Wireshark 歷史版本列表
Wireshark (32-bit)Wireshark (64-bit)
更新時間:2012-05-23
更新細節:
What's new in this version:
The following bugs have been fixed:
- User-Password - PAP decoding passwords longer than 16 bytes.
- The MSISDN is not seen correctly in GTP packet.
- Wireshark doesn't calculate the right IPv4 destination using source routing options when bad options precede them.
- BOOTP dissector issue with DHCP option 82 - suboption 9.
- MPLS dissector in 1.6.7 and 1.7.1 misdecodes some MPLS CW packets.
- ANSI MAP infinite loop.
- HCIEVT infinite loop.
- Wireshark doesn't decode NFSv4.1 operations.
- LTP infinite loop.
- Wrong values in DNS CERT RR.
- Megaco parser problem with LF in header.
- OPC UA bytestring node id decoding is wrong.
# Updated Protocol Support
- ANSI MAP, ASF, BACapp, Bluetooth HCI, DHCP, DIAMETER, DNS, GTP, IEEE 802.11, IEEE 802.3, IPv4, LTP, Megaco, MPLS, NFS, OPC UA, RADIUS
# New and Updated Capture File Support
- 5View, CSIDS, pcap, pcap-ng
更新時間:2012-04-08
更新細節:
What's new in this version:
The following bugs have been fixed:
- Wireshark could crash while reading SSL decryption keys on 64-bit Windows.
- Malformed Packets H263-1996 (RFC2190). (Bug 6996)
- Wireshark could crash while trying to open an rpcap: URL. (Bug 6922)
Updated Protocol Support:
- H.263
Getting Wireshark:
- Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.
Vendor-supplied Packages:
- Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations:
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
更新時間:2012-04-08
更新細節:
What's new in this version:
The following bugs have been fixed:
- Wireshark could crash while reading SSL decryption keys on 64-bit Windows.
- Malformed Packets H263-1996 (RFC2190). (Bug 6996)
- Wireshark could crash while trying to open an rpcap: URL. (Bug 6922)
Updated Protocol Support:
- H.263
Getting Wireshark:
- Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.
Vendor-supplied Packages:
- Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations:
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
更新時間:2012-03-28
更新細節:
What's new in this version:
# The following bugs have been fixed:
- ISO SSAP: ActivityStart: Invalid decoding the activity parameter as a BER Integer.
- Forward slashes in URI need to be converted to backslashes if WIN32.
- Character echo pauses in Capture Filter field in Capture Options.
- Some PGM options are not parsed correctly.
- dumpcap crashes when capturing from pipe to a pcap-ng file (e.g., when passing data from CACE Pilot to Wireshark).
- Unable to rearrange columns in preferences on Windows. (Bug 6077) (Note: this bug still affects the 64-bit package)
- No error for UDP/IPv6 packet with zero checksum.
- Wireshark installer doesn't add access_bpf in 10.5.8.
- Corrupted Diameter dictionary file that crashes Wireshark.
- packetBB dissector bug: More than 1000000 items in the tree -- possible infinite loop.
- ZEP dissector: Timestamp not always displayed correctly. Fractional seconds never displayed.
- GOOSE Messages don't use the length field to perform the dissection.
- Ethernet traces in K12 text format sometimes give bogus "malformed frame" errors and other problems.
- max_ul_ext isn't printed/decoded to the packet details log in GTP protocol packet.
- non-IPP packets to or from port 631 are dissected as IPP.
- lua proto registration fails for uppercase proto / g_ascii_strdown problem.
- no menu item Fle->Export->SSL Session Keys in GTK.
- IAX2 dissector reads past end of packet for unknown IEs.
- TShark 1.6.5 immediately crashes on SSL decryption (every time).
- USB: unknown GET DESCRIPTOR response triggers assert failure.
- IEEE1588 PTPv2 over IPv6.
- Patch to fix DTLS decryption.
- Expression... dialog crash.
- display filter "gtp.msisdn" not working.
- Multiprotocol Label Switching Echo - Return Code: Reserved (5).
- ISAKMP : VendorID CheckPoint : Malformed Packet.
- Adding a Custom HTTP Header Field with a trailing colon causes wireshark to immediately crash (and crash upon restart).
- Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
- MySQL dissector assertion.
- Radiotap header format data rate alignment issues.
# Updated Protocol Support
- ANSI A, BSSGP, DIAMETER, DTLS, GOOSE, GSM Management, GTP, HTTP, IAX2, IEEE 802.11, IPP, ISAKMP, ISO SSAP, MP2T, MPLS, MySQL, NTP, PacketBB, PGM, Radiotap, SSL, TCP, UDP, USB, WSP
# New and Updated Capture File Support
- Endace ERF, Pcap-NG, Tektronix K12
更新時間:2012-03-28
更新細節:
What's new in this version:
# The following bugs have been fixed:
- ISO SSAP: ActivityStart: Invalid decoding the activity parameter as a BER Integer.
