Wireshark (32-bit) 歷史版本列表
更新時間:2011-11-21
更新細節:
What's new in this version:
The following bugs have been fixed:
- Patch to fix memory leaks/errors in Lua plugin.
- Wireshark crashes if a field of type BASE_CUSTOM is applied as a column.
- Filter Expression dialog can only be opened once.
- Wireshark crashes if compiled without GLib thread support.
- 80211 QoS Control: Add Raw TID.
- SNMP length check error.
- UCP dissector bug of operation 61.
更新時間:2011-11-02
更新細節:
What's new in this version:
# The following bugs have been fixed:
- Assertion failed when doing File->Quit->Save during live capture.
- Wrong PCEP XRO sub-object decoding.
- Wireshark window takes very long time to show up if invalid network file path is at recent file list
- Decoding [Status Records] Timestamp Sequence Field in Bundle Protocol fails if over 32 bits.
- ISUP party number dissection.
- wireshark-1.4.2 crashes when testing the example python dissector because of a dissector count assertion.
- Ethernet packets with both VLAN tag and LLC header no longer displayed correctly.
- SLL encapsuled 802.1Q VLAN is not dissected.
- Wireshark crashes when attempting to open a file via drag & drop when there's already a file open.
- Adding and removing custom HTTP headers requires a restart.
- Can't read full 64-bit SNMP values.
- Dissection fails for frames with Gigamon Header and VLAN.
- RTP Stream Analysis does not work for TURN-encapsulated RTP.
- packet-csn1.c doesn't process CSN_CHOICE entries properly.
- BACnet property time-synchronization-interval (204) name shown incorrectly as time-synchronization-recipients.
- GUI crash on invalid IEEE 802.11 GAS frame.
- [ASN.1 PER] Incorrect decoding of BIT STRING type.
- ICMPv6 router advertisement Prefix Information Flag R "Router Address" missing.
- Export -> Object -> HTTP -> save all: Error on saving files.
- Inner tag of 802.1ad frames not parsed properly.
- Added cursor type decoding to MySQL dissector.
- Incorrect identification of UDP-encapsulated NAT-keepalive packets.
- WPA IE pairwise cipher suite dissector uses incorrect value_string list.
- S1AP protocol can't decode IPv6 transportLayerAddress.
- RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
- packet-ajp13 fix, cleanup, and enhancement.
- Network Instruments Observer file format bugs.
- Wireshark crashes when using "Open Recent" 2 times in a row.
- Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data Header.
- wireshark unable to decode NetFlow options which have system scope size != 4 bytes.
- Display filter Expression Dialog Box Error.
- text_import_scanner.l missing.
# Updated Protocol Support
- AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11, IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL
# New and Updated Capture File Support
- Endace ERF.
更新時間:2011-09-09
更新細節:
What's new in this version:
- A large loop in the OpenSafety dissector could cause a crash.
- A malformed IKE packet could consume excessive resources.
- A malformed capture file could result in an invalid root tvbuff and cause a crash.
- Wireshark could run arbitrary Lua scripts.
- The CSN.1 dissector could crash.
- configure ignores (partially) LDFLAGS.
- Build fails when it tries to #include <getopt.h>, not present in Solaris 9.
- Unable to configure zero length SNMP Engine ID.
- BACnet who-is request device range values are not decoded correctly in the packet details window.
- H.323 RAS packets missing from packet counts in "Telephony->VoIP Calls" and the "Flow Graph" for the call.
- Wireshark crashes if sercosiii module isn't installed.
- Editcap could create invalid pcap files when converting from JPEG.
- Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows.
- Malformed Packet in decode for BGP-AD update.
- Wrong display of CSN_BIT in CSN.1.
- Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c.
- Wireshark cannot display Reachable time & Retrans timer in IPv6 RA messages.
- ReadPropertyMultiple-ACK not correctly dissected.
- GTPv2 dissectors should treat gtpv2_ccrsi as optional.
- BGP : AS_PATH attribute was decode wrong.
- Fixes for SCPS TCP option.
- Offset calculated incorrectly for sFlow extended data.
- [Enter] key behavior varies when manually typing display filters.
- Contents of pcapng EnhancedPacketBlocks with comments aren't displayed.
