-$Id: NEWS,v 1.154 2004/07/07 00:09:51 obiot Exp $
+$Id$
-== July ??, 2004
+== October 17, 2005
+
+Ethereal 0.10.13 has been released.
+
+ Bug Fixes
+
+ Several security vulnerabilities have been fixed since the previous
+ release. See the [1]application advisory for more details.
+
+ o The ISAKMP dissector could exhaust system memory. Versions affected:
+ 0.10.11 to 0.10.12.
+
+ o The FC-FCS dissector could exhaust system memory. Versions affected:
+ 0.9.0 to 0.10.12.
+
+ o The RSVP dissector could exhaust system memory. Versions affected:
+ 0.9.4 to 0.10.12.
+
+ o The ISIS LSP dissector could exhaust system memory. Versions affected:
+ 0.8.18 to 0.10.12.
+
+ o The IrDA dissector could crash. Versions affected: 0.10.0 to 0.10.12.
+
+ o The SLIMP3 dissector could overflow a buffer. Versions affected: 0.9.1
+ to 0.10.12.
+
+ o The BER dissector was susceptible to an infinite loop. Versions
+ affected: 0.10.3 to 0.10.12.
+
+ o The SCSI dissector could dereference a null pointer and crash.
+ Versions affected: 0.10.3 to 0.10.12.
+
+ o If the "Dissect unknown RPC program numbers" option was enabled, the
+ ONC RPC dissector might be able to exhaust system memory. This option
+ is disabled by default. Versions affected: 0.7.7 to 0.10.12.
+
+ o The sFlow dissector could dereference a null pointer and crash.
+ Versions affected: 0.9.14 to 0.10.12.
+
+ o The RTnet dissector could dereference a null pointer and crash.
+ Versions affected: 0.10.8 to 0.10.12.
+
+ o The SigComp UDVM could go into an infinite loop or crash. Versions
+ affected: 0.10.12.
+
+ o If SMB transaction payload reassembly is enabled the SMB dissector
+ could crash. This preference is disabled by default. Versions
+ affected: 0.9.7 to 0.10.12.
+
+ o The X11 dissector could attempt to divide by zero. Versions affected:
+ 0.10.1 to 0.10.12.
+
+ o The AgentX dissector could overflow a buffer. Versions affected:
+ 0.10.10 to 0.10.12.
+
+ o The WSP dissector could free an invalid pointer. Versions affected:
+ 0.10.1 to 0.10.12.
+
+ o iDEFENSE found a buffer overflow in the SRVLOC dissector. Versions
+ affected: 0.10.0 to 0.10.12.
+
+ When trying to save a flow graph, Ethereal could crash.
+
+ When viewing protocol hierarchy statistics, Ethereal and Tethereal could
+ crash.
+
+ The PCRE library that ships with the Windows installer has been upgraded
+ from version 4.4 to 6.3 in response to a [2]security vulnerability.
+
+ New and Updated Features
+
+ The following features are new (or have been significantly updated) since
+ the last release:
+
+ o The timestamp display precision of the Packet List can be adjusted
+ now. The precision will be automatically adjusted depending on the
+ file format loaded, e.g. libpcap typically uses microsecond resolution
+ displayed like "0.000000". In addition you can adjust the precision
+ manually through the View/Time Display Format menu items.
+
+ o The WinPcap version 3.1 installer was released since the last Ethereal
+ release. The version included in the Ethereal Windows installer has
+ been updated from 3.1 beta 4 to 3.1. If you want to upgrade WinPcap
+ separately or install a different version you can download it from:
+ [3]the WinPcap web site.
+
+ o The behavior of the display filter "ip.checksum_bad" has changed.
+ Instead of merely checking for its presence you must now make sure it
+ is set, e.g. instead of using "ip.checksum_bad" you must now use
+ "ip.checksum_bad == 1".
+
+ o A new capture file format "Nanosecond libpcap (Ethereal)" was added.
+ It is very similar to the common libpcap file format but is capable of
+ keeping nanosecond resolution timestamps. This format is currently
+ supported only by Ethereal.
+
+ o Ethereal's memory managment has been greatly improved.
+
+ o Ethereal can now save gzip-compressed capture files.
