Wireshark 歷史版本列表 Page39

更新時間：2016-10-06
更新細節：

What's new in this version:

Bug Fixes:
- The Bluetooth L2CAP dissector could crash
- The NCP dissector could crash

The following bugs have been fixed:
- Flow Graph colored data arrows
- Capture File Properties under Statistics Grayed Out after Stopping a Capture
- Qt: Hidden columns displayed during live capture
- Unable to save changes to coloring rules
- Bad description for NBSS error code 0x81
- Live capture from USBPcap fails immediately
- Cannot decrypt EAP-TTLS traffic (not recognized as conversation)
- Export packet dissections Option disabled after capturing traffic
- Failure to open file named with Chinese or other multibyte characters
- k12 text file format causes errors
- File | File Set | List Files dialog is blank
- Decoding/Display of an INAP CONNECT message goes wrong for the Destination Routing Address part
- TLS padding extension dissector length parsing bug
- Diameter dictionary bugs
- File open from menu bar with filter in place causes Wireshark to crash
- Unable to capture USBPcap trace using tshark with extcap built
- P1 dissector fails a TVB assertion
- Multiple PortableApps instances can once again be run at the same time

更新時間：2016-10-06
更新細節：

What's new in this version:

New:
- Invalid coloring rules are now disabled instead of discarded. This will provide forward compatibility with a coloring rule change in Wireshark 2.2.

Bug Fixes:
- Capture File Properties under Statistics Grayed Out after Stopping a Capture
- Qt: Hidden columns displayed during live capture
- Bad description for NBSS error code 0x81
- Export packet dissections Option disabled after capturing traffic
- TLS padding extension dissector length parsing bug
- Diameter dictionary bugs
- Multiple PortableApps instances can once again be run at the same time

更新時間：2016-10-06
更新細節：

What's new in this version:

Bug Fixes:
- The Bluetooth L2CAP dissector could crash
- The NCP dissector could crash

The following bugs have been fixed:
- Flow Graph colored data arrows
- Capture File Properties under Statistics Grayed Out after Stopping a Capture
- Qt: Hidden columns displayed during live capture
- Unable to save changes to coloring rules
- Bad description for NBSS error code 0x81
- Live capture from USBPcap fails immediately
- Cannot decrypt EAP-TTLS traffic (not recognized as conversation)
- Export packet dissections Option disabled after capturing traffic
- Failure to open file named with Chinese or other multibyte characters
- k12 text file format causes errors
- File | File Set | List Files dialog is blank
- Decoding/Display of an INAP CONNECT message goes wrong for the Destination Routing Address part
- TLS padding extension dissector length parsing bug
- Diameter dictionary bugs
- File open from menu bar with filter in place causes Wireshark to crash
- Unable to capture USBPcap trace using tshark with extcap built
- P1 dissector fails a TVB assertion
- Multiple PortableApps instances can once again be run at the same time

更新時間：2016-09-08
更新細節：

What's new in this version:

NEW:

Bug Fixes:
- Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. (Bug 12712)
- Extcap errors not reported back to UI. (Bug 11892)

NEW AND UPDATES:

The following features are new (or have been significantly updated) since version 2.2.0rc2:
- No major changes since 2.2.0rc2.

The following features are new (or have been significantly updated) since version 2.2.0rc1:
- "Decode As" supports SSL (TLS) over TCP.
- The following features are new (or have been significantly updated) since version 2.1.1:
- Invalid coloring rules are now disabled instead of discarded. This will provide backward compatibility with a coloring rule change in Wireshark 2.2.

The following features are new (or have been significantly updated) since version 2.1.0:
- Added -d option for Decode As support in Wireshark (mimics TShark functionality)
- The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
- The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
- The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
- The RTP player now allows up to 30 minutes of silence frames.
- Packet bytes can now be displayed as EBCDIC.
- The Qt UI loads captures faster on Windows.
- proto_tree_add_checksum was added as an API. This attempts to standardize how checksums are reported and filtered for within *Shark. There are no more individual "good" and "bad" filter fields, protocols now have a "checksum.status" field that records "Good", "Bad" and "Unverified" (neither good or bad). Color filters provided with Wireshark have been adjusted to the new display filter names, but custom ones may need to be updated.