- Misdecoding 3G Neighbour Cell Information Element in SI2quater message due to a coding typo.
- Mis-spelled word "unknown" in assorted files.
- tshark run with -Tpdml makes a seg fault.
- btl2cap extended window shows wrong bit.
- NDMP dissector incorrectly represents "ndmp.bytes_left_to_read" as signed.
- TShark/dumpcap skips capture duration flag occasionally.
- File types with no snaplen written out with a zero snaplen in pcap-ng files.
- Wireshark improperly parsing 802.11 Beacon Country Information tag.
- ERF records with extension headers not written out correctly to pcap or pcap-ng files.
- RTPS2: MAX_BITMAP_SIZE is defined incorrectly.
- Copying from RTP stream analysis copies 1st line many times.
- Wrong display of CSN_BIT under CSN_UNION.
- MEGACO context tracking fix - context id reuse.
Updated Protocol Support:
- BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP, ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP
New and Updated Capture File Support:
- CommView, pcap-ng, JPEG.
更新時間:2011-07-19
更新細節:
What's new in this version:
# The following bugs have been fixed:
* TCP dissector doesn't decode TCP segments of length 1.
* wireshark 1.4.0rc1 and python - spurious message.
* Missing LUA function.
* Lua API description about creating a new Tvb from a bytearray is not correct in wireshark's user guide.
* Character echo pauses in Capture Filter field in Capture Options.
* White space in protocol field abbreviation causes runtime failure while registering Lua dissector.
* "File not found" box uses wrong filename encoding.
* capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many .
* Wireshark crashes if Lua contains "Pref.range()" with missing arguments.
* The "range" field in Lua's "Pref.range()" serves as default while the "default" field does nothing .
* Wireshark crashes when calling TreeItem:set_len() on TreeItem without tvb.
* TvbRange_string(lua_State* L) call a wrong function.
* VoIP call flow graph displays BICC APM as a BICC ANM.
* Cannot Live-capture VirtualBox network packets with Wireshark; pipe problem.
* Interface list in Capture Options isn't cleared when selecting other host.
* H323 rate multiplier wrong.
* Inclusion of config.h is too late in lex-files resulting in wrong definition of _FILE_OFFSET_BITS.
* tshark crashes when loading Lua script that contains GUI function.
* 802.11 Disassociation Packet's "Reason Code" field is imprecisely decoded/described.
* Wireshark crashes when setting custom column's field name with conditional.
* Crash after applying "expert.severity" field as column.
* GTS Descriptor count limited to 3 instead of 7.
* The SSL dissector can not resemble correctly the frames after TCP zero window probe packet.
* Packet parser takes too long for this trace.
* The SSL dissector can not resemble correctly the frames after TCP zero window probe packet.
* Wireshark crashes after repeating "File -> Import -> Cancel".
* Decoding of MQ ASCII and EBCDIC Traffic Flow - ASCII shows fine, EBCDIC does not.
* 802.11 Association Response Packet's "Status Code" field is imprecisely decoded/described.
* Abis interface not correctly handled in gsmtap dissector.
* Wrong decoding of RLC/MAC EGPRS Packet Downlink Ack/Nack (3GPP TS 44.060).
* CSN Ack/Nack Description wrongly handled in gsm_rlcmac_dl dissector (3GPP TS 44.060).
* wireshark 1.6.0 and python support: installer fails to create the wspy_dissectors subdirectory and .
* Wireshark crash during RTP stream analysis.
* Tshark custom columns: Why don't I get an error message?
# New and Updated Capture File Support
* Network Monitor.
更新時間:2011-06-08
更新細節:
What's new in this version:
Bug Fixes:
- Wireshark is unresponsive when capturing from named pipes on Windows.
- Crash when sorting column while capturing.
- Ring buffers are no longer turned on by default when using multiple capture files.
New and Updated Features:
- Wireshark is now distributed as an installation package rather than a drag-installer on OS X. The installer adds a startup item that should make it easier to capture packets.
- Large file (greater than 2 GB) support has been improved.
- Wireshark and TShark can import text dumps, similar to text2pcap.
- You can now view Wireshark's dissector tables (for example the TCP port to dissector mappings) from the main window.
- Wireshark can export SSL session keys via File?Export?SSL Session Keys...
- TShark can show a specific occurrence of a field when using '-T fields'.