+
+ New Protocol Support
+
+ CIMD, CISCOWL-L2, DCCP, EDP, GNM, LLDP, ROS, RTSE, STANAG 4406, WINS
+ Replication, X.411, X.420
+
+ Updated Protocol Support
+
+ 802.11 Radiotap, A11, AARP, ACSE, ACtrace, AFP, AFS, AgentX, AIM, AJP13,
+ ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI IS-683-A, ANSI IS-801, ANSI MAP,
+ AOE, AppleTalk, Armagetronad, ARP, ASAP, ASN.1, BACapp, BER, BGP,
+ BitTorrent, BOOTP, CAMEL, CLNP, CMIP, CMP, CMS, COPS, CRMF, CSM_ENCAPS,
+ DAAP, DCERPC (ATSVC, DCE_DFS, FLDB, INITSHUTDOWN, LSA, NETLOGON, NT, SAMR,
+ SPOOLSS, WINREG), DCM, DCOM, DHCP Failover, DIAMETER, ENRP, ESS, FC, FCCT,
+ FCDNS, FCELS, FCFCS, FCFZS, FCP, FCSWILS, FTAM, GIOP, GPRS LLC, GSM, GTP,
+ H1, H.225, H.235, H.245, H.248, H.261, H.263, H.450, HSRP, HTTP, IAX2,
+ IEEE 802.11, IEEE 802.3, IEEE 802.3 Slow protocols, IP, IP/IEEE1394, IRC,
+ IrDA, ISAKMP, iSCSI, ISIS, ISUP, Jabber, JFIF, Juniper, JXTA, K12,
+ Kerberos, LDAP, LDP, LLC, LPD, MAP_DialoguePDU, MDSHDR, Media, MEGACO,
+ MGCP, MIME multipart, MMS, MOUNT, MQ, MSMMS, NBNS, NDMP, NS_CERT_EXTS,
+ OCSP, OPSI, OSPF, PARLAY, PER, PKINIT, PKIX, PN-RT, PPP, PRES, PTP,
+ RADIUS, RDT, RPC, RSVP, RTCP, RTnet, RTSP, SCCP, SCSI, SCTP, SES, sFlow,
+ SIGCOMP, SIP, SliMP3, SMB, SMPP, SMRSE, SNA, SNMP, SPNEGO, SRVLOC, STUN,
+ T.38, TCAP, TCP, Text, TPKT, UMA, WBXML, WLANCERTEXTN, WSP, X11, X.25,
+ X.509, XML, YMSG
+
+ New and Updated Capture File Support
+
+ 5Views, AiroPeek, ERF, EtherPeek, i4btrace, LANAlyzer, Libpcap, Windows
+ Sniffer, Tektronix K12
+
+Getting Ethereal
+
+ Microsoft Windows
+
+ Download ethereal-setup-0.10.13.exe from the [4]Windows download area on
+ the main web site. Double-click the installer executable.
+
+ Sun Solaris
+
+ Download the appropriate package from the [5]Solaris download area on the
+ main web site. Uncompress the package using bzip2, and install it using
+ pkgadd.
+
+ Source Code
+
+ Download ethereal-0.10.13.tar.gz from the [6]main download area on the web
+ site. Extract the package using tar and gzip. Run "configure ; make ; make
+ install".
+
+ Vendor-supplied Packages
+
+ Most Linux and Unix vendors supply their own Ethereal packages. You can
+ install or upgrade Ethereal using the package management system specific
+ to that platform. A list of third-party packages can be found on the
+ [7]download page on the Ethereal web site.
+
+File Locations
+
+ Ethereal and Tethereal look in several different locations for preference
+ files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary
+ from platform to platform. You can use About->Folders to find the default
+ locations on your system.
+
+Known Problems
+
+ On Windows systems the packet list scroll bar can sometimes disappear or
+ become unusable. Until the problem is fixed you can work around it by
+ resizing the packet list or the main window. ([8]Bug #220)
+
+Getting Help
+
+ Community support is available on the ethereal-users mailing list.
+ Subscription information and archives for all of Ethereal's mailing lists
+ can be found on [9]the web site. There is also an [10]IRC channel
+ dedicated to Ethereal.
+
+ Commercial support, training, and development services are available from
+ [11]Ethereal Software.
+
+Frequently Asked Questions
+
+ A complete FAQ is available on the [12]Ethereal web site.
+
+References
+
+ Visible links
+ 1. http://www.ethereal.com/appnotes/enpa-sa-00021.html
+ 2. http://www.securityfocus.com/bid/14620
+ 3. http://www.winpcap.org/
+ 4. http://www.ethereal.com/docs/distribution/win32/
+ 5. http://www.ethereal.com/docs/distribution/solaris/
+ 6. http://www.ethereal.com/docs/distribution/
+ 7. http://www.ethereal.com/download.html#otherplat
+ 8. http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220
+ 9. http://www.ethereal.com/lists/
+ 10. irc://irc.freenode.net/ethereal
+ 11. http://www.etherealsoft.com/
+ 12. http://www.ethereal.com/faq.html
+
+== July 26, 2005
+
+Ethereal 0.10.12 has been released.
