<?xml version="1.0"?>
-<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!-- $Id$ -->
-Use this section to encode all document information
-->
- <!ENTITY DocumentTitle "<application>Ethereal</application> Release Notes">
- <!ENTITY DocumentSubTitle "&DocumentVersion; (&SvnVersion;) for Ethereal &EtherealCurrentVersion;">
- <!ENTITY DocumentTitleAbbreviation "Relnotes">
-
- <!ENTITY % SvnVersionFile SYSTEM "svn_version.xml">
- %SvnVersionFile;
-<!ENTITY DocumentLegalNotice "<para>Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.</para><para>All logos and trademarks in this document are property of their respective owner.</para>">
-
-<!--
-Ethereal Info
--->
- <!ENTITY EtherealCurrentVersion "0.10.13 (preliminary)">
- <!ENTITY EtherealWebSite "http://www.ethereal.com">
- <!ENTITY EtherealUsersGuidePage "&EtherealWebSite;/docs/#usersguide">
- <!ENTITY EtherealDownloadPage "&EtherealWebSite;/download.html">
- <!ENTITY EtherealBinariesPage "&EtherealWebSite;/download.html#releases">
- <!ENTITY EtherealAuthorsPage "&EtherealWebSite;/introduction.html#authors">
- <!ENTITY EtherealProtocolsPage "&EtherealWebSite;/docs/dfref/">
- <!ENTITY EtherealFAQPage "&EtherealWebSite;/faq.html">
- <!ENTITY EtherealFAQPromiscPage "&EtherealWebSite;/faq#promiscsniff">
- <!ENTITY EtherealMediaPage "&EtherealWebSite;/media.html">
- <!ENTITY EtherealWikiPage "http://wiki.ethereal.com">
- <!ENTITY EtherealWikiCaptureFiltersPage "&EtherealWikiPage;/CaptureFilters">
- <!ENTITY EtherealWikiDisplayFiltersPage "&EtherealWikiPage;/DisplayFilters">
- <!ENTITY EtherealWikiPreferencesPage "&EtherealWikiPage;/Preferences">
- <!ENTITY EtherealWikiColoringRulesPage "&EtherealWikiPage;/ColoringRules">
- <!ENTITY EtherealWikiPreferencesPage "&EtherealWikiPage;/Preferences">
-
- <!ENTITY EtherealDevMailList "ethereal-dev[AT]ethereal.com">
- <!ENTITY EtherealUsersMailList "ethereal-users[AT]ethereal.com">
-
-
<!--
-Winpcap Info
+Wireshark Info
-->
- <!ENTITY WinPcapWebsite "http://www.winpcap.org">
- <!ENTITY WinPcapDownloadWebsite "http://www.winpcap.org/install/default.htm">
-
-<!--
-Gnu info
--->
- <!ENTITY GPLWebsite "http://www.gnu.org/copyleft/gpl.html">
+ <!ENTITY WiresharkCurrentVersion "0.99.5">
]>
<article>
- <title>Ethereal &EtherealCurrentVersion; Release Notes</title>
+ <title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
- <section id="WhatIs"><title>What is Ethereal?</title>
+ <section id="WhatIs"><title>What is Wireshark?</title>
<para>
- Ethereal is the world's most popular network protocol analyzer. It
+ Wireshark is the world's most popular network protocol analyzer. It
is used for troubleshooting, analysis, development, and education.
</para>
</section>
<section id="WhatsNew"><title>What's New</title>
- <section><title>Bugfixes</title>
+ <section><title>Bug Fixes</title>
<para>
- The following bugs have been fixed since the previous release:
- <itemizedlist>
- <listitem><para>
- The ISAKMP dissector could exhaust system memory.
- <!-- Fixed in r15163 -->
- <!-- Bug IDs: none -->
- Versions affected: 0.10.11 to 0.10.12.
- </para></listitem>
+ The following vulnerabilities have been fixed. See the
+ <ulink url="http://www.wireshark.org/security/wnpa-sec-2007-01.html">security advisory</ulink> for details and a workaround.
- <listitem><para>
- The FC-FCS dissector could exhaust system memory.
- <!-- Fixed in r15204 -->
- <!-- Bug IDs: 312 -->
- Versions affected: 0.9.0 to 0.10.12.
- </para></listitem>
-
- <listitem><para>
- The RSVP dissector could exhaust system memory.
- <!-- Fixed in r15206, r15600 -->
- <!-- Bug IDs: 311, 314, 382 -->
- Versions affected: 0.9.4 to 0.10.12.