The following features are new (or have been significantly updated) since version 2.0.0:
- The intelligent scroll bar now sits to the left of a normal scroll bar and provides a clickable map of nearby packets.
- You can now switch between between Capture and File Format dissection of the current capture file via the View menu in the Qt GUI.
- You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw, UTF-8, a C array, or YAML.
- You can now use regular expressions in Find Packet and in the advanced preferences.
- Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the "concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name resolution some build dependencies must be present (currently c-ares). If that is not the case DNS name resolution will be disabled (but other name resolution mechanisms, such as host files, are still available).
- The byte under the mouse in the Packet Bytes pane is now highlighted.
- TShark supports exporting PDUs via the -U flag.
- The Windows and OS X installers now come with the "sshdump" and "ciscodump" extcap interfaces.
- Most dialogs in the Qt UI now save their size and positions.
- The Follow Stream dialog now supports UTF-16.
- The Firewall ACL Rules dialog has returned.
- The Flow (Sequence) Analysis dialog has been improved.
- We no longer provide packages for 32-bit versions of OS X.
- The Bluetooth Device details dialog has been added.

New File Format Decoding Support:
- Wireshark is able to display the format of some types of files (rather than displaying the contents of those files). This is useful when you’re curious about, or debugging, a file and its format. To open a capture file (such as PCAP) in this mode specify "MIME Files Format" as the file’s format in the Open File dialog.

New Protocol Support:
- Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol, Bluetooth Pseudoheader for BR/EDR, Cisco ERSPAN3 Marker, Cisco ttag, Digital Equipment Corporation Local Area Transport, Distributed Object Framework, DOCSIS Upstream Channel Descriptor Type 35, Edge Control Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS Kernel Packet Header (IPOS), Extensible Control & Management Protocol (eCMP), FLEXRAY Protocol (automotive bus), IEEE 802.1BR E-Tag, Intel Omni-Path Architecture, ISO 8583-1, ISO14443, ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP), LAT protocol (DECNET), Metamako trailers, Network Service Header for Ethernet & GRE, Network-Based IP Flow Mobility (NBIFOM), Nokia Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight Machine to Machine TLV (LwM2M TLV), Real Time Location System (RTLS), RTI TCP Transport Layer (RTITCP), SMB Witness Service, STANAG 5602 SIMPLE, Standard Interface for Multiple Platform Link Evaluation (SIMPLE), USB3 Vision Protocol (USB machine vision cameras), USBIP Protocol, UserLog Protocol, and Zigbee Protocol Clusters (Closures Lighting General Measurement & Sensing HVAC Security & Safety)

Updated Protocol Support:
- Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex), which allows it to be used with "Decode As" over USB, TCP and UDP.
- A preference was added to TCP dissector for handling IPFIX process information. It has been disabled by default.

New and Updated Capture File Support:
- Micropross mplog
- New and Updated Capture Interfaces support
- Non-empty section placeholder.

Major API Changes:
- The libwireshark API has undergone some major changes:
- The address macros (e.g., SET_ADDRESS) have been removed. Use the (lower case) functions of the same names instead.
- "old style" dissector functions (that don’t return number of bytes used) have been replaced in name with the "new style" dissector functions.
- tvb_get_string and tvb_get_stringz have been replaced with tvb_get_string_enc and tvb_get_stringz_enc respectively.https://1.na.dl.wireshark.org/win64/all-versions/Wireshark-win64-2.2.0.exe

更新時間：2016-09-08
更新細節：

What's new in this version:

NEW:

Bug Fixes:
- Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. (Bug 12712)
- Extcap errors not reported back to UI. (Bug 11892)

NEW AND UPDATES:

The following features are new (or have been significantly updated) since version 2.2.0rc2:
- No major changes since 2.2.0rc2.

The following features are new (or have been significantly updated) since version 2.2.0rc1:
- "Decode As" supports SSL (TLS) over TCP.
- The following features are new (or have been significantly updated) since version 2.1.1:
- Invalid coloring rules are now disabled instead of discarded. This will provide backward compatibility with a coloring rule change in Wireshark 2.2.

The following features are new (or have been significantly updated) since version 2.1.0:
- Added -d option for Decode As support in Wireshark (mimics TShark functionality)
- The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
- The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
- The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
- The RTP player now allows up to 30 minutes of silence frames.
- Packet bytes can now be displayed as EBCDIC.
- The Qt UI loads captures faster on Windows.
- proto_tree_add_checksum was added as an API. This attempts to standardize how checksums are reported and filtered for within *Shark. There are no more individual "good" and "bad" filter fields, protocols now have a "checksum.status" field that records "Good", "Bad" and "Unverified" (neither good or bad). Color filters provided with Wireshark have been adjusted to the new display filter names, but custom ones may need to be updated.

