Wireshark 1.10.8 (32-bit)
更新細節:
# The following vulnerabilities have been fixed.
- The frame metadissector could crash.
# The following bugs have been fixed:
- VoIP flow graph crash upon opening.
- Tshark with "-F pcap" still generates a pcapng file.
- IPv6 Next Header 0x3d recognized as SHIM6.
- Failed to export pdml on large pcap.
- TCAP: set a fence on info column after calling sub dissector
- Dissector bug in JSON protocol.
- GSM RLC MAC: do not skip too many lines of the CSN_DESCR when the field is missing
- Wireshark PEEKREMOTE incorrectly decoding QoS data packets from Cisco Sniffer APs.
- IEEE 802.11: fix dissection of HT Capabilities
# Updated Protocol Support
- CIP, EtherNet/IP, GSM RLC MAC, IEEE 802.11, IPv6, and TCAP
# New and Updated Capture File Support
- pcap-ng, and PEEKREMOTE
版本下載:Wireshark 1.10.8 (32-bit)
Wireshark 1.10.7 (32-bit)
更新細節:
# The following bugs have been fixed:
* RTP not decoded inside the conversation in v.1.10.1
* SIP/SDP: disabled second media stream disables all media streams
* Lua: trying to get/access a Preference before its registered causes a segfault
* Some value_string strings contain newlines.
* Tighten the NO_MORE_DATA_CHECK macros
* Fix crash when calling "MAP Summary" dialog when no file is open
* Fix comparing a sequence number of TCP fragment when its value wraps over uint32_t limit
# Updated Protocol Support
* ANSI A, DVB-CI, GSM DTAP, GSM MAP, IEEE 802.11, LCSAP, LTE RRC, MAC LTE, Prism, RTP, SDP, SIP, and TCP
版本下載:Wireshark 1.10.7 (32-bit)
Wireshark 1.11.3 (32-bit) Beta
更新細節:
# Bug Fixes
* "On-the-wire" packet lengths are limited to 65535 bytes.
* "Follow TCP Stream" shows only the first HTTP req+res.
* Files with pcap-ng Simple Packet Blocks can’t be read.
* MPLS-over-PPP isn’t recognized.
# New and Updated Features
* Qt port:
- The About dialog has been added
- The Capture Interfaces dialog has been added.
- The Decode As dialog has been added. It managed to swallow up the User Specified Decodes dialog as well.
- The Export PDU dialog has been added.
- Several SCTP dialogs have been added.
- The statistics tree (the backend for many Statistics and Telephony menu items) dialog has been added.
- The I/O Graph dialog has been added.
- French translation has updated.
- The Follow Stream dialog now supports packet and TCP stream selection.
- A Flow Graph (sequence diagram) dialog has been added.
- The main window now respects geometry preferences.
* Mac OS X packaging has been improved.
* Dissector output may be encoded as UTF-8. This includes TShark output.
* Wireshark now uses the Qt application framework. The new UI should provide a significantly better user experience, particularly on Mac OS X and Windows.
* The Windows installer now uninstalls the previous version of Wireshark silently. You can still run the uninstaller manually beforehand if you wish to run it interactively.
* Expert information is now filterable when the new API is in use.
* The "Number" column shows related packets and protocol conversation spans (Qt only).
* When manipulating packets with editcap using the -C <choplen> and/or -s <snaplen> options, it is now possible to also adjust the original frame length using the -L option.
* You can now pass the -C <choplen> option to editcap multiple times, which allows you to chop bytes from the beginning of a packet as well as at the end of a packet in a single step.
* You can now specify an optional offset to the -C option for editcap, which allows you to start chopping from that offset instead of from the absolute packet beginning or end.
* "malformed" display filter has been renamed to "_ws.malformed". A handful of other filters have been given the "_ws." prefix to note they are Wireshark application specific filters and not dissector filters.
# Removed dissectors
* The ASN1 plugin has been removed as it’s deemed obsolete.
* The GNM dissector has been removed as it was never used.
