Wireshark 歷史版本列表 Page51

更新時間：2009-02-07
更新細節：

What's new in this version:

Bug Fixes
- On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters.
- Wireshark could crash while reading a malformed NetScreen snoop file. Discovered by babi.
- Wireshark could crash while reading a Tektronix K12 text capture file.

The following bugs have been fixed:
- Crash when loading capture file and Preferences: NO Info column
- Some Lua scripts may lead to corruption via out of bounds stack
- Build with GLib 1.2 fails with error: 'G_MININT32' undeclared
- Wrong decoding IMSI with GSM MAP protocol
- Segmentation fault for "Follow TCP stream"
- SMPP optional parameter 'network_error_code' incorrectly decoded
- DHCPv6 dissector doesn't handle malformed FQDN
- WCCP overrides CFLOW as decoded protocol
- Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object
- ANSI MAP fix for TRN digits/SMS and OTA subdissection
- The 1.0 branch can now be built with Visual Studio 2008.

New and Updated Features
- The version of GNUTLS included with the Windows packages has been updated from 2.3.8 to 2.6.3.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS

New and Updated Capture File Support
- NetScreen snoop

更新時間：2008-12-11
更新細節：

What's new in this version:

Bug Fixes
- The SMTP dissector could consume excessive amounts of CPU and memory.
- The WLCCP dissector could go into an infinte loop.

The following bugs have been fixed:
- Missing CRLF during HTTP POST in the "packet details" window
- Memory assertion in time_secs_to_str_buf() when compiled with GCC 4.2.3
- Diameter dissector fails RFC 4005 compliance
- LDP vendor private TLV type is not correctly shown
- Wireshark on MacOS does not run when there are spaces in its path
- OS X Intel package incorrectly claims to be Universal
- Compilation broke when compiling without zlib
- Memory leak: saved_repoid
- Memory leak: follow_info
- Memory leak: follow_info
- Memory leak: tacplus_data
- Memory leak: col_arrows
- Memory leak: col_arrows
- Incorrect address structure assigned for find_conversation() in WSP
- Memory leak with unistim in voip_calls
- Error parsing the BSSGP protocol
- Assertion thrown in fvalue_get_uinteger when decoding TIPC
- LUA script : Wireshark crashes after closing and opening again a window used by a listener.draw() function.

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP, MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066, TACACS, TIPC, WLCCP, WSP

New and Updated Capture File Support
- None

Getting Wireshark
- Wireshark source code and installation packages are available from the download page on the main web site.

Vendor-supplied Packages
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

Known Problems
- Wireshark may appear offscreen on multi-monitor Windows systems.
- Wireshark might make your system disassociate from a wireless network on OS X.
- Dumpcap might not quit if Wireshark or TShark crashes.
- The BER dissector might infinitely loop.
- Wireshark can't dynamically update the packet list. This means that host name resolutions above a certain response time threshold won't show up in the packet list.
- Capture filters aren't applied when capturing from named pipes.
- Wireshark might freeze when reading from a pipe.
- Capturing from named pipes might be delayed on Windows.
- Filtering tshark captures with display filters (-R) no longer works.

Getting Help
- Community support is available on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
- Commercial support and development services are available from CACE Technologies.

Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.

更新時間：2008-10-21
更新細節：

What's new in this version:

Bug Fixes
- Florent Drouin and David Maciejak found that the Bluetooth ACL dissector could crash or abort.
- The Q.931 dissector could crash or abort.
- Wireshark could abort while reading Tamos CommView capture files.
- David Maciejak found that the USB dissector could crash or abort. This led to the disovery of a similar problem in the Bluetooth RFCOMM dissector.
- Vivek Gupta and David Maciejak found that the PRP and MATE dissectors could make Wireshark crash. (Neither PRP nor MATE are enabled by default.)

The following bugs have been fixed:
- Let MP2T call its subdissectors, even without tree
- Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
- Failure to dissect long SASL wrapped LDAP response
- Fix compiler warnings
- Homeplug dissection bugs
- Malformed Packet DCP ETSI error
- Wrong size of selected_registrar in WPS dissector
- Dissector assertion displaying cookies in DTLS frames
- Missing field type in documentation
- Wireshark -p switch seems to have no effect to PROMISCUOUS mode
- Misspelled PPI error vector magnitude filter
- Modbus Function 43 Encapsulated Interface Transport decoding
- Crash when printing or exporting some protocol data
- Crash when selecting "Export Selected Packet Bytes"

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug, IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL, SNMP, USB, WPS

New and Updated Capture File Support
- AiroPeek, CommView

Getting Wireshark
- Wireshark source code and installation packages are available from the download page on the main web site.