The following features are new (or have been significantly updated) since version 2.0.0:
- The intelligent scroll bar now sits to the left of a normal scroll bar and provides a clickable map of nearby packets.
- You can now switch between between Capture and File Format dissection of the current capture file via the View menu in the Qt GUI.
- You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw, UTF-8, a C array, or YAML.
- You can now use regular expressions in Find Packet and in the advanced preferences.
- Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the "concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name resolution some build dependencies must be present (currently c-ares). If that is not the case DNS name resolution will be disabled (but other name resolution mechanisms, such as host files, are still available).
- The byte under the mouse in the Packet Bytes pane is now highlighted.
- TShark supports exporting PDUs via the -U flag.
- The Windows and OS X installers now come with the "sshdump" and "ciscodump" extcap interfaces.
- Most dialogs in the Qt UI now save their size and positions.
- The Follow Stream dialog now supports UTF-16.
- The Firewall ACL Rules dialog has returned.
- The Flow (Sequence) Analysis dialog has been improved.
- We no longer provide packages for 32-bit versions of OS X.
- The Bluetooth Device details dialog has been added.

New File Format Decoding Support:
- Wireshark is able to display the format of some types of files (rather than displaying the contents of those files). This is useful when you’re curious about, or debugging, a file and its format. To open a capture file (such as PCAP) in this mode specify "MIME Files Format" as the file’s format in the Open File dialog.

New Protocol Support:
- Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol, Bluetooth Pseudoheader for BR/EDR, Cisco ERSPAN3 Marker, Cisco ttag, Digital Equipment Corporation Local Area Transport, Distributed Object Framework, DOCSIS Upstream Channel Descriptor Type 35, Edge Control Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS Kernel Packet Header (IPOS), Extensible Control & Management Protocol (eCMP), FLEXRAY Protocol (automotive bus), IEEE 802.1BR E-Tag, Intel Omni-Path Architecture, ISO 8583-1, ISO14443, ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP), LAT protocol (DECNET), Metamako trailers, Network Service Header for Ethernet & GRE, Network-Based IP Flow Mobility (NBIFOM), Nokia Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight Machine to Machine TLV (LwM2M TLV), Real Time Location System (RTLS), RTI TCP Transport Layer (RTITCP), SMB Witness Service, STANAG 5602 SIMPLE, Standard Interface for Multiple Platform Link Evaluation (SIMPLE), USB3 Vision Protocol (USB machine vision cameras), USBIP Protocol, UserLog Protocol, and Zigbee Protocol Clusters (Closures Lighting General Measurement & Sensing HVAC Security & Safety)

Updated Protocol Support:
- Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex), which allows it to be used with "Decode As" over USB, TCP and UDP.
- A preference was added to TCP dissector for handling IPFIX process information. It has been disabled by default.

New and Updated Capture File Support:
- Micropross mplog
- New and Updated Capture Interfaces support
- Non-empty section placeholder.

Major API Changes:
- The libwireshark API has undergone some major changes:
- The address macros (e.g., SET_ADDRESS) have been removed. Use the (lower case) functions of the same names instead.
- "old style" dissector functions (that don’t return number of bytes used) have been replaced in name with the "new style" dissector functions.
- tvb_get_string and tvb_get_stringz have been replaced with tvb_get_string_enc and tvb_get_stringz_enc respectively.

更新時間：2016-07-28
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- [3]wnpa-sec-2016-41: PacketBB crash
- [5]wnpa-sec-2016-42: WSP infinite loop
- [7]wnpa-sec-2016-44: RLC long loop
- [9]wnpa-sec-2016-45: LDSS dissector crash
- [11]wnpa-sec-2016-46: RLC dissector crash
- [13]wnpa-sec-2016-47: OpenFlow long loop
- [15]wnpa-sec-2016-48: MMSE, WAP, WBXML, and WSP infinite loop
- [17]wnpa-sec-2016-49: WBXML crash

