<!--
Wireshark Info
-->
- <!ENTITY WiresharkCurrentVersion "0.99.3">
+ <!ENTITY WiresharkCurrentVersion "0.99.5">
]>
<para>
The following vulnerabilities have been fixed. See the
- <ulink url="http://www.wireshark.org/security/wnpa-sec-2006-02.html">security advisory</ulink> for details and a workaround.
+ <ulink url="http://www.wireshark.org/security/wnpa-sec-2007-01.html">security advisory</ulink> for details and a workaround.
<itemizedlist>
<listitem><para>
- The SCSI dissector could crash.
- <!-- Fixed in r18832 -->
- <!-- Bug IDs: 1034 -->
- Versions affected: 0.99.2.
+ The TCP dissector could hang or crash while reassembling HTTP packets.
+ <!-- Fixed in r19859 -->
+ <!-- Bug IDs: 1200 -->
+ Versions affected: 0.99.2 to 0.99.4
</para></listitem>
- <listitem><para>
- If Wireshark was compiled with ESP decryption support, the
- IPsec ESP preference parser was susceptible to off-by-one
- errors.
- <!-- Fixed in r18856, r18915, r18943 -->
+ <listitem><para>
+ The HTTP dissector could crash.
+ <!-- Fixed in 19899 -->
<!-- Bug IDs: None -->
- Versions affected: 0.99.2.
+ Versions affected: 0.99.3 to 0.99.4
</para></listitem>
<listitem><para>
- The DHCP dissector (and possibly others) in the Windows version of
- Wireshark could trigger a bug in Glib and crash.
- <!-- Fixed in r18883 -->
- <!-- Bug IDs: 1025 -->
- <!-- Gnome bug ID: 351034 -->
- Versions affected: 0.10.13 - 0.99.2.
+ On some systems, the IEEE 802.11 dissector could crash.
+ <!-- Fixed in 20126 -->
+ <!-- Bug IDs: None -->
+ Versions affected: 0.10.14 to 0.99.4
</para></listitem>
<listitem><para>
- If the SSCOP dissector has a port range configured
- <emphasis>and</emphasis> the SSCOP payload protocol is
- Q.2931, a malformed packet could make the Q.2931 dissector
- use up available memory. No port range is configured
- by default.
- <!-- Fixed in r18992 -->
+ On some systems, the LLT dissector could crash.
+ <!-- Fixed in 20007 -->
<!-- Bug IDs: None -->
- Versions affected: 0.7.9 - 0.99.2.
+ Versions affected: 0.99.3 to 0.99.4
</para></listitem>
</itemizedlist>
<itemizedlist>
+ <para>
+ On Windows systems the packet list scroll bar could sometimes
+ disappear or become unusable.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
+ 220</ulink>)
+ </para>
+
+ <listitem><para>
+ The end of HTTP chunked encoding wasn't being displayed.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=646">Bug
+ 646</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ The Follow TCP Stream window could omit characters.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1043">Bug
+ 1043</ulink>)
+ </para></listitem>
+
<listitem><para>
- The VOIP call analysis feature could cause an assertion.
+ Opening a flow graph could crash Wireshark.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1117">Bug
+ 1117</ulink>)
</para></listitem>
<listitem><para>
- The RTP analysis feature could freeze for an extended period.
+ Follow TCP Stream would sometimes get the direction wrong.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1138">Bug
+ 1138</ulink>)
</para></listitem>
<listitem><para>
- Selecting "Apply as Filter" wouldn't work for some tree items.
+ The foreground text in the coloring rules editor was always black..
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1164">Bug
+ 1164</ulink>)
</para></listitem>
+ <listitem><para>
+ The CSV export format was incorrect.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1173">Bug
+ 1173</ulink>)
+ </para></listitem>
+
+ <listitem><para>
+ On some Windows systems Wireshark could take a long time to start up.
+ </para></listitem>
+
</itemizedlist>
</para>
<itemizedlist>
<listitem><para>
- ESP, Kerberos, and SSL decryption are now supported in the
- Windows installer. (As as result, Wireshark is now subject to
- United States export controls.)
+ WPA and WPA2 decryption support has been added. The TDS / MS SQL
+ dissector now de-obfuscates passwords.
+ </para></listitem>
+
+ <listitem><para>
+ 64-bit file handling has been improved.
+ </para></listitem>
+
+ <listitem><para>
+ The <command>Find</command> function now selects the corresponding.
+ packet detail item.
+ </para></listitem>
+
+ <listitem><para>
+ <command>Find</command> functionality has been added to the TCP and
+ SSL stream dialogs.
+ </para></listitem>
+
+ <listitem><para>
+ Main window keyboard navigation has been improved.
</para></listitem>
<listitem><para>
- The packet list context menu now includes a conversation filter.
+ SNMPv3 decryption.
</para></listitem>
<listitem><para>
- Wireshark can now generate ACL rules for several popular firewall
- products.