+
+Our testing program has turned up several more security issues:
+
+ The LDAP dissector could free static memory and crash.
+ Versions affected: 0.8.5 to 0.10.11
+
+ The AgentX dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The 802.3 dissector could go into an infinite loop.
+ Versions affected: 0.8.16 to 0.10.11
+
+ The PER dissector could abort.
+ Versions affected: 0.10.5 to 0.10.11
+
+ The DHCP dissector could go into an infinite loop.
+ Versions affected: 0.10.7 to 0.10.11
+
+ The BER dissector could abort or loop infinitely.
+ Version affected: 0.10.11
+
+ The MEGACO dissector could go into an infinite loop.
+ Versions affected: 0.9.14 to 0.10.11
+
+ The GIOP dissector could dereference a null pointer.
+ Versions affected: 0.8.20 to 0.10.11
+
+ The SMB dissector was susceptible to a buffer overflow.
+ Versions affected: 0.9.12 to 0.10.11
+
+ The WBXML could dereference a null pointer.
+ Versions affected: 0.10.1 to 0.10.11
+
+ The H1 dissector could go into an infinite loop.
+ Versions affected: 0.8.15 to 0.10.11
+
+ The DOCSIS dissector could cause a crash.
+ Versions affected: 0.9.13 to 0.10.11
+
+ The SMPP dissector could go into an infinite loop.
+ Versions affected: 0.10.1 to 0.10.11
+
+ SCTP graphs could crash.
+ Version affected: 0.10.11
+
+ The HTTP dissector could crash.
+ Versions affected: 0.10.4 to 0.10.11
+
+ The SMB dissector could go into a large loop.
+ Versions affected: 0.9.0 to 0.10.11
+
+ The DCERPC dissector could crash.
+ Versions affected: 0.9.16 to 0.10.11.
+
+ Several dissectors could crash while reassembling packets.
+ Versions affected: 0.9.0 to 0.10.11
+
+
+ Steve Grubb at Red Hat found the following issues:
+
+ The CAMEL dissector could dereference a null pointer.
+ Version affected: 0.10.11
+
+ The DHCP dissector could crash.
+ Versions affected: 0.10.4 to 0.10.11
+
+ The CAMEL dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The PER dissector could crash.
+ Versions affected: 0.10.10 to 0.10.11
+
+ The RADIUS dissector could crash.
+ Versions affected: 0.9.4 to 0.10.11
+
+ The Telnet dissector could crash.
+ Versions affected: 0.9.10 to 0.10.11
+
+ The IS-IS LSP dissector could crash.
+ Versions affected: 0.8.19 to 0.10.11
+
+ The NCP dissector could crash.
+ Versions affected: 0.9.15 to 0.10.11
+
+
+ iDEFENSE found the following issues:
+
+ Several dissectors were susceptible to a format string overflow.
+ Versions affected: 0.9.4 to 0.10.11
+
+
+ Ethereal uses the zlib compression library. Security vulnerabilities
+ have been discovered in zlib 1.2.1 and 1.2.2. The Windows installer
+ now ships with zlib 1.2.3, which fixes these vulnerabilities.
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00020.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ The Windows installer now includes the WinPcap 3.1 beta 4 installer.
+ You don't have to download and install it separately.
+
+ RADIUS dictionaries are now included.
+
+ A lot of documentation was updated
+
+ Some command line parameters have changed, see the Ethereal / Tethereal
+ manual pages
+
+ A "File/File Set" submenu was added to better handle multiple files
+ (such as ring buffers).
+
+ Flow graphs can now be created for any protocol.
+
+ Memory management has been greatly improved.
+
+ JXTA has been added to the conversations menu.
+
+ When compiled with MIT/Heimdal Kerberos AND if keytab files are
+ provided, Ethereal can now decrypt and dissect both SecureLDAP and
+ encrypted DCE/RPC.
+
+ TCP Sequence graphs should now work for all captures and all
+ encapsulation types.