- </para></listitem>
-
- <listitem><para>
- The ISIS LSP dissector could exhaust system memory.
- <!-- Fixed in r15245 -->
- <!-- Bug IDs: 320, 326 -->
- Versions affected: 0.8.18 to 0.10.12.
- </para></listitem>
-
- <listitem><para>
- The IrDA dissector could crash.
- <!-- Fixed in r15265, r15267 -->
- <!-- Bug IDs: 328, 329, 330, 334, 335, 336 -->
- Versions affected: 0.10.0 to 0.10.12.
- </para></listitem>
+ <itemizedlist>
- <listitem><para>
- The SLIMP3 dissector could overflow a buffer.
- <!-- Fixed in r15279 -->
- <!-- Bug IDs: 327 -->
- Versions affected: 0.9.1 to 0.10.12.
- </para></listitem>
+ <listitem><para>
+ The TCP dissector could hang or crash while reassembling HTTP packets.
+ <!-- Fixed in r19859 -->
+ <!-- Bug IDs: 1200 -->
+ Versions affected: 0.99.2 to 0.99.4
+ </para></listitem>
+
+ <listitem><para>
+ The HTTP dissector could crash.
+ <!-- Fixed in 19899 -->
+ <!-- Bug IDs: None -->
+ Versions affected: 0.99.3 to 0.99.4
+ </para></listitem>
+
+ <listitem><para>
+ On some systems, the IEEE 802.11 dissector could crash.
+ <!-- Fixed in 20126 -->
+ <!-- Bug IDs: None -->
+ Versions affected: 0.10.14 to 0.99.4
+ </para></listitem>
+
+ <listitem><para>
+ On some systems, the LLT dissector could crash.
+ <!-- Fixed in 20007 -->
+ <!-- Bug IDs: None -->
+ Versions affected: 0.99.3 to 0.99.4
+ </para></listitem>
- <listitem><para>
- The BER dissector was susceptible to an infinite loop.
- <!-- Fixed in r15292 -->
- <!-- Bug IDs: none -->
- Versions affected: 0.10.3 to 0.10.12.
- </para></listitem>
+ </itemizedlist>
- <listitem><para>
- The SCSI dissector could dereference a null pointer and crash.
- <!-- Fixed in r15289 -->
- <!-- Bug IDs: none -->
- Versions affected: 0.10.3 to 0.10.12.
- </para></listitem>
+ </para>
- <listitem><para>
- If the "Dissect unknown RPC program numbers" option was enabled,
- the ONC RPC dissector might be able to exhaust system memory.
- This option is disabled by default.
- <!-- Fixed in r15290 -->
- <!-- Bug IDs: none -->
- Versions affected: 0.7.7 to 0.10.12.
- </para></listitem>
+ <para>
- <listitem><para>
- The sFlow dissector could dereference a null pointer and crash.
- <!-- Fixed in r15375 -->
- <!-- Bug IDs: 356 -->
- Versions affected: 0.9.14 to 0.10.12.
- </para></listitem>
+ The following bugs have been fixed:
- <listitem><para>
- The RTnet dissector could dereference a null pointer and crash.
- <!-- Fixed in r15673 -->
- <!-- Bug IDs: none -->
- Versions affected: 0.10.8 to 0.10.12.
- </para></listitem>
+ <itemizedlist>
- <listitem><para>
- The SigComp UDVM could go into an infinite loop or crash.
- <!-- Fixed in r15715 -->
- <!-- Bug IDs: none -->
- Versions affected: 0.10.12.
- </para></listitem>
+ <para>
+ On Windows systems the packet list scroll bar could sometimes
+ disappear or become unusable.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
+ 220</ulink>)
+ </para>
+
+ <listitem><para>
+ The end of HTTP chunked encoding wasn't being displayed.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=646">Bug
+ 646</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The Follow TCP Stream window could omit characters.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1043">Bug
+ 1043</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ Opening a flow graph could crash Wireshark.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1117">Bug
+ 1117</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ Follow TCP Stream would sometimes get the direction wrong.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1138">Bug
+ 1138</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The foreground text in the coloring rules editor was always black..
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1164">Bug
+ 1164</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The CSV export format was incorrect.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1173">Bug
+ 1173</ulink>)
+ </para></listitem>
<listitem><para>
- If SMB transaction payload reassembly is enabled the SMB
- dissector could crash. This preference is disabled by default.