- Custom columns can show a specific occurrence of a field.
- You can hide columns in the packet list.
- Wireshark can now export SMB objects.
- dftest and randpkt now have manual pages.
- TShark can now display iSCSI, ICMP and ICMPv6 service response times.
- Dumpcap can now save files with a user-specified group id.
- Syntax checking is done for capture filters.
- You can display the compiled BPF code for capture filters in the Capture Options dialog.
- You can now navigate backwards and forwards through TCP and UDP sessions using Ctrl+, and Ctrl+. .
- Packet length is (finally) a default column.
- TCP window size is now avaiable both scaled and unscaled. A TCP window scaling graph is available in the GUI.
- 802.1q VLAN tags are now shown in the Ethernet II protocol tree instead of a separate tree.
- Various dissectors now display some UTF-16 strings as proper Unicode including the DCE/RPC and SMB dissectors.
- The RTP player now has an option to show the time of day in the graph in addition to the seconds since beginning of capture.
- The RTP player now shows why media interruptions occur.
- Graphs now save as PNG images by default.
- TShark can read and write host name information from and to pcapng-formatted files. Wireshark can read it. TShark can dump host name information via [-z hosts].
- TShark's -z option now uses the [-z <proto>,srt] syntax instead of [-z <proto>,rtt] for all protocols that support service response time statistics. This matches Wireshark's syntax for this option.
- Wireshark and TShark can now read compressed Windows Sniffer files.
New Protocol Support:
- ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol, Broadcast/Multicast Control, Constrained Application Protocol (COAP), Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket Direct Protocol (SDP), JSON, LISP Control, LISP Data, LISP, MikroTik MAC-Telnet, MRP Multiple Mac Registration Protocol (MMRP) Mongo Wire Protocol, MUX27010, Network Monitor 802.11 radio header, OPC UA ExtensionObjects, openSAFETY, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RObust Header Compression (ROHC), RSIP, SAMETIME, SCoP, SGSAP, Tektronix Teklink, USB/AT Commands, uTorrent Transport Protocol, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)
New and Updated Capture File Support:
- Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP OpenVMS TCPTrace, IPFIX (the file format, not the protocol), Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments, TamoSoft CommView
更新時間:2011-06-01
更新細節:
What's new in this version:
The following bugs have been fixed:
- AIM dissector has some endian issues.
- Telephony?MTP3?MSUS doesn't display window.
- Support for MS NetMon 3.x traces containing raw IPv6 ("Type 7") packets.
- Service Indicator in M3UA protocol data.
- IEC60870-5-104 protocol, incorrect decoding of timestamp type CP56Time2a.
- DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF _FDCTR_16NF.
- 3GPP QoS: Traffic class is not decoded properly.
- Wireshark crashes when creating ProtoField.framenum in Lua.
- Fix a wrong mask to extract FMID from DECT packets dissector.
- Incorrect DHCPv6 remote identifier option parsing.
Updated Protocol Support
- DICOM, IEC104, M3UA, TCP
New and Updated Capture File Support
- Network Monitor.
更新時間:2011-04-19
更新細節:
What's new in this version:
The following bugs have been fixed:
- Wireshark and TShark can crash while analyzing TCP packets.
Updated Protocol Support
- TCP
更新時間:2011-04-16
更新細節:
What's new in this version:
The following bugs have been fixed:
- Cygwin make fails after updating to bash v 4.1.9.2
- Export HTTP > All - System Appears Hung (but isn't).
- Some HTTP responses don't decode with TCP reassembly on.
- Wireshark crashes when cancelling a large sort operation.
- Wireshark crashes if SSL preferences RSA key is actually a DSA key.
- tshark incorrectly calculates TCP stream for some syn packets.
- Wireshark not able to decode the PPP frame in a sflow (RFC3176) flow sample packet because Wireshark incorrectly read the protocol in PPP frame header.
- Mysql protocol dissector: all fields should be little endian.
- Error when opening snoop from Juniper SSG-140.
- svnversion: command not found.
- capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too many.
- Value of TCP segment data cannot be copied. (Bug 5811)
- proto_field_is_referenced() is not exported in libwireshark.dll.
- Wireshark ver. 1.4.4 not displayed "Granted QoS" field in a A11 packet.