Vendor-supplied Packages
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

Known Problems
- Wireshark may appear offscreen on multi-monitor Windows systems.
- Wireshark might make your system disassociate from a wireless network on OS X.
- Dumpcap might not quit if Wireshark or TShark crashes.
- The BER dissector might infinitely loop.
- Wireshark can't dynamically update the packet list. This means that host name resolutions above a certain response time threshold won't show up in the packet list.
- Capture filters aren't applied when capturing from named pipes.
- Wireshark might freeze when reading from a pipe.
- Capturing from named pipes might be delayed on Windows.
- Filtering tshark captures with display filters (-R) no longer works.

Getting Help
- Community support is available on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
- Commercial support and development services are available from CACE Technologies.

Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.

更新時間：2008-09-04
更新細節：

What's new in this version:

Bug Fixes
- The NCP dissector was susceptible to a number of problems, including buffer overflows and an infinite loop.
- Wireshark could crash while uncompressing zlib-compressed packet data.
- Wireshark could crash while reading a Tektronix .rf5 file.

The following bugs have been fixed:
- 802.11 WPA/WPA2-PSK Unable to decode Group Keys.
- Packets could wrongly be dissected as "Redback Lawful Intercept"
- MIKEY dissector improvements
- tvb_get_bits{16|32} could read past the end of a tvbuff
- Incorrect wslua function names.
- Memory corruption in wslua.
- Unknown PPPoE TAGs which are present in a PPPoE discovery packet are not displayed under "PPPoE Tags" subtree/section.
- Following a TCP stream could incorrectly reassemble packets.
- SIP decode shows fully expanded "Content-Length" header instead of compact form.
- Segmentation fault loading trace containing NCP packets.
- SIP packets might incorrectly be displayed as malformed.
- RTCP BYE padding interpreted incorrectly.
- Reversed RTP stream is saved as silent .au file, forward stream saves correctly.
- Fix some lint warnings.
- Setting a duration on a capture file would capture for an extra second.

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AIM, Bluetooth RFCOMM, ERF, K12, NCP, PPP BCP, PPPoE, Q.933, Redback LI, RTCP, RTP, SIP, SNMP, TCP, V.120, WiMAX

New and Updated Capture File Support
- Endace ERF.

Getting Wireshark
- Wireshark source code and installation packages are available from the download page on the main web site.

Vendor-supplied Packages
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

Known Problems
- Wireshark may appear offscreen on multi-monitor Windows systems.
- Wireshark might make your system disassociate from a wireless network on OS X.
- Dumpcap might not quit if Wireshark or TShark crashes.
- The BER dissector might infinitely loop.
- Wireshark can't dynamically update the packet list. This means that host name resolutions above a certain response time threshold won't show up in the packet list.
- Capture filters aren't applied when capturing from named pipes.
- Wireshark might freeze when reading from a pipe.
- Capturing from named pipes might be delayed on Windows.
- Filtering tshark captures with display filters (-R) no longer works.

Getting Help
- Community support is available on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
- Commercial support and development services are available from CACE Technologies.

Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.

更新時間：2008-07-11
更新細節：

What's new in this version:

Bug Fixes
- Wireshark could crash while reassembling packets.

The following bugs have been fixed:
- Dumpcap could crash on some versions of Windows (primarily Vista).

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- There are no updated protocols in this release.

New and Updated Capture File Support
- There is no new or updated capture file support in this release.

更新時間：2008-07-01
更新細節：

What's new in this version:

Bug Fixes
- The PANA and KISMET dissectors could force Wireshark to quit unexpectedly.
- The RMI dissector could disclose system memory.

The following bugs have been fixed:
- RPC portmap classification switched to TCP after filtering.
- Force the foreground color when the background is forced.
- RPC stream shows malformed packets.
- SNMP trap dissection fails.
- Failure to detect/open valid ERF files.
- Window scaling bug.
- Bugs in the EIGRP dissector.
- E212 Mobile network code 3rd digit is not correctly decoded.
- The BOOTP dissector fails to initialize and display some values.
- Data string filter crash.
- Debian packaging problems.
- Expert info composite crash for LDAP.
- Statistics > Multicast Streams are broken.
- "Read me first" file is empty in the OS X .dmg.
- Failed tshark PDML export to file.
- RTCP MOS fields display wrong values.
- SNMP trap parse error.
- Ports incorrectly decoded as DPLAY instead of RTP.
- Incorrect decoding of DST MAC address of frame containing ICMPv6 Echo Request.
- Fix wireshark-filter man page for packet-diameter_3gpp.c fields.
- Dissector bug, protocol SNMP: proto.c:932: failed assertion.
- UDP not decoded as UNIStim.
- Debug text output from MIKEY dissector.
- Windows compilation errors with flex 2.5.35.
- RTP heuristic interferes with STUN/T38 portion of heuristic.
- WiMAX dissector assertion.
- RTP header extensions with length>4 bytes dissected incorrectly.
- Compilation failure on non-european Windows systems.
- BACnet BVLC NAK decoding.
- 'tshark -Tfields -e data' omits last character of data.
- "Next file every" inconsistent behaviour.
- Wireshark doest not parse iSCSI login PDU.
- URL and encoding for OUI listings in make-manuf.

