-->
<!--
-Ethereal Info
+Wireshark Info
-->
- <!ENTITY EtherealCurrentVersion "0.99.0">
+ <!ENTITY WiresharkCurrentVersion "1.3.4">
]>
<article>
- <title>Ethereal &EtherealCurrentVersion; Release Notes</title>
+ <title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
- <section id="WhatIs"><title>What is Ethereal?</title>
+ <section id="WhatIs"><title>What is Wireshark?</title>
<para>
Wireshark is the world's most popular network protocol analyzer. It
is used for troubleshooting, analysis, development, and education.
</section>
<section id="WhatsNew"><title>What's New</title>
- <section><title>Bug Fixes</title>
+ <section id="BugFixes"><title>Bug Fixes</title>
<para>
- The following vulnerabilities have been fixed:
+ The following vulnerabilities have been fixed. See the
+ <ulink url="http://www.wireshark.org/security/wnpa-sec-2007-02.html">security advisory</ulink> for details and a workaround.
<itemizedlist>
- <listitem><para>
- The XXXXXX dissector could crash.
- <!-- Fixed in r#####, r##### -->
- <!-- Bug IDs: ### -->
- Versions affected: 0.99.0.
- </para></listitem>
+ <listitem>
+ <para>
+ The NetFlow dissector could run off with your dog, crash your truck,
+ and write a country music song about the experience.
+ <!-- Fixed in r????? -->
+ <!-- (Bug <ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=????">????</ulink>) -->
+ </para>
+ <para>Versions affected: 0.99.5 to 1.0.8</para>
+ <para>
+ <!-- <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-????">CVE-2007-????</ulink> -->
+ </para>
+ </listitem>
</itemizedlist>
- <!-- Coverity bugs (r17489 and above) -->
+ </para>
- Under a grant funded by the U.S. Department of Homeland Security,
- <ulink url="http://www.coverity.com">Coverity</ulink> has uncovered
- a number of vulnerabilities in Wireshark:
- <itemizedlist>
+ <para>
- <!-- CID 1 - 149: Fixed for 0.99.0 -->
- <!-- CID 150: Post-0.99.0 -->
+ The following bugs have been fixed:
+
+ <itemizedlist>
<listitem><para>
- XXXX feature could crash Ethereal.
- <!-- Fixed in r##### -->
- <!-- Bug IDs: None -->
- <!-- Coverity CID ### -->
- Versions affected: 0.9.16.
+ Wireshark could crash without warning.
</para></listitem>
</itemizedlist>
+
</para>
</section>
- <section><title>New and Updated Features</title>
+ <section id="NewFeatures"><title>New and Updated Features</title>
<para>
The following features are new (or have been significantly updated)
- since the last release:
+ since version 1.2:
+
<itemizedlist>
- <listitem><para>
- </para></listitem>
+ <listitem>
+ <para>
+ The packet list internals have been rewritten and are now more
+ efficient.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Python scripting support has been added.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Capturing from pipes on Windows has been improved.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Many memory leaks have been fixed.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Wireshark no longer supports Windows 2000. Please use
+ Wireshark 1.2 or 1.0 on those systems.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Packtets can now be ignored (excluded from dissection), similar to
+ the way they can be marked.
+ </para>
+ </listitem>
</itemizedlist>
+
</para>
</section>
- <section><title>New Protocol Support</title>
+ <section id="NewProtocols"><title>New Protocol Support</title>
<para>
</para>
</section>
- <section><title>Updated Protocol Support</title> <para>
+ <section id="UpdatedProtocols"><title>Updated Protocol Support</title> <para>
</para>
</section>
- <section><title>New and Updated Capture File Support</title>
+ <section id="NewCapture"><title>New and Updated Capture File Support</title>
<para>
</para>
</section>
- <section id="GettingEthereal"><title>Getting Ethereal</title>
- <section><title>Microsoft Windows</title>
- <para>
- Download ethereal-setup-&EtherealCurrentVersion;.exe from the
- <ulink url="http://www.ethereal.com/distribution/win32/">Windows
- download area</ulink> on the main web site. Double-click the
- installer executable.
- </para>
- </section>
-
- <section><title>Sun Solaris</title>
- <para>
- Download the appropriate package from the
- <ulink url="http://www.ethereal.com/distribution/solaris/">Solaris
- download area</ulink> on the main web site. Uncompress the package
- using bzip2, and install it using pkgadd.
- </para>
- </section>
-
- <section><title>Source Code</title>
- <para>
- Download ethereal-&EtherealCurrentVersion;.tar.gz from the
- <ulink url="http://www.ethereal.com/distribution/">main
- download area</ulink> on the web site. Extract the package
- using tar and gzip. Run "configure ; make ; make install".