- Forward slashes in URI need to be converted to backslashes if WIN32.
- Character echo pauses in Capture Filter field in Capture Options.
- Some PGM options are not parsed correctly.
- dumpcap crashes when capturing from pipe to a pcap-ng file (e.g., when passing data from CACE Pilot to Wireshark).
- Unable to rearrange columns in preferences on Windows. (Bug 6077) (Note: this bug still affects the 64-bit package)
- No error for UDP/IPv6 packet with zero checksum.
- Wireshark installer doesn't add access_bpf in 10.5.8.
- Corrupted Diameter dictionary file that crashes Wireshark.
- packetBB dissector bug: More than 1000000 items in the tree -- possible infinite loop.
- ZEP dissector: Timestamp not always displayed correctly. Fractional seconds never displayed.
- GOOSE Messages don't use the length field to perform the dissection.
- Ethernet traces in K12 text format sometimes give bogus "malformed frame" errors and other problems.
- max_ul_ext isn't printed/decoded to the packet details log in GTP protocol packet.
- non-IPP packets to or from port 631 are dissected as IPP.
- lua proto registration fails for uppercase proto / g_ascii_strdown problem.
- no menu item Fle->Export->SSL Session Keys in GTK.
- IAX2 dissector reads past end of packet for unknown IEs.
- TShark 1.6.5 immediately crashes on SSL decryption (every time).
- USB: unknown GET DESCRIPTOR response triggers assert failure.
- IEEE1588 PTPv2 over IPv6.
- Patch to fix DTLS decryption.
- Expression... dialog crash.
- display filter "gtp.msisdn" not working.
- Multiprotocol Label Switching Echo - Return Code: Reserved (5).
- ISAKMP : VendorID CheckPoint : Malformed Packet.
- Adding a Custom HTTP Header Field with a trailing colon causes wireshark to immediately crash (and crash upon restart).
- Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
- MySQL dissector assertion.
- Radiotap header format data rate alignment issues.
# Updated Protocol Support
- ANSI A, BSSGP, DIAMETER, DTLS, GOOSE, GSM Management, GTP, HTTP, IAX2, IEEE 802.11, IPP, ISAKMP, ISO SSAP, MP2T, MPLS, MySQL, NTP, PacketBB, PGM, Radiotap, SSL, TCP, UDP, USB, WSP
# New and Updated Capture File Support
- Endace ERF, Pcap-NG, Tektronix K12
更新時間:2012-01-11
更新細節:
What's new in this version:
# The following bugs have been fixed:
* "Closing File!" Dialog Hangs.
* Sub-fields of data field should appear in exported PDML as children of the data field instead of as siblings to it.
* Incorrect time differences displayed with time reference set.
* Wrong packet type association of SNMP trap after TFTP transfer.
* SSL/TLS decryption needs wireshark to be rebooted.
* Export HTTP Objects -> save all crashes Wireshark.
* Wireshark Netflow dissector complains there is no template found though the template is exported.
* DCERPC EPM tower UUID must be interpreted always as little endian.
* Crash if no recent files.
* IPv6 frame containing routing header with 0 segments left calculates wrong UDP checksum.
* IPv4 UDP/TCP Checksum incorrect if routing header present.
* Incorrect Parsing of SCPS Capabilities Option introduced in response to bug 6194.
* Various crashes after loading NetMon2.x capture file.
* Fixed compilation of dumpcap on some systems (when MUST_DO_SELECT is defined).
* SIGSEGV in SVN 40046.
* Wireshark dissects TCP option 25 as an "April 1" option.
* ZigBee ZCL Dissector reports invalid status.
* ICMPv6 DNSSL option malformed on padding.
* Wrong tvb_get_bits function call in packet-csn1.c.
* [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct.
* pcapio.c: bug in libpcap_write_interface_description_block.
* Memory leaks in various dissectors.
* Bytes highlighted in wrong Byte pane when field selected in Details pane.
# Updated Protocol Support
* BGP, BMC CSN1, DCERPC EPM, DCP(ETSI) DMP DTLS GSM Management, H245 HPTEAM, ICMPv6, IEEE 802.15.4 IPSEC IPv4, IPv6, ISAKMP KERBEROS LDSS NFS RLC, RPC-NETLOGON RRC RTMPT SIGCOMP SSL SYSLOG TCP, UDP, XML ZigBee ZCL
# New and Updated Capture File Support
* Accellent 5Views, AIX iptrace, HP-UX nettl, I4B, Microsoft Network Monitor, Novell LANalyzer, PacketLogger, Pcap-ng, Sniffer, Tektronix K12, WildPackets {Airo,Ether}Peek.
更新時間:2012-01-11
更新細節:
What's new in this version:
# The following bugs have been fixed:
* "Closing File!" Dialog Hangs.
* Sub-fields of data field should appear in exported PDML as children of the data field instead of as siblings to it.
* Incorrect time differences displayed with time reference set.
* Wrong packet type association of SNMP trap after TFTP transfer.
