Wireshark 歷史版本列表
Wireshark (32-bit)Wireshark (64-bit)
更新時間:2017-04-13
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- IMAP dissector crash
- WBMXL dissector infinite loop
- NetScaler file parser infinite loop
- RPCoRDMA dissector infinite loop
- BGP dissector infinite loop
- DOF dissector infinite loop
- PacketBB dissector crash
- SLSK dissector long loop
- SIGCOMP dissector infinite loop
- WSP dissector infinite loop
The following bugs have been fixed:
- T30 FCF byte decoding masks DTC, CIG and NCS
- Wireshark gives decoding error during rnsap message dissection(SCCP reassembly)
- Added IEEE 802.15.4-2003 AES-CCM security modes (packet-ieee802154)
- Payload in 2 SCCP DT1 messages in the same frame isn’t (sub)dissected
- IEEE 802.15.4: an area of Payload IEs is dissected twice
- Qt UI: Wireshark crash when deleting IO graph string while it’s in editing mode
- Crash on exit due to an invalid frame data sequence state
- Access Violation using Lua dissector
- Some bytes ignored in every packet in NetScaler packet trace when vmnames are included in packet headers
- VOIP RTP stream Find Reverse button doesn’t work
- Lua dissector: ProtoField int&42; do not allow FT_HEX or FT_OCT, crash when set to FT_HEX_DEC or FT_DEC_HEX
- GIOP LocateRequest v1.0 is improperly indicated as "malformed"
- Bug in ZigBee - Zone Status Change Notification
- Packet exception in packet-ua3g and incomplete strings in packet-noe
- Wrong BGP capability dissect
- Endpoint statistics column labels seem incorrect
- Strange automatic jump in packet details for a certain DNS response packet
- When a Lua enum or bool preference is changed via context menu, prefs_changed isn’t called with Qt Wireshark
- IO Graph selects wrong packet or displays "Packet number x isn’t displayed"
- tshark’s -z endpoints,ip ignores optional filter
- SSL: Handshake type in Info column not always separated by comma
- libfuzzer: PEEKREMOTE dissector bug
- libfuzzer: packetBB dissector bug (packetbb.msg.addr.valuecustom)
- libfuzzer: WSP dissector bug (wsp.header.x_wap_tod)
- libfuzzer: MIH dissector bug
- libfuzzer: DNS dissector bug
- libfuzzer: WLCCP dissector bug
- libfuzzer: TAPA dissector bug
- libfuzzer: lapsat dissector bug
- libfuzzer: wassp dissector bug
- Illegal reassembly of GSM SMS packets
- SSH Dissector uses incorrect length for protocol field (ssh.protocol)
- NBAP malformed packet for short Binding ID
- libfuzzer: WSP dissector bug (wsp.header.x_up_1.x_up_proxy_tod)
- libfuzzer: asterix dissector bug (asterix.021_230_RA)
- RTPproxy dissector adds multi lines to info column
更新時間:2017-03-05
更新細節:
What's new in this version:
BUG FIXES:
The following vulnerabilities have been fixed:
- [1]wnpa-sec-2017-03 LDSS dissector crash
- [3]wnpa-sec-2017-04 RTMTP dissector infinite loop
- [5]wnpa-sec-2017-05 WSP dissector infinite loop
- [7]wnpa-sec-2017-06 STANAG 4607 file parser infinite loop
- [9]wnpa-sec-2017-07 NetScaler file parser infinite loop
- [11]wnpa-sec-2017-08 NetScaler file parser crash
- [13]wnpa-sec-2017-09 K12 file parser crash
- [15]wnpa-sec-2017-10 IAX2 dissector infinite loop
- [17]wnpa-sec-2017-11 NetScaler file parser infinite loop
The following bugs have been fixed:
- Display filter textbox loses focus during live capturing
- Wireshark crashes when saving pcaps, opening pcaps, and exporting specified packets
- tshark stalls on FreeBSD if androiddump is present
- UTF-8 characters in packet list column title
- Recent capture file list should appear immediately on startup
- editcap segfault if a packet length is shorter than ignore bytes parameter
- dftest segfault with automated build of 2.2.5
- UMTS MAC Dissector shows Packet size limited for BCCH payload
