$Id$
+== December 27, 2005
+
+Ethereal 0.10.14 has been released.
+
+ Bug Fixes
+
+ Three security vulnerabilities have been fixed since the previous
+ release. See the [1]application advisory for more details.
+
+ o The IRC dissector could go into an infinite loop. Versions
+ affected: 0.10.13.
+
+ o The GTP dissector could go into an infinite loop. Versions
+ affected: 0.9.1 to 0.10.13.
+
+ o iDefense found a buffer overflow in the OSPF dissector.
+ Versions affected: 0.8.20 to 0.10.13.
+
+ New and Updated Features
+
+ The following features are new (or have been significantly
+ updated) since the last release:
+
+ o The Windows installer now ships with GTK+ 2.6 instead of GTK+
+ 2.4. This should fix several long-standing bugs.
+
+ o If you're loading a saved capture file and press "Cancel",
+ Ethereal will now display the packets read up to that point.
+ In previous versions, Ethereal would abort the attempt
+ completely and clear the packet list.
+
+ This means that if you're loding a huge capture file, you can
+ stop loading in the middle and still be able to analyze part
+ of the file.
+
+ o The maximum number of files allowed in a ring buffer has been
+ increased from 1024 to 10,000.
+
+ o OID to name resolution has been improved.
+
+ o TCP graphs now handle upper and lower bounds better.
+
+ New Protocol Support
+
+ 3Com Netjack200, CDT, CIGI, DAP, DISP, DOP, DSP, FTBP, MS NLB,
+ NBAP, NCP SSS, NCS, NHRP, P_Mul, RNSAP, SMB2, STANAG 5066, TIPC,
+ UDP-Lite, X.501
+
+ Updated Protocol Support
+
+ ACSE, AIM, ALCAP, AMR, ANSI MAP, BER, BitTorrent, BOOTP, CAMEL,
+ CMP, CMS, COPS, CRMF, DCCP, DCERPC (DCERPC, DSSETUP, INITSHUTDOWN,
+ NT, WINREG), DEC DNA RT, DNP, DTP, eDonkey, ENIP, ESS, Etheric,
+ FC-DNS, FC-FZS, FMIPv6, GRE, GSM A, GSM MAP, GTP, H.225, H.235,
+ H.245, H.248, H.263, H.450, IAPP, IEEE 802.11, INAP, IP, IPv6,
+ IRC, ISIS LSP, ISUP, IUUP, Juniper, LLDP, M3UA, MIP, MIPv6,
+ Modbus/TCP, MTP3, NCP, NDPS, NDS, NEMO, NMAS, NTLMSSP, OSPF, PER,
+ PN-DCP, PPP CHAP, PPPoE, PVFS2, Q.931, RADIUS, RANAP, RDT, RLOGIN,
+ RMT, ROS, RTCP, RTP, RTSE, S4406, SCCP, SCTP, SES, SIP, SMB,
+ SNDCP, SRVLOC, STUN, T.38, UMA, WINS Replication, X.411, X.420,
+ X.509
+
+ New and Updated Capture File Support
+
+ DOS Sniffer, Endace ERF, HP-UX nettl, IBM iSeries traces,
+ Tektronix K12
+
+Getting Ethereal
+
+ Microsoft Windows
+
+ Download ethereal-setup-0.10.14.exe from the [2]Windows download
+ area on the main web site. Double-click the installer executable.
+
+ Sun Solaris
+
+ Download the appropriate package from the [3]Solaris download area
+ on the main web site. Uncompress the package using bzip2, and
+ install it using pkgadd.
+
+ Source Code
+
+ Download ethereal-0.10.14.tar.gz from the [4]main download area on
+ the web site. Extract the package using tar and gzip. Run
+ "configure ; make ; make install".
+
+ Vendor-supplied Packages
+
+ Most Linux and Unix vendors supply their own Ethereal packages.
+ You can install or upgrade Ethereal using the package management
+ system specific to that platform. A list of third-party packages
+ can be found on the [5]download page on the Ethereal web site.
+
+File Locations
+
+ Ethereal and Tethereal look in several different locations for
+ preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
+ These locations vary from platform to platform. You can use
+ About->Folders to find the default locations on your system.
+
+Known Problems
+
+ On Windows systems the packet list scroll bar can sometimes
+ disappear or become unusable. Until the problem is fixed you can
+ work around it by resizing the packet list or the main window.
