aboutsummaryrefslogtreecommitdiffstats
path: root/docbook/release-notes.xml
blob: b709f907f47d5cba7fba234e9c032ccda4dd70e8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
<?xml version="1.0"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [

<!-- $Id$ -->

<!--
DOCUMENT SECTION
-Use this section to encode all document information
-->

<!--
Ethereal Info
-->
  <!ENTITY EtherealCurrentVersion "0.99.0">

]>

<article>
  <title>Ethereal &EtherealCurrentVersion; Release Notes</title>

  <section id="WhatIs"><title>What is Ethereal?</title>
    <para>
      Ethereal is the world's most popular network protocol analyzer.  It
      is used for troubleshooting, analysis, development, and education.
    </para>
  </section>

  <section id="WhatsNew"><title>What's New</title>
    <section><title>Bug Fixes</title>
    <para>
      Many security vulnerabilities have been fixed since the
      previous release.  See the
      <ulink url="http://www.ethereal.com/appnotes/enpa-sa-00022.html">application
      advisory</ulink> for more details.
      <itemizedlist>

        <listitem><para>
	  The H.248 dissector could crash.
	  <!-- Fixed in r16967, r17015 -->
	  <!-- Bug IDs: 651 -->
	  Versions affected: 0.10.14.
        </para></listitem>

        <listitem><para>
	  The UMA dissector could go into an infinite loop.
	  <!-- Fixed in r17119, r17273 -->
	  <!-- Bug IDs: 716 -->
	  Versions affected: 0.10.12.
        </para></listitem>

        <!-- Canary bugs found after r17235 -->

        <listitem><para>
	  The X.509if dissector could crash.
	  <!-- Fixed in r16995, r17337 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.10.14.
        </para></listitem>

        <listitem><para>
	  The SRVLOC dissector could crash.
	  <!-- Fixed in r17001 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.10.0.
        </para></listitem>

        <listitem><para>
	  The H.245 dissector could crash.
	  <!-- Fixed in r17022 -->
	  <!-- Bug IDs: 667 -->
	  Versions affected: 0.10.13.
        </para></listitem>

        <listitem><para>
	  Ethereal's OID printing routine was susceptible to an
          off-by-one error.
	  <!-- Fixed in r17048 -->
	  <!-- Bug IDs: 698 -->
	  Versions affected: 0.10.14.
        </para></listitem>

        <listitem><para>
	  The COPS dissector could overflow a buffer.
	  <!-- Fixed in r17051 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.9.15.
        </para></listitem>

        <listitem><para>
	  The ALCAP dissector could overflow a buffer.
	  <!-- Fixed in r17495 -->
	  <!-- Bug IDs: 794 -->
	  Versions affected: 0.10.14.
        </para></listitem>

      </itemizedlist>

     <!-- Coverity bugs (r17489 and above) -->

      Under a grant funded by the U.S. Department of Homeland Security,
      <ulink url="http://www.coverity.com">Coverity</ulink> has uncovered
      a number of vulnerabilities in Ethereal:
      <itemizedlist>

        <!-- CID 1 - 30: DEADCODE -->
        <!-- CID 31: Post-0.10.14 -->

        <listitem><para>
	  The statistics counter could crash Ethereal.
	  <!-- Fixed in r17497 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 32 -->
	  Versions affected: 0.10.10.
        </para></listitem>

        <listitem><para>
	  Ethereal could crash while reading a malformed Sniffer capture.
	  <!-- Fixed in r17556 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 33 -->
	  Versions affected: 0.8.12.
        </para></listitem>

        <listitem><para>
	  An invalid display filter could crash Ethereal.
	  <!-- Fixed in r17555 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 34 -->
	  Versions affected: 0.9.16.
        </para></listitem>

        <listitem><para>
	  The general packet dissector could crash Ethereal.
	  <!-- Fixed in r17494 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 35 -->
	  Versions affected: 0.10.9.
        </para></listitem>

        <!-- CID 36 - 38: Bogus -->

        <listitem><para>
	  The AIM dissector could crash Ethereal.
	  <!-- Fixed in r17512 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 39 -->
	  Versions affected: 0.10.7.
        </para></listitem>

        <listitem><para>
	  The RPC dissector could crash Ethereal.
	  <!-- Fixed in r17546 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 40 -->
	  Versions affected: 0.9.8.
        </para></listitem>

        <listitem><para>
	  The DCERPC dissector could crash Ethereal.
	  <!-- Fixed in r17657 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 41 -->
	  Versions affected: 0.9.16.
        </para></listitem>

        <listitem><para>
	  The ASN.1 dissector could crash Ethereal.
	  <!-- Fixed in r17548, r17710, r17736, r17770 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 42, 43, 146 -->
	  Versions affected: 0.9.8.
        </para></listitem>

        <listitem><para>
	  The SMB PIPE dissector could crash Ethereal.
	  <!-- Fixed in r17509, r17523, r17621, r17708 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 44, 46, 47, 48 -->
	  Versions affected: 0.8.20.
        </para></listitem>