# New Protocol Support
* 29West, 802.1AE Secure tag, ACR122, ADB Client-Server, AllJoyn, Apple PKTAP, Aruba Instant AP, ASTERIX, ATN, Bencode, Bluetooth 3DS, Bluetooth HSP, Bluetooth Linux Monitor Transport, Bluetooth Low Energy, Bluetooth Low Energy RF Info, CARP, CFDP, Cisco MetaData, DCE/RPC MDSSVC, DeviceNet, ELF file format, EXPORTED PDU, FINGER, HDMI, HTTP2, IDRP, IEEE 1722a, ILP, iWARP Direct Data Placement and Remote Direct Memory Access Protocol, Kafka, Kyoto Tycoon, Landis & Gyr Telegyr 8979, LBM, LBMC, LBMPDM, LBMPDM-TCP, LBMR, LBT-RM, LBT-RU, LBT-TCP, Lightweight Mesh (v1.1.1), Linux netlink, Linux netlink netfilter, Linux netlink sock diag, Linux rtnetlink (route netlink), Logcat, MBIM, MiNT, MP4 / ISOBMFF file format, MQ Telemetry Transport Protocol, Novell PKIS certificate extensions, NXP PN532 HCI, Open Sound Control, OpenFlow, Pathport, PDC, Picture Transfer Protocol Over IP, PKTAP, Private Data Channel, QUIC (Quick UDP Internet Connections), SAE J1939, SEL RTAC (Real Time Automation Controller) EIA-232 Serial-Line Dissection, Sippy RTPproxy, SMB-Direct, STANAG 4607, STANAG 5066 DTS, STANAG 5066 SIS, Tinkerforge, Ubertooth, UDT, URL Encoded Form Data, USB Communications and CDC Control, USB Device Firmware Upgrade, VP8, WHOIS, Wi-Fi Display, and ZigBee Green Power profile
# New and Updated Capture File Support
* Netscaler 2.6, STANAG 4607, and STANAG 5066 Data Transfer Sublayer
# Major API Changes
* A more flexible, modular memory manager (wmem) has been added. It was available experimentally in 1.10 but is now mature and has mostly replaced the old emem API (which is deprecated).
* A new API for expert information has been added, replacing the old one.
* The tvbuff API has been cleaned up: tvb_length has been renamed to tvb_captured_length for clarity, and tvb_get_string and tvb_get_stringz have been deprecated in favour of tvb_get_string_enc and tvb_get_stringz_enc.
版本下載:Wireshark 1.11.3 (32-bit) Beta
Wireshark 1.10.6 (32-bit)
更新細節:
# The following bugs have been fixed:
- Customized OUI is not recognized correctly during dissection.
- Properly decode CAPWAP Data Keep-Alives.
- Build failure with GTK 3.10 - GTK developers have gone insane.
- SIGSEGV/SIGABRT during free of TvbRange using a chained dissector in lua.
- MPLS dissector no longer registers itself in "ppp.protocol" table.
- Tshark doesn’t display the longer data fields (mbtcp).
- DMX-CHAN disector does not clear strbuf between rows.
- Dissector bug, protocol SDP: proto.c:4214: failed assertion "length >= 0".
- False error: capture file appears to be damaged or corrupt.
- SMPP field source_telematics_id field length different from spec.
- Lua: bitop library is missing in Lua 5.2.
- GTPv1-C / MM Context / Authentication quintuplet / RAND is not correct.
- Lua: ProtoField.new() is buggy.
- Lua: ProtoField.bool() VALUESTRING argument is not optional but was supposed to be.
- Problem with CAPWAP Wireshark Dissector.
- nas-eps dissector: CS Service notification dissection stops after Paging identity IE.
# New and Updated Features
- IPv4 checksum verfification is now disabled by default.
# Updated Protocol Support
- AppleTalk, CAPWAP, DMX-CHAN, DSI, DVB-CI, ESS, GTPv1, IEEE 802a, M3UA, Modbus/TCP, NAS-EPS, NFS, OpenSafety, SDP, and SMPP
# New and Updated Capture File Support
- libpcap, MPEG, and pcap-ng
版本下載:Wireshark 1.10.6 (32-bit)
Wireshark 1.10.5 (32-bit)
更新細節:
# The following bugs have been fixed:
* Wireshark stops showing new packets but dumpcap keeps writing them to the temp file.