The following bugs have been fixed:
- T30 FCF byte decoding masks DTC, CIG and NCS
- TShark crashes with option "-z io,stat,..." in the presence of: negative relative packet timestamps
- Packet size limited during capture msg is repeated in the Info: column
- Wireshark loses windows decorations on second screen when: restarting maximized using GNOME
- Cannot launch GTK+ version of wireshark as a normal user
- Restart current capture fails with "no interface selected" error: when capturing in promiscuous mode
- Add field completion suggestions when adding a Display filter or Y: Field to the IO Graph
- Wireshark Qt always indicates locale as "C"
- Wireshark crashes every time open Statistics -> Conversations |: Endpoints
- Find function within the conversations window does not work
- Invalid values for USB SET_REQUEST packets
- Display filter dropdown hides cursor
- Filter for field name tcp.options.wscale.multiplier cannot exceed: 255
- Ctrl+ shortcuts that are not text-related do not work when focus is: on display filter field
- Closing Statistics window results in black screen
- OSPF: Incorrect description of N/P-bit in NSSA LSA
- Inconsistent VHT data rate
- DCE/RPC malformed error when stub-data is missing but a: sub-dissector has been registered
- Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length: is larger than 239 bytes
- "Edit Resolved Name" is not saved in current pcapng file
- MPTCP: MP_JOIN B bit not decoded correctly
- MPTCP MP_PRIO header with AddrID: incorrect AddrID

UPDATED PROTOCOL SUPPORT:
- 802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge, LDSS, MPTCP, OSPF, PacketBB, PRP, RLC, RMT-FEC, RSVP, RTP MIDI, T.30, TDS, USB, WAP, WBXML, WiMax RNG-RSP, and WSP

更新時間：2016-07-28
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- [3]wnpa-sec-2016-41: PacketBB crash
- [5]wnpa-sec-2016-42: WSP infinite loop
- [7]wnpa-sec-2016-44: RLC long loop
- [9]wnpa-sec-2016-45: LDSS dissector crash
- [11]wnpa-sec-2016-46: RLC dissector crash
- [13]wnpa-sec-2016-47: OpenFlow long loop
- [15]wnpa-sec-2016-48: MMSE, WAP, WBXML, and WSP infinite loop
- [17]wnpa-sec-2016-49: WBXML crash

The following bugs have been fixed:
- T30 FCF byte decoding masks DTC, CIG and NCS
- TShark crashes with option "-z io,stat,..." in the presence of: negative relative packet timestamps
- Packet size limited during capture msg is repeated in the Info: column
- Wireshark loses windows decorations on second screen when: restarting maximized using GNOME
- Cannot launch GTK+ version of wireshark as a normal user
- Restart current capture fails with "no interface selected" error: when capturing in promiscuous mode
- Add field completion suggestions when adding a Display filter or Y: Field to the IO Graph
- Wireshark Qt always indicates locale as "C"
- Wireshark crashes every time open Statistics -> Conversations |: Endpoints
- Find function within the conversations window does not work
- Invalid values for USB SET_REQUEST packets
- Display filter dropdown hides cursor
- Filter for field name tcp.options.wscale.multiplier cannot exceed: 255
- Ctrl+ shortcuts that are not text-related do not work when focus is: on display filter field
- Closing Statistics window results in black screen
- OSPF: Incorrect description of N/P-bit in NSSA LSA
- Inconsistent VHT data rate
- DCE/RPC malformed error when stub-data is missing but a: sub-dissector has been registered
- Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length: is larger than 239 bytes
- "Edit Resolved Name" is not saved in current pcapng file
- MPTCP: MP_JOIN B bit not decoded correctly
- MPTCP MP_PRIO header with AddrID: incorrect AddrID

UPDATED PROTOCOL SUPPORT:
- 802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge, LDSS, MPTCP, OSPF, PacketBB, PRP, RLC, RMT-FEC, RSVP, RTP MIDI, T.30, TDS, USB, WAP, WBXML, WiMax RNG-RSP, and WSP

更新時間：2016-06-08
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- The SPOOLS dissector could go into an infinite loop.
- The IEEE 802.11 dissector could crash. (Bug 11585)
- The IEEE 802.11 dissector could crash.(Bug 12175)
- The UMTS FP dissector could crash. (Bug 12191)
- Some USB dissectors could crash. Discovered by Mateusz Jurczyk. (Bug 12356)
- The Toshiba file parser could crash. Discovered by iDefense Labs. (Bug 12394)
- The CoSine file parser could crash. Discovered by iDefense Labs. (Bug 12395)
- The NetScreen file parser could crash. Discovered by iDefense Labs. (Bug 12396)
- The Ethernet dissector could crash. (Bug 12440)

