Wireshark 歷史版本列表
Wireshark (32-bit)Wireshark (64-bit)
更新時間:2015-08-13
更新細節:
What's new in this version:
BUG FIXES:
- wnpa-sec-2015-21
- Protocol tree crash. (Bug 11309)
- Memory manager crash. (Bug 11373)
- Dissector table crash. (Bug 11381)
- ZigBee crash. (Bug 11389)
- GSM RLC/MAC infinite loop. (Bug 11358)
- WaveAgent crash. (Bug 11358)
- OpenFlow infinite loop. (Bug 11358)
- Ptvcursor crash. (Bug 11358)
- WCCP crash. (Bug 11358)
The following bugs have been fixed:
- DCE RPC "Decode As" capability is missing. (Bug 10368)
- Mergecap turns nanosecond-resolution time stamps into microsecond-resolution time stamps. (Bug 11202)
- The Aruba ERM Type 1 Dissector inconsistent with Type 0 and Type 3. (Bug 11204)
- Parse CFM Type Test signal (TST) without CRC. (Bug 11286)
- Tshark: output format of rpc.xid changed from Hex to Integer. (Bug 11292)
- Not stop -a filecount . (Bug 11305)
- lldp.ieee.802_3.mdi_power_class display is wrong. (Bug 11330)
- Powerlink (EPL) SDO packages interpreted as frame dublication. (Bug 11341)
- Mysql dissector adds packet content to INFO column without scrubbing it. (Bug 11344)
- PIM null-register according to rfc4601 is incorrectly parsed. (Bug 11354)
- Wireshark Lua dissectors: both expand together. (Bug 11356)
- Link-type not retrieved for rpcap interfaces configured with authentication. (Bug 11366)
- SSL Decryption (RSA private key with p smaller than q) failing on the Windows 7 buildbot. (Bug 11372)
- [gtpv2]PCSCF ip in the Protocol configuration of update bearer request is not getting populated. (Bug 11378)
- wpan.src64 (and dst64) filter always gives "is not a valid EUI64 Address" error. (Bug 11380)
- Websphere MQ Work Information Header incorrectly showing "Reserved". (Bug 11384)
- DUP ACK Counter resetting after Window Update. (Bug 11397)
- CSV values missing when using tshark -2 option. (Bug 11401)
- Ethernet PAUSE frames are decoded incorrectly as PFC. (Bug 11403)
- SOCKS decoder giving strange values for seemingly normal SOCKS connection. (Bug 11417)
- 802.11ad decoding error. (Bug 11419)
更新時間:2015-06-18
更新細節:
What's new in this version:
Bug Fixes:
The following vulnerabilities have been fixed:
- WCCP dissector crash. (Bug 11153)
- GSM DTAP dissector crash. (Bug 11201)
The following bugs have been fixed:
- Wireshark 1.12.1 crashes on startup on Mac OS X 10.10 (Yosemite). (Bug 10640)
- Wireshark does not display X.400 addresses correctly. (Bug 11210)
- Reproducible crash in "Edit column details" dialog. (Bug 11245)
- Subnet name resolution doesn’t always work. (Bug 11247)
- SIP MIME body containing ISUP does not decode properly. (Bug 11249)
- iSCSI: Read(10): shows incorrect "Data In" & "Response" frame number. (Bug 11250)
- tshark -z io,stat,1,SUM(ip.len) reports invalid stats, triggers ASAN buffer overrun. (Bug 11262)
- Port Control Protocol packet dissection decodes R bit incorrectly. (Bug 11278)
Vendor-supplied Packages:
- Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations:
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About›Folders to find the default locations on your system.
更新時間:2015-06-18
更新細節:
What's new in this version:
Bug Fixes:
The following vulnerabilities have been fixed:
- WCCP dissector crash. (Bug 11153)
- GSM DTAP dissector crash. (Bug 11201)
The following bugs have been fixed:
- Wireshark 1.12.1 crashes on startup on Mac OS X 10.10 (Yosemite). (Bug 10640)
- Wireshark does not display X.400 addresses correctly. (Bug 11210)
- Reproducible crash in "Edit column details" dialog. (Bug 11245)
- Subnet name resolution doesn’t always work. (Bug 11247)
- SIP MIME body containing ISUP does not decode properly. (Bug 11249)
- iSCSI: Read(10): shows incorrect "Data In" & "Response" frame number. (Bug 11250)
- tshark -z io,stat,1,SUM(ip.len) reports invalid stats, triggers ASAN buffer overrun. (Bug 11262)
- Port Control Protocol packet dissection decodes R bit incorrectly. (Bug 11278)
Vendor-supplied Packages:
- Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations:
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About›Folders to find the default locations on your system.