- VS2010 win32 ±¥
- EAP AKA not being decoded properly
- Dumpcap crashes during rpcap setup
- Crash on closing SNMP capture file if snmp credentials are present
- GPRS-NS message PDU type displayed in octal instead of hexadecimal
UPDATED PROTOCOL SUPPORT:
- GPRS-NS, GTPv2, IAX2, IEEE 802.11, LDSS, MS-WSP, OpcUa, ROHC, RTMTP, SNMP, STANAG 4607, T.38, and UMTS FP
更新時間:2017-03-05
更新細節:
What's new in this version:
BUG FIXES:
The following vulnerabilities have been fixed:
- [1]wnpa-sec-2017-03 LDSS dissector crash
- [3]wnpa-sec-2017-04 RTMTP dissector infinite loop
- [5]wnpa-sec-2017-05 WSP dissector infinite loop
- [7]wnpa-sec-2017-06 STANAG 4607 file parser infinite loop
- [9]wnpa-sec-2017-07 NetScaler file parser infinite loop
- [11]wnpa-sec-2017-08 NetScaler file parser crash
- [13]wnpa-sec-2017-09 K12 file parser crash
- [15]wnpa-sec-2017-10 IAX2 dissector infinite loop
- [17]wnpa-sec-2017-11 NetScaler file parser infinite loop
The following bugs have been fixed:
- Display filter textbox loses focus during live capturing
- Wireshark crashes when saving pcaps, opening pcaps, and exporting specified packets
- tshark stalls on FreeBSD if androiddump is present
- UTF-8 characters in packet list column title
- Recent capture file list should appear immediately on startup
- editcap segfault if a packet length is shorter than ignore bytes parameter
- dftest segfault with automated build of 2.2.5
- UMTS MAC Dissector shows Packet size limited for BCCH payload
- VS2010 win32 ±¥
- EAP AKA not being decoded properly
- Dumpcap crashes during rpcap setup
- Crash on closing SNMP capture file if snmp credentials are present
- GPRS-NS message PDU type displayed in octal instead of hexadecimal
UPDATED PROTOCOL SUPPORT:
- GPRS-NS, GTPv2, IAX2, IEEE 802.11, LDSS, MS-WSP, OpcUa, ROHC, RTMTP, SNMP, STANAG 4607, T.38, and UMTS FP
更新時間:2017-01-24
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- The ASTERIX dissector could go into an infinite loop
- The DHCPv6 dissector could go into a large loop
The following bugs have been fixed:
- TCP reassembly: tcp.reassembled_in is not set in first packet
- Duplicated Interfaces instances while refreshing
- Time zone name needs to be converted to UTF-8 on Windows
- Crash on fast local interface changes
- Please align columns in tshark’s output
- Display data rate fields for VHT rates invalid with BCC modulation
- plugin_if_get_ws_info causes Access Violation if called during rescan
- SMTP BDAT dissector not reverting to command-code after DATA
- Wireshark fails to recognize V6 DBS Etherwatch capture files
- Runtime Error when try to merge .pcap files (Wireshark crashes)
- PPP BCP BPDU size reports not header size, but all data underneath and its header size in UI
- In-line UDP checksum bytes in 6LoWPAN IPHC are swapped
- Uninitialized memcmp on data in daintree-sna.c
- Crash when dissect WDBRPC Version 2 protocol with Dissect unknown program numbers enabled
- Contents/Resources/bin directory isn’t in the app bundle after installation
- Regression: IEEE17221 (AVDECC) decoded as IEEE1722 (AVB Transportation Protocol)
- Can’t decode packets captured with OpenBSD enc(4) encapsulating
- UDLD flags are at other end of octet
- MS-WSP dissector no longer works since commit 8c2fa5b5cf789e6d0d19cd0dd34479d0203d177a
- TBCD string decoded wrongly in MAP ATI message
- Filter Documentation: The tilde (~) operator is not documented
- VoIP Flow Sequence Causes Application Crash
Updated Protocol Support:
- 6LoWPAN, DVB-CI, ENC, GSM MAP, IEEE 1722, IEEE 1722.1, ISAKMP, MS-WSP, PPP, QUIC, Radiotap, RPC, SMTP, TCP, UCD, and UDLD
更新時間:2017-01-24
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- The ASTERIX dissector could go into an infinite loop