        <!-- CID 45: Bogus -->
        <!-- CID 46 - 48: See CID 44 -->
        <!-- CID 49: Bogus -->
        <!-- CID 50 - 62: Not security-related -->
        <!-- CID 63 - 66: Bogus -->

        <listitem><para>
	  The BER dissector could loop excessively.
	  <!-- Fixed in r17498, r17625 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 67, 68, 136 -->
	  Versions affected: 0.10.4.
        </para></listitem>

        <!-- CID 69 - 72: Bogus -->

        <listitem><para>
	  The SNDCP dissector could abort.
	  <!-- Fixed in r17518 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 73 -->
	  Versions affected: 0.10.4.
        </para></listitem>

        <!-- CID 74 - 78: Bogus -->
        <!-- CID 79: Lemon is a build-time tool -->
        <!-- CID 80: Bogus -->
        <!-- CID 81: Post-0.10.14 -->

        <listitem><para>
	  The Network Instruments file code could overrun a buffer.
	  <!-- Fixed in r17520 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 82 -->
	  Versions affected: 0.10.0.
        </para></listitem>

        <listitem><para>
	  The NetXray/Windows Sniffer file code could overrun a buffer.
	  <!-- Fixed in r17580 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 83 -->
	  Versions affected: 0.10.13.
        </para></listitem>

        <!-- CID 83 - 103: Bogus -->

        <listitem><para>
	  The GSM SMS dissector could crash Ethereal.
	  <!-- Fixed in r17506 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 104 -->
	  Versions affected: 0.9.16.
        </para></listitem>

        <listitem><para>
	  The ALCAP dissector could overrun a buffer.
	  <!-- Fixed in r17724 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 105 -->
	  Versions affected: 0.10.14.
        </para></listitem>

        <listitem><para>
	  The telnet dissector could overrun a buffer.
	  <!-- Fixed in r17487 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 106 -->
	  Versions affected: 0.8.5.
        </para></listitem>

        <!-- CID 107: See CID 79 -->
        <!-- CID 108: Not security-related -->

        <listitem><para>
	  ASN.1-based dissectors could crash Ethereal.
	  <!-- Fixed in r17489 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 109 -->
	  Versions affected: 0.9.10.
        </para></listitem>

        <!-- CID 110: Not security-related -->
        <!-- CID 111: Bogus -->
        <!-- CID 112: Not security-related -->

        <listitem><para>
	  The H.248 dissector could crash Ethereal.
	  <!-- Fixed in r17571 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 113,114 -->
	  Versions affected: 0.10.11.
        </para></listitem>

        <!-- CID 115, 116: See CID 79 -->
        <!-- CID 117: Bogus -->
        <!-- CID 118 - 119: Not security-related -->
        <!-- CID 120 - 121: Bogus -->
        <!-- CID 122 - 126: Not security-related -->
        <!-- CID 127: Bogus -->

        <listitem><para>
	  The DCERPC NT dissector could crash Ethereal.
	  <!-- Fixed in r17511 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 128 -->
	  Versions affected: 0.9.14.
        </para></listitem>

        <!-- CID 129: Bogus -->
        <!-- CID 130 - 134: Not security-related -->

        <listitem><para>
	  The PER dissector could crash Ethereal.
	  <!-- Fixed in r17511 -->
	  <!-- Bug IDs: None -->
          <!-- Coverity CID 135 -->
	  Versions affected: 0.9.14.
        </para></listitem>

        <!-- CID 136: See CID 67 -->
        <!-- CID 137 - 139: Not security-releated -->
        <!-- CID 140 - 141: Bogus -->
        <!-- CID 142: Not security-releated -->
        <!-- CID 143 - 144: See CID 79 -->
        <!-- CID 144: Lemon is a build-time tool -->
        <!-- CID 145: Post-0.10.14 -->
        <!-- CID 146: See CID 42 -->
        <!-- CID 147 - 148: Post-0.10.14 -->
        <!-- CID 149: DEADCODE -->

      </itemizedlist>
    </para>

    <para>
      Win32: Unicode characters in the users profile path causes problems
      reading/writing the preferences (and alike) files.
      <!-- Fixed in r17024,r17025 -->
      <!-- Bug IDs: 648 -->
      Versions affected: 0.10.14.
    </para>

    <para>
      The Coverity audit turned up several UI-related bugs that could
      make Ethereal crash.
    </para>

    </section>

    <section><title>New and Updated Features</title>
    <para>
      The following features are new (or have been significantly updated)
      since the last release:
      <itemizedlist>

        <listitem><para>
          The new command line tool <command>dumpcap</command> makes it
          possible to capture network data without the drawbacks of (t)ethereal
          (memory usage, security problems, ...) while keeping the benefit of
          advanced techniques like multiple (ringbuffer) files and alike.
          </para>
          <para>
          The manpage of <command>dumpcap</command> in HTML format is available
          at: <ulink url="http://www.ethereal.com/docs/"/>
        </para></listitem>

        <listitem><para>
	  Win32: Catch hardware exceptions caused by buggy dissectors.
	  If e.g. a NULL pointer exceptions occurs, Ethereal won't crash now
	  but displays the exception and tries to continue decoding packets.
        </para></listitem>

        <listitem><para>
	  The Windows version of Ethereal now uses native open and save
          file dialogs.
        </para>
        <para>
          In related news, Ethereal now runs as a full-fledged Unicode
          application under Windows.
        </para></listitem>

        <listitem><para>
	  Recent versions of Ethereal were flagging packets with an
          incorrect TCP checksum as malformed.  False positives were
          being triggered on systems that use TCP checksum offloading.
          We now check to see if the checksum is <emphasis>not</emphasis>
          0x0000 before flagging the packet as malformed.