更新時間:2015-05-14
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- The LBMR dissector could go into an infinite loop. (Bug 11036) CVE-2015-3808 CVE-2015-3809
- The WebSocket dissector could recurse excessively. (Bug 10989) CVE-2015-3810
- The WCP dissector could crash while decompressing data. (Bug 10978) CVE-2015-3811
- The X11 dissector could leak memory. (Bug 11088) CVE-2015-3812
- The packet reassembly code could leak memory. (Bug 11129) CVE-2015-3813
- The IEEE 802.11 dissector could go into an infinite loop. (Bug 11110) CVE-2015-3814
- The Android Logcat file parser could crash. Discovered by Hanno Böck. (Bug 11188) CVE-2015-3815 The following bugs have been fixed:
- Wireshark crashes if "Update list of packets in real time" is disabled and a display filter is applied while capturing. (Bug 6217)
- EAPOL 4-way handshake information wrong. (Bug 10557)
- RPC NULL calls incorrectly flagged as malformed. (Bug 10646)
- Wireshark relative ISN set incorrectly if raw ISN set to 0. (Bug 10713)
- Buffer overrun in encryption code. (Bug 10849)
- Crash when use Telephony / Voip calls. (Bug 10885)
- ICMP Parameter Problem message contains Length of original datagram is treated as the total IPv4 length. (Bug 10991)
- ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. (Bug 10992)
- Missing field "tcp.pdu.size" in TCP stack. (Bug 11007)
- Sierra EM7345 marks MBIM packets as NCM. (Bug 11018)
- Possible infinite loop DoS in ForCES dissector. (Bug 11037)
- "Decode As…" crashes when a packet dialog is open. (Bug 11043)
- Interface Identifier incorrectly represented by Wireshark. (Bug 11053)
- "Follow UDP Stream" on mpeg packets crashes wireshark v.1.12.4 (works fine on v.1.10.13). (Bug 11055)
- Annoying popup when trying to capture on bonds. (Bug 11058)
- Request-response cross-reference in USB URB packets incorrect. (Bug 11072)
- Right clicking in Expert Infos to create a filter (duplicate IP) results in invalid filters. (Bug 11073)
- CanOpen dissector fails on frames with RTR and 0 length. (Bug 11083)
- Typo in secp521r1 curve wrongly identified as sect521r1. (Bug 11106)
- packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn’t filter ENUM. (Bug 11120)
- Typo: "LTE Positioning Protocol" abbreviated as "LPP", not "LLP". (Bug 11141)
- Missing Makefile.nmake in ansi1/Kerberos directory. (Bug 11155)
- Can’t build tshark without the Qt packages installed unless --without-qt is specified. (Bug 11157) Updated Protocol Support:
- AllJoyn, ASN.1 PER, ATM, CANopen, Diameter, ForCES, GSM RLC/MAC, GSMTAP, ICMP, IEC-60870-5-104, IEEE 802.11, IMF, IP, LBMC, LBMR, LDAP, LPP, MBIM, MEGACO, MP2T, PKCS-1, PPP IPv6CP, RPC, SPNEGO, SRVLOC, SSL, T.38, TCP, USB, WCP, WebSocket, X11, and ZigBee ZCL
更新時間:2015-05-14
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- The LBMR dissector could go into an infinite loop. (Bug 11036) CVE-2015-3808 CVE-2015-3809
- The WebSocket dissector could recurse excessively. (Bug 10989) CVE-2015-3810
- The WCP dissector could crash while decompressing data. (Bug 10978) CVE-2015-3811
- The X11 dissector could leak memory. (Bug 11088) CVE-2015-3812
- The packet reassembly code could leak memory. (Bug 11129) CVE-2015-3813
- The IEEE 802.11 dissector could go into an infinite loop. (Bug 11110) CVE-2015-3814
- The Android Logcat file parser could crash. Discovered by Hanno Böck. (Bug 11188) CVE-2015-3815 The following bugs have been fixed:
- Wireshark crashes if "Update list of packets in real time" is disabled and a display filter is applied while capturing. (Bug 6217)
- EAPOL 4-way handshake information wrong. (Bug 10557)