* Wireshark 1.10.4 shuts down when promiscuous mode is unchecked.
* Homeplug dissector bug: STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address.
# Updated Protocol Support
* GSM BSSMAP, GSM BSSMAP LE, GSM SMS, Homeplug, NAS-EPS, and SGSAP
版本下載:Wireshark 1.10.5 (32-bit)
Wireshark 1.10.4 (32-bit)
更新細節:
# The following bugs have been fixed:
* "On-the-wire" packet lengths are limited to 65535 bytes.
* Tx MCS set is not interpreted properly in WLAN beacon frame.
* VoIP Graph Analysis window - some calls are black.
* Wireshark fails to decode single-line, multiple Contact: URIs in SIP responses.
* epan/follow.c - Incorrect "bytes missing in capture file" in "check_fragments" due to an unsigned int wraparound?.
* gsm_map doesn’t decode MAPv3 reportSM-DeliveryStatus result.
* Incorrect NFSv4 FATTR4_SECURITY_LABEL value.
* Timestamp decoded for Gigamon trailer is not padded correctly.
* SEL Fast Message Bug-fix for Signed 16-bit Integer Fast Meter Messages.
* DNP3 Bug Fix for Analog Data Sign Bit Handling.
* GSM SMS User Data header fill bits are wrong when using a 7 bits ASCII / IA5 encoding.
* WCDMA RLC dissector cannot assemble PDUs with SNs skipped and wrap-arounded.
* DTLS: fix buffer overflow in mac check.
* [PATCH] Correct data length in SCSI_DATA_IN packets (within iSCSI).
* GSM SMS UDH EMS control expects 4 octets instead of 3 with OPTIONAL 4th.
* Fix "decode as …" for packet-time.c.
# Updated Protocol Support
* ANSI IS-637-A, BSSGP, DNP3, DVB-BAT, DVB-CI, GSM MAP, GSM SMS, IEEE 802.11, iSCSI, NFSv4, NTLMSSP v2, RLC, SEL FM, SIP, and Time
# New and Updated Capture File Support
* Pcap-ng.
版本下載:Wireshark 1.10.4 (32-bit)
Wireshark 1.11.2 (32-bit) Beta
Wireshark 1.11.1 (32-bit) Beta
更新細節:
# Bug Fixes
* "On-the-wire" packet lengths are limited to 65535 bytes.
* "Follow TCP Stream" shows only the first HTTP req+res.
* Files with pcap-ng Simple Packet Blocks can't be read.
# New and Updated Features
* Qt port:
- The Follow Stream dialog now supports packet and TCP stream selection.
- A Flow Graph (sequence diagram) dialog has been added.
- The main window now respects geometry preferences.
* Wireshark now uses the Qt application framework. The new UI should provide a significantly better user experience, particularly on Mac OS X and Windows.
* A more flexible, modular memory manger (wmem) has been added. It was available experimentally in 1.10 but is now mature and has mostly replaced the old API.
* Expert info is now filterable and now requires a new API.
* The Windows installer now uninstalls the previous version of Wireshark silently. You can still run the uninstaller manually beforehand if you wish to run it interactively.
* The "Number" column shows related packets and protocol conversation spans (Qt only).
* When manipulating packets with editcap using the -C <choplen> and/or -s <snaplen> options, it is now possible to also adjust the original frame length using the -L option.
* You can now pass the -C <choplen> option to editcap multiple times, which allows you to chop bytes from the beginning of a packet as well as at the end of a packet in a single step.
* You can now specify an optional offset to the -C option for editcap, which allows you to start chopping from that offset instead of from the absolute packet beginning or end.
* "malformed" display filter has been renamed to "_ws.malformed". A handful of other filters have been given the "_ws." prefix to note they are Wireshark application specific filters and not dissector filters.