+ ([6]Bug #220)
+
+Getting Help
+
+ Community support is available on the ethereal-users mailing list.
+ Subscription information and archives for all of Ethereal's
+ mailing lists can be found on [7]the web site. There is also an
+ [8]IRC channel dedicated to Ethereal.
+
+ Commercial support, training, and development services are
+ available from [9]Ethereal Software.
+
+Frequently Asked Questions
+
+ A complete FAQ is available on the [10]Ethereal web site.
+
+References
+
+ Visible links
+ 1. http://www.ethereal.com/appnotes/enpa-sa-00022.html
+ 2. http://www.ethereal.com/docs/distribution/win32/
+ 3. http://www.ethereal.com/docs/distribution/solaris/
+ 4. http://www.ethereal.com/docs/distribution/
+ 5. http://www.ethereal.com/download.html#otherplat
+ 6. http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220
+ 7. http://www.ethereal.com/lists/
+ 8. irc://irc.freenode.net/ethereal
+ 9. http://www.etherealsoft.com/
+ 10. http://www.ethereal.com/faq.html
+
+== October 17, 2005
+
+Ethereal 0.10.13 has been released.
+
+ Bug Fixes
+
+ Several security vulnerabilities have been fixed since the previous
+ release. See the [1]application advisory for more details.
+
+ o The ISAKMP dissector could exhaust system memory. Versions affected:
+ 0.10.11 to 0.10.12.
+
+ o The FC-FCS dissector could exhaust system memory. Versions affected:
+ 0.9.0 to 0.10.12.
+
+ o The RSVP dissector could exhaust system memory. Versions affected:
+ 0.9.4 to 0.10.12.
+
+ o The ISIS LSP dissector could exhaust system memory. Versions affected:
+ 0.8.18 to 0.10.12.
+
+ o The IrDA dissector could crash. Versions affected: 0.10.0 to 0.10.12.
+
+ o The SLIMP3 dissector could overflow a buffer. Versions affected: 0.9.1
+ to 0.10.12.
+
+ o The BER dissector was susceptible to an infinite loop. Versions
+ affected: 0.10.3 to 0.10.12.
+
+ o The SCSI dissector could dereference a null pointer and crash.
+ Versions affected: 0.10.3 to 0.10.12.
+
+ o If the "Dissect unknown RPC program numbers" option was enabled, the
+ ONC RPC dissector might be able to exhaust system memory. This option
+ is disabled by default. Versions affected: 0.7.7 to 0.10.12.
+
+ o The sFlow dissector could dereference a null pointer and crash.
+ Versions affected: 0.9.14 to 0.10.12.
+
+ o The RTnet dissector could dereference a null pointer and crash.
+ Versions affected: 0.10.8 to 0.10.12.
+
+ o The SigComp UDVM could go into an infinite loop or crash. Versions
+ affected: 0.10.12.
+
+ o If SMB transaction payload reassembly is enabled the SMB dissector
+ could crash. This preference is disabled by default. Versions
+ affected: 0.9.7 to 0.10.12.
+
+ o The X11 dissector could attempt to divide by zero. Versions affected:
+ 0.10.1 to 0.10.12.
+
+ o The AgentX dissector could overflow a buffer. Versions affected:
+ 0.10.10 to 0.10.12.
+
+ o The WSP dissector could free an invalid pointer. Versions affected:
+ 0.10.1 to 0.10.12.
+
+ o iDEFENSE found a buffer overflow in the SRVLOC dissector. Versions
+ affected: 0.10.0 to 0.10.12.
+
+ When trying to save a flow graph, Ethereal could crash.
+
+ When viewing protocol hierarchy statistics, Ethereal and Tethereal could
+ crash.
+
+ The PCRE library that ships with the Windows installer has been upgraded
+ from version 4.4 to 6.3 in response to a [2]security vulnerability.
+
+ New and Updated Features
+
+ The following features are new (or have been significantly updated) since
+ the last release:
+
+ o The timestamp display precision of the Packet List can be adjusted
+ now. The precision will be automatically adjusted depending on the
+ file format loaded, e.g. libpcap typically uses microsecond resolution
+ displayed like "0.000000". In addition you can adjust the precision
+ manually through the View/Time Display Format menu items.