+ <ulink url="http://www.cacetech.com/products/airpcap.htm">AirPcap</ulink>
+ support (which provides raw mode capture under Windows) has been
+ enhanced to allow capturing on multiple AirPcap adapters
+ simultaneously using the Multi-Channel Aggregator.
</para></listitem>
<listitem><para>
- Wireshark now supports
- <ulink url="http://www.cacetech.com/products/airpcap.htm">AirPcap</ulink>,
- including raw 802.11 captures under Windows.
+ You can no longer install Wireshark on Windows 95, 98, or ME. (OK,
+ so it's not a <emphasis>feature</emphasis> per seߪ)
</para></listitem>
+
</itemizedlist>
</para>
</section>
<section><title>New Protocol Support</title>
<para>
-Daytime,
-JPEG (RTP payload),
-Pegasus Lightweight Stream Control,
-Pro-MPEG FEC,
-UMTS RRC,
-Veritas Low Latency Transport
+DMP,
+NBD,
+OMAPI,
+RGMP,
+Roofnet,
+STUN v2
</para>
</section>
<section><title>Updated Protocol Support</title> <para>
-All ASN.1 dissectors,
-
-3G A11,
-802.11,
-AIM SST,
-AJP13,
+2dparityfec,
+ACN,
+AIM,
+AMR,
ANSI 637,
-AVS WLAN,
+ANSI A,
+ANSI MAP,
+ARP,
+ASN.1 BER,
+ASN.1 PER,
BACapp,
-BFD,
-CDP,
-Cisco WIDS,
-DCERPC (DCERPC, CONV, DFS, EPM, FLDB, NETLOGON, NT, PN-IO, RS_PGO),
-DCOM,
+BPDU,
+CAMEL,
+DCERPC (DCERPC, EFS, EVENTLOG, NSPI, PN-IO, WINREG),
+DCOM CBA,
+DCP,
DHCP,
-DIAMETER,
-DTLS,
-EAPOL,
-ESP,
-H.225,
+DHCPv6,
+DMP,
+DNS,
+EAP,
+EPL,
+ETSI DCP,
+FCP,
+GIOP,
+GSM A,
H.245,
-H.450,
+H.248,
+HPSW,
HTTP,
-IPv6,
+ICMP,
+ICMPv6,
+IEEE 802.11,
+IMAP,
+INAP,
+IPMI,
+IPsec,
+IRC,
ISAKMP,
-Juniper,
+iSCSI,
+ISIS LSP,
+IuUP,
+K12,
Kerberos,
-L2TP,
LDAP,
+LLDP,
+MEGACO,
+MGCP,
+MIME Multipart,
+MMS,
+MMSE,
MSRP,
+MySQL,
+NetFlow,
+NFS,
NTLMSSP,
-PN-CBA,
-PN-RT,
-Prism,
+NTP,
+OSPF,
+PN-PTCP,
+PPPoE,
+Q.931,
+Radiotap,
+RADIUS,
+RPC,
RSVP,
RTCP,
-RUDP,
+S4406,
+SCCP,
SCSI,
-SCTP,
SDP,
+SES,
+sFlow,
+SIGCOMP,
SIP,
-SIPFRAG,
+SIR,
Skinny,
-SMB,
+SMB (SMB, NETLOGON),
+SMTP,
+SNMP,
+SPNEGO,
SSL,
+T.38,
TCP,
+TDS,
text/media,
-Time,
-XML
-
+TIPC,
+UDP Lite,
+UDP,
+UMA,
+UMTS FP,
+USB,
+VNC,
+WBXML,
+WLCCP,
+WSP,
+X.411,
+X.420,
+XML,
+XOT,
+YMSG
</para>
</section>
<section><title>New and Updated Capture File Support</title>
<para>
-Catapult DCT2000,
-nettl
+Catapult DCT2000, Netttl, Windows Sniffer / NetXray
+
</para>
</section>
<section><title>Vendor-supplied Packages</title>
<para>
Most Linux and Unix vendors supply their own Wireshark packages.
- You can install or upgrade Wireshark using the package management
+ You can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages
- can be found on the <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
+ can be found on the
+ <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
</para>
</section>
<section id="KnownProblems"><title>Known Problems</title>
- <para>
- On Windows systems the packet list scroll bar can sometimes disappear
- or become unusable. Until the problem is fixed you can work around it
- by resizing the packet list or the main window.
- (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
- 220</ulink>)
- </para>
-
<para>
The <guibutton>Filter</guibutton> button is nonfunctional in the
file dialogs under Windows.
942</ulink>)
</para>
- <para>
- Trying to save flow data may crash Wireshark.
- (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=396">Bug
- 396</ulink>)
- </para>
-
- <para>
- It may not be possible to re-order coloring rules under Windows.
- (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=699">Bug
- 699</ulink>)
- </para>
-
- <para>
- Multiple tap interfaces may cause a crash under FreeBSD.
- (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=757">Bug
- 757</ulink>)
- </para>
-
- <para>
- Wireshark may crash while viewing TCP streams.
- (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=852">Bug
- 852</ulink>)
- </para>
-
</section>
<section id="GettingHelp"><title>Getting Help</title>