- </para>
- </section>
+ <section id="GettingWireshark"><title>Getting Wireshark</title>
+ <para>
+ Wireshark source code and installation packages are available from
+ <ulink url="http://www.wireshark.org/download.html">http://www.wireshark.org/download.html</ulink>.
+ </para>
- <section><title>Vendor-supplied Packages</title>
+ <section id="VendorPackages"><title>Vendor-supplied Packages</title>
<para>
- Most Linux and Unix vendors supply their own Ethereal packages.
- You can install or upgrade Ethereal using the package management
+ Most Linux and Unix vendors supply their own Wireshark packages.
+ You can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages
- can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Wireshark web site.
+ can be found on the
+ <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
</para>
</section>
</section>
<!-- XXX needs to be written
- <section id="RemovingEthereal"><title>Removing Ethereal</title>
+ <section id="RemovingWireshark"><title>Removing Wireshark</title>
<para>
</para>
</section>
<section id="FileLocations"><title>File Locations</title>
<para>
- Ethereal and TShark look in several different locations for
+ Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.
<section id="KnownProblems"><title>Known Problems</title>
<para>
- On Windows systems the packet list scroll bar can sometimes disappear
- or become unusable. Until the problem is fixed you can work around it
- by resizing the packet list or the main window.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220">Bug
- #220</ulink>)
+ Wireshark may appear offscreen on multi-monitor Windows systems.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=553">Bug
+ 553</ulink>)
+ </para>
+
+ <para>
+ Wireshark might make your system disassociate from a wireless network
+ on OS X.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1315">Bug
+ 1315</ulink>)
+ </para>
+
+ <para>
+ Dumpcap might not quit if Wireshark or TShark crashes.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419">Bug
+ 1419</ulink>)
+ </para>
+
+ <para>
+ Wireshark is unable to decrypt WPA group keys.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1420">Bug
+ 1420</ulink>)
+ </para>
+
+ <para>
+ The BER dissector might infinitely loop.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516">Bug
+ 1516</ulink>)
+ </para>
+
+ <para>
+ Wireshark can't dynamically update the packet list. This means that host
+ name resolutions above a certain response time threshold won't show up in
+ the packet list.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1605">Bug
+ 1605</ulink>)
</para>
<para>
- The <guibutton>Filter</guibutton> button is nonfunctional in the
- file dialogs under Windows.
+ Capture filters aren't applied when capturing from named pipes.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814">Bug
+ 1814</ulink>)
</para>
<para>
- Trying to save flow data may crash Ethereal.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=396">Bug
- #396</ulink>)
+ Wireshark might freeze when reading from a pipe.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2082">Bug
+ 2082</ulink>)
</para>
<para>
- It may not be possible to re-order coloring rules under Windows.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=699">Bug
- #699</ulink>)
+ Capturing from named pipes might be delayed on Windows.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2200">Bug
+ 2200</ulink>)
</para>
<para>
- Multiple tap interfaces may cause a crash under FreeBSD.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=757">Bug
- #757</ulink>)
+ Filtering tshark captures with display filters (-R) no longer works.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234">Bug
+ 2234</ulink>)
</para>
<para>
- Ethereal may crash while viewing TCP streams.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=852">Bug
- #852</ulink>)
+ The 64-bit Windows installer does not ship with the same libraries as the
+ 32-bit installer.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3610">Bug
+ 3610</ulink>)
</para>
</section>
<section id="GettingHelp"><title>Getting Help</title>
<para>
- Community support is available on the ethereal-users mailing list.
- Subscription information and archives for all of Ethereal's mailing
- lists can be found on <ulink url="http://www.ethereal.com/lists/">the
- web site</ulink>. There is also an <ulink url="irc://irc.freenode.net/ethereal">IRC channel dedicated to Ethereal</ulink>.
+ Community support is available on the wireshark-users mailing list.
+ Subscription information and archives for all of Wireshark's mailing
+ lists can be found on <ulink url="http://www.wireshark.org/lists/">the
+ web site</ulink>.
</para>
<para>
Commercial support, training, and development services are available
- from <ulink url="http://www.etherealsoft.com/">Ethereal Software</ulink>.
+ from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
</para>
</section>
<section id="FAQ"><title>Frequently Asked Questions</title>
<para>
A complete FAQ is available on the
- <ulink url="http://www.ethereal.com/faq.html">Ethereal web site</ulink>.
+ <ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
</para>
</section>