+
+
+New protocol support
+
+ ACSE, ARMAGETRONAD, AudioCodes trunk trace, CSM_ENCAPS, DEC DNA Routing,
+ DIS, FTAM, iFCP, Juniper PPPoE, MMS, MS MediaServer, MSRP, Parlay,
+ Synergy, TANGO, WLAN Certificate Extensions
+
+
+Updated protocol support
+
+ 802.11 Radiotap, 9P, ACSE, AFP, AgentX, AIM, ANSI MAP, BACapp, BVLC,
+ Camel, CLNP, CMIP, DCERPC, DCOM, DHCP, DHCP Failover, DHCPv6, DICOM,
+ DNP, DNS, DOCSIS, EAP, Ethernet, FC ELS, FCIP, FCP, FC-SWILS, GIOP,
+ GSM A, GSM MAP, GSSAPI, GTP, H1, H.221, H.225, H.235, H.245, H.248,
+ H.450, HPSW, HTTP, HyperSCSI, ICMP, IEEE 802.11, IEEE 802.3, iFCP,
+ IP, IPDC, ISAKMP, iSCSI, iSNS, ISUP, JXTA, Kerberos, KINK, LDAP, LLC,
+ LMP, LWAPP, MEGACO, MGCP, MMSE, NDMP, NDPS, NFS, NTLMSSP, OSI, OSPF,
+ PER, PPP, PRES, PROFINET, RDT, RMT, RPC, RSVP, Rsync, RTP, RTSP, SCSI,
+ SCTP, SDP, SIP, SMB, SMPP, SNMP, SPNEGO, SSCOP, SSL, T.38, TCAP, TCP,
+ Telnet, TFTP, TPKT, UDP, UDVM, UMA, V5UA, WBXML, WSP, XML, YMSG, YPSERV
+
+
+New and updated capture file support
+
+ HP Nettl, Tektronix K12
+
+
+== May 4, 2005
+
+Ethereal 0.10.11 has been released.
+
+An aggressive testing program as well as independent discovery has turned
+up a multitude of security issues:
+
+ The ANSI A dissector was susceptible to format string vulnerabilities.
+ Discovered by Bryan Fulton.
+ Versions affected: 0.9.15 to 0.10.10
+
+ The GSM MAP dissector could crash.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The AIM dissector could cause a crash.
+ Versions affected: 0.9.14 to 0.10.10
+
+ The DISTCC dissector was susceptible to a buffer overflow.
+ Discovered by Ilja van Sprundel
+ Versions affected: 0.9.13 to 0.10.10
+
+ The FCELS dissector was susceptible to a buffer overflow.
+ Discovered by Neil Kettle
+ Versions affected: 0.9.9 to 0.10.10
+
+ The SIP dissector was susceptible to a buffer overflow.
+ Discovered by Ejovi Nuwere.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The KINK dissector was susceptible to a null pointer exception,
+ endless looping, and other problems.
+ Versions affected: 0.10.10
+
+ The LMP dissector was susceptible to an endless loop.
+ Versions affected: 0.9.4 to 0.10.10
+
+ The Telnet dissector could abort.
+ Versions affected: 0.9.10 to 0.10.10
+
+ The TZSP dissector could cause a segmentation fault.
+ Versions affected: 0.10.10 to 0.10.10
+
+ The WSP dissector was susceptible to a null pointer exception and
+ assertions.
+ Versions affected: 0.10.0 to 0.10.10
+
+ The 802.3 Slow protocols dissector could throw an assertion.
+ Versions affected: 0.10.10
+
+ The BER dissector could throw assertions.
+ Versions affected: 0.10.2 to 0.10.10
+
+ The SMB Mailslot dissector was susceptible to a null pointer exception
+ and could throw assertions.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The H.245 dissector was susceptible to a null pointer exception.
+ Versions affected: 0.10.10
+
+ The Bittorrent dissector could cause a segmentation fault.
+ Versions affected: 0.10.8 to 0.10.10
+
+ The SMB dissector could cause a segmentation fault and throw assertions.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The Fibre Channel dissector could cause a crash.
+ Versions affected: 0.9.9 to 0.10.10
+
+ The DICOM dissector could attempt to allocate large amounts of memory.
+ Versions affected: 0.10.4 to 0.10.10
+
+ The MGCP dissector was susceptible to a null pointer exception, could
+ loop indefinitely, and segfault.
+ Versions affected: 0.8.14 to 0.10.10
+
+ The RSVP dissector could loop indefinitely.
+ Versions affected: 0.9.8 to 0.10.10
+
+ The DHCP dissector was susceptible to format string vulnerabilities, and
+ could abort.
+ Versions affected: 0.10.7 to 0.10.10
+
+ The SRVLOC dissector could crash unexpectedly or go into an infinite loop.
+ Versions affected: 0.9.8 to 0.10.10
+
+ The EIGRP dissector could loop indefinitely.
+ Versions affected: 0.8.18 to 0.10.10
+
+ The ISIS dissector could overflow a buffer.