- RPC NULL calls incorrectly flagged as malformed. (Bug 10646)
- Wireshark relative ISN set incorrectly if raw ISN set to 0. (Bug 10713)
- Buffer overrun in encryption code. (Bug 10849)
- Crash when use Telephony / Voip calls. (Bug 10885)
- ICMP Parameter Problem message contains Length of original datagram is treated as the total IPv4 length. (Bug 10991)
- ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. (Bug 10992)
- Missing field "tcp.pdu.size" in TCP stack. (Bug 11007)
- Sierra EM7345 marks MBIM packets as NCM. (Bug 11018)
- Possible infinite loop DoS in ForCES dissector. (Bug 11037)
- "Decode As…" crashes when a packet dialog is open. (Bug 11043)
- Interface Identifier incorrectly represented by Wireshark. (Bug 11053)
- "Follow UDP Stream" on mpeg packets crashes wireshark v.1.12.4 (works fine on v.1.10.13). (Bug 11055)
- Annoying popup when trying to capture on bonds. (Bug 11058)
- Request-response cross-reference in USB URB packets incorrect. (Bug 11072)
- Right clicking in Expert Infos to create a filter (duplicate IP) results in invalid filters. (Bug 11073)
- CanOpen dissector fails on frames with RTR and 0 length. (Bug 11083)
- Typo in secp521r1 curve wrongly identified as sect521r1. (Bug 11106)
- packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn’t filter ENUM. (Bug 11120)
- Typo: "LTE Positioning Protocol" abbreviated as "LPP", not "LLP". (Bug 11141)
- Missing Makefile.nmake in ansi1/Kerberos directory. (Bug 11155)
- Can’t build tshark without the Qt packages installed unless --without-qt is specified. (Bug 11157) Updated Protocol Support:
- AllJoyn, ASN.1 PER, ATM, CANopen, Diameter, ForCES, GSM RLC/MAC, GSMTAP, ICMP, IEC-60870-5-104, IEEE 802.11, IMF, IP, LBMC, LBMR, LDAP, LPP, MBIM, MEGACO, MP2T, PKCS-1, PPP IPv6CP, RPC, SPNEGO, SRVLOC, SSL, T.38, TCP, USB, WCP, WebSocket, X11, and ZigBee ZCL
更新時間:2015-03-05
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- The ATN-CPDLC dissector could crash. (Bug 9952) CVE-2015-2187
- The WCP dissector could crash. (Bug 10844) CVE-2015-2188
- The pcapng file parser could crash. (Bug 10895) CVE-2015-2189
- The LLDP dissector could crash. (Bug 10983) CVE-2015-2190
- The TNEF dissector could go into an infinite loop. (Bug 11023) CVE-2015-2191
- The SCSI OSD dissector could go into an infinite loop. (Bug 11024) CVE-2015-2192
The following bugs have been fixed:
- RTP player crashes on decode of long call: BadAlloc (insufficient resources for operation). (Bug 2630)
- "Telephony→SCTP→Analyse This Association" crashes Wireshark on manufactured SCTP packet. (Bug 9849)
- IPv6 Mobility Header Link Layer Address is parsed incorrectly. (Bug 10006)
- DNS NXT RR is parsed incorrectly. (Bug 10615)
- IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly. (Bug 10626)
- IPv6 Mobility Header Link-Layer Address Mobility Option is parsed incorrectly. (Bug 10627)
- HTTP chunked response includes data beyond the chunked response. (Bug 10707)
- DHCP Option 125 Suboption: (1) option-len always expects 1 but specification allows for more. (Bug 10784)
- Incorrect decoding of IPv4 Interface/Neighbor Address sub-TLVs in Extended IS Reachability TLV of IS-IS. (Bug 10837)
- Little-endian OS X Bluetooth PacketLogger files aren’t handled. (Bug 10861)
- X.509 certificate serial number incorrectly interpreted as negative number. (Bug 10862)
- Malformed Packet on rsync-version with length 2. (Bug 10863)
- ZigBee epoch time is incorrectly displayed in OTA cluster. (Bug 10872)
- BGP EVPN - Route Type 4 - "Invalid length of IP Address" - "Expert Info" shows a false error. (Bug 10873)