- <!-- Fixed in r15789 -->
- <!-- Bug IDs: 421 -->
- Versions affected: 0.9.7 to 0.10.12.
+ On some Windows systems Wireshark could take a long time to start up.
</para></listitem>
</itemizedlist>
</para>
- <para>
- The PCRE library that ships with the Windows installer has been upgraded
- from version 4.4 to 6.3 in response to a
- <ulink url="http://www.securityfocus.com/bid/14620">security
- vulnerability</ulink>.
- </para>
</section>
<section><title>New and Updated Features</title>
<para>
- The following features are new (or have been significantly updated) since
- the last release:
+ The following features are new (or have been significantly updated)
+ since the last release:
<itemizedlist>
- <listitem><para>
- The <command>timestamp display precision</command> of the Packet List
- can be adjusted now. The precision will be automatically adjusted
- depending on the file format loaded, e.g. libpcap typically uses
- microsecond resolution displayed like "0.000000". In addition you can
- adjust the precision manually through the View/Time Display Format menu
- items.
- </para></listitem>
+ <listitem><para>
+ WPA and WPA2 decryption support has been added. The TDS / MS SQL
+ dissector now de-obfuscates passwords.
+ </para></listitem>
- <listitem><para>
- The <command>WinPcap version 3.1</command> installer was released since
- the last Ethereal release. The version included in the Ethereal Windows
- installer has been updated from 3.1 beta 4 to 3.1.
- If you want to upgrade WinPcap separately or install a
- different version you can download it from:
- <ulink url="http://www.winpcap.org">the WinPcap web site</ulink>.
- </para></listitem>
+ <listitem><para>
+ 64-bit file handling has been improved.
+ </para></listitem>
- <listitem><para>
- The behavior of the display filter
- <command>"ip.checksum_bad" has changed</command>.
- Instead of merely checking for its presence you must now make sure
- it is set, e.g. instead of using "ip.checksum_bad" you must now
- use "ip.checksum_bad == 1".
- </para></listitem>
+ <listitem><para>
+ The <command>Find</command> function now selects the corresponding.
+ packet detail item.
+ </para></listitem>
+
+ <listitem><para>
+ <command>Find</command> functionality has been added to the TCP and
+ SSL stream dialogs.
+ </para></listitem>
+
+ <listitem><para>
+ Main window keyboard navigation has been improved.
+ </para></listitem>
+
+ <listitem><para>
+ SNMPv3 decryption.
+ </para></listitem>
+
+ <listitem><para>
+ <ulink url="http://www.cacetech.com/products/airpcap.htm">AirPcap</ulink>
+ support (which provides raw mode capture under Windows) has been
+ enhanced to allow capturing on multiple AirPcap adapters
+ simultaneously using the Multi-Channel Aggregator.
+ </para></listitem>
+
+ <listitem><para>
+ You can no longer install Wireshark on Windows 95, 98, or ME. (OK,
+ so it's not a <emphasis>feature</emphasis> per seߪ)
+ </para></listitem>
- <listitem><para>
- A new capture file format
- <command>"Nanosecond libpcap (Ethereal)"</command> was added. It is
- very similar to the common libpcap file format but is capable of keeping
- nanosecond resolution timestamps. This format is currently supported only
- by Ethereal.
- </para></listitem>
</itemizedlist>
</para>
</section>
- </section>
- <section id="GettingEthereal"><title>Getting Ethereal</title>
- <section><title>Microsoft Windows</title>
- <para>
- Download ethereal-setup-&EtherealCurrentVersion;.exe from the
- <ulink url="http://www.ethereal.com/docs/distribution/win32/">Windows
- download area</ulink> on the main web site. Double-click the
- installer executable.
- </para>
+ <section><title>New Protocol Support</title>
+ <para>
+
+DMP,
+NBD,
+OMAPI,
+RGMP,
+Roofnet,
+STUN v2
+
+ </para>
</section>
- <section><title>Sun Solaris</title>
- <para>
- Download the appropriate package from the
- <ulink url="http://www.ethereal.com/docs/distribution/solaris/">Solaris
- download area</ulink> on the main web site. Uncompress the package
- using bzip2, and install it using pkgadd.
