<?xml version="1.0"?>
-<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!-- $Id$ -->
-Use this section to encode all document information
-->
- <!ENTITY DocumentTitle "<application>Ethereal</application> Release Notes">
- <!ENTITY DocumentSubTitle "&DocumentVersion; (&SvnVersion;) for Ethereal &EtherealCurrentVersion;">
- <!ENTITY DocumentTitleAbbreviation "Relnotes">
-
- <!ENTITY % SvnVersionFile SYSTEM "svn_version.xml">
- %SvnVersionFile;
-<!ENTITY DocumentLegalNotice "<para>Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.</para><para>All logos and trademarks in this document are property of their respective owner.</para>">
-
-<!--
-Ethereal Info
--->
- <!ENTITY EtherealCurrentVersion "0.10.14">
- <!ENTITY EtherealWebSite "http://www.ethereal.com">
- <!ENTITY EtherealUsersGuidePage "&EtherealWebSite;/docs/#usersguide">
- <!ENTITY EtherealDownloadPage "&EtherealWebSite;/download.html">
- <!ENTITY EtherealBinariesPage "&EtherealWebSite;/download.html#releases">
- <!ENTITY EtherealAuthorsPage "&EtherealWebSite;/introduction.html#authors">
- <!ENTITY EtherealProtocolsPage "&EtherealWebSite;/docs/dfref/">
- <!ENTITY EtherealFAQPage "&EtherealWebSite;/faq.html">
- <!ENTITY EtherealFAQPromiscPage "&EtherealWebSite;/faq#promiscsniff">
- <!ENTITY EtherealMediaPage "&EtherealWebSite;/media.html">
- <!ENTITY EtherealWikiPage "http://wiki.ethereal.com">
- <!ENTITY EtherealWikiCaptureFiltersPage "&EtherealWikiPage;/CaptureFilters">
- <!ENTITY EtherealWikiDisplayFiltersPage "&EtherealWikiPage;/DisplayFilters">
- <!ENTITY EtherealWikiPreferencesPage "&EtherealWikiPage;/Preferences">
- <!ENTITY EtherealWikiColoringRulesPage "&EtherealWikiPage;/ColoringRules">
- <!ENTITY EtherealWikiPreferencesPage "&EtherealWikiPage;/Preferences">
-
- <!ENTITY EtherealDevMailList "ethereal-dev[AT]ethereal.com">
- <!ENTITY EtherealUsersMailList "ethereal-users[AT]ethereal.com">
-
-
<!--
-Winpcap Info
+Wireshark Info
-->
- <!ENTITY WinPcapWebsite "http://www.winpcap.org">
- <!ENTITY WinPcapDownloadWebsite "http://www.winpcap.org/install/default.htm">
-
-<!--
-Gnu info
--->
- <!ENTITY GPLWebsite "http://www.gnu.org/copyleft/gpl.html">
+ <!ENTITY WiresharkCurrentVersion "0.99.5">
]>
<article>
- <title>Ethereal &EtherealCurrentVersion; Release Notes</title>
+ <title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
- <section id="WhatIs"><title>What is Ethereal?</title>
+ <section id="WhatIs"><title>What is Wireshark?</title>
<para>
- Ethereal is the world's most popular network protocol analyzer. It
+ Wireshark is the world's most popular network protocol analyzer. It
is used for troubleshooting, analysis, development, and education.
</para>
</section>
<section id="WhatsNew"><title>What's New</title>
<section><title>Bug Fixes</title>
<para>
- Three security vulnerabilities have been fixed since the
- previous release. See the
- <ulink url="http://www.ethereal.com/appnotes/enpa-sa-00022.html">application
- advisory</ulink> for more details.
+
+ The following vulnerabilities have been fixed. See the
+ <ulink url="http://www.wireshark.org/security/wnpa-sec-2007-01.html">security advisory</ulink> for details and a workaround.
+
<itemizedlist>
<listitem><para>
- The IRC dissector could go into an infinite loop.
- <!-- Fixed in r16290 -->
- <!-- Bug IDs: 548 -->
- <!-- CVE: CVE-2005-3313 -->
- Versions affected: 0.10.13.
+ The TCP dissector could hang or crash while reassembling HTTP packets.
+ <!-- Fixed in r19859 -->
+ <!-- Bug IDs: 1200 -->
+ Versions affected: 0.99.2 to 0.99.4
+ </para></listitem>
+
+ <listitem><para>
+ The HTTP dissector could crash.
+ <!-- Fixed in 19899 -->
+ <!-- Bug IDs: None -->
+ Versions affected: 0.99.3 to 0.99.4
</para></listitem>
<listitem><para>
- The GTP dissector could go into an infinite loop.