+ Versions affected: 0.8.18 to 0.10.10
+
+ The CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified,
+ and X.509 dissectors could overflow buffers.
+ Versions affected: 0.10.4 to 0.10.10
+
+ The NDPS dissector could exhaust system memory or cause an assertion,
+ or crash.
+ Versions affected: 0.9.12 to 0.10.10
+
+ The Q.931 dissector could try to free a null pointer and overflow
+ a buffer.
+ Versions affected: 0.10.10
+
+ The IAX2 dissector could throw an assertion.
+ Versions affected: 0.10.1 to 0.10.10
+
+ The ICEP dissector could try to free the same memory twice.
+ Versions affected: 0.10.7 to 0.10.10
+
+ The MEGACO dissector was susceptible to an infinite loop and a buffer
+ overflow.
+ Versions affected: 0.9.14 to 0.10.10
+
+ The DLSw dissector was susceptible to an infinite loop.
+ Versions affected: 0.9.1 to 0.10.10
+
+ The RPC dissector was susceptible to a null pointer exception.
+ Versions affected: 0.9.2 to 0.10.10
+
+ The NCP dissector could overflow a buffer or loop for a large amount
+ of time.
+ Versions affected: 0.10.5 to 0.10.10
+
+ The RADIUS dissector could throw an assertion.
+ Versions affected: 0.10.3 to 0.10.10
+
+ The GSM dissector could access an invalid pointer.
+ Versions affected: 0.10.10
+
+ The SMB PIPE dissector could throw an assertion.
+ Versions affected: 0.9.0 to 0.10.10
+
+ The L2TP dissector was susceptible to an infinite loop.
+ Versions affected: 0.10.9 to 0.10.10
+
+ The SMB NETLOGON dissector could dereference a null pointer.
+ Versions affected: 0.9.12 to 0.10.10
+
+ The MRDISC dissector could throw an assertion.
+ Versions affected: 0.8.19 to 0.10.10
+
+ The ISUP dissector could overflow a buffer or cause a segmentation fault.
+ Versions affected: 0.8.19 to 0.10.10
+
+ The LDAP dissector could crash.
+ Versions affected: 0.10.1 to 0.10.10
+
+ The TCAP dissector could overflow a buffer or throw an assertion.
+ Versions affected: 0.10.8 to 0.10.10
+
+ The NTLMSSP dissector could crash.
+ Versions affected: 0.9.7 to 0.10.10
+
+
+ Additionally, a number of dissectors could throw an assertion when
+ passing an invalid protocol tree item length.
+ Versions affected: 0.10.8 to 0.10.10
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00019.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+
+
+New protocol support
+
+
+
+Updated protocol support
+
+
+
+New and updated capture file support
+
+
+
+
+== March 11, 2005
+
+Ethereal 0.10.10 has been released.
+
+This release fixes three security and stability-related issues:
+
+ Matevz Pustisek discovered a buffer overflow in the Etheric dissector.
+ (CAN-2005-0704)
+
+ The GPRS-LLC dissector could crash if the "ignore cipher bit" option
+ was enabled. (CAN-2005-0705)
+
+ Diego Giago discovered a buffer overflow in the 3GPP2 A11 dissector.
+ This flaw was later reported by Leon Juranic. (CAN-2005-0699)
+
+ Leon Juranic discovered a buffer overflow in the IAPP dissector.
+
+ A bug in the JXTA dissector could make Ethereal crash.
+
+ A bug in the sFlow dissector could make Ethereal crash.
+
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00018.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Tree view item context menus now let you browse to the display filter
+ reference and wiki pages for a particular protocol.
+
+ Online help has been expanded.
+
+ VoIP call analysis (including nifty connection diagrams) has been
+ added.
+
+ GSS-API decryption has been greatly enhanced.
+
+
+New protocol support
+
+ AgentX, BUDB, DTP, G.723, IDP, INAP, KINK, Realplayer Data Protocol,
+ Retix Spanning Tree Protocol, RTCP-XR, XML, XNS, SPP
+
+
+Updated protocol support
+
+ 3GPP2 A11, ACSE, AMR, ATM, BER, BSSGP, BUTC, CDP, CLNP, CoSine L2,
+ DAAP, DCE/RPC, DCOM, DIAMETER, DNP, DNS, Etheric, FCP, FW-1, Gnutella,
+ GPRS, GSM A, GSM MAP, H.225, H.245, H.248, H.450, HTTP, IAX2, ICQ,
+ IEEE 802.11, IEEE 802.3 Slow Protocols, IP, iSCSI, ISUP, Juniper,
+ JXTA, Kerberos, L2TP, LDAP, MIP, MPLS, NDMP, NSIP, NTP, OSPF, OXID,
+ PostgreSQL, RADIUS, RDT, Redback, RMCP, RTP, RTSP, SCSI, SCTP, SDP,
+ SPNEGO, SSL, STUN, TCAP, TCP, TZSP
+
+
+New and updated capture file support
+
+ DBS Etherwatch, Lucent/Ascend, Nettl, Tcpdump (Redback)
+
+
+== January 19, 2005
+
+Ethereal 0.10.9 has been released.