The following bugs have been fixed:
- Saving pcap capture file with ERF encapsulation creates an invalid pcap file. (Bug 3606)
- Questionable calling of Ethernet dissector by encapsulating protocol dissectors. (Bug 9933)
- Wireshark 1.12.0 does not dissect HTTP correctly. (Bug 10335)
- Don’t copy details of hidden columns. (Bug 11788)
- RTP audio player crashes. (Bug 12166)
- Crash when saving RTP audio Telephony→RTP→RTP Streams→Analyze→Save→Audio. (Bug 12211)
- Edit - preferences - add column field not showing dropdown for choices. (Bug 12321)
- Using _ws.expert in a filter can cause a crash. (Bug 12335)
- Crash in SCCP dissector UAT (Qt UI only). (Bug 12364)
- J1939 frame without data = malformed packet ? (Bug 12366)
- The stream number in tshark’s "-z follow,tcp," option is 0-origin rather than 1-origin. (Bug 12383)
- IP Header Length display filter should show calculated value. (Bug 12387)
- Multiple file radio buttons should be check boxes. (Bug 12388)
- Wrong check for getaddrinfo and gethostbyname on Solaris 11. (Bug 12391)
- ICMPv6 dissector doesn’t respect actual packet length. (Bug 12400)
- Format DIS header timestamp mm:ss.nnnnnn. (Bug 12402)
- RTP Stream Analysis can no longer be sorted in 2.0.3. (Bug 12405)
- RTP Stream Analysis fails to complete in 2.0.3 when packets are sliced. (Bug 12406)
- Network-Layer Name Resolution uses first 32-bits of IPv6 DNS address as IPv4 address in some circumstances. (Bug 12412)
- BACnet decoder incorrectly flags a valid APDU as a "Malformed Packet". (Bug 12422)
- Valid ISUP messages marked with warnings. (Bug 12423)
- Profile command line switch "-C" not working in Qt interface. (Bug 12425)
- MRCPv2: info column not showing info correctly. (Bug 12426)
- Diameter: Experimental result code 5142. (Bug 12428)
- Tshark crashes when analyzing RTP due to pointer being freed not allocated. (Bug 12430)
- NFS: missing information in getattr for supported exclusive create attributes. (Bug 12435)
- Ethernet type field with a value of 9100 is shown as "Unknown". (Bug 12441)
- Documentation does not include support for Windows Server 2012 R2. (Bug 12455)
- Column preferences ruined too easily. (Bug 12465)
- SMB Open andX extended response decoded incorrectly. (Bug 12472)
- SMB NtCreate andX with extended response sometimes incorrect. (Bug 12473)
- Viewing NFSv3 Data, checking SRTs doesn’t work. (Bug 12478)
- Make wireshark with Qt enabled buildable on ARM. (Bug 12483)

Updated Protocol Support:
- AFS, ANSI IS-637 A, BACapp, BT BNEP, Cisco FabricPath MiM, CSN.1, DCERPC SPOOLS, DIS, Ethernet, GSM A RR, ICMPv6, IEEE 802.11, IPv4, ISUP, J1939, JXTA, LAPSat, LPADm, LTE-RRC, MRCPv2, NFS, OpenFlow, SGsAP, SMB, STT, TZSP, UMTS FP, and USB

New and Updated Capture File Support:
- Aethra, Catapult DCT2000, CoSine, DBS Etherwatch, ERF, iSeries, Ixia IxVeriWave, NetScreen, Toshiba, and VMS TCPIPtrace

更新時間：2016-06-08
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- The SPOOLS dissector could go into an infinite loop.
- The IEEE 802.11 dissector could crash. (Bug 11585)
- The IEEE 802.11 dissector could crash.(Bug 12175)
- The UMTS FP dissector could crash. (Bug 12191)
- Some USB dissectors could crash. Discovered by Mateusz Jurczyk. (Bug 12356)
- The Toshiba file parser could crash. Discovered by iDefense Labs. (Bug 12394)
- The CoSine file parser could crash. Discovered by iDefense Labs. (Bug 12395)
- The NetScreen file parser could crash. Discovered by iDefense Labs. (Bug 12396)
- The Ethernet dissector could crash. (Bug 12440)