- The DHCPv6 dissector could go into a large loop
The following bugs have been fixed:
- TCP reassembly: tcp.reassembled_in is not set in first packet
- Duplicated Interfaces instances while refreshing
- Time zone name needs to be converted to UTF-8 on Windows
- Crash on fast local interface changes
- Please align columns in tshark’s output
- Display data rate fields for VHT rates invalid with BCC modulation
- plugin_if_get_ws_info causes Access Violation if called during rescan
- SMTP BDAT dissector not reverting to command-code after DATA
- Wireshark fails to recognize V6 DBS Etherwatch capture files
- Runtime Error when try to merge .pcap files (Wireshark crashes)
- PPP BCP BPDU size reports not header size, but all data underneath and its header size in UI
- In-line UDP checksum bytes in 6LoWPAN IPHC are swapped
- Uninitialized memcmp on data in daintree-sna.c
- Crash when dissect WDBRPC Version 2 protocol with Dissect unknown program numbers enabled
- Contents/Resources/bin directory isn’t in the app bundle after installation
- Regression: IEEE17221 (AVDECC) decoded as IEEE1722 (AVB Transportation Protocol)
- Can’t decode packets captured with OpenBSD enc(4) encapsulating
- UDLD flags are at other end of octet
- MS-WSP dissector no longer works since commit 8c2fa5b5cf789e6d0d19cd0dd34479d0203d177a
- TBCD string decoded wrongly in MAP ATI message
- Filter Documentation: The tilde (~) operator is not documented
- VoIP Flow Sequence Causes Application Crash
Updated Protocol Support:
- 6LoWPAN, DVB-CI, ENC, GSM MAP, IEEE 1722, IEEE 1722.1, ISAKMP, MS-WSP, PPP, QUIC, Radiotap, RPC, SMTP, TCP, UCD, and UDLD
更新時間:2016-12-15
更新細節:
What's new in this version:
Bug Fixes:
The following vulnerabilities have been fixed:
- Arbitrary file deletion on Windows
The following bugs have been fixed:
- Saving all exported objects (SMB/SMB2) results in out of physical memory
- Export HTTP Objects - Single file shows as multiple files in 2.0.2
- Follow Stream and graph buttons remain greyed out in conversation window
- Dicom list of tags in element of VR=AT not properly decoded
- Malformed Packet: BGP Update (withdraw) message
- Install fail on macOS Sierra (error PKInstallErrorDomain Code=112)
- GTP: "Create PDP Context response" message shows back-off timer as malformed when included in the response
- ICMP dissector fails to properly detect timestamps
- RLC misdissection
- Text2pcap on Windows produces corrupt output when writing the capture file to the standard output
- HTML escaping of quotes in error message
- TShark doesn't respect protocols.display_hidden_proto_items setting
- RPC/RDMA dissector should exit when frame is not RPC-over-RDMA
- Some RPC-over-RDMA frames are not recognized as RPC-over-RDMA
- RPC-over-RDMA frames with chunk lists are "Malformed"
- TShark fails to pass RPC-over-RDMA frames to RPC subdissector
- Adding a DOF DPS Identity Secret, session Key, or Mode Template causes Wireshark to crash
- Wireshark shows "MS Video Source Request" in a RTCP packet as "Malformed"
Updated Protocol Support:
- BGP, BOOTP/DHCP, BTLE, DICOM, DOF, Echo, GTP, ICMP, Radiotap, RLC, RPC over RDMA, RTCP, SMB, TCP, UFTP4, and VXLAN
更新時間:2016-12-15
更新細節:
What's new in this version:
Bug Fixes:
The following vulnerabilities have been fixed:
- Arbitrary file deletion on Windows
The following bugs have been fixed:
- Saving all exported objects (SMB/SMB2) results in out of physical memory
- Export HTTP Objects - Single file shows as multiple files in 2.0.2
- Follow Stream and graph buttons remain greyed out in conversation window
- Dicom list of tags in element of VR=AT not properly decoded