- Bad bytes read for extended rnc id value in GTP dissector. (Bug 10877)
- "ServiceChangeReasonStr" messages are not shown in txt generated by tshark. (Bug 10879)
- Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI. (Bug 10897)
- MEGACO wrong decoding on media port. (Bug 10898)
- Wrong media format. (Bug 10899)
- BSSGP Status PDU decoding fault (missing Mandatory element (0x04) BVCI for proper packet). (Bug 10903)
- DNS LOC Precision missing units. (Bug 10940)
- Packets on OpenBSD loopback decoded as raw not null. (Bug 10956)
- Display Filter Macro unable to edit. (Bug 10957)
- IPv6 Local Mobility Anchor Address mobility option code is treated incorrectly. (Bug 10961)
- SNTP server list improperly formatted in DHCPv6 packet details. (Bug 10964)
- Juniper Packet Mirror dissector expects ipv6 flow label = 0. (Bug 10976)
- NS Trace (NetScaler Trace) file format is not able to export specified packets. (Bug 10998)
Updated Protocol Support:
- ACN, ANSI IS-637-A, AppleMIDI, ATN-CPDLC, BGP, BSSGP, CMIP, DHCP, DHCPv6, DIS, DLM3, DMP, DNS, Extreme Networks, ForCES, FTAM, GMHDR, GSM A BSSMAP, GSM A-bis OML, GSM MAP, GSM RLC MAC, GTP, H.248, H.264, HTTP, IEEE 802.11, IPv6, IS-IS, ISMACryp, J1939, Juniper Jmirror, KDP, L2CAP, LDAP, LLDP, MGCP, MIP6, NBNS, NET/ROM, Netflow, Novell PKIS, PANA, PPPoE, RSL, RSYNC, RTMPT, RTP, SCSI OSD, SDP, SMB Pipe, SMPP, SYNCHROPHASOR, TETRA, TiVoConnect, TNEF, USB HID, V.52, VSS-Monitoring, X.509AF, Zebra, and ZigBee
- New and Updated Capture File Support:
- NetScaler, PacketLogger, and Pcapng
更新時間:2015-03-05
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- The ATN-CPDLC dissector could crash. (Bug 9952) CVE-2015-2187
- The WCP dissector could crash. (Bug 10844) CVE-2015-2188
- The pcapng file parser could crash. (Bug 10895) CVE-2015-2189
- The LLDP dissector could crash. (Bug 10983) CVE-2015-2190
- The TNEF dissector could go into an infinite loop. (Bug 11023) CVE-2015-2191
- The SCSI OSD dissector could go into an infinite loop. (Bug 11024) CVE-2015-2192
The following bugs have been fixed:
- RTP player crashes on decode of long call: BadAlloc (insufficient resources for operation). (Bug 2630)
- "Telephony→SCTP→Analyse This Association" crashes Wireshark on manufactured SCTP packet. (Bug 9849)
- IPv6 Mobility Header Link Layer Address is parsed incorrectly. (Bug 10006)
- DNS NXT RR is parsed incorrectly. (Bug 10615)
- IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly. (Bug 10626)
- IPv6 Mobility Header Link-Layer Address Mobility Option is parsed incorrectly. (Bug 10627)
- HTTP chunked response includes data beyond the chunked response. (Bug 10707)
- DHCP Option 125 Suboption: (1) option-len always expects 1 but specification allows for more. (Bug 10784)
- Incorrect decoding of IPv4 Interface/Neighbor Address sub-TLVs in Extended IS Reachability TLV of IS-IS. (Bug 10837)
- Little-endian OS X Bluetooth PacketLogger files aren’t handled. (Bug 10861)
- X.509 certificate serial number incorrectly interpreted as negative number. (Bug 10862)
- Malformed Packet on rsync-version with length 2. (Bug 10863)
- ZigBee epoch time is incorrectly displayed in OTA cluster. (Bug 10872)
- BGP EVPN - Route Type 4 - "Invalid length of IP Address" - "Expert Info" shows a false error. (Bug 10873)
- Bad bytes read for extended rnc id value in GTP dissector. (Bug 10877)
- "ServiceChangeReasonStr" messages are not shown in txt generated by tshark. (Bug 10879)
- Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI. (Bug 10897)
- MEGACO wrong decoding on media port. (Bug 10898)