New and Updated Features
- The "About" box finally displays version 1.0.
- Wireshark now supports custom columns.
- This release includes an experimental Mac OS X package.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- ACTRACE, BACnet BVLC, BOOTP, E212, iSCSI, IUA, LDAP, MGCP, MIKEY, MSMMS, RMI, RPC, RTCP, RTP, SIP, SNMP, TCP, UNIStim, WiMAX

New and Updated Capture File Support
- Endace ERF

更新時間：2008-04-04
更新細節：

What's new in this version:

Bug Fixes
- The X.509sat dissector could crash.
- The Roofnet dissector could crash on Windows, Solaris, and possibly other platforms.
- The LDAP dissector could crash on Windows and possibly other platforms.
- The SCCP dissector could crash while using the "decode as" feature.

The following bugs have been fixed:
- Several SNMP-related bugs have been fixed.
- Several memory-related bugs have been fixed.

New and Updated Features
- The "About" box finally displays version 1.0.
- Wireshark now supports custom columns.
- This release includes an experimental Mac OS X package.

New Protocol Support
- IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol, RedBack Lawful Intercept, Xcsl

Updated Protocol Support
- AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP (renamed from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay, EtherCAT, FIX, GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS, JXTA, NCP, P_Mul, PCAP, PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP, RTMPT, RTP, RX, SABP, SCSI OSD, sFlow, SMPP, SNMP, SSCOP, TAPA, TIPC, TPNCP, UNISTIM, X.25, X.509sat, XML

更新時間：2008-02-28
更新細節：

What's new in this version:

Bug Fixes
- The SCTP dissector could crash.
- The SNMP dissector could crash.
- The TFTP dissector could crash Wireshark on Ubuntu 7.10. (This appears to be a bug in the Cairo library on that platform.)

The following bugs have been fixed:
- Wireshark could crash when saving I/O graphs.
- Wireshark could crash when editing table-based preferences.
- Wireshark could crash when trying to play RTP streams.
- Wireshark could crash when trying to apply a display filter macro.
- Wireshark could crash in Turkish and other locales.

New and Updated Features
- You can now have multiple configuration profiles.
- Temporary coloring rules have been added, which let you color or filter on a conversation.
- I/O graphs have been improved.
- Wireshark now has WLAN traffic statistics.
- The Wireshark GUI now supports RPCAP.
- Conversations and endopoints can now be limited to the current display filter.
- Experimental support for the NTAR/PcapNG file format has been added.

New Protocol Support
- AiroPeek Remote Capture, China Mobile Point to Point, Distributed
- Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
- Foundation, International Passenger Airline Reservation
- System/Airline Link Control, Microsoft DirectPlay, Path
- Computation Element communication Protocol, Real Time Messaging
- Protocol, S1 Application Protocol, Scripting Service Protocol,
- Societe Internationale de Telecommunications Aeronautiques, Unisys
- Transmittal System, Wi-fi Protected Setup,

Updated Protocol Support
- 3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL, HCI CMD, HCI EVT, HCI SCO, L2CAP, SDP), CDP, CFM, CMS, COPS, Camel, Cisco ERSPAN, DAP, DCERPC SPOOLSS, DCERPC, DHCP, DHCPv6, DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet, FMP, FTAM, GMRP, GRE, GSM MAP, GSM SMS, GSS-API, GTP, Gryphon, H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE 802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP, MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM, PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT LCT, ROS, RPC, RPL, RRC, RTCP, RTP, SCCP, SCTP, SDP, SLL, SMB, SMB2, SMPP, SMTP, SNMP, SRVLOC, SSL, STUN2, T.38, TCAP, TCP, TFTP, TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420, X.509if, X.509sat

New and Updated Capture File Support
- Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
- Visual Networks

更新時間：2007-12-19
更新細節：

What's new in this version:

Bug Fixes
- Wireshark could crash when reading an MP3 file.
- Beyond Security discovered that Wireshark could loop excessively while reading a malformed DNP packet.
- Stefan Esser discovered a buffer overflow in the SSL dissector
- The ANSI MAP dissector could be susceptible to a buffer overflow on some platforms.
- The Firebird/Interbase dissector could go into an infinite loop or crash.
- The NCP dissector could cause a crash.
- The HTTP dissector could crash on some systems while decoding chunked messages.
- The MEGACO dissector could enter a large loop and consume system resources.
- The DCP ETSI dissector could enter a large loop and consume system resources.
- Fabiodds discovered a buffer overflow in the iSeries (OS/400) Communication trace file parser.
- The PPP dissector could overflow a buffer.
- The Bluetooth SDP dissector could go into an infinite loop.
- A malformed RPC Portmap packet could cause a crash.
- The IPv6 dissector could loop excessively.
- The USB dissector could loop excessively or crash.
- The SMB dissector could crash.
- The RPL dissector could go into an infinite loop.
- The WiMAX dissector could crash due to unaligned access on some platforms.
- The CIP dissector could attempt to allocate a huge amount of memory and crash.

The following bugs have been fixed:
- Handling of non-ASCII file names and paths has been improved.
- Wireshark could crash while editing a coloring rule or a UAT table.
- The display filter code could crash while bitwise ANDing an IPv4 address.

New and Updated Features
- Most of the capture code has been moved out of the GUI, which means that Wireshark no longer needs to be run as root.
- Many display filter names have been cleaned up. If your favorite display filter just went missing, please consult the display filter reference to find out where it ended up.
- You can now filter directly on SNMP OIDs.
- IO graphs have more display options, and you can now export graphs.
- You can now follow UDP streams in addition to TCP and SSL streams.
- You can now disable coloring rules without deleting them.
- Main window toolbar buttons are now available even when the window is small.
- The version of WinPcap that ships with the Windows installers has been updated to 4.0.2.
- The Windows installers now include a "services" file, which maps port numbers to names.
- The Windows installer now enables npf.sys by default under Vista. Wireshark will print a warning at startup if npf.sys isn't loaded under Vista.
- Optimizations have been applied in some places to make Wireshark start up and run faster.

New Protocol Support
- ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS, EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and 802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM, Wake on LAN, WiMAX ASN Control Plane, X.224

Updated Protocol Support
- 3Com XNS, 3G A11, ACN, ACP123, ACSE, AIM, ANSI IS-637-A, ANSI MAP, Armagetronad, BACapp, BACnet, BER, BFD, BGP, Bluetooth, CAMEL, CDT, CFM, CIP, Cisco ERSPAN, CLNP, CMIP, CMS, COPS, CTDB, DCCP, DCERPC ATSVC, DCERPC PNIO, DCERPC SAMR, DCERPC, DCOM CBA-ACCO, DCP ETSI, DEC DNA, DFS, DHCP/BOOTP, DHCPv6, DIAMETER, DISP, DMP, DNP, DNS, DOP, DTLS, DUA, eDonkey, ELSM, ESL, Ethernet, FC ELS, FC, FCOE, FTAM, FTP, GDSDB, GIOP, GPRS-LLC, GSM A, GSM MAP, GTP, HSRP, HTTP, IAX2, ICMPv6, IEEE 802.11, INAP, IP, IPMI, IPv6, ISAKMP, ISIS, iSNS, ISUP, IUUP, JXTA, K12, Kerberos, L2TP, LAPD, LDAP, LINX, LPD, LWAPP, MEGACO, MIKEY, MIME Multipart, MMS, MP2T, MPEG PES, MPEG, MTP2, MySQL, NBAP, NetFlow, nettl, NFS, NSIP, OSPF, P_MUL, PANA, PER, PKCS#12, PMIPv6, PN-PTCP, PN-RT, PPI, PPPoE, PRES, PROFINET, PTP, Q.932 ROS, Q.932, QSIG, Radiotap, RADIUS, RANAP, RNSAP, ROS, RTCP, RTP, RTSE, RTSP, SCCP, SCTP, SDP, SIGCOMP, SIP, Slow Protocols, SMB, SMPP, SMTP, SNDCP, SNMP, SRP, SSL, STANAG 4406, STUN2, TCAP, TCP, text/media, TIPC, ULP, UMA, UMTS FP, V5UA, VNC, WiMAX M2M, WiMAX, WLCCP, X.411, X.420, X.509 SAT, XML

New and Updated Capture File Support
- Catapult DCT 2000, Endace ERF, Juniper NetScreen snoop, Visual Networks, Windows Sniffer (NetXRay)

更新時間：2007-07-07
更新細節：

What's new in this version:

- This release adds the ability to change columns without restarting Wireshark, display filter macros, HTTP object export, upper() and lower() display filter modifiers, and many more features.
- Security-related vulnerabilities in the HTTP, DCP ETSI, SSL, DHCP, and MMS dissectors have been fixed along with the iSeries file reader. See the advisory for details.