+ DIS, FTAM, iFCP, Juniper PPPoE, MMS, MS MediaServer, MSRP, Parlay,
+ Synergy, TANGO, WLAN Certificate Extensions
+
+
+Updated protocol support
+
+ 802.11 Radiotap, 9P, ACSE, AFP, AgentX, AIM, ANSI MAP, BACapp, BVLC,
+ Camel, CLNP, CMIP, DCERPC, DCOM, DHCP, DHCP Failover, DHCPv6, DICOM,
+ DNP, DNS, DOCSIS, EAP, Ethernet, FC ELS, FCIP, FCP, FC-SWILS, GIOP,
+ GSM A, GSM MAP, GSSAPI, GTP, H1, H.221, H.225, H.235, H.245, H.248,
+ H.450, HPSW, HTTP, HyperSCSI, ICMP, IEEE 802.11, IEEE 802.3, iFCP,
+ IP, IPDC, ISAKMP, iSCSI, iSNS, ISUP, JXTA, Kerberos, KINK, LDAP, LLC,
+ LMP, LWAPP, MEGACO, MGCP, MMSE, NDMP, NDPS, NFS, NTLMSSP, OSI, OSPF,
+ PER, PPP, PRES, PROFINET, RDT, RMT, RPC, RSVP, Rsync, RTP, RTSP, SCSI,
+ SCTP, SDP, SIP, SMB, SMPP, SNMP, SPNEGO, SSCOP, SSL, T.38, TCAP, TCP,
+ Telnet, TFTP, TPKT, UDP, UDVM, UMA, V5UA, WBXML, WSP, XML, YMSG, YPSERV
+
+
+New and updated capture file support
+
+ HP Nettl, Tektronix K12
+
+
+== May 4, 2005
+
+Ethereal 0.10.11 has been released.
+
+An aggressive testing program as well as independent discovery has turned
+up a multitude of security issues:
+
+ The ANSI A dissector was susceptible to format string vulnerabilities.
+ Discovered by Bryan Fulton.
+ Versions affected: 0.9.15 to 0.10.10
+
+ The GSM MAP dissector could crash.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The AIM dissector could cause a crash.
+ Versions affected: 0.9.14 to 0.10.10
+
+ The DISTCC dissector was susceptible to a buffer overflow.
+ Discovered by Ilja van Sprundel
+ Versions affected: 0.9.13 to 0.10.10
+
+ The FCELS dissector was susceptible to a buffer overflow.
+ Discovered by Neil Kettle
+ Versions affected: 0.9.9 to 0.10.10
+
+ The SIP dissector was susceptible to a buffer overflow.
+ Discovered by Ejovi Nuwere.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The KINK dissector was susceptible to a null pointer exception,
+ endless looping, and other problems.
+ Versions affected: 0.10.10
+
+ The LMP dissector was susceptible to an endless loop.
+ Versions affected: 0.9.4 to 0.10.10
+
+ The Telnet dissector could abort.
+ Versions affected: 0.9.10 to 0.10.10
+
+ The TZSP dissector could cause a segmentation fault.
+ Versions affected: 0.10.10 to 0.10.10
+
+ The WSP dissector was susceptible to a null pointer exception and
+ assertions.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The 802.3 Slow protocols dissector could throw an assertion.
+ Versions affected: 0.10.10
+
+ The BER dissector could throw assertions.
+ Versions affected: 0.10.2 to 0.10.10
+
+ The SMB Mailslot dissector was susceptible to a null pointer exception
+ and could throw assertions.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The H.245 dissector was susceptible to a null pointer exception.
+ Versions affected: 0.10.10
+
+ The Bittorrent dissector could cause a segmentation fault.
+ Versions affected: 0.10.8 to 0.10.10
+
+ The SMB dissector could cause a segmentation fault and throw assertions.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The Fibre Channel dissector could cause a crash.
+ Versions affected: 0.9.9 to 0.10.10
+
+ The DICOM dissector could attempt to allocate large amounts of memory.