The following bugs have been fixed:
- Saving pcap capture file with ERF encapsulation creates an invalid pcap file. (Bug 3606)
- Questionable calling of Ethernet dissector by encapsulating protocol dissectors. (Bug 9933)
- Wireshark 1.12.0 does not dissect HTTP correctly. (Bug 10335)
- Don’t copy details of hidden columns. (Bug 11788)
- RTP audio player crashes. (Bug 12166)
- Crash when saving RTP audio Telephony→RTP→RTP Streams→Analyze→Save→Audio. (Bug 12211)
- Edit - preferences - add column field not showing dropdown for choices. (Bug 12321)
- Using _ws.expert in a filter can cause a crash. (Bug 12335)
- Crash in SCCP dissector UAT (Qt UI only). (Bug 12364)
- J1939 frame without data = malformed packet ? (Bug 12366)
- The stream number in tshark’s "-z follow,tcp," option is 0-origin rather than 1-origin. (Bug 12383)
- IP Header Length display filter should show calculated value. (Bug 12387)
- Multiple file radio buttons should be check boxes. (Bug 12388)
- Wrong check for getaddrinfo and gethostbyname on Solaris 11. (Bug 12391)
- ICMPv6 dissector doesn’t respect actual packet length. (Bug 12400)
- Format DIS header timestamp mm:ss.nnnnnn. (Bug 12402)
- RTP Stream Analysis can no longer be sorted in 2.0.3. (Bug 12405)
- RTP Stream Analysis fails to complete in 2.0.3 when packets are sliced. (Bug 12406)
- Network-Layer Name Resolution uses first 32-bits of IPv6 DNS address as IPv4 address in some circumstances. (Bug 12412)
- BACnet decoder incorrectly flags a valid APDU as a "Malformed Packet". (Bug 12422)
- Valid ISUP messages marked with warnings. (Bug 12423)
- Profile command line switch "-C" not working in Qt interface. (Bug 12425)
- MRCPv2: info column not showing info correctly. (Bug 12426)
- Diameter: Experimental result code 5142. (Bug 12428)
- Tshark crashes when analyzing RTP due to pointer being freed not allocated. (Bug 12430)
- NFS: missing information in getattr for supported exclusive create attributes. (Bug 12435)
- Ethernet type field with a value of 9100 is shown as "Unknown". (Bug 12441)
- Documentation does not include support for Windows Server 2012 R2. (Bug 12455)
- Column preferences ruined too easily. (Bug 12465)
- SMB Open andX extended response decoded incorrectly. (Bug 12472)
- SMB NtCreate andX with extended response sometimes incorrect. (Bug 12473)
- Viewing NFSv3 Data, checking SRTs doesn’t work. (Bug 12478)
- Make wireshark with Qt enabled buildable on ARM. (Bug 12483)

Updated Protocol Support:
- AFS, ANSI IS-637 A, BACapp, BT BNEP, Cisco FabricPath MiM, CSN.1, DCERPC SPOOLS, DIS, Ethernet, GSM A RR, ICMPv6, IEEE 802.11, IPv4, ISUP, J1939, JXTA, LAPSat, LPADm, LTE-RRC, MRCPv2, NFS, OpenFlow, SGsAP, SMB, STT, TZSP, UMTS FP, and USB

New and Updated Capture File Support:
- Aethra, Catapult DCT2000, CoSine, DBS Etherwatch, ERF, iSeries, Ixia IxVeriWave, NetScreen, Toshiba, and VMS TCPIPtrace

更新時間：2016-04-23
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- [1]wnpa-sec-2016-19 The NCP dissector could crash. ([2]Bug 11591)
- [3]wnpa-sec-2016-20 TShark could crash due to a packet reassembly bug. ([4]Bug 11799)
- [5]wnpa-sec-2016-21 The IEEE 802.11 dissector could crash. ([6]Bug 11824, [7]Bug 12187)
- [8]wnpa-sec-2016-22 The PKTC dissector could crash. ([9]Bug 12206)
- [10]wnpa-sec-2016-23 The PKTC dissector could crash. ([11]Bug 12242)
- [12]wnpa-sec-2016-24 The IAX2 dissector could go into an infinite loop. ([13]Bug 12260)
- [14]wnpa-sec-2016-25 Wireshark and TShark could exhaust the stack. ([15]Bug 12268)
- [16]wnpa-sec-2016-26 The GSM CBCH dissector could crash. ([17]Bug 12278)
- [18]wnpa-sec-2016-27 MS-WSP dissector crash. ([19]Bug 12341)