+
+ o The WinPcap version 3.1 installer was released since the last Ethereal
+ release. The version included in the Ethereal Windows installer has
+ been updated from 3.1 beta 4 to 3.1. If you want to upgrade WinPcap
+ separately or install a different version you can download it from:
+ [3]the WinPcap web site.
+
+ o The behavior of the display filter "ip.checksum_bad" has changed.
+ Instead of merely checking for its presence you must now make sure it
+ is set, e.g. instead of using "ip.checksum_bad" you must now use
+ "ip.checksum_bad == 1".
+
+ o A new capture file format "Nanosecond libpcap (Ethereal)" was added.
+ It is very similar to the common libpcap file format but is capable of
+ keeping nanosecond resolution timestamps. This format is currently
+ supported only by Ethereal.
+
+ o Ethereal's memory managment has been greatly improved.
+
+ o Ethereal can now save gzip-compressed capture files.
+
+ New Protocol Support
+
+ CIMD, CISCOWL-L2, DCCP, EDP, GNM, LLDP, ROS, RTSE, STANAG 4406, WINS
+ Replication, X.411, X.420
+
+ Updated Protocol Support
+
+ 802.11 Radiotap, A11, AARP, ACSE, ACtrace, AFP, AFS, AgentX, AIM, AJP13,
+ ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI IS-683-A, ANSI IS-801, ANSI MAP,
+ AOE, AppleTalk, Armagetronad, ARP, ASAP, ASN.1, BACapp, BER, BGP,
+ BitTorrent, BOOTP, CAMEL, CLNP, CMIP, CMP, CMS, COPS, CRMF, CSM_ENCAPS,
+ DAAP, DCERPC (ATSVC, DCE_DFS, FLDB, INITSHUTDOWN, LSA, NETLOGON, NT, SAMR,
+ SPOOLSS, WINREG), DCM, DCOM, DHCP Failover, DIAMETER, ENRP, ESS, FC, FCCT,
+ FCDNS, FCELS, FCFCS, FCFZS, FCP, FCSWILS, FTAM, GIOP, GPRS LLC, GSM, GTP,
+ H1, H.225, H.235, H.245, H.248, H.261, H.263, H.450, HSRP, HTTP, IAX2,
+ IEEE 802.11, IEEE 802.3, IEEE 802.3 Slow protocols, IP, IP/IEEE1394, IRC,
+ IrDA, ISAKMP, iSCSI, ISIS, ISUP, Jabber, JFIF, Juniper, JXTA, K12,
+ Kerberos, LDAP, LDP, LLC, LPD, MAP_DialoguePDU, MDSHDR, Media, MEGACO,
+ MGCP, MIME multipart, MMS, MOUNT, MQ, MSMMS, NBNS, NDMP, NS_CERT_EXTS,
+ OCSP, OPSI, OSPF, PARLAY, PER, PKINIT, PKIX, PN-RT, PPP, PRES, PTP,
+ RADIUS, RDT, RPC, RSVP, RTCP, RTnet, RTSP, SCCP, SCSI, SCTP, SES, sFlow,
+ SIGCOMP, SIP, SliMP3, SMB, SMPP, SMRSE, SNA, SNMP, SPNEGO, SRVLOC, STUN,
+ T.38, TCAP, TCP, Text, TPKT, UMA, WBXML, WLANCERTEXTN, WSP, X11, X.25,
+ X.509, XML, YMSG
+
+ New and Updated Capture File Support
+
+ 5Views, AiroPeek, ERF, EtherPeek, i4btrace, LANAlyzer, Libpcap, Windows
+ Sniffer, Tektronix K12
+
+Getting Ethereal
+
+ Microsoft Windows
+
+ Download ethereal-setup-0.10.13.exe from the [4]Windows download area on
+ the main web site. Double-click the installer executable.
+
+ Sun Solaris
+
+ Download the appropriate package from the [5]Solaris download area on the
+ main web site. Uncompress the package using bzip2, and install it using
+ pkgadd.
+
+ Source Code
+
+ Download ethereal-0.10.13.tar.gz from the [6]main download area on the web
+ site. Extract the package using tar and gzip. Run "configure ; make ; make
+ install".
+
+ Vendor-supplied Packages
+
+ Most Linux and Unix vendors supply their own Ethereal packages. You can
+ install or upgrade Ethereal using the package management system specific
+ to that platform. A list of third-party packages can be found on the
+ [7]download page on the Ethereal web site.