+ Versions affected: 0.10.4 to 0.10.10
+
+ The MGCP dissector was susceptible to a null pointer exception, could
+ loop indefinitely, and segfault.
+ Versions affected: 0.8.14 to 0.10.10
+
+ The RSVP dissector could loop indefinitely.
+ Versions affected: 0.9.8 to 0.10.10
+
+ The DHCP dissector was susceptible to format string vulnerabilities, and
+ could abort.
+ Versions affected: 0.10.7 to 0.10.10
+
+ The SRVLOC dissector could crash unexpectedly or go into an infinite loop.
+ Versions affected: 0.9.8 to 0.10.10
+
+ The EIGRP dissector could loop indefinitely.
+ Versions affected: 0.8.18 to 0.10.10
+
+ The ISIS dissector could overflow a buffer.
+ Versions affected: 0.8.18 to 0.10.10
+
+ The CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified,
+ and X.509 dissectors could overflow buffers.
+ Versions affected: 0.10.4 to 0.10.10
+
+ The NDPS dissector could exhaust system memory or cause an assertion,
+ or crash.
+ Versions affected: 0.9.12 to 0.10.10
+
+ The Q.931 dissector could try to free a null pointer and overflow
+ a buffer.
+ Versions affected: 0.10.10
+
+ The IAX2 dissector could throw an assertion.
+ Versions affected: 0.10.1 to 0.10.10
+
+ The ICEP dissector could try to free the same memory twice.
+ Versions affected: 0.10.7 to 0.10.10
+
+ The MEGACO dissector was susceptible to an infinite loop and a buffer
+ overflow.
+ Versions affected: 0.9.14 to 0.10.10
+
+ The DLSw dissector was susceptible to an infinite loop.
+ Versions affected: 0.9.1 to 0.10.10
+
+ The RPC dissector was susceptible to a null pointer exception.
+ Versions affected: 0.9.2 to 0.10.10
+
+ The NCP dissector could overflow a buffer or loop for a large amount
+ of time.
+ Versions affected: 0.10.5 to 0.10.10
+
+ The RADIUS dissector could throw an assertion.
+ Versions affected: 0.10.3 to 0.10.10
+
+ The GSM dissector could access an invalid pointer.
+ Versions affected: 0.10.10
+
+ The SMB PIPE dissector could throw an assertion.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The L2TP dissector was susceptible to an infinite loop.
+ Versions affected: 0.10.9 to 0.10.10
+
+ The SMB NETLOGON dissector could dereference a null pointer.
+ Versions affected: 0.9.12 to 0.10.10
+
+ The MRDISC dissector could throw an assertion.
+ Versions affected: 0.8.19 to 0.10.10
+
+ The ISUP dissector could overflow a buffer or cause a segmentation fault.
+ Versions affected: 0.8.19 to 0.10.10
+
+ The LDAP dissector could crash.
+ Versions affected: 0.10.1 to 0.10.10
+
+ The TCAP dissector could overflow a buffer or throw an assertion.
+ Versions affected: 0.10.8 to 0.10.10
+
+ The NTLMSSP dissector could crash.
+ Versions affected: 0.9.7 to 0.10.10
+
+
+ Additionally, a number of dissectors could throw an assertion when
+ passing an invalid protocol tree item length.
+ Versions affected: 0.10.8 to 0.10.10
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00019.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+
+
+New protocol support
+
+
+
+Updated protocol support
+
+
+
+New and updated capture file support
+
+
+
+
+== March 11, 2005
+
+Ethereal 0.10.10 has been released.
+
+This release fixes three security and stability-related issues:
+
+ Matevz Pustisek discovered a buffer overflow in the Etheric dissector.
+ (CAN-2005-0704)
+
+ The GPRS-LLC dissector could crash if the "ignore cipher bit" option
+ was enabled. (CAN-2005-0705)
+
+ Diego Giago discovered a buffer overflow in the 3GPP2 A11 dissector.