- Wrong media format. (Bug 10899)
- BSSGP Status PDU decoding fault (missing Mandatory element (0x04) BVCI for proper packet). (Bug 10903)
- DNS LOC Precision missing units. (Bug 10940)
- Packets on OpenBSD loopback decoded as raw not null. (Bug 10956)
- Display Filter Macro unable to edit. (Bug 10957)
- IPv6 Local Mobility Anchor Address mobility option code is treated incorrectly. (Bug 10961)
- SNTP server list improperly formatted in DHCPv6 packet details. (Bug 10964)
- Juniper Packet Mirror dissector expects ipv6 flow label = 0. (Bug 10976)
- NS Trace (NetScaler Trace) file format is not able to export specified packets. (Bug 10998)
Updated Protocol Support:
- ACN, ANSI IS-637-A, AppleMIDI, ATN-CPDLC, BGP, BSSGP, CMIP, DHCP, DHCPv6, DIS, DLM3, DMP, DNS, Extreme Networks, ForCES, FTAM, GMHDR, GSM A BSSMAP, GSM A-bis OML, GSM MAP, GSM RLC MAC, GTP, H.248, H.264, HTTP, IEEE 802.11, IPv6, IS-IS, ISMACryp, J1939, Juniper Jmirror, KDP, L2CAP, LDAP, LLDP, MGCP, MIP6, NBNS, NET/ROM, Netflow, Novell PKIS, PANA, PPPoE, RSL, RSYNC, RTMPT, RTP, SCSI OSD, SDP, SMB Pipe, SMPP, SYNCHROPHASOR, TETRA, TiVoConnect, TNEF, USB HID, V.52, VSS-Monitoring, X.509AF, Zebra, and ZigBee
- New and Updated Capture File Support:
- NetScaler, PacketLogger, and Pcapng
更新時間:2015-01-08
更新細節:
What's new in this version:
Bug Fixes:
- WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559, CVE-2015-0560
- The LPP dissector could crash. (Bug 10773) CVE-2015-0561
- The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562
- The SMTP dissector could crash. (Bug 10823) CVE-2015-0563
- Wireshark could crash while decypting TLS/SSL sessions. CVE-2015-0564
- WebSocket dissector: empty payload causes DISSECTOR_ASSERT_NOT_REACHED. (Bug 9332)
- Wireshark crashes if Lua heuristic dissector returns true. (Bug 10233)
- Display MEP ID in decimal in OAM Y.1731 Synthetic Loss Message and Reply PDU. (Bug 10500)
- TCP Window Size incorrectly reported in Packet List. (Bug 10514)
- Status bar "creeps" to the left a few pixels every time Wireshark is opened. (Bug 10518)
- E-LMI Message type. (Bug 10531)
- SMTP decoder can dump binary data to terminal in TShark. (Bug 10536)
- PTPoE dissector gets confused by packets that include an FCS. (Bug 10611)
- IPv6 Vendor Specific Mobility Option includes the next mobility option type. (Bug 10618)
- Save PCAP to PCAPng with commentary fails. (Bug 10656)
- Display filter "frame contains bytes [2342]" causes a crash. (Bug 10690)
- Multipath TCP: checksum displayed when it’s not there. (Bug 10692)
- LTE APN-AMBR is decoded incorrectly. (Bug 10699)
- DNS NAPTR RR Replacement Length is incorrect. (Bug 10700)
- IPv6 Experimental mobility header data is interpreted as options. (Bug 10703)
- Dissector bug, protocol SPDY: tvbuff.c:610: failed assertion "tvb && tvb→initialized". (Bug 10704)
- BGP: Incorrect decoding AS numbers when mixed AS size. (Bug 10742)
- BGP update community - incorrect decoding. (Bug 10746)
- Setting a 6LoWPAN context generates a Wireshark crash. (Bug 10747)
- FC is not dissected (protocol UNKNOWN). (Bug 10751)
- Crash when displaying several times INFO column. (Bug 10755)
- Decoding of longitude value in LCSAP (3GPP TS 29.171) is incorrect. (Bug 10767)
- Crash when enabling FCoIB manual settings without filling address field. (Bug 10796)
- RSVP RECORD_ROUTE IPv4 Subobject Flags field incorrect decoding. (Bug 10799)
- Wireshark Lua engine can’t access protocol field type. (Bug 10801)
- Field Analysis of OpenFlow v1.4 OFPT_SET_ASYNC. (Bug 10808)
- Lua: getting fieldinfo.value for FT_NONE causes assert. (Bug 10815) Updated Protocol Support:
- 6LoWPAN, ADwin, AllJoyn, Art-Net, Asterix, BGP, Bitcoin, Bluetooth OBEX, Bluetooth SDP, CFM, CIP, DCERPC PN-IO, DCERPC SPOOLSS, DEC DNA, DECT, DHCPv6, DNS, DTN, E-LMI, ENIP, Ethernet, Extreme, FCoIB, Fibre Channel, GED125, GTP, H.248, H.264, HiSLIP, IDRP, IEEE 802.11, IEEE P1722.1, Infiniband, IrDA, iSCSI, ISUP, LBMR, LCSAP, LPP, MAC LTE, MAUSB, MBIM, MIM, MIP, MIPv6, MP2T, MPEG-1, NAS EPS, NAT-PMP, NCP, NXP PN532, OpcUa, OpenFlow, PTP, RDM, RPKI-RTR, RSVP, RTnet, RTSP, SCTP, SMPP, SMTP, SPDY, Spice, TCP, WCCP, Wi-Fi P2P, and WiMAX
更新時間:2015-01-08
更新細節:
What's new in this version:
Bug Fixes:
- WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559, CVE-2015-0560
- The LPP dissector could crash. (Bug 10773) CVE-2015-0561
- The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562
- The SMTP dissector could crash. (Bug 10823) CVE-2015-0563
- Wireshark could crash while decypting TLS/SSL sessions. CVE-2015-0564
- WebSocket dissector: empty payload causes DISSECTOR_ASSERT_NOT_REACHED. (Bug 9332)
- Wireshark crashes if Lua heuristic dissector returns true. (Bug 10233)
- Display MEP ID in decimal in OAM Y.1731 Synthetic Loss Message and Reply PDU. (Bug 10500)
- TCP Window Size incorrectly reported in Packet List. (Bug 10514)
- Status bar "creeps" to the left a few pixels every time Wireshark is opened. (Bug 10518)
- E-LMI Message type. (Bug 10531)
- SMTP decoder can dump binary data to terminal in TShark. (Bug 10536)
- PTPoE dissector gets confused by packets that include an FCS. (Bug 10611)
- IPv6 Vendor Specific Mobility Option includes the next mobility option type. (Bug 10618)
- Save PCAP to PCAPng with commentary fails. (Bug 10656)
- Display filter "frame contains bytes [2342]" causes a crash. (Bug 10690)
- Multipath TCP: checksum displayed when it’s not there. (Bug 10692)
- LTE APN-AMBR is decoded incorrectly. (Bug 10699)
- DNS NAPTR RR Replacement Length is incorrect. (Bug 10700)
- IPv6 Experimental mobility header data is interpreted as options. (Bug 10703)
- Dissector bug, protocol SPDY: tvbuff.c:610: failed assertion "tvb && tvb→initialized". (Bug 10704)
- BGP: Incorrect decoding AS numbers when mixed AS size. (Bug 10742)
- BGP update community - incorrect decoding. (Bug 10746)
- Setting a 6LoWPAN context generates a Wireshark crash. (Bug 10747)
- FC is not dissected (protocol UNKNOWN). (Bug 10751)
- Crash when displaying several times INFO column. (Bug 10755)
- Decoding of longitude value in LCSAP (3GPP TS 29.171) is incorrect. (Bug 10767)
- Crash when enabling FCoIB manual settings without filling address field. (Bug 10796)
- RSVP RECORD_ROUTE IPv4 Subobject Flags field incorrect decoding. (Bug 10799)
- Wireshark Lua engine can’t access protocol field type. (Bug 10801)
- Field Analysis of OpenFlow v1.4 OFPT_SET_ASYNC. (Bug 10808)
- Lua: getting fieldinfo.value for FT_NONE causes assert. (Bug 10815) Updated Protocol Support:
- 6LoWPAN, ADwin, AllJoyn, Art-Net, Asterix, BGP, Bitcoin, Bluetooth OBEX, Bluetooth SDP, CFM, CIP, DCERPC PN-IO, DCERPC SPOOLSS, DEC DNA, DECT, DHCPv6, DNS, DTN, E-LMI, ENIP, Ethernet, Extreme, FCoIB, Fibre Channel, GED125, GTP, H.248, H.264, HiSLIP, IDRP, IEEE 802.11, IEEE P1722.1, Infiniband, IrDA, iSCSI, ISUP, LBMR, LCSAP, LPP, MAC LTE, MAUSB, MBIM, MIM, MIP, MIPv6, MP2T, MPEG-1, NAS EPS, NAT-PMP, NCP, NXP PN532, OpcUa, OpenFlow, PTP, RDM, RPKI-RTR, RSVP, RTnet, RTSP, SCTP, SMPP, SMTP, SPDY, Spice, TCP, WCCP, Wi-Fi P2P, and WiMAX
更新時間:2014-11-13
更新細節:
What's new in this version:
The following vulnerabilities have been fixed:
- SigComp UDVM buffer overflow.