+
+File Locations
+
+ Ethereal and Tethereal look in several different locations for preference
+ files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary
+ from platform to platform. You can use About->Folders to find the default
+ locations on your system.
+
+Known Problems
+
+ On Windows systems the packet list scroll bar can sometimes disappear or
+ become unusable. Until the problem is fixed you can work around it by
+ resizing the packet list or the main window. ([8]Bug #220)
+
+Getting Help
+
+ Community support is available on the ethereal-users mailing list.
+ Subscription information and archives for all of Ethereal's mailing lists
+ can be found on [9]the web site. There is also an [10]IRC channel
+ dedicated to Ethereal.
+
+ Commercial support, training, and development services are available from
+ [11]Ethereal Software.
+
+Frequently Asked Questions
+
+ A complete FAQ is available on the [12]Ethereal web site.
+
+References
+
+ Visible links
+ 1. http://www.ethereal.com/appnotes/enpa-sa-00021.html
+ 2. http://www.securityfocus.com/bid/14620
+ 3. http://www.winpcap.org/
+ 4. http://www.ethereal.com/docs/distribution/win32/
+ 5. http://www.ethereal.com/docs/distribution/solaris/
+ 6. http://www.ethereal.com/docs/distribution/
+ 7. http://www.ethereal.com/download.html#otherplat
+ 8. http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220
+ 9. http://www.ethereal.com/lists/
+ 10. irc://irc.freenode.net/ethereal
+ 11. http://www.etherealsoft.com/
+ 12. http://www.ethereal.com/faq.html
+
+== July 26, 2005
+
+Ethereal 0.10.12 has been released.
+
+Our testing program has turned up several more security issues:
+
+ The LDAP dissector could free static memory and crash.
+ Versions affected: 0.8.5 to 0.10.11
+
+ The AgentX dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The 802.3 dissector could go into an infinite loop.
+ Versions affected: 0.8.16 to 0.10.11
+
+ The PER dissector could abort.
+ Versions affected: 0.10.5 to 0.10.11
+
+ The DHCP dissector could go into an infinite loop.
+ Versions affected: 0.10.7 to 0.10.11
+
+ The BER dissector could abort or loop infinitely.
+ Version affected: 0.10.11
+
+ The MEGACO dissector could go into an infinite loop.
+ Versions affected: 0.9.14 to 0.10.11
+
+ The GIOP dissector could dereference a null pointer.
+ Versions affected: 0.8.20 to 0.10.11
+
+ The SMB dissector was susceptible to a buffer overflow.
+ Versions affected: 0.9.12 to 0.10.11
+
+ The WBXML could dereference a null pointer.
+ Versions affected: 0.10.1 to 0.10.11
+
+ The H1 dissector could go into an infinite loop.
+ Versions affected: 0.8.15 to 0.10.11
+
+ The DOCSIS dissector could cause a crash.
+ Versions affected: 0.9.13 to 0.10.11
+
+ The SMPP dissector could go into an infinite loop.
+ Versions affected: 0.10.1 to 0.10.11
+
+ SCTP graphs could crash.
+ Version affected: 0.10.11
+
+ The HTTP dissector could crash.
+ Versions affected: 0.10.4 to 0.10.11
+
+ The SMB dissector could go into a large loop.
+ Versions affected: 0.9.0 to 0.10.11
+
+ The DCERPC dissector could crash.
+ Versions affected: 0.9.16 to 0.10.11.
+
+ Several dissectors could crash while reassembling packets.
+ Versions affected: 0.9.0 to 0.10.11
+
+
+ Steve Grubb at Red Hat found the following issues:
+
+ The CAMEL dissector could dereference a null pointer.
+ Version affected: 0.10.11
+
+ The DHCP dissector could crash.
+ Versions affected: 0.10.4 to 0.10.11
+
+ The CAMEL dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The PER dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The RADIUS dissector could crash.
+ Versions affected: 0.9.4 to 0.10.11
+
+ The Telnet dissector could crash.
+ Versions affected: 0.9.10 to 0.10.11
+
+ The IS-IS LSP dissector could crash.
+ Versions affected: 0.8.19 to 0.10.11
+
+ The NCP dissector could crash.
+ Versions affected: 0.9.15 to 0.10.11
+
+
+ iDEFENSE found the following issues:
+
+ Several dissectors were susceptible to a format string overflow.