+
+This release fixes the following security-related issues:
+
+ The COPS dissector could go into an infinite loop. (CAN-2005-0006)
+
+ The DLSw dissector could cause an assertion, making Ethereal exit
+ prematurely. (CAN-2005-0007)
+
+ The DNP dissector could cause memory corruption. (CAN-2005-0008)
+
+ The Gnutella dissector could cause an assertion, making Ethereal
+ exit prematurely. (CAN-2005-0009)
+
+ The MMSE dissector could free static memory. (CAN-2005-0010)
+
+ The X11 protocol dissector is vulnerable to a string buffer overflow.
+ (CAN-2005-0084)
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00017.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Ethereal will now detect and flag weak 802.11 WEP IVs.
+
+ Windows Sniffer timestamp handling has been greatly improved.
+
+ A bug which made Ethereal crash at startup on Windows 98 and Windows
+ ME systems has been fixed.
+
+ Ethereal and Tethereal now support a personal "hosts" file.
+
+ Invalid field length handling has been greatly improved.
+
+ The capture progress window title now shows the interface name.
+
+
+New protocol support
+
+ ALC, AMR, CRMF, JXTA, NORM, PKIXCMP, PROFINET CBA
+
+Updated protocol support
+
+ AIM, ARP, BGP, BOOTP/DHCP, COPS, DAAP, DCERPC EPM, DCERPC, DCOM,
+ DHCPv6, DLSw, DNP, DNS, EAPOL, eDonkey, FC-dNS, FC-FCS, FC-SWILS,
+ FCIP, FCSB3, FIX, GIOP, Gnutella, GSM A, GSM SMS, GTP, H.225, H.245,
+ HTTP, ICMP, IEEE 802.11, IEEE 802a, image/GIF, image/JFIF, Kerberos,
+ L2TP, LDAP, LLC, LMP, MGCP, MIME Multipart, MMSE, MPLS, MTP2, NBNS,
+ NDMP, NMAS, NSIP, OLSR, PER, pflog, PGM, PostgreSQL, PPP, PRES, Q.931,
+ RADIUS, RTCP, RTP, SDP, SEBEK, SIGCOMP, SIP, SLSK, SMB, SMPP, SRVLOC,
+ SSL/TLS, T.38, TACACS, TCAP, TCP, X11
+
+
+New and updated capture file support
+
+ Windows Sniffer
+
+== December 15, 2004
+
+Ethereal 0.10.8 has been released.
+
+This release fixes the following security-related issues:
+
+ Matthew Bing discovered a bug in DICOM dissection that could make
+ Ethereal crash. (CAN-2004-1139)
+
+ An invalid RTP timestamp could make Ethereal hang and create a large
+ temporary file, possibly filling available disk space. (CAN-2004-1140)
+
+ The HTTP dissector could access previously-freed memory, causing a
+ crash. (CAN-2004-1141)
+
+ Brian Caswell discovered that an improperly formatted SMB packet could
+ make Ethereal hang, maximizing CPU utilization. (CAN-2004-1142)
+
+Please see the following advisory for more information:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00016.html
+
+Everyone is encouraged to upgrade.
+
+
+New and updated features
+
+ Ethereal now has a packet history, similar to most web browsers.
+
+ Ethereal now supports custom window titles.
+
+ Minor performance enhancements have been added.
+
+ RTP analysis has been enhanced.
+
+ Host name resolution has been improved.
+
+ Ethereal can now track TCP PDU times. See
+ http://wiki.ethereal.com/TcpPduTime for more details.
+
+ Ethereal now ships with netscreen2dump.py, a utility which converts
+ netscreen packet-trace hex dumps to hex dumps that can be read by
+ text2pcap.