- Malformed Packet: BGP Update (withdraw) message
- Install fail on macOS Sierra (error PKInstallErrorDomain Code=112)
- GTP: "Create PDP Context response" message shows back-off timer as malformed when included in the response
- ICMP dissector fails to properly detect timestamps
- RLC misdissection
- Text2pcap on Windows produces corrupt output when writing the capture file to the standard output
- HTML escaping of quotes in error message
- TShark doesn't respect protocols.display_hidden_proto_items setting
- RPC/RDMA dissector should exit when frame is not RPC-over-RDMA
- Some RPC-over-RDMA frames are not recognized as RPC-over-RDMA
- RPC-over-RDMA frames with chunk lists are "Malformed"
- TShark fails to pass RPC-over-RDMA frames to RPC subdissector
- Adding a DOF DPS Identity Secret, session Key, or Mode Template causes Wireshark to crash
- Wireshark shows "MS Video Source Request" in a RTCP packet as "Malformed"
Updated Protocol Support:
- BGP, BOOTP/DHCP, BTLE, DICOM, DOF, Echo, GTP, ICMP, Radiotap, RLC, RPC over RDMA, RTCP, SMB, TCP, UFTP4, and VXLAN
更新時間:2016-11-17
更新細節:
What's new in this version:
Bug fixes:
- [1]wnpa-sec-2016-58: Profinet I/O long loop. ([2]Bug 12851)
- [3]wnpa-sec-2016-59: AllJoyn crash. ([4]Bug 12953)
- [5]wnpa-sec-2016-60: OpenFlow crash. ([6]Bug 13071)
- [7]wnpa-sec-2016-61: DCERPC crash. ([8]Bug 13072)
- [9]wnpa-sec-2016-62: DTN infinite loop. ([10]Bug 13097)
The following bugs have been fixed:
- TCP: nextseq incorrect if TCP_MAX_UNACKED_SEGMENTS exceeded & FIN true. ([12]Bug 12579)
- SMPP schedule_delivery_time displayed wrong in Wireshark 2.1.0. ([13]Bug 12632)
- Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. ([14]Bug 12712)
- dmg for OS X does not install man pages. ([15]Bug 12746)
- Fails to compile against Heimdal 1.5.3. ([16]Bug 12831)
- TCP: Next sequence number off by one when sending payload in SYN packet (e.g. TFO). ([17]Bug 12838)
- Follow TCP Stream shows duplicate stream data. ([18]Bug 12855)
- Dissection engine falsely asserts that EIGRP packet's checksum is incorrect. ([19]Bug 12982)
- IEEE 802.15.4 frames erroneously handed over to ZigBee dissector. ([20]Bug 12984)
- Capture Filter Bookmark Inactive in Capture Options page. ([21]Bug 12986)
- CLNP dissector does not parse ER NPDU properly. ([22]Bug 12993)
- SNMP trap bindings for NON scalar OIDs. ([23]Bug 13013)
- BGP LS Link Protection Type TLV (1093) decoding. ([24]Bug 13021)
- Application crash sorting column for tcp.window_size_scalefactor up and down. ([25]Bug 13023)
- ZigBee Green Power add key during execution. ([26]Bug 13031)
- Malformed AMPQ packets for session.expected and session.confirmed fields. ([27]Bug 13037)
- Wireshark 2.2.1 crashes when attempting to merge pcap files. ([28]Bug 13060)
- [IS-637A] SMS - Teleservice layer parameter --> IA5 encoded text is not correctly displayed. ([29]Bug 13065)
- Failure to dissect USB Audio feature unit descriptors missing the iFeature field. ([30]Bug 13085)
- MSISDN not populated/decoded in JSON GTP-C decoding. ([31]Bug 13086)
- E212: 3 digits MNC are identified as 2 digits long if they end with a 0. ([32]Bug 13092)
- Exception with last unknown Cisco AVP available in a SCCRQ message. ([33]Bug 13103)
- TShark stalls on FreeBSD if androiddump is present. ([34]Bug 13104)
- Dissector skips DICOM command. ([35]Bug 13110)
- UUID (FT_GUID) filtering isn't working. ([36]Bug 13121)
- Manufacturer name resolution fail. ([37]Bug 13126)
- packet-sdp.c allocates transport_info->encoding_name from wrong memory pool. ([38]Bug 13127)
- Payload type name for dynamic payload is wrong for reverse RTP channels. ([39]Bug 13132)
UPDATED PROTOCOL SUPPORT:
- 6LoWPAN, AllJoyn, AMPQ, ANSI IS-637 A, BGP, CLNP, DCERPC, DICOM, DTN, E.212, EIGRP, ERF, GVSP, IEEE 802.11, IEEE 802.15.4, IP, ISO-8583, Kerberos, L2TP, LACP, MAC LTE, OpenFlow, Profinet I/O, RTPS, SCTP, SDP, Skype, SMPP, SNA, SNMP, SPNEGO, TCP, USB Audio, XML, and ZigBee
更新時間:2016-11-17
更新細節:
What's new in this version:
Bug fixes:
- [1]wnpa-sec-2016-58: Profinet I/O long loop. ([2]Bug 12851)
- [3]wnpa-sec-2016-59: AllJoyn crash. ([4]Bug 12953)
- [5]wnpa-sec-2016-60: OpenFlow crash. ([6]Bug 13071)
- [7]wnpa-sec-2016-61: DCERPC crash. ([8]Bug 13072)
- [9]wnpa-sec-2016-62: DTN infinite loop. ([10]Bug 13097)
The following bugs have been fixed:
- TCP: nextseq incorrect if TCP_MAX_UNACKED_SEGMENTS exceeded & FIN true. ([12]Bug 12579)
- SMPP schedule_delivery_time displayed wrong in Wireshark 2.1.0. ([13]Bug 12632)
- Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. ([14]Bug 12712)
- dmg for OS X does not install man pages. ([15]Bug 12746)
- Fails to compile against Heimdal 1.5.3. ([16]Bug 12831)
- TCP: Next sequence number off by one when sending payload in SYN packet (e.g. TFO). ([17]Bug 12838)
- Follow TCP Stream shows duplicate stream data. ([18]Bug 12855)
- Dissection engine falsely asserts that EIGRP packet's checksum is incorrect. ([19]Bug 12982)
- IEEE 802.15.4 frames erroneously handed over to ZigBee dissector. ([20]Bug 12984)
- Capture Filter Bookmark Inactive in Capture Options page. ([21]Bug 12986)
- CLNP dissector does not parse ER NPDU properly. ([22]Bug 12993)
- SNMP trap bindings for NON scalar OIDs. ([23]Bug 13013)
- BGP LS Link Protection Type TLV (1093) decoding. ([24]Bug 13021)
- Application crash sorting column for tcp.window_size_scalefactor up and down. ([25]Bug 13023)
- ZigBee Green Power add key during execution. ([26]Bug 13031)
- Malformed AMPQ packets for session.expected and session.confirmed fields. ([27]Bug 13037)
- Wireshark 2.2.1 crashes when attempting to merge pcap files. ([28]Bug 13060)
- [IS-637A] SMS - Teleservice layer parameter --> IA5 encoded text is not correctly displayed. ([29]Bug 13065)
- Failure to dissect USB Audio feature unit descriptors missing the iFeature field. ([30]Bug 13085)
- MSISDN not populated/decoded in JSON GTP-C decoding. ([31]Bug 13086)
- E212: 3 digits MNC are identified as 2 digits long if they end with a 0. ([32]Bug 13092)
- Exception with last unknown Cisco AVP available in a SCCRQ message. ([33]Bug 13103)
- TShark stalls on FreeBSD if androiddump is present. ([34]Bug 13104)
- Dissector skips DICOM command. ([35]Bug 13110)
- UUID (FT_GUID) filtering isn't working. ([36]Bug 13121)
- Manufacturer name resolution fail. ([37]Bug 13126)
- packet-sdp.c allocates transport_info->encoding_name from wrong memory pool. ([38]Bug 13127)
- Payload type name for dynamic payload is wrong for reverse RTP channels. ([39]Bug 13132)
UPDATED PROTOCOL SUPPORT:
- 6LoWPAN, AllJoyn, AMPQ, ANSI IS-637 A, BGP, CLNP, DCERPC, DICOM, DTN, E.212, EIGRP, ERF, GVSP, IEEE 802.11, IEEE 802.15.4, IP, ISO-8583, Kerberos, L2TP, LACP, MAC LTE, OpenFlow, Profinet I/O, RTPS, SCTP, SDP, Skype, SMPP, SNA, SNMP, SPNEGO, TCP, USB Audio, XML, and ZigBee
更新時間:2016-10-06
更新細節:
What's new in this version:
New:
- Invalid coloring rules are now disabled instead of discarded. This will provide forward compatibility with a coloring rule change in Wireshark 2.2.
Bug Fixes:
- Capture File Properties under Statistics Grayed Out after Stopping a Capture
- Qt: Hidden columns displayed during live capture
- Bad description for NBSS error code 0x81
- Export packet dissections Option disabled after capturing traffic
- TLS padding extension dissector length parsing bug
- Diameter dictionary bugs
- Multiple PortableApps instances can once again be run at the same time