+ Versions affected: 0.9.4 to 0.10.11
+
+
+ Ethereal uses the zlib compression library. Security vulnerabilities
+ have been discovered in zlib 1.2.1 and 1.2.2. The Windows installer
+ now ships with zlib 1.2.3, which fixes these vulnerabilities.
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00020.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ The Windows installer now includes the WinPcap 3.1 beta 4 installer.
+ You don't have to download and install it separately.
+
+ RADIUS dictionaries are now included.
+
+ A lot of documentation was updated
+
+ Some command line parameters have changed, see the Ethereal / Tethereal
+ manual pages
+
+ A "File/File Set" submenu was added to better handle multiple files
+ (such as ring buffers).
+
+ Flow graphs can now be created for any protocol.
+
+ Memory management has been greatly improved.
+
+ JXTA has been added to the conversations menu.
+
+ When compiled with MIT/Heimdal Kerberos AND if keytab files are
+ provided, Ethereal can now decrypt and dissect both SecureLDAP and
+ encrypted DCE/RPC.
+
+ TCP Sequence graphs should now work for all captures and all
+ encapsulation types.
+
+
+New protocol support
+
+ ACSE, ARMAGETRONAD, AudioCodes trunk trace, CSM_ENCAPS, DEC DNA Routing,
+ DIS, FTAM, iFCP, Juniper PPPoE, MMS, MS MediaServer, MSRP, Parlay,
+ Synergy, TANGO, WLAN Certificate Extensions
+
+
+Updated protocol support
+
+ 802.11 Radiotap, 9P, ACSE, AFP, AgentX, AIM, ANSI MAP, BACapp, BVLC,
+ Camel, CLNP, CMIP, DCERPC, DCOM, DHCP, DHCP Failover, DHCPv6, DICOM,
+ DNP, DNS, DOCSIS, EAP, Ethernet, FC ELS, FCIP, FCP, FC-SWILS, GIOP,
+ GSM A, GSM MAP, GSSAPI, GTP, H1, H.221, H.225, H.235, H.245, H.248,
+ H.450, HPSW, HTTP, HyperSCSI, ICMP, IEEE 802.11, IEEE 802.3, iFCP,
+ IP, IPDC, ISAKMP, iSCSI, iSNS, ISUP, JXTA, Kerberos, KINK, LDAP, LLC,
+ LMP, LWAPP, MEGACO, MGCP, MMSE, NDMP, NDPS, NFS, NTLMSSP, OSI, OSPF,
+ PER, PPP, PRES, PROFINET, RDT, RMT, RPC, RSVP, Rsync, RTP, RTSP, SCSI,
+ SCTP, SDP, SIP, SMB, SMPP, SNMP, SPNEGO, SSCOP, SSL, T.38, TCAP, TCP,
+ Telnet, TFTP, TPKT, UDP, UDVM, UMA, V5UA, WBXML, WSP, XML, YMSG, YPSERV
+
+
+New and updated capture file support
+
+ HP Nettl, Tektronix K12
+
+
+== May 4, 2005
+
+Ethereal 0.10.11 has been released.
+
+An aggressive testing program as well as independent discovery has turned
+up a multitude of security issues:
+
+ The ANSI A dissector was susceptible to format string vulnerabilities.
+ Discovered by Bryan Fulton.
+ Versions affected: 0.9.15 to 0.10.10
+
+ The GSM MAP dissector could crash.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The AIM dissector could cause a crash.
+ Versions affected: 0.9.14 to 0.10.10
+
+ The DISTCC dissector was susceptible to a buffer overflow.
+ Discovered by Ilja van Sprundel
+ Versions affected: 0.9.13 to 0.10.10
+
+ The FCELS dissector was susceptible to a buffer overflow.
+ Discovered by Neil Kettle
+ Versions affected: 0.9.9 to 0.10.10
+
+ The SIP dissector was susceptible to a buffer overflow.
+ Discovered by Ejovi Nuwere.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The KINK dissector was susceptible to a null pointer exception,
+ endless looping, and other problems.
+ Versions affected: 0.10.10
+
+ The LMP dissector was susceptible to an endless loop.
+ Versions affected: 0.9.4 to 0.10.10
+
+ The Telnet dissector could abort.
+ Versions affected: 0.9.10 to 0.10.10
+
+ The TZSP dissector could cause a segmentation fault.
+ Versions affected: 0.10.10 to 0.10.10
+
+ The WSP dissector was susceptible to a null pointer exception and
+ assertions.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The 802.3 Slow protocols dissector could throw an assertion.