# New Protocol Support
* 802.1AE Secure tag, ASTERIX, ATN, BT 3DS, CARP, Cisco MetaData, ELF file format, EXPORTED PDU, HTTP2, IDRP, ILP, Kafka, MBIM, MiNT, MP4 / ISOBMFF file format, NXP PN532 HCI, OpenFlow, Picture Transfer Protocol Over IP, QUIC (Quick UDP Internet Connections), SEL RTAC (Real Time Automation Controller) EIA-232 Serial-Line Dissection, Sippy RTPproxy, STANAG 4607, STANAG 5066 SIS, Tinkerforge, UDT, URL Encoded Form Data, WHOIS, and Wi-Fi Display
# Updated Protocol Support
* Too many protocols have been updated to list here.
# New and Updated Capture File Support
* Netscaler 2.6, and STANAG 4607
版本下載:Wireshark 1.11.1 (32-bit) Beta
Wireshark 1.10.3 (32-bit)
更新細節:
# The following bugs have been fixed:
* new_packet_list: EAP-TLS reassemble does not happen when NEW_PACKET_LIST is toggled.
* TLS decryption fails with XMPP start_tls.
* Wrong Interpretation of GTS starting slot.
* "Follow TCP Stream" shows only the first HTTP req+res.
* The value of SEND_TO_UE in the DIAMETER Gx dictionary for Packet-Filter-Usage AVP is 0 instead of 1.
* Crash then try to delete the same entry (length range) twice.
* Crash if wrong "packet lengths range" entered.
* Bssgp ⇒ SGSN-INVOKE-TRACE use the wrong function…
* Minor correction to dissection of DLR frames in Ethernet/IP dissector.
* WebSphere MQ V7 Bug Fix 8322 TSHM_EBCDIC.
* EDNS0 "Higher bits in extended RCODE" incorrectly decoded in packet-dns.c.
* Files with pcap-ng Simple Packet Blocks can’t be read.
* Bug in RTP dissector if RTP extension is present.
* Improve "eHRPD Indicator" NVSE dissection in 3GPP2 A11 Registration Request.
* "make debian-package" fails, missing wsicon32.xpm.
* Fix typo in MODCOD list of DVB-S2 dissector.
* Ring buffer crash when tshark gets too far behind dumpcap.
* PTP Dissector Wrongfully Reports Malformed Packet.
* Wireshark lua dissector unable to load for media_type=application/octet-stream.
* Wireshark crash when dissecting packet with NTLMSSP.
* Padding in uint64 field in DCERPC protocol wrongly reported.
* DCERPC data_blobs are not correctly dissected when NDR64 encoding is used.
* Multiple PDUs in the same DCERPC packet are not correctly decrypted.
* The tshark summary line doesn’t display the frame number or displays it sporadically.
* Bluetooth: SDP improvements and minor fixes.
* Duplicate IRC header field abbreviation breaks filter (example: irc.response.command).
# Updated Protocol Support
* 3GPP2 A11, Bluetooth SDP, BSSGP, DCERPC, DCERPC NDR, DCERPC NT, DIAMETER, DNS, DVB-S2, Ethernet, EtherNet/IP, H.225, IEEE 802.15.4, IRC, NBAP, NTLMSSP, OpenWire, PTP, RTP, SIP, TCP, WiMax, and XMPP
版本下載:Wireshark 1.10.3 (32-bit)
Wireshark 1.11.0 (32-bit) Beta
Wireshark 1.10.2 (32-bit)
更新細節:
# The following vulnerabilities have been fixed.
- The Bluetooth HCI ACL dissector could crash.
- The NBAP dissector could crash.
- The ASSA R3 dissector could go into an infinite loop.
- The RTPS dissector could overflow a buffer.
- The MQ dissector could crash.
- The LDAP dissector could crash.
- The Netmon file parser could crash.
# The following bugs have been fixed:
- Lua ByteArray:append() causes wireshark crash.
- Lua script can not get "data-text-lines" protocol data.
- Lua: Trying to use Field.new("tcp.segments") to get reassembled TCP data is failed.
- "Edit Interface Settings": "Capture Filter" combo box is not populated across Wireshark sessions.