- <!-- Fixed in r16436 -->
- <!-- Bug IDs: 576 -->
- <!-- CVE: None -->
- Versions affected: 0.9.1 to 0.10.13.
+ On some systems, the IEEE 802.11 dissector could crash.
+ <!-- Fixed in 20126 -->
+ <!-- Bug IDs: None -->
+ Versions affected: 0.10.14 to 0.99.4
</para></listitem>
<listitem><para>
- iDefense found a buffer overflow in the OSPF dissector.
- <!-- Fixed in r16507 -->
+ On some systems, the LLT dissector could crash.
+ <!-- Fixed in 20007 -->
<!-- Bug IDs: None -->
- <!-- CVE: CAN-2005-3651 -->
- Versions affected: 0.8.20 to 0.10.13.
+ Versions affected: 0.99.3 to 0.99.4
+ </para></listitem>
+
+ </itemizedlist>
+
+ </para>
+
+ <para>
+
+ The following bugs have been fixed:
+
+ <itemizedlist>
+
+ <para>
+ On Windows systems the packet list scroll bar could sometimes
+ disappear or become unusable.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
+ 220</ulink>)
+ </para>
+
+ <listitem><para>
+ The end of HTTP chunked encoding wasn't being displayed.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=646">Bug
+ 646</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The Follow TCP Stream window could omit characters.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1043">Bug
+ 1043</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ Opening a flow graph could crash Wireshark.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1117">Bug
+ 1117</ulink>)
</para></listitem>
+ <listitem><para>
+ Follow TCP Stream would sometimes get the direction wrong.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1138">Bug
+ 1138</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The foreground text in the coloring rules editor was always black..
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1164">Bug
+ 1164</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The CSV export format was incorrect.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1173">Bug
+ 1173</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ On some Windows systems Wireshark could take a long time to start up.
+ </para></listitem>
+
</itemizedlist>
</para>
+
</section>
<section><title>New and Updated Features</title>
<para>
The following features are new (or have been significantly updated)
since the last release:
-
<itemizedlist>
+
+ <listitem><para>
+ WPA and WPA2 decryption support has been added. The TDS / MS SQL
+ dissector now de-obfuscates passwords.
+ </para></listitem>
+
+ <listitem><para>
+ 64-bit file handling has been improved.
+ </para></listitem>
+
+ <listitem><para>
+ The <command>Find</command> function now selects the corresponding.
+ packet detail item.
+ </para></listitem>
+
<listitem><para>
- When cancelling a file load operation, Ethereal will keep
- displaying the loaded packets now, instead of simply discarding the
- whole load attempt.
- </para>
- <para>
- This can be very helpful to detect wether a specific (huge) capture
- file is the expected file or not. Remember:
- The complete load of a huge capture file (>100MB) can take even
- minutes!
+ <command>Find</command> functionality has been added to the TCP and
+ SSL stream dialogs.
</para></listitem>
+
+ <listitem><para>
+ Main window keyboard navigation has been improved.
+ </para></listitem>
+
+ <listitem><para>
+ SNMPv3 decryption.
+ </para></listitem>
+
+ <listitem><para>
+ <ulink url="http://www.cacetech.com/products/airpcap.htm">AirPcap</ulink>
+ support (which provides raw mode capture under Windows) has been
+ enhanced to allow capturing on multiple AirPcap adapters
+ simultaneously using the Multi-Channel Aggregator.