+
+
+New protocol support
+
+ AoE (ATA over Ethernet), Bittorrent, CMIP, GPRS Mobility Management
+ and Session Management, GSM MAP, Extended Security Services, Logotype
+ Certificate Extensions, MAP Dialogue, Network Service Over IP, Online
+ Certificate Status Protocol, PKIX Certificate, PKIX Qualified, PROFINET
+ DCP, IO, Real-Time, Short Message Relaying Service, SSCF-NNI,
+
+
+Updated protocol support
+
+ 3GPP2 A11, ACSE, AIM, AODV, ASN.1 BER, ASN.1 PER, BOOTP, BSSGP, BVLC,
+ CMS, COPS, DCERPC, DCERPC ISystemActivator, DICOM, DHCPv6, DNS, eDonkey,
+ ENTTEC, Etheric, Frame Relay, FTAM, FW1, GIOP, GPRS LLC, GRE, GSM A,
+ GSM SMS, H.225, H.245, H.450, HTTP, IPAddress, IPDC, IPMI, IPsec,
+ ISAKMP, ISUP, JFIF, Kerberos, MQ, MTP3, NMAS, OPSI, PKIX1EXPLICIT,
+ PKIX1IMPLICIT, PKIXProxy, PPP, PRES, Radiotap, RADIUS, ONC RPC, RTnet,
+ RTP, SAP, SDP, SIGCOMP, SIGCOMP UDVM, SIP, SMB, SNMP, SONMP, SSCOP,
+ SSL, Symantec Firewall, T.38, TCP, TDS, TSP, UDP, WSP, WTP, X.25,
+ X.509af, X.509ce, X.509if, X.509sat,
+
+
+New and updated capture file support
+
+ pppdump
+
+
+== October 20, 2004
+
+Ethereal 0.10.7 has been released.
+
+ The Windows installer features new GLib/GTK+, Net-SNMP and ADNS
+ libraries which fix several known bugs. Unfortunately, a few known
+ GLib/GTK+ bugs remain.
+
+ In order to avoid a naming conflict with the tcpreplay project, the
+ "capinfo" utility has been renamed to "capinfos".
+
+
+New and updated features
+
+ Search wrapping is now a configurable option.
+
+ A lot of material has been added to the Developer's Guide. The User's Guide
+ has been updated as well.
+
+ The "Decode As..." dialog now supports DCERPC and SCTP.
+
+ The "Help" menu now includes a link to the wiki.
+
+ H.323 call analysis is now supported.
+
+
+New protocol support
+
+ Cisco PAgP, DAAP, Etheric, Ethernet Configuration Testing Protocol,
+ Ethernet MAC Control Frame, ICE, Kerberos v4, Netscape certificate
+ extensions, PKINIT, PKIX1EXPLICIT, PKIX1IMPLICIT,
+
+
+Updated protocol support
+
+ AIM, ARTNET, ASN.1 BER, ASN.1 PER, ASN.1, BGP, BOOTP, CIP, CLNP, COPS,
+ DCERPC MAPI, DCERPC SAMR, DCERPC, DCOM, DHCP, DHCPv6, DIAMETER, DNS,
+ EAP, ENIP, EPM, GRE, GSM A, GSM MAP, H.225, H.245, H.248 MEGACO, H.450,
+ ISAKMP, iSCSI, iSNS, ISUP, JFIF, Kerberos, LDAP, LDP, LLC, LWAPP, M2PA,
+ MEGACO, MPLS, NCP 2222, NCP, NDMP, NetFlow, NTLMSSP, OSCAR-ICQ, OSPF,
+ RADIUS, RSVP, RTCP, RTP, RTSP, SCTP, SDP, SES, SIP, Skinny, SMB, SNMP,
+ SUA, T.38, TALI, TCAP, TCP, TDS, Teredo, Time, X.509, X11,
+
+
+New and updated capture file support
+
+ HP-UX nettl, NG Sniffer
+
+
+== August 12, 2004
+
+Ethereal 0.10.6 has been released.
+
+ This release fixes a preferences bug present in Ethereal which displayed
+
+ (ethereal.exe:3512): Gtk-CRITICAL **: file gtkwindow.c: line 3107
+ (gtk_window_resize): assertion `height > 0' failed
+
+ at program startup. A workaround for 0.10.5 is described in
+
+ http://www.ethereal.com/lists/ethereal-users/200408/msg00059.html
+
+ A new command-line utility called "capinfo" has been added to the
+ distribution which prints statistics about capture files.
+
+ You can now copy conversation and endpoint data to other applications as
+ CSV data.
+
+
+New and updated features
+
+ X.509 support has been added.
+
+ Crash bugs have been fixed in the RTP and NCP dissectors.
+
+ PostScript(r) output has been improved.
+
+ A bug that prevented mergecap from creating a new output file has been
+ fixed.
+
+ Conversation and endpoint performance has been enhanced. General packet
+ display performance has been enhanced.