- PER normally small non-negative whole number decoding is wrong when >= 64.
- Strange behavior of tree expand/collapse in packet details.
- Incorrect parsing of IPFIX *IpTotalLength elements.
- IO graph/advanced, max/min/summ error on frames with multiple Diameter messages.
- pod2man error on reordercap.pod.
- SGI Nsym disambiguation is unconditionally displayed when dissecting VHT.
- The Wireshark icon doesn’t show up in OS X 10.5.
- Build fails if system Python is version 3+.
- SCSI dissector does not parse PERSISTENT RESERVE commands correctly.
- SDP messages throws an assert.
- Wireshark fails to decode single-line, multiple Contact: URIs in SIP responses.
- PN_MRP LinkUp Message is shown as LinkDown in info.
- Dissector for EtherCAT: ADS highlighting in the Packet Bytes Pane is incorrect.
- 802.11 HT Extended Capabilities B10 decode incorrect.
- Wrong dissection of MSTI Root Identifiers for all MSTIs.
- Weird malformed HTTP error.
- Warning for attempting to install 64-bit Wireshark on a 32-bit machine has an embedded "
".
- Wireshark crashes when using "Export Specified Packets" > "Displayed".
# Updated Protocol Support
- ASN.1 PER, ASSA R3, Bluetooth HCI ACL, EtherCAT AMS, GTPv2, HTTP, IEEE 802.11, IPFIX, ISDN SUP, LDAP, MQ, NBAP, Novell SSS, PROFINET MRP, Radiotap, ROHC, RTPS, SCSI, SIP, and STP
# New and Updated Capture File Support
- Microsoft Network Monitor, pcap-ng.
版本下載:Wireshark 1.10.2 (32-bit)
Wireshark 1.10.1 (32-bit)
更新細節:
# The following bugs have been fixed:
* Mark retransmitted SYN and FIN packets as retransmissions.
* Wireshark hides under Taskbar.
* IEEE 802.15.4 frame check sequence in "Chipcon mode" not displayed correctly.
* Mask in Lua ProtoField.uint32() does not work as expected.
* Crash when applying filter with Voip calls.
* Delta time regressions to tshark introduced with SVN 45071.
* Add MAC-DATA support to TETRA dissector and other minor improvements.
* Crash analyzing VoIP Calls (T38).
* Wireshark writes empty NRB FQDN which makes trace unloadable.
* Quick launch icon is absent, so it shows up as a generic icon.
* Wrong encoding for 2 pod files, UTF-8 characters in another.
* SCSI (SPC) sense key specific information field must not include SKSV.
* Wireshark crashes when closing Flow Graph with Graph Analysis opened.
* Wrong size of LLRP ProtocolID Parameter in Accessspec Parameter.
* Detection of IPv6 works only on Solaris 8.
* ip.opt.type triggers for TCP NOP option.
* DCOM-SYSACT dissector crash.
* Incorrect decoding of MPLS Echo Request with BGP FEC.
* Buggy IEC104 dissector caused by commit r48958.
* ansi_637_tele dissector displays MSB as MBS for Call-Back Number.
* LISP Map-Notify flags I and R shown incorrectly.
* ONTAP_V4 fhandle decoding leads to dissector bug.
* Dropped bytes in imap dissector.
* Kismet drone/server dissector improvements.
* TShark iostat_draw sizeof mismatch.
* SCTP bytes graph crash.
* Patch to Wireshark/tshark usage info and man pages to document all timestamp (-t) options.
* Strange behavior of tree expand/collapse in packet details.
* Graph Filter field limited to 256 characters.
* Filter doesn’t support cflow ASN larger than 65535.
* Wireshark crashes when switching from a v1.11.0 profile to a v1.4.6 prof and then to a v1.5.1 prof.
* SIP stats shows incorrect values for Max/Ave setup times.
* NFSv4 delegation not reported correctly.
* Issue with Capture Options Adapter List.
* RFC 5844 - IPv4 Support for Proxy Mobile IPv6 - Mobility option IPv4 DHCP Support Mode Option malformed packet.
