|author||Gerald Combs <email@example.com>||2013-03-28 17:48:31 +0000|
|committer||Gerald Combs <firstname.lastname@example.org>||2013-03-28 17:48:31 +0000|
svn path=/trunk/; revision=48625
Diffstat (limited to 'NEWS')
1 files changed, 121 insertions, 55 deletions
@@ -1,102 +1,168 @@
-Wireshark 1.3.0 Release Notes
+ Wireshark 1.9.2 Release Notes
What is Wireshark?
- Wireshark is the world's most popular network protocol analyzer.
- It is used for troubleshooting, analysis, development, and
+ Wireshark is the world's most popular network protocol analyzer. It is
+ used for troubleshooting, analysis, development and education.
- The following vulnerabilities have been fixed. See the security
- advisory for details and a workaround.
- o The NetFlow dissector could run off with your dog, crash your
- truck, and write a country music song about the experience.
- Versions affected: 0.99.5 to 1.0.8
The following bugs have been fixed:
- o Wireshark could crash without warning.
New and Updated Features
- The following features are new (or have been significantly
- updated) since version 1.0:
- o The packet list internals have been rewritten and are now more
- o Capturing from pipes on Windows has been improved.
+ The following features are new (or have been significantly updated)
+ since version 1.8:
+ * Wireshark on 32- and 64-bit Windows supports automatic updates.
+ * The packet bytes view is faster.
+ * You can now display a list of resolved host names in "hosts" format
+ within Wireshark.
+ * The wireless toolbar has been updated.
+ * Wireshark on Linux does a better job of detecting interface
+ addition and removal.
+ * It is now possible to compare two fields in a display filter (for
+ example: udp.srcport != udp.dstport). The two fields must be of the
+ same type for this to work.
+ * The Windows installers ship with WinPcap 4.1.3, which supports
+ Windows 8.
+ * USB type and product name support has been improved.
+ * Wireshark now calculates HTTP response times and presents the
+ result in a new field in the HTTP response. Links from the
+ request's frame to the response's frame and vice-versa are also
+ * The main welcome screen and status bar now display file sizes using
+ strict SI prefixes instead of old-style binary prefixes.
+ * Capinfos now prints human-readable statistics with SI suffixes by
+ * It is now possible to open a referenced packet (such as the matched
+ request or response packet) in a new window.
+ * It is now possible for tshark to display only the hex/ascii packet
+ data without also requiring that the packet summary and/or packet
+ details are also displayed. If you want the old behavior, use -Px
+ instead of just -x.
+ * The Wireshark application icon, capture toolbar icons, and other
+ icons have been updated.
New Protocol Support
+ Amateur Radio AX.25, Amateur Radio BPQ, Amateur Radio NET/ROM, America
+ Online (AOL), AR Drone, Automatic Position Reporting System (APRS),
+ AX.25 KISS, AX.25 no Layer 3, Bitcoin Protocol, Bluetooth Attribute
+ Protocol, Bluetooth AVCTP Protocol, Bluetooth AVDTP Protocol, Bluetooth
+ AVRCP Profile, Bluetooth BNEP Protocol, Bluetooth HCI USB Transport,
+ Bluetooth HCRP Profile, Bluetooth HID Profile, Bluetooth MCAP Protocol,
+ Bluetooth SAP Profile, Bluetooth SBC Codec, Bluetooth Security Manager
+ Protocol, Cisco GED-125 Protocol, Clique Reliable Multicast Protocol
+ (CliqueRM), D-Bus, Digital Transmission Content Protection over IP,
+ DVB-S2 Baseband, FlexNet, Forwarding and Control Element Separation
+ Protocol (ForCES), Foundry Discovery Protocol (FDP), Gearman Protocol,
+ GEO-Mobile Radio (1) RACH, HoneyPot Feeds Protocol (HPFEEDS), LTE
+ Positioning Protocol Extensions (LLPe), Media Resource Control Protocol
+ Version 2 (MRCPv2), Media-Independent Handover (MIH), MIDI System
+ Exclusive (SYSEX), Mojito DHT, MPLS-TP Fault-Management, MPLS-TP
+ Lock-Instruct, NASDAQ's OUCH 4.x, NASDAQ's SoupBinTCP, OpenVPN
+ Protocol, Pseudo-Wire OAM, RPKI-Router Protocol, SEL Fast Message,
+ Simple Packet Relay Transport (SPRT), Skype, Smart Message Language
+ (SML), SPNEGO Extended Negotiation Security Mechanism (NEGOEX),
+ UHD/USRP, USB Audio, USB Video, v.150.1 State Signaling Event (SSE),
+ VITA 49 Radio Transport, VNTAG, WebRTC Datachannel Protocol (RTCDC),
+ and WiMAX OFDMA PHY SAP
Updated Protocol Support
+ Too many protocols have been updated to list here.