Updated Protocol Support
- HTTP, LDAP, MySQL, NFS, sFlow, SSL, TCP
更新時間:2011-03-02
更新細節:
What's new in this version:
The following bugs have been fixed:
* A TCP stream would not always be recognized as the same stream. (Bug 2907)
* Wireshark Crashing by pressing 2 Buttons. (Bug 4645)
* A crash can occur in the NTLMSSP dissector. (Bug 5157)
* The column texts from a Lua dissector could be mangled. (Bug 5326) (Bug 5630)
* Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)
* When searching in packet bytes, the field and bytes are not immediately shown. (Bug 5585)
* Malformed Packet: ULP reported when dissecting ULP SessionID PDU. (Bug 5593)
* Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)
* Display filter does not work for expressions of type BASE_DEC, BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)
* NTLMSSP dissector may fail to compile due to space embedded in C comment delimiters. (Bug 5614)
* Allow for name resolution of link-scope and multicast IPv6 addresses from local host file. (Bug 5615)
* DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)
* Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)
* Various fixes to the HIP packet dissector. (Bug 5646)
* Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)
* Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)
* E.212 MCC 260 Poland update according to local national regulatory. (Bug 5668)
* IPP on ports other than 631 not recognized. (Bug 5677)
* Potential access violation when writing to LANalyzer files. (Bug 5698)
* IEEE 802.15.4 Superframe Specification - Final CAP Slot always 0. (Bug 5700)
* Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)
* dumpcap: -q option behavior doesn't match documentation. (Bug 5716)
* Updated Protocol Support
- ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
* New and Updated Capture File Support
- LANalyzer, Nokia DCT3, Pcap-ng
更新時間:2011-01-12
更新細節:
What's new in this version:
# The following bugs have been fixed:
* AMQP failed assertion. (Bug 4048)
* Reassemble.c leaks memory for GLIB > 2.8. (Bug 4141)
* Fuzz testing reports possible dissector bug: TCP. (Bug 4211)
* Wrong length calculation in new_octet_aligned_subset_bits() (PER dissector). (Bug 5393)
* Function dissect_per_bit_string_display might read more bytes than available (PER dissector). (Bug 5394)
* Cannot load wpcap.dll & packet.dll from Wireshark program directory. (Bug 5420)
* Wireshark crashes with Copy -> Description on date/time fields. (Bug 5421)
* DHCPv6 OPTION_CLIENT_FQDN parse error. (Bug 5426)
* Information element Error for supported channels. (Bug 5430)
* Assert when using ASN.1 dissector with loading a 'type table'. (Bug 5447)
* Bug with RWH parsing in Infiniband dissector. (Bug 5444)
* Help->About Wireshark mis-reports OS. (Bug 5453)
* Delegated-IPv6-Prefix(123) is shown incorrect as X-Ascend-Call-Attempt-Limit(123). (Bug 5455)
* tshark -r file -T fields is truncating exported data. (Bug 5463)
* gsm_a_dtap: incorrect Extraneous Data when decoding Packet Flow Identifier. (Bug 5475)
* Improper decode of TLS 1.2 packet containing both CertificateRequest and ServerHelloDone messages. (Bug 5485)
* LTE-PDCP UL and DL problem. (Bug 5505)
* CIGI 3.2/3.3 support broken. (Bug 5510)
* Prepare Filter in RTP Streams dialog does not work correctly. (Bug 5513)
* Wrong decode at ethernet OAM Y.1731 ETH-CC. (Bug 5517)
* WPS: RF bands decryption. (Bug 5523)
* Incorrect LTP SDNV value handling. (Bug 5521)
* LTP bug found by randpkt. (Bug 5323)
* Buffer overflow in SNMP EngineID preferences. (Bug 5530)
# Updated Protocol Support
* AMQP, ASN.1 BER, ASN.1 PER, CFM, CIGI, DHCPv6, Diameter, ENTTEC, GSM A GM, IEEE 802.11, InfiniBand, LTE-PDCP, LTP, MAC-LTE, MP2T, RADIUS, SAMR, SCCP, SIP, SNMP, TCP, TLS, TN3270, UNISTIM, WPS
# New and Updated Capture File Support
* Endace ERF, Microsoft Network Monitor, VMS TCPtrace.