+ Versions affected: 0.10.10
+
+ The BER dissector could throw assertions.
+ Versions affected: 0.10.2 to 0.10.10
+
+ The SMB Mailslot dissector was susceptible to a null pointer exception
+ and could throw assertions.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The H.245 dissector was susceptible to a null pointer exception.
+ Versions affected: 0.10.10
+
+ The Bittorrent dissector could cause a segmentation fault.
+ Versions affected: 0.10.8 to 0.10.10
+
+ The SMB dissector could cause a segmentation fault and throw assertions.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The Fibre Channel dissector could cause a crash.
+ Versions affected: 0.9.9 to 0.10.10
+
+ The DICOM dissector could attempt to allocate large amounts of memory.
+ Versions affected: 0.10.4 to 0.10.10
+
+ The MGCP dissector was susceptible to a null pointer exception, could
+ loop indefinitely, and segfault.
+ Versions affected: 0.8.14 to 0.10.10
+
+ The RSVP dissector could loop indefinitely.
+ Versions affected: 0.9.8 to 0.10.10
+
+ The DHCP dissector was susceptible to format string vulnerabilities, and
+ could abort.
+ Versions affected: 0.10.7 to 0.10.10
+
+ The SRVLOC dissector could crash unexpectedly or go into an infinite loop.
+ Versions affected: 0.9.8 to 0.10.10
+
+ The EIGRP dissector could loop indefinitely.
+ Versions affected: 0.8.18 to 0.10.10
+
+ The ISIS dissector could overflow a buffer.
+ Versions affected: 0.8.18 to 0.10.10
+
+ The CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified,
+ and X.509 dissectors could overflow buffers.
+ Versions affected: 0.10.4 to 0.10.10
+
+ The NDPS dissector could exhaust system memory or cause an assertion,
+ or crash.
+ Versions affected: 0.9.12 to 0.10.10
+
+ The Q.931 dissector could try to free a null pointer and overflow
+ a buffer.
+ Versions affected: 0.10.10
+
+ The IAX2 dissector could throw an assertion.
+ Versions affected: 0.10.1 to 0.10.10
+
+ The ICEP dissector could try to free the same memory twice.
+ Versions affected: 0.10.7 to 0.10.10
+
+ The MEGACO dissector was susceptible to an infinite loop and a buffer
+ overflow.
+ Versions affected: 0.9.14 to 0.10.10
+
+ The DLSw dissector was susceptible to an infinite loop.
+ Versions affected: 0.9.1 to 0.10.10
+
+ The RPC dissector was susceptible to a null pointer exception.
+ Versions affected: 0.9.2 to 0.10.10
+
+ The NCP dissector could overflow a buffer or loop for a large amount
+ of time.
+ Versions affected: 0.10.5 to 0.10.10
+
+ The RADIUS dissector could throw an assertion.
+ Versions affected: 0.10.3 to 0.10.10
+
+ The GSM dissector could access an invalid pointer.
+ Versions affected: 0.10.10
+
+ The SMB PIPE dissector could throw an assertion.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The L2TP dissector was susceptible to an infinite loop.
+ Versions affected: 0.10.9 to 0.10.10
+
+ The SMB NETLOGON dissector could dereference a null pointer.
+ Versions affected: 0.9.12 to 0.10.10
+
+ The MRDISC dissector could throw an assertion.
+ Versions affected: 0.8.19 to 0.10.10
+
+ The ISUP dissector could overflow a buffer or cause a segmentation fault.
+ Versions affected: 0.8.19 to 0.10.10
+
+ The LDAP dissector could crash.
+ Versions affected: 0.10.1 to 0.10.10
+
+ The TCAP dissector could overflow a buffer or throw an assertion.
+ Versions affected: 0.10.8 to 0.10.10
+
+ The NTLMSSP dissector could crash.
+ Versions affected: 0.9.7 to 0.10.10
+
+
+ Additionally, a number of dissectors could throw an assertion when
+ passing an invalid protocol tree item length.
+ Versions affected: 0.10.8 to 0.10.10
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00019.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+
+
+New protocol support
+
+
+
+Updated protocol support
+
+
+
+New and updated capture file support
+
+
+
+
== March 11, 2005
Ethereal 0.10.10 has been released.
git.samba.org / metze / wireshark / wip.git / blobdiff