+
+ The conversation and host list tools have been renamed to be less
+ confusing.
+
+ You can now copy conversation and host list data as CSV data.
+
+ RTP analysis can now dynamically determine the proper clock rate.
+
+
+New protocol support
+
+ AX/4000, CMS, DCERPC (EVENTLOG, FRSAPI, FRSRPC), MANOLITO, PKCS#1,
+ X.509AF, X.509CE, X.509IF, X.509SAT
+
+
+Updated protocol support
+
+ 802.11, AIM, ASAP, ASN.1 BER, ASN.1, COPS, DCM, DHCP Failover (ISC),
+ ENRP, Fibre Channel, GIOP, GSSAPI, GTP, HTTP, ICAP, iSNS, Kerberos,
+ MPLS, NCP, NTLMSSP, OPSI, OSPF, PRES, RADIUS, Rlogin, RSVP, RTPS, RTSP,
+ SCTP, Sigcomp, Skinny, SMB BROWSER, SMB, SNMP, SSL, TDS, Telnet
+
+
+New and updated capture file support
+
+ LANalyzer
+
+
+== July 7, 2004
Ethereal 0.10.5 has been released.
+This release fixes bugs in iSNS, SMB, and SNMP, as described in the
+following advisory:
+
+ http://www.ethereal.com/appnotes/enpa-sa-00015.html
+
+Everyone is encouraged to upgrade.
New and updated features
-Ethereal can now merge multiple files (you don't have to resort to
-mergecap on the command line).
+ Ethereal can now merge multiple files (you don't have to resort to
+ mergecap on the command line).
-A preview pane has been added to the file dialog.
+ A preview pane has been added to the file dialog.
-The capture progress dialog can now be disabled.
+ The capture progress dialog can now be disabled.
-The about dialog has received further improvements.
+ The about dialog has received further improvements.
-The behavior of Ethereal's dialog windows has been normalized somewhat.
+ The behavior of Ethereal's dialog windows has been normalized somewhat.
-The Windows installer can now associate standard file extensions with
-Ethereal.
+ The Windows installer can now associate standard file extensions
+ with Ethereal.
-Ethereal can be configured not to bug you about unsaved captures.
+ Ethereal can be configured not to bug you about unsaved captures.
+
+ Ethereal can open help documentation using the default web browser.
-Ethereal can open help documentation using the default web browser.
New protocol support
-DNP,
-ENRP,
-giFT,
-H.235,
-PacketCable,
-SigComp,
-SIR (Serial Infrared),
+ DNP, ENRP, giFT, H.235, PacketCable, SigComp, SIR (Serial Infrared)
Updated protocol support
-AIM,
-ASAP,
-ASN.1 BER,
-ARP,
-ATM,
-DHCP,
-CFPI,
-CLNP,
-DCERPC (DCERPC, LSA, NT, SAMR, SRVSVC, WKSSVC),
-EAP,
-ENIP,
-Frame Relay,
-GRE,
-H.225,
-H.245,
-H.450,
-HTTP,
-IAX2,
-IEEE 802.11,
-ISAKMP,
-iSNS,
-ISUP,
-JFIF,
-Kerberos,
-LMP,
-M3UA,
-MGCP,
-MPLS,
-MTP3,
-NCP,
-NetFlow,
-NFS,
-OSPF,
-RADIUS,
-RIP,
-RSVP,
-RTCP,
-RTP,
-RTSP,
-SCSI,
-SDP,
-SIP,
-SMB,
-SMTP,
-SNMP,
-SOCKS,
-SSL,
-T.35,
-TCP,
-VRRP,
-WBXML (User-Agent Profile),
-WSP,
-X11,
+ AIM, ASAP, ASN.1 BER, ARP, ATM, DHCP, CFPI, CLNP, DCERPC (DCERPC, LSA,
+ NT, SAMR, SRVSVC, WKSSVC), EAP, ENIP, Frame Relay, GRE, H.225, H.245,
+ H.450, HTTP, IAX2, IEEE 802.11, ISAKMP, iSNS, ISUP, JFIF, Kerberos, LMP,
+ M3UA, MGCP, MPLS, MTP3, NCP, NetFlow, NFS, OSPF, PIM, RADIUS, RIP, RSVP,
+ RTCP, RTP, RTSP, SCSI, SDP, SIP, SMB, SMTP, SNMP, SOCKS, SSL, T.35, TCP,
+ VRRP, WBXML (User-Agent Profile), WSP, X11
-Capture file support
+New and updated capture file support
-Radcom,
+ Radcom
== May 13, 2004