* RFC 3775 - Mobility Support in IPv6 - Mobility option PadN incorrectly highlights + 2 bytes.
* All mongodb query show as [Malformed Packet: MONGO].
# Updated Protocol Support
* ANSI IS-637-A, ASN.1, ASN.1 PER, Bluetooth OBEX, Bluetooth SDB, DCERPC NDR, DCOM ISystemActivator, DCP ETSI, Diameter 3GPP, DIS, DVB-CI, Ethernet, GSM Common, GSM SMS, H.235, IEC104, IEEE 802.15.4, IEEE 802a, IMAP, IP, KDSP, LISP, LLRP, MAC-LTE,, Mobile IPv6, MONGO, MPLS Echo, Netflow, NFS, NFSv4, P1, PDCP-LTE, PN-IO, PN-RT, PPP, Radiotap, RLC,, RLC-LTE,, SCSI, SIP, SMTP, SoulSeek, TCP, TETRA, and VNC
# New and Updated Capture File Support
* and Microsoft Network Monitor, pcap-ng.
版本下載:Wireshark 1.10.1 (32-bit)
Wireshark 1.10.0 (32-bit)
更新細節:
# Bug Fixes
- Redirecting the standard output didn’t redirect the output the of -D or -L flags. This fix means that the output of those flags now goes to the standard output, not the standard error, as it did in previous releases.
# New and Updated Features
- Wireshark on 32- and 64-bit Windows supports automatic updates.
- The packet bytes view is faster.
- You can now display a list of resolved host names in "hosts" format within Wireshark.
- The wireless toolbar has been updated.
- Wireshark on Linux does a better job of detecting interface addition and removal.
- It is now possible to compare two fields in a display filter (for example: udp.srcport != udp.dstport). The two fields must be of the same type for this to work.
- The Windows installers ship with WinPcap 4.1.3, which supports Windows 8.
- USB type and product name support has been improved.
- All Bluetooth profiles and protocols are now supported.
- Wireshark now calculates HTTP response times and presents the result in a new field in the HTTP response. Links from the request’s frame to the response’s frame and vice-versa are also added.
- The main welcome screen and status bar now display file sizes using strict SI prefixes instead of old-style binary prefixes.
- Capinfos now prints human-readable statistics with SI suffixes by default.
- It is now possible to open a referenced packet (such as the matched request or response packet) in a new window.
- Tshark can now display only the hex/ascii packet data without requiring that the packet summary and/or packet details are also displayed. If you want the old behavior, use -Px instead of just -x.
- Wireshark can be compiled using GTK+ 3.
- The Wireshark application icon, capture toolbar icons, and other icons have been updated.
- Tshark’s filtering and multi-pass analysis have been reworked for consistency and in order to support dependent frame calculations during reassembly. See the man page descriptions for -2, -R, and -Y.
- Tshark’s -G fields2 and -G fields3 options have been eliminated. The -G fields option now includes the 2 extra fields that -G fields3 previously provided, and the blurb information has been relegated to the last column since in many cases it is blank anyway.
- Wireshark dropped the left-handed settings from the preferences. This is still configurable via the GTK settings (add "gtk-scrolled-window-placement = top-right" in the config file, which might be called /.gtkrc-2.0 or /.config/gtk-3.0/settings.ini).
- Wireshark now ships with two global configuration files: Bluetooth, which contains coloring rules for Bluetooth and Classic, which contains the old-style coloring rules.
- The LOAD() metric in the IO-graph now shows the load in IO units instead of thousands of IO units.