- AMQP crash.
- NCP crashes.
- TN5250 infinite loops. The following bugs have been fixed:
- Wireshark determine packets of MMS protocol as a packets of T.125 protocol.
- 6LoWPAN Mesh headers not treated as encapsulating address.
- UCP dissector bug of operation 31 - PID 0639 not recognized.
- iSCSI dissector rejects PDUs with "expected data transfer length" > 16M.
- GTPv2: trigging_tree under Trace information has wrong length.
- openflow_v1 OFPT_FEATURES_REPLY parsed incorrectly.
- Capture files from a remote virtual interface on MacOS X 10.9.5 aren’t dissected correctly.
- Problem specifying protocol name for filtering.
- LLDP TIA Network Policy Unknown Policy Flag Decode is not correct.
- Decryption of DCERPC with Kerberos encryption fails.
- Dissection of DECRPC NT sid28 shouldn’t show expert info if tree is null.
- Attempt to render an SMS-DELIVER-REPORT instead of an SMS-DELIVER.
- IPv6 Calipso option length is not used properly.
- The SPDY dissector couldn’t dissecting packet correctly.
- IPv6 QuickStart option Nonce is read incorrectly.
- IPv6 Mobility Option IPv6 Address/Prefix marks too many bytes for the address/prefix field.
- IPv6 Mobility Option Binding Authorization Data for FMIPv6 Authenticator field is read beyond the option data.
- IPv6 Mobility Option Mobile Node Link Layer Identifier Link-layer Identifier field is read beyond the option data.
- Wrong offset for hf_mq_id_icf1 in packet-mq.c.
- Malformed PTPoE announce packet.
- IPv6 Permanent Home Keygen Token mobility option includes too many bytes for the token field.
- IPv6 Redirect Mobility Option K and N bits are parsed incorrectly.
- IPv6 Care Of Test mobility option includes too many bytes for the Keygen Token field.
- IPv6 MESG-ID mobility option is parsed incorrectly.
- IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly.
- IPv6 DNS-UPDATE-TYPE mobility option includes too many bytes for the MD identity field.
- IPv6 Local Mobility Anchor Address mobility option’s code and reserved fields are parsed as 2 bytes instead of 1.
- WCCP v.2.01 extended assignment data element parsed wrong.
- DNS ISDN RR Sub Address field is read one byte early.
- TShark crashes when running with PDML on a specific packet.
- DNS A6 Address Suffix field is parsed incorrectly.
- DNS response time: calculation incorrect.
- SMPP does not display properly the hour field in the Submit_sm Validity Period field.
- DNS Name Length for Zone RR on root is 6 and Label Count is 1.
- DNS WKS RR Protocol field is read as 4 bytes instead of 1.
- IPv6 Mobility Option Context Request reads an extra request. Updated Protocol Support:
- 6LoWPAN, AMQP, ANSI IS-637-A, Bluetooth HCI, CoAP, DCERPC (all), DCERPC NT, DNS, GSM MAP, GTPv2, H.223, HPSW, HTTP2, IEEE 802.11, IPv6, iSCSI, Kerberos, LBT-RM, LLDP, MIH, Mobile IPv6, MQ, NCP, OpcUa, OpenFlow, PKTAP, PTPoE, SigComp, SMB2, SMPP, SPDY, Stanag 4607, T.125, UCP, USB CCID, and WCCP
New and Updated Capture File Support:
- Catapult DCT2000, HP-UX nettl, Ixia IxVeriWave, pcap, pcap-ng, RADCOM, and Sniffer (DOS)