The following bugs have been fixed:
- Protocol Hierarchy Statistics shows LDAP lines recursively. ([20]Bug 1734)
- UTF-8 replacement characters in FT_STRINGs are escaped for presentation. ([21]Bug 10681)
- DTLS : reassembly error, protocol DTLS: New fragment overlaps old data. ([22]Bug 11477)
- Packet byte pane in Qt version of packet window isn't being displayed. ([23]Bug 11760)
- "wireshark -i usbmon2 -k" results in "No interfaces selected" when restarting a capture. ([24]Bug 11939)
- Crash when changing the "which packets to print" radio button in the Print dialog. ([25]Bug 12040)
- Selecting packets causes memory leak. ([26]Bug 12044)
- Client Hello not dissected when failed SSL handshake fully captured. ([27]Bug 12132)
- TCP graphs - wrong stream graphed if stream index > 99. ([28]Bug 12163)
- Typo in packet-gsm_a_dtap.c. ([29]Bug 12186)
- Lua dot file error. ([30]Bug 12196)
- "All Files" does not allow selecting files without period. ([31]Bug 12203)
- wlan, wlan_mgt, Length error shown for IE BSS AC Access Delay/WAPI Parameter Set (68). ([32]Bug 12223)
- Qt GUI very slow when expanding packet details with a lot of items. ([33]Bug 12228)
- Comparing a boolean field against 1 always succeeds on big-endian machines. ([34]Bug 12236)
- FIN flag not always correctly passed to subdissectors. ([35]Bug 12238)
- Interpretation of BGP NLRI for default route cause malformed packet. ([36]Bug 12240)
- Capture Interfaces dialog crashes after clicking the bookmark menu. ([37]Bug 12241)
- Wireshark crashes right after a capture filter is selected. ([38]Bug 12245)
- GSM GMM Identity Response dissection error. ([39]Bug 12246)
- Crash reloading "dissector.lua" from the Wireshark website. ([40]Bug 12251)
- VoIP calls does not show IAX2 calls. ([41]Bug 12254)
- Wireshark CPU usage has dramatically increased. ([42]Bug 12258)
- RPC/NFS incorrectly decodes as ACAP. ([43]Bug 12265)
- Wireshark mistakenly flags CF-End packets as being Malformed. ([44]Bug 12266)
- ASTERIX Category 48 Reserved Expansion Field. ([45]Bug 12267)
- It is not possible to enter characters requiring "Alt Gr" in the display filter box such as "[" on a Swedish keyboard. ([46]Bug 12270)
- tshark crashes when trying to export to pdml. ([47]Bug 12276)
- Build fails on Centos 6.5 with gtk2 in ui/gtk/rtp_player.c rtp_channel_info_r has no no member start_time. ([48]Bug 12277)
- TCP Dissector - spurious retransmissions not always recognized. ([49]Bug 12282)
- PRA Identifier of the IE PRA Action should use 3 octets (6 to 8) and not 2 in GTPv2. ([50]Bug 12284)
- Dissector bug, failed assertion, proto_desegment pinfo->can_desegment. ([51]Bug 12285)
- Colorize with filter, new coloring rule, is labeled as new conversation rule. ([52]Bug 12289)
- Qt Multicast Stream Dialog error in input field Burst alarm threshold and Buffer alarm. ([53]Bug 12309)
- 6LoWPAN reassembly incorrect if extension header padding was elided. ([54]Bug 12310)
- USBPcap prevents keyboard from working. ([55]Bug 12316)
- Crash when reloading Lua script when Field is gone. ([56]Bug 12328)
- Wrong display of USSD strings in the GSM 7-bit alphabet for non-ASCII characters in Wireshark 2.0.x. ([57]Bug 12337)
- Malformed Packet: RTP. ([58]Bug 12339)
- Incorrect error on MPA pdu length on iWARP packets. ([59]Bug 12348)
- Endpoints window doesn't show name resolution. ([60]Bug 12353)
- Updated Protocol Support: 6LoWPAN, ACAP, Asterix, BGP, DMP, DNS, DTLS, EAP, FMTP, GPRS LLC, GSM A, GSM A GM, GSM CBCH, GSM MAP, GTPv2, HTTP, IAX2, IEEE 802.11, iWARP MPA, MS-WSP, MySQL, NCP, NFS, PKTC, QUIC, R3, RTP, SMB, SPRT, TCP, ZEP, ZigBee, ZigBee NWK, ZigBee ZCL SE, and ZVT

New and Updated Capture File Support:
- and Gammu DCT3