+ </para></listitem>
+
+ <listitem><para>
+ You can no longer install Wireshark on Windows 95, 98, or ME. (OK,
+ so it's not a <emphasis>feature</emphasis> per seߪ)
+ </para></listitem>
+
+
</itemizedlist>
</para>
</section>
<section><title>New Protocol Support</title>
<para>
+DMP,
+NBD,
+OMAPI,
+RGMP,
+Roofnet,
+STUN v2
+
</para>
</section>
<section><title>Updated Protocol Support</title> <para>
+2dparityfec,
+ACN,
+AIM,
+AMR,
+ANSI 637,
+ANSI A,
+ANSI MAP,
+ARP,
+ASN.1 BER,
+ASN.1 PER,
+BACapp,
+BPDU,
+CAMEL,
+DCERPC (DCERPC, EFS, EVENTLOG, NSPI, PN-IO, WINREG),
+DCOM CBA,
+DCP,
+DHCP,
+DHCPv6,
+DMP,
+DNS,
+EAP,
+EPL,
+ETSI DCP,
+FCP,
+GIOP,
+GSM A,
+H.245,
+H.248,
+HPSW,
+HTTP,
+ICMP,
+ICMPv6,
+IEEE 802.11,
+IMAP,
+INAP,
+IPMI,
+IPsec,
+IRC,
+ISAKMP,
+iSCSI,
+ISIS LSP,
+IuUP,
+K12,
+Kerberos,
+LDAP,
+LLDP,
+MEGACO,
+MGCP,
+MIME Multipart,
+MMS,
+MMSE,
+MSRP,
+MySQL,
+NetFlow,
+NFS,
+NTLMSSP,
+NTP,
+OSPF,
+PN-PTCP,
+PPPoE,
+Q.931,
+Radiotap,
+RADIUS,
+RPC,
+RSVP,
+RTCP,
+S4406,
+SCCP,
+SCSI,
+SDP,
+SES,
+sFlow,
+SIGCOMP,
+SIP,
+SIR,
+Skinny,
+SMB (SMB, NETLOGON),
+SMTP,
+SNMP,
+SPNEGO,
+SSL,
+T.38,
+TCP,
+TDS,
+text/media,
+TIPC,
+UDP Lite,
+UDP,
+UMA,
+UMTS FP,
+USB,
+VNC,
+WBXML,
+WLCCP,
+WSP,
+X.411,
+X.420,
+XML,
+XOT,
+YMSG
+
</para>
</section>
<section><title>New and Updated Capture File Support</title>
<para>
+Catapult DCT2000, Netttl, Windows Sniffer / NetXray
+
</para>
</section>
</section>
- <section id="GettingEthereal"><title>Getting Ethereal</title>
- <section><title>Microsoft Windows</title>
- <para>
- Download ethereal-setup-&EtherealCurrentVersion;.exe from the
- <ulink url="http://www.ethereal.com/distribution/win32/">Windows
- download area</ulink> on the main web site. Double-click the
- installer executable.
- </para>
- </section>
-
- <section><title>Sun Solaris</title>
- <para>
- Download the appropriate package from the
- <ulink url="http://www.ethereal.com/distribution/solaris/">Solaris
- download area</ulink> on the main web site. Uncompress the package
- using bzip2, and install it using pkgadd.
- </para>
- </section>
-
- <section><title>Source Code</title>
- <para>
- Download ethereal-&EtherealCurrentVersion;.tar.gz from the
- <ulink url="http://www.ethereal.com/distribution/">main
- download area</ulink> on the web site. Extract the package
- using tar and gzip. Run "configure ; make ; make install".
- </para>
- </section>
+ <section id="GettingWireshark"><title>Getting Wireshark</title>
+ <para>
+ Wireshark source code and installation packages are available from
+ the <ulink url="http://www.wireshark.org/download.html">download
+ page</ulink> on the main web site.
+ </para>
<section><title>Vendor-supplied Packages</title>
<para>
- Most Linux and Unix vendors supply their own Ethereal packages.
- You can install or upgrade Ethereal using the package management
+ Most Linux and Unix vendors supply their own Wireshark packages.
+ You can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages
- can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Ethereal web site.
+ can be found on the
+ <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
</para>
</section>
</section>
- <!-- XXX needs to be written
- <section id="RemovingEthereal"><title>Removing Ethereal</title>
+ <!-- XXX needs to be written
+ <section id="RemovingWireshark"><title>Removing Wireshark</title>
<para>
</para>
</section>
<section id="FileLocations"><title>File Locations</title>
<para>
- Ethereal and Tethereal look in several different locations for
+ Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.
</section>
<section id="KnownProblems"><title>Known Problems</title>
+
<para>
- On Windows systems the packet list scroll bar can sometimes disappear
- or become unusable. Until the problem is fixed you can work around it
- by resizing the packet list or the main window.
- (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220">Bug
- #220</ulink>)
+ The <guibutton>Filter</guibutton> button is nonfunctional in the
+ file dialogs under Windows.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942">Bug
+ 942</ulink>)
</para>
+
</section>
<section id="GettingHelp"><title>Getting Help</title>
<para>
- Community support is available on the ethereal-users mailing list.
- Subscription information and archives for all of Ethereal's mailing
- lists can be found on <ulink url="http://www.ethereal.com/lists/">the
- web site</ulink>. There is also an <ulink url="irc://irc.freenode.net/ethereal">IRC channel dedicated to Ethereal</ulink>.
+ Community support is available on the wireshark-users mailing list.
+ Subscription information and archives for all of Wireshark's mailing
+ lists can be found on <ulink url="http://www.wireshark.org/lists/">the
+ web site</ulink>.
</para>
<para>
Commercial support, training, and development services are available
- from <ulink url="http://www.etherealsoft.com/">Ethereal Software</ulink>.
+ from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
</para>
</section>
<section id="FAQ"><title>Frequently Asked Questions</title>
<para>
A complete FAQ is available on the
- <ulink url="http://www.ethereal.com/faq.html">Ethereal web site</ulink>.
+ <ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
</para>
</section>