+ This flaw was later reported by Leon Juranic. (CAN-2005-0699)
+
+ Leon Juranic discovered a buffer overflow in the IAPP dissector.
+
+ A bug in the JXTA dissector could make Ethereal crash.
+
+ A bug in the sFlow dissector could make Ethereal crash.
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00018.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Tree view item context menus now let you browse to the display filter
+ reference and wiki pages for a particular protocol.
+
+ Online help has been expanded.
+
+ VoIP call analysis (including nifty connection diagrams) has been
+ added.
+
+ GSS-API decryption has been greatly enhanced.
+
+
+New protocol support
+
+ AgentX, BUDB, DTP, G.723, IDP, INAP, KINK, Realplayer Data Protocol,
+ Retix Spanning Tree Protocol, RTCP-XR, XML, XNS, SPP
+
+
+Updated protocol support
+
+ 3GPP2 A11, ACSE, AMR, ATM, BER, BSSGP, BUTC, CDP, CLNP, CoSine L2,
+ DAAP, DCE/RPC, DCOM, DIAMETER, DNP, DNS, Etheric, FCP, FW-1, Gnutella,
+ GPRS, GSM A, GSM MAP, H.225, H.245, H.248, H.450, HTTP, IAX2, ICQ,
+ IEEE 802.11, IEEE 802.3 Slow Protocols, IP, iSCSI, ISUP, Juniper,
+ JXTA, Kerberos, L2TP, LDAP, MIP, MPLS, NDMP, NSIP, NTP, OSPF, OXID,
+ PostgreSQL, RADIUS, RDT, Redback, RMCP, RTP, RTSP, SCSI, SCTP, SDP,
+ SPNEGO, SSL, STUN, TCAP, TCP, TZSP
+
+
+New and updated capture file support
+
+ DBS Etherwatch, Lucent/Ascend, Nettl, Tcpdump (Redback)
+
+
+== January 19, 2005
+
+Ethereal 0.10.9 has been released.
+
+This release fixes the following security-related issues:
+
+ The COPS dissector could go into an infinite loop. (CAN-2005-0006)
+
+ The DLSw dissector could cause an assertion, making Ethereal exit
+ prematurely. (CAN-2005-0007)
+
+ The DNP dissector could cause memory corruption. (CAN-2005-0008)
+
+ The Gnutella dissector could cause an assertion, making Ethereal
+ exit prematurely. (CAN-2005-0009)
+
+ The MMSE dissector could free static memory. (CAN-2005-0010)
+
+ The X11 protocol dissector is vulnerable to a string buffer overflow.
+ (CAN-2005-0084)
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00017.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Ethereal will now detect and flag weak 802.11 WEP IVs.
+
+ Windows Sniffer timestamp handling has been greatly improved.
+
+ A bug which made Ethereal crash at startup on Windows 98 and Windows
+ ME systems has been fixed.
+
+ Ethereal and Tethereal now support a personal "hosts" file.
+
+ Invalid field length handling has been greatly improved.
+
+ The capture progress window title now shows the interface name.
+
+
+New protocol support
+
+ ALC, AMR, CRMF, JXTA, NORM, PKIXCMP, PROFINET CBA
+
+Updated protocol support
+
+ AIM, ARP, BGP, BOOTP/DHCP, COPS, DAAP, DCERPC EPM, DCERPC, DCOM,
+ DHCPv6, DLSw, DNP, DNS, EAPOL, eDonkey, FC-dNS, FC-FCS, FC-SWILS,
+ FCIP, FCSB3, FIX, GIOP, Gnutella, GSM A, GSM SMS, GTP, H.225, H.245,
+ HTTP, ICMP, IEEE 802.11, IEEE 802a, image/GIF, image/JFIF, Kerberos,
+ L2TP, LDAP, LLC, LMP, MGCP, MIME Multipart, MMSE, MPLS, MTP2, NBNS,
+ NDMP, NMAS, NSIP, OLSR, PER, pflog, PGM, PostgreSQL, PPP, PRES, Q.931,
+ RADIUS, RTCP, RTP, SDP, SEBEK, SIGCOMP, SIP, SLSK, SMB, SMPP, SRVLOC,
+ SSL/TLS, T.38, TACACS, TCAP, TCP, X11
+
+
+New and updated capture file support
+
+ Windows Sniffer
+
+== December 15, 2004
+
+Ethereal 0.10.8 has been released.