- </para>
+ <section><title>Updated Protocol Support</title> <para>
+
+2dparityfec,
+ACN,
+AIM,
+AMR,
+ANSI 637,
+ANSI A,
+ANSI MAP,
+ARP,
+ASN.1 BER,
+ASN.1 PER,
+BACapp,
+BPDU,
+CAMEL,
+DCERPC (DCERPC, EFS, EVENTLOG, NSPI, PN-IO, WINREG),
+DCOM CBA,
+DCP,
+DHCP,
+DHCPv6,
+DMP,
+DNS,
+EAP,
+EPL,
+ETSI DCP,
+FCP,
+GIOP,
+GSM A,
+H.245,
+H.248,
+HPSW,
+HTTP,
+ICMP,
+ICMPv6,
+IEEE 802.11,
+IMAP,
+INAP,
+IPMI,
+IPsec,
+IRC,
+ISAKMP,
+iSCSI,
+ISIS LSP,
+IuUP,
+K12,
+Kerberos,
+LDAP,
+LLDP,
+MEGACO,
+MGCP,
+MIME Multipart,
+MMS,
+MMSE,
+MSRP,
+MySQL,
+NetFlow,
+NFS,
+NTLMSSP,
+NTP,
+OSPF,
+PN-PTCP,
+PPPoE,
+Q.931,
+Radiotap,
+RADIUS,
+RPC,
+RSVP,
+RTCP,
+S4406,
+SCCP,
+SCSI,
+SDP,
+SES,
+sFlow,
+SIGCOMP,
+SIP,
+SIR,
+Skinny,
+SMB (SMB, NETLOGON),
+SMTP,
+SNMP,
+SPNEGO,
+SSL,
+T.38,
+TCP,
+TDS,
+text/media,
+TIPC,
+UDP Lite,
+UDP,
+UMA,
+UMTS FP,
+USB,
+VNC,
+WBXML,
+WLCCP,
+WSP,
+X.411,
+X.420,
+XML,
+XOT,
+YMSG
+
+ </para>
</section>
- <section><title>Source Code</title>
- <para>
- Download ethereal-&EtherealCurrentVersion;.tar.gz from the
- <ulink url="http://www.ethereal.com/docs/distribution/">main
- download area</ulink> on the web site. Extract the package
- using tar and gzip. Run "configure ; make ; make install".
- </para>
+ <section><title>New and Updated Capture File Support</title>
+ <para>
+
+Catapult DCT2000, Netttl, Windows Sniffer / NetXray
+
+ </para>
</section>
+ </section>
+
+ <section id="GettingWireshark"><title>Getting Wireshark</title>
+ <para>
+ Wireshark source code and installation packages are available from
+ the <ulink url="http://www.wireshark.org/download.html">download
+ page</ulink> on the main web site.
+ </para>
+
<section><title>Vendor-supplied Packages</title>
<para>
- Most Linux and Unix vendors supply their own Ethereal packages.
- You can install or upgrade Ethereal using the package management
- system specific to that platform.
+ Most Linux and Unix vendors supply their own Wireshark packages.
+ You can usually install or upgrade Wireshark using the package management
+ system specific to that platform. A list of third-party packages
+ can be found on the
+ <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
</para>
</section>
</section>
- <section id="RemovingEthereal"><title>Removing Ethereal</title>
+ <!-- XXX needs to be written
+ <section id="RemovingWireshark"><title>Removing Wireshark</title>
<para>
- <!-- XXX needs to be written -->
</para>
</section>
+ -->
<section id="FileLocations"><title>File Locations</title>
<para>
- Ethereal and Tethereal look in several different locations for
+ Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.
</section>
<section id="KnownProblems"><title>Known Problems</title>
+
<para>
- On Windows systems the packet list scroll bar can sometimes disappear
- or become unusable. Until the problem is fixed you can work around it
- by resizing the packet list or the main window.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220">Bug
- #220</ulink>)
+ The <guibutton>Filter</guibutton> button is nonfunctional in the
+ file dialogs under Windows.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942">Bug
+ 942</ulink>)
</para>
+
</section>
<section id="GettingHelp"><title>Getting Help</title>
<para>
- <!-- XXX needs to be written -->
+ Community support is available on the wireshark-users mailing list.
+ Subscription information and archives for all of Wireshark's mailing
+ lists can be found on <ulink url="http://www.wireshark.org/lists/">the
+ web site</ulink>.
+ </para>
+ <para>
+ Commercial support, training, and development services are available
+ from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
</para>
</section>
<section id="FAQ"><title>Frequently Asked Questions</title>
<para>
- <!-- XXX needs to be written -->
+ A complete FAQ is available on the
+ <ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
</para>
</section>
git.samba.org / obnox / wireshark / wip.git / blobdiff