          <note><title>Please Note</title>
          <para>
            If your system uses TCP checksum offloading <emphasis>and</emphasis>
            Ethereal still shows bad checksums for outgoing TCP packets
            <emphasis>and</emphasis> the checksums for outgoing TCP packets
            are <emphasis>not</emphasis> 0x0000, this could mean that your
            operating system is exposing kernel memory unneccessarily.  If
            this is the case, you should report the problem to your OS
            vendor.
          </para>
		  </note>
        </para></listitem>

      </itemizedlist>
    </para>
    </section>

    <section><title>New Protocol Support</title>
    <para>

    </para>
    </section>

    <section><title>Updated Protocol Support</title> <para>

    </para>
    </section>

    <section><title>New and Updated Capture File Support</title>
    <para>

    </para>
    </section>

  </section>

  <section id="GettingEthereal"><title>Getting Ethereal</title>
    <section><title>Microsoft Windows</title>
      <para>
	Download ethereal-setup-&EtherealCurrentVersion;.exe from the
	<ulink url="http://www.ethereal.com/distribution/win32/">Windows
	download area</ulink> on the main web site.  Double-click the
	installer executable.
      </para>
    </section>

    <section><title>Sun Solaris</title>
      <para>
	Download the appropriate package from the
	<ulink url="http://www.ethereal.com/distribution/solaris/">Solaris
	download area</ulink> on the main web site.  Uncompress the package
	using bzip2, and install it using pkgadd.
      </para>
    </section>

    <section><title>Source Code</title>
      <para>
	Download ethereal-&EtherealCurrentVersion;.tar.gz from the
	<ulink url="http://www.ethereal.com/distribution/">main
	download area</ulink> on the web site.  Extract the package
	using tar and gzip.  Run "configure ; make ; make install".
      </para>
    </section>

    <section><title>Vendor-supplied Packages</title>
      <para>
	Most Linux and Unix vendors supply their own Ethereal packages.
	You can install or upgrade Ethereal using the package management
	system specific to that platform.  A list of third-party packages
        can be found on the <ulink url="http://www.ethereal.com/download.html#otherplat">download page</ulink> on the Ethereal web site.
      </para>
    </section>

  </section>

  <!-- XXX needs to be written
  <section id="RemovingEthereal"><title>Removing Ethereal</title>
    <para>
    </para>
  </section>
  -->

  <section id="FileLocations"><title>File Locations</title>
    <para>
      Ethereal and Tethereal look in several different locations for
      preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
      These locations vary from platform to platform.  You can use
      About->Folders to find the default locations on your system.
    </para>
  </section>

  <section id="KnownProblems"><title>Known Problems</title>

    <para>
      On Windows systems the packet list scroll bar can sometimes disappear
      or become unusable.  Until the problem is fixed you can work around it
      by resizing the packet list or the main window.
      (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=220">Bug
      #220</ulink>)
    </para>

    <para>
      The <guibutton>Filter</guibutton> button is nonfunctional in the
      file dialogs under Windows.
    </para>

    <para>
      Trying to save flow data may crash Ethereal.
      (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=396">Bug
      #396</ulink>)
    </para>

    <para>
      It may not be possible to re-order coloring rules under Windows.
      (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=699">Bug
      #699</ulink>)
    </para>

    <para>
      Multiple tap interfaces may cause a crash under FreeBSD.
      (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=757">Bug
      #757</ulink>)
    </para>

    <para>
      Ethereal may crash while viewing TCP streams.
      (<ulink url="http://bugs.ethereal.com/bugzilla/show_bug.cgi?id=852">Bug
      #852</ulink>)
    </para>

  </section>

  <section id="GettingHelp"><title>Getting Help</title>
    <para>
    Community support is available on the ethereal-users mailing list.
    Subscription information and archives for all of Ethereal's mailing
    lists can be found on <ulink url="http://www.ethereal.com/lists/">the
    web site</ulink>. There is also an <ulink url="irc://irc.freenode.net/ethereal">IRC channel dedicated to Ethereal</ulink>.
    </para>
    <para>
    Commercial support, training, and development services are available
    from <ulink url="http://www.etherealsoft.com/">Ethereal Software</ulink>.
    </para>
  </section>

  <section id="FAQ"><title>Frequently Asked Questions</title>
    <para>
    A complete FAQ is available on the
    <ulink url="http://www.ethereal.com/faq.html">Ethereal web site</ulink>.
    </para>
  </section>

</article>