+
+This release fixes the following security-related issues:
+
+ Matthew Bing discovered a bug in DICOM dissection that could make
+ Ethereal crash. (CAN-2004-1139)
+
+ An invalid RTP timestamp could make Ethereal hang and create a large
+ temporary file, possibly filling available disk space. (CAN-2004-1140)
+
+ The HTTP dissector could access previously-freed memory, causing a
+ crash. (CAN-2004-1141)
+
+ Brian Caswell discovered that an improperly formatted SMB packet could
+ make Ethereal hang, maximizing CPU utilization. (CAN-2004-1142)
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00016.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Ethereal now has a packet history, similar to most web browsers.
+
+ Ethereal now supports custom window titles.
+
+ Minor performance enhancements have been added.
+
+ RTP analysis has been enhanced.
+
+ Host name resolution has been improved.
+
+ Ethereal can now track TCP PDU times. See
+ http://wiki.ethereal.com/TcpPduTime for more details.
+
+ Ethereal now ships with netscreen2dump.py, a utility which converts
+ netscreen packet-trace hex dumps to hex dumps that can be read by
+ text2pcap.
+
+
+New protocol support
+
+ AoE (ATA over Ethernet), Bittorrent, CMIP, GPRS Mobility Management
+ and Session Management, GSM MAP, Extended Security Services, Logotype
+ Certificate Extensions, MAP Dialogue, Network Service Over IP, Online
+ Certificate Status Protocol, PKIX Certificate, PKIX Qualified, PROFINET
+ DCP, IO, Real-Time, Short Message Relaying Service, SSCF-NNI,
+
+
+Updated protocol support
+
+ 3GPP2 A11, ACSE, AIM, AODV, ASN.1 BER, ASN.1 PER, BOOTP, BSSGP, BVLC,
+ CMS, COPS, DCERPC, DCERPC ISystemActivator, DICOM, DHCPv6, DNS, eDonkey,
+ ENTTEC, Etheric, Frame Relay, FTAM, FW1, GIOP, GPRS LLC, GRE, GSM A,
+ GSM SMS, H.225, H.245, H.450, HTTP, IPAddress, IPDC, IPMI, IPsec,
+ ISAKMP, ISUP, JFIF, Kerberos, MQ, MTP3, NMAS, OPSI, PKIX1EXPLICIT,
+ PKIX1IMPLICIT, PKIXProxy, PPP, PRES, Radiotap, RADIUS, ONC RPC, RTnet,
+ RTP, SAP, SDP, SIGCOMP, SIGCOMP UDVM, SIP, SMB, SNMP, SONMP, SSCOP,
+ SSL, Symantec Firewall, T.38, TCP, TDS, TSP, UDP, WSP, WTP, X.25,
+ X.509af, X.509ce, X.509if, X.509sat,
+
+
+New and updated capture file support
+
+ pppdump
+
+
+== October 20, 2004
+
+Ethereal 0.10.7 has been released.
+
+ The Windows installer features new GLib/GTK+, Net-SNMP and ADNS
+ libraries which fix several known bugs. Unfortunately, a few known
+ GLib/GTK+ bugs remain.
+
+ In order to avoid a naming conflict with the tcpreplay project, the
+ "capinfo" utility has been renamed to "capinfos".
+
+
+New and updated features
+
+ Search wrapping is now a configurable option.
+
+ A lot of material has been added to the Developer's Guide. The User's Guide
+ has been updated as well.
+
+ The "Decode As..." dialog now supports DCERPC and SCTP.
+
+ The "Help" menu now includes a link to the wiki.