* SSL/TLS decryption needs wireshark to be rebooted.
* Export HTTP Objects -> save all crashes Wireshark.
* Wireshark Netflow dissector complains there is no template found though the template is exported.
* DCERPC EPM tower UUID must be interpreted always as little endian.
* Crash if no recent files.
* IPv6 frame containing routing header with 0 segments left calculates wrong UDP checksum.
* IPv4 UDP/TCP Checksum incorrect if routing header present.
* Incorrect Parsing of SCPS Capabilities Option introduced in response to bug 6194.
* Various crashes after loading NetMon2.x capture file.
* Fixed compilation of dumpcap on some systems (when MUST_DO_SELECT is defined).
* SIGSEGV in SVN 40046.
* Wireshark dissects TCP option 25 as an "April 1" option.
* ZigBee ZCL Dissector reports invalid status.
* ICMPv6 DNSSL option malformed on padding.
* Wrong tvb_get_bits function call in packet-csn1.c.
* [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct.
* pcapio.c: bug in libpcap_write_interface_description_block.
* Memory leaks in various dissectors.
* Bytes highlighted in wrong Byte pane when field selected in Details pane.
# Updated Protocol Support
* BGP, BMC CSN1, DCERPC EPM, DCP(ETSI) DMP DTLS GSM Management, H245 HPTEAM, ICMPv6, IEEE 802.15.4 IPSEC IPv4, IPv6, ISAKMP KERBEROS LDSS NFS RLC, RPC-NETLOGON RRC RTMPT SIGCOMP SSL SYSLOG TCP, UDP, XML ZigBee ZCL
# New and Updated Capture File Support
* Accellent 5Views, AIX iptrace, HP-UX nettl, I4B, Microsoft Network Monitor, Novell LANalyzer, PacketLogger, Pcap-ng, Sniffer, Tektronix K12, WildPackets {Airo,Ether}Peek.
更新時間:2011-11-21
更新細節:
What's new in this version:
The following bugs have been fixed:
- Patch to fix memory leaks/errors in Lua plugin.
- Wireshark crashes if a field of type BASE_CUSTOM is applied as a column.
- Filter Expression dialog can only be opened once.
- Wireshark crashes if compiled without GLib thread support.
- 80211 QoS Control: Add Raw TID.
- SNMP length check error.
- UCP dissector bug of operation 61.
更新時間:2011-11-21
更新細節:
What's new in this version:
The following bugs have been fixed:
- Patch to fix memory leaks/errors in Lua plugin.
- Wireshark crashes if a field of type BASE_CUSTOM is applied as a column.
- Filter Expression dialog can only be opened once.
- Wireshark crashes if compiled without GLib thread support.
- 80211 QoS Control: Add Raw TID.
- SNMP length check error.
- UCP dissector bug of operation 61.
更新時間:2011-11-02
更新細節:
What's new in this version:
# The following bugs have been fixed:
- Assertion failed when doing File->Quit->Save during live capture.
- Wrong PCEP XRO sub-object decoding.
- Wireshark window takes very long time to show up if invalid network file path is at recent file list
- Decoding [Status Records] Timestamp Sequence Field in Bundle Protocol fails if over 32 bits.
- ISUP party number dissection.
- wireshark-1.4.2 crashes when testing the example python dissector because of a dissector count assertion.
- Ethernet packets with both VLAN tag and LLC header no longer displayed correctly.
- SLL encapsuled 802.1Q VLAN is not dissected.
- Wireshark crashes when attempting to open a file via drag & drop when there's already a file open.
- Adding and removing custom HTTP headers requires a restart.
- Can't read full 64-bit SNMP values.
- Dissection fails for frames with Gigamon Header and VLAN.
- RTP Stream Analysis does not work for TURN-encapsulated RTP.
- packet-csn1.c doesn't process CSN_CHOICE entries properly.
- BACnet property time-synchronization-interval (204) name shown incorrectly as time-synchronization-recipients.
- GUI crash on invalid IEEE 802.11 GAS frame.
- [ASN.1 PER] Incorrect decoding of BIT STRING type.
- ICMPv6 router advertisement Prefix Information Flag R "Router Address" missing.
- Export -> Object -> HTTP -> save all: Error on saving files.
- Inner tag of 802.1ad frames not parsed properly.
- Added cursor type decoding to MySQL dissector.
- Incorrect identification of UDP-encapsulated NAT-keepalive packets.
- WPA IE pairwise cipher suite dissector uses incorrect value_string list.
- S1AP protocol can't decode IPv6 transportLayerAddress.
- RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
- packet-ajp13 fix, cleanup, and enhancement.
- Network Instruments Observer file format bugs.
- Wireshark crashes when using "Open Recent" 2 times in a row.
- Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data Header.
- wireshark unable to decode NetFlow options which have system scope size != 4 bytes.
- Display filter Expression Dialog Box Error.
- text_import_scanner.l missing.
# Updated Protocol Support
- AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11, IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL
# New and Updated Capture File Support
- Endace ERF.