New and Updated Capture File Support
+ AIX iptrace, Catapult DCT2000, Citrix NetScaler, DBS Etherwatch (VMS),
+ Endace ERF, HP-UX nettl, IBM iSeries, Ixia IxVeriWave, NA Sniffer
+ (DOS), Netscreen, Network Instruments Observer, pcap, pcap-ng, Symbian
+ OS btsnoop, TamoSoft CommView, and Tektronix K12xx
Wireshark source code and installation packages are available from
- the download page on the main web site.
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package
- management system specific to that platform. A list of third-party
- packages can be found on the download page on the Wireshark web
+ Most Linux and Unix vendors supply their own Wireshark packages. You
+ can usually install or upgrade Wireshark using the package management
+ system specific to that platform. A list of third-party packages can be
+ found on the download page on the Wireshark web site.
- Wireshark and TShark look in several different locations for
- preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
- These locations vary from platform to platform. You can use
- About->Folders to find the default locations on your system.
+ Wireshark and TShark look in several different locations for preference
+ files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
+ vary from platform to platform. You can use About->Folders to find the
+ default locations on your system.
- Wireshark may appear offscreen on multi-monitor Windows systems.
- (Bug 553)
+ Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
- Wireshark might make your system disassociate from a wireless
- network on OS X. (Bug 1315)
+ The BER dissector might infinitely loop. (Bug 1516)
- Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
+ Capture filters aren't applied when capturing from named pipes.
- Wireshark is unable to decrypt WPA group keys. (Bug 1420)
+ Filtering tshark captures with display filters (-R) no longer works.
+ (Bug 2234)
- The BER dissector might infinitely loop. (Bug 1516)
+ The 64-bit Windows installer does not support Kerberos decryption.
+ (Win64 development page)
- Wireshark can't dynamically update the packet list. This means
- that host name resolutions above a certain response time threshold
- won't show up in the packet list. (Bug 1605)
+ Application crash when changing real-time option. (Bug 4035)
- Capture filters aren't applied when capturing from named pipes.
- (Bug 1814)
+ Hex pane display issue after startup. (Bug 4056)
- Wireshark might freeze when reading from a pipe. (Bug 2082)
+ Packet list rows are oversized. (Bug 4357)
- Capturing from named pipes might be delayed on Windows. (Bug 2200)
+ Summary pane selected frame highlighting not maintained. (Bug 4445)
- Filtering tshark captures with display filters (-R) no longer
- works. (Bug 2234)
+ Wireshark and TShark will display incorrect delta times in some cases.
+ (Bug 4985)
- Community support is available on the wireshark-users mailing
- list. Subscription information and archives for all of Wireshark's
- mailing lists can be found on the web site.
+ Community support is available on Wireshark's Q&A site and on the
+ wireshark-users mailing list. Subscription information and archives for
+ all of Wireshark's mailing lists can be found on the web site.
- Commercial support, training, and development services are
- available from CACE Technologies.
+ Official Wireshark training and certification are available from
+ Wireshark University.
Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.
+ A complete FAQ is available on the Wireshark web site.
+ Last updated 2013-03-27 11:36:52 PDT
+ 1. http://www.wireshark.org/download.html
+ 2. http://www.wireshark.org/download.html#thirdparty
+ 3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
+ 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
+ 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
+ 6. https://wiki.wireshark.org/Development/Win64
+ 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
+ 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
+ 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
+ 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
+ 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
+ 12. http://ask.wireshark.org/
+ 13. http://www.wireshark.org/lists/
+ 14. http://www.wiresharktraining.com/
+ 15. http://www.wireshark.org/faq.html