+
+ H.323 call analysis is now supported.
+
+
+New protocol support
+
+ Cisco PAgP, DAAP, Etheric, Ethernet Configuration Testing Protocol,
+ Ethernet MAC Control Frame, ICE, Kerberos v4, Netscape certificate
+ extensions, PKINIT, PKIX1EXPLICIT, PKIX1IMPLICIT,
+
+
+Updated protocol support
+
+ AIM, ARTNET, ASN.1 BER, ASN.1 PER, ASN.1, BGP, BOOTP, CIP, CLNP, COPS,
+ DCERPC MAPI, DCERPC SAMR, DCERPC, DCOM, DHCP, DHCPv6, DIAMETER, DNS,
+ EAP, ENIP, EPM, GRE, GSM A, GSM MAP, H.225, H.245, H.248 MEGACO, H.450,
+ ISAKMP, iSCSI, iSNS, ISUP, JFIF, Kerberos, LDAP, LDP, LLC, LWAPP, M2PA,
+ MEGACO, MPLS, NCP 2222, NCP, NDMP, NetFlow, NTLMSSP, OSCAR-ICQ, OSPF,
+ RADIUS, RSVP, RTCP, RTP, RTSP, SCTP, SDP, SES, SIP, Skinny, SMB, SNMP,
+ SUA, T.38, TALI, TCAP, TCP, TDS, Teredo, Time, X.509, X11,
+
+
+New and updated capture file support
+
+ HP-UX nettl, NG Sniffer
+
+
+== August 12, 2004
+
+Ethereal 0.10.6 has been released.
+
+ This release fixes a preferences bug present in Ethereal which displayed
+
+ (ethereal.exe:3512): Gtk-CRITICAL **: file gtkwindow.c: line 3107
+ (gtk_window_resize): assertion `height > 0' failed
+
+ at program startup. A workaround for 0.10.5 is described in
+
+ http://www.ethereal.com/lists/ethereal-users/200408/msg00059.html
+
+ A new command-line utility called "capinfo" has been added to the
+ distribution which prints statistics about capture files.
+
+ You can now copy conversation and endpoint data to other applications as
+ CSV data.
+
+
+New and updated features
+
+ X.509 support has been added.
+
+ Crash bugs have been fixed in the RTP and NCP dissectors.
+
+ PostScript(r) output has been improved.
+
+ A bug that prevented mergecap from creating a new output file has been
+ fixed.
+
+ Conversation and endpoint performance has been enhanced. General packet
+ display performance has been enhanced.
+
+ The conversation and host list tools have been renamed to be less
+ confusing.
+
+ You can now copy conversation and host list data as CSV data.
+
+ RTP analysis can now dynamically determine the proper clock rate.
+
+
+New protocol support
+
+ AX/4000, CMS, DCERPC (EVENTLOG, FRSAPI, FRSRPC), MANOLITO, PKCS#1,
+ X.509AF, X.509CE, X.509IF, X.509SAT
+
+
+Updated protocol support
+
+ 802.11, AIM, ASAP, ASN.1 BER, ASN.1, COPS, DCM, DHCP Failover (ISC),
+ ENRP, Fibre Channel, GIOP, GSSAPI, GTP, HTTP, ICAP, iSNS, Kerberos,
+ MPLS, NCP, NTLMSSP, OPSI, OSPF, PRES, RADIUS, Rlogin, RSVP, RTPS, RTSP,
+ SCTP, Sigcomp, Skinny, SMB BROWSER, SMB, SNMP, SSL, TDS, Telnet
+
+
+New and updated capture file support
+
+ LANalyzer
+
+
+== July 7, 2004
+
+Ethereal 0.10.5 has been released.
+
+
+This release fixes bugs in iSNS, SMB, and SNMP, as described in the
+following advisory:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00015.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Ethereal can now merge multiple files (you don't have to resort to
+ mergecap on the command line).
+
+ A preview pane has been added to the file dialog.
+
+ The capture progress dialog can now be disabled.