# New Protocol Support
- Amateur Radio AX.25, Amateur Radio BPQ, Amateur Radio NET/ROM, America Online (AOL), AR Drone, Automatic Position Reporting System (APRS), AX.25 KISS, AX.25 no Layer 3, Bitcoin Protocol, Bluetooth Attribute Protocol, Bluetooth AVCTP Protocol, Bluetooth AVDTP Protocol, Bluetooth AVRCP Profile, Bluetooth BNEP Protocol, Bluetooth HCI USB Transport, Bluetooth HCRP Profile, Bluetooth HID Profile, Bluetooth MCAP Protocol, Bluetooth SAP Profile, Bluetooth SBC Codec, Bluetooth Security Manager Protocol, Cisco GED-125 Protocol, Clique Reliable Multicast Protocol (CliqueRM), D-Bus, Digital Transmission Content Protection over IP, DVB-S2 Baseband, FlexNet, Forwarding and Control Element Separation Protocol (ForCES), Foundry Discovery Protocol (FDP), Gearman Protocol, GEO-Mobile Radio (1) RACH, HoneyPot Feeds Protocol (HPFEEDS), LTE Positioning Protocol Extensions (LLPe), Media Resource Control Protocol Version 2 (MRCPv2), Media-Independent Handover (MIH), MIDI System Exclusive (SYSEX), Mojito DHT, MPLS-TP Fault-Management, MPLS-TP Lock-Instruct, NASDAQ’s OUCH 4.x, NASDAQ’s SoupBinTCP, OpenVPN Protocol, Pseudo-Wire OAM, RPKI-Router Protocol, SEL Fast Message, Simple Packet Relay Transport (SPRT), Skype, Smart Message Language (SML), SPNEGO Extended Negotiation Security Mechanism (NEGOEX), UHD/USRP, USB Audio, USB Video, v.150.1 State Signaling Event (SSE), VITA 49 Radio Transport, VNTAG, WebRTC Datachannel Protocol (RTCDC), and WiMAX OFDMA PHY SAP
# Updated Protocol Support
- Too many protocols have been updated to list here.
# New and Updated Capture File Support
- AIX iptrace, CAM Inspector, Catapult DCT2000, Citrix NetScaler, DBS Etherwatch (VMS), Endace ERF, HP-UX nettl, IBM iSeries, Ixia IxVeriWave, NA Sniffer (DOS), Netscreen, Network Instruments Observer, pcap, pcap-ng, Symbian OS btsnoop, TamoSoft CommView, and Tektronix K12xx
版本下載:Wireshark 1.10.0 (32-bit)
Wireshark 1.10.0 (32-bit) RC2
Wireshark 1.8.7 (32-bit)
更新細節:
# The following bugs have been fixed:
- The Windows installer and uninstaller does a better job of detecting running executables.
- Library mismatch when compiling on a system with an older Wireshark version.
- SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO.
- A console window is never opened.
- GSM_MAP show malformed Packets when two IMSI.
- Fix include and libs search path when cross compiling.
- PER dissector crash.
- pcap-ng: name resolution block is not written to file on save.
- Incorrect RTP statistics (Lost Packets indication not ok).
- Decoding of GSM MAP E164 Digits.
- Silent installer and uninstaller not silent.
- Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to placate recent autotools.
- Wifi details are not stored in the Decryption Key Management dialog (post 1.8.x).
- IO Graph should not be limited to 100k points (NUM_IO_ITEMS).
- geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit field truncated to 23 bits.
- IRC message with multiple params causes malformed packet exception.
- Part of Ping Reply Message in ICMPv6 Reply Message is marked as "Malformed Packet".
- MP2T wiretap heuristic overriding ERF.
- Cannot read content of Ran Information Application Error Rim Container.
- Endian error and IP:Port error when decoding BT-DHT response message.
- "ACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY" should be "ACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY".
- wireshark crashes while displaying I/O Graph.
- GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded) incorrectly.
- DTLS 1.2 uses wrong PRF.
- RTP DTMF digits are no longer displayed in VoIP graph analysis.
- Universal port not accepted in RSA Keys List window.
- Wireshark Dissector bug with HSRP Version 2.
- LISP control packet incorrectly identified as LISP data based when UDP source port is 4341.
- Bad tcp checksum not detected.
- AMR Frame Type uses wrong Value String.
# Updated Protocol Support
- AMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave, IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP, SIP, SSL/TLS, TCP, UA3G
# New and Updated Capture File Support
- Endace ERF, NetScreen snoop.
版本下載:Wireshark 1.8.7 (32-bit)