+
+ The about dialog has received further improvements.
+
+ The behavior of Ethereal's dialog windows has been normalized somewhat.
+
+ The Windows installer can now associate standard file extensions
+ with Ethereal.
+
+ Ethereal can be configured not to bug you about unsaved captures.
+
+ Ethereal can open help documentation using the default web browser.
+
+
+New protocol support
+
+ DNP, ENRP, giFT, H.235, PacketCable, SigComp, SIR (Serial Infrared)
+
+
+Updated protocol support
+
+ AIM, ASAP, ASN.1 BER, ARP, ATM, DHCP, CFPI, CLNP, DCERPC (DCERPC, LSA,
+ NT, SAMR, SRVSVC, WKSSVC), EAP, ENIP, Frame Relay, GRE, H.225, H.245,
+ H.450, HTTP, IAX2, IEEE 802.11, ISAKMP, iSNS, ISUP, JFIF, Kerberos, LMP,
+ M3UA, MGCP, MPLS, MTP3, NCP, NetFlow, NFS, OSPF, PIM, RADIUS, RIP, RSVP,
+ RTCP, RTP, RTSP, SCSI, SDP, SIP, SMB, SMTP, SNMP, SOCKS, SSL, T.35, TCP,
+ VRRP, WBXML (User-Agent Profile), WSP, X11
+
+
+New and updated capture file support
+
+ Radcom
+
+
+== May 13, 2004
Ethereal 0.10.4 has been released.
Compressed and chunked transfer-coded HTTP bodies are now decoded.
+ A new generic media dissector more cleanly handles HTTP and WSP
+ Content-Type information.
+
New protocol support
- ANSI IS-801, BEA Tuxedo, DCERPC EFS, DICOM, GPRS LLC, GPRS SNDCP, IEEE
- 1588/PTP, PVSTP, RTPS
+ ANSI IS-801, BEA Tuxedo, DCERPC EFS, DICOM, GPRS LLC, GPRS SNDCP,
+ IEEE 1588/PTP, PVSTP, MPLS Echo, RTPS
Updated protocol support
-3G A11,
-ACSE,
-AFS,
-AIM,
-ANSI MAP,
-ASN.1 (BER, PER),
-BACnet,
-CHDLC,
-COPS,
-DCERPC (LSA, NETLOGON, SAMR, SVCCTL, SPOOLS)
-DHCP,
-DIAMETER,
-EAPOL,
-FTAM,
-GSM,
-GTP,
-H.225,
-HTTP,
-ICMPv6,
-IPv4,
-IPv6,
-IPDC,
-IPMI,
-iSNS,
-ISUP,
-Kerberos,
-LDAP,
-LDP,
-MEGACO,
-MIPv6,
-MMSE,
-MQ,
-MTP3,
-NTLMSSP,
-RADIUS,
-RPC,
-RTPS,
-RUDP,
-SCTP,
-SIP,
-SLSK,
-SMB,
-SPNEGO,
-TCP,
-Time,
-WBXML,
-WCCP,
-WSP,
-X11,
-YMSG,
+ 3G A11, ACSE, AFS, AIM, ANSI MAP, ASN.1 (BER, PER), BACnet, CHDLC, COPS,
+ DCERPC (LSA, NETLOGON, SAMR, SVCCTL, SPOOLS) DHCP, DIAMETER, EAPOL,
+ FTAM, GSM, GTP, H.225, HTTP, ICMPv6, IPv4, IPv6, IPDC, IPMI, iSNS,
+ ISUP, Kerberos, LDAP, LDP, MEGACO, MIPv6, MMSE, MQ, MTP3, NTLMSSP,
+ RADIUS, RPC, RTCP, RTPS, RUDP, SCTP, SIP, SLSK, SMB, SPNEGO, TCP,
+ Time, WBXML (EMN, SI, WV-CSP), WCCP, WSP, X11, YMSG
Capture file support
- EyeSDN, nettl,
+ EyeSDN, nettl
== March 25, 2004