Wireshark 2.4.3 (64-bit)
Wireshark 2.4.2 (32-bit)
Wireshark 2.4.2 (64-bit)
Wireshark 2.4.1 (32-bit)
Wireshark 2.4.1 (64-bit)
Wireshark 2.4.0 (64-bit)
更新細節:
New and Updated Features:
Experimental 32-bit and 64-bit Windows Installer (.msi) packages are available. It is recommended that you use these independently of the NSIS (.exe) installers. That is, you should make sure the NSIS package is completely uninstalled before installing the Windows Installer package and vice-versa.
Source packages are now compressed using xz instead of bzip2.
The legacy (GTK+) UI is disabled by default in the Windows installers.
The legacy (GTK+) UI is disabled by default in the development environment (Autotools and CMake).
SS7 Point Codes can now be resolved into names with a hosts-like file.
Wireshark can now go full screen to have more room for packets.
TShark can now export objects like the other GUI interfaces.
Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library).
You can now choose the output device when playing RTP streams.
Added support for dissectors to include a unit name natively in their hf field. A field can now automatically append "seconds" or "ms" to its value without additional printf-style APIs.
The Default profile can now be reset to default values.
You can move back and forth in the selection history in the Qt UI.
IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original decryption key preference has been obsoleted.
Extcap utilities can now provide configuration for a GUI interface toolbar to control the extcap utility while capturing.
Extcap utilities can now validate the capture filter.
Display filter function len() can now be used on all string and byte fields.
Added an experimental timeline view for 802.11 wireless packet data which can be enabled via the "802.11 radio information" preferences.
Added TLS 1.3 (draft 21) dissection and decryption support.
The (D)TLS Application Layer protocol (e.g. HTTP or CoAP) can now be changed via the Decode As dialog.
The RSA keys dialog for SSL keys has improved feedback for invalid settings and no longer requires the IP address, Port or Protocol fields to be set in addition to the Key File.
TCP Analysis will detect and flag more spurious retransmissions.
New Protocol Support:
Bluetooth HCI Vendor Intel, CAN FD, Citrix NetScaler Metric Exchange Protocol, Citrix NetScaler RPC Protocol, DirectPlay 8 protocol, Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol), Facebook Zero, Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux, GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local Service Discovery (LSD), M2 Application Protocol, Mesh Link Establishment (MLE), MUDURL, Netgear Ensemble Protocol, NetScaler HA Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol, NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs, OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion Messages, Snort Post-dissector, Thread CoAP, UDP based FTP w/ multicast (UFTP and UFTP4), Unified Diagnostic Services (UDS), vSocket, Windows Cluster Management API (clusapi), and X-Rite i1 Display Pro (and derivatives) USB protocol.
New and Updated Capture File Support:
ERF, IxVeriWave, Libpcap, and Pcap-ng.
Major API Changes:
IEEE802.11: wlan_mgt display filter element got renamed to wlan.
Libgcrypt is now a required dependency.
版本下載:Wireshark 2.4.0 (64-bit)
Wireshark 2.4.0 (32-bit)
Wireshark 2.2.8 (64-bit)
更新細節:
Vulnerabilities fixed:
WBMXL dissector infinite loop.
OpenSAFETY dissector memory exhaustion.
AMQP dissector crash.
MQ dissector crash.
DOCSIS infinite loop.
Bugs fixed:
Y.1711 dissector reverses defect type order.
Packet list keeps scrolling back to selected packet while names are being resolved.
[REGRESSION] Export Objects do not show files from a SMB2 capture.
LTE RRC: lte-rrc.q_RxLevMin filter fails on negative values.
Hexpane showing in proportional font again.
Regression in SCCP fragments handling.
TCAP SRT incorrectly matches TC_BEGINs and TC_ENDs.
Dissector for WSMP (IEEE 1609.3) not current.
RANAP: possible issue in the heuristic code.
[oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type int in packet-btrfcomm.c:314:37.
RANAP: false positives on heuristic algorithm.
Automatic name resolution not saved to PCAP-NG NRB.
DAAP dissector dissect_daap_one_tag recursion stack exhausted.
Malformed DCERPC PNIO packet decode, exception handler invalid poionter reference.
It seems SPVID was decoded from wrong field.
README.dissectors: Add notes about predefined string structures not available to plugin authors.
Statistics - Packet Lengths doesn’t display details for 5120 or greater.
cmake/modules/FindZLIB.cmake doesn’t find inflatePrime.
BGP: incorrect decoding COMMUNITIES whose length is larger than 255.
版本下載:Wireshark 2.2.8 (64-bit)
Wireshark 2.2.8 (32-bit)
更新細節:
Vulnerabilities fixed:
WBMXL dissector infinite loop.
OpenSAFETY dissector memory exhaustion.
AMQP dissector crash.
MQ dissector crash.
DOCSIS infinite loop.
Bugs fixed:
Y.1711 dissector reverses defect type order.
Packet list keeps scrolling back to selected packet while names are being resolved.
[REGRESSION] Export Objects do not show files from a SMB2 capture.
LTE RRC: lte-rrc.q_RxLevMin filter fails on negative values.
Hexpane showing in proportional font again.
Regression in SCCP fragments handling.
TCAP SRT incorrectly matches TC_BEGINs and TC_ENDs.
Dissector for WSMP (IEEE 1609.3) not current.
RANAP: possible issue in the heuristic code.
[oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type int in packet-btrfcomm.c:314:37.
RANAP: false positives on heuristic algorithm.
Automatic name resolution not saved to PCAP-NG NRB.
DAAP dissector dissect_daap_one_tag recursion stack exhausted.
Malformed DCERPC PNIO packet decode, exception handler invalid poionter reference.
It seems SPVID was decoded from wrong field.
README.dissectors: Add notes about predefined string structures not available to plugin authors.
Statistics - Packet Lengths doesn’t display details for 5120 or greater.
cmake/modules/FindZLIB.cmake doesn’t find inflatePrime.
BGP: incorrect decoding COMMUNITIES whose length is larger than 255.
版本下載:Wireshark 2.2.8 (32-bit)
Wireshark 2.4.0 (32-bit) RC2
Wireshark 2.4.0 (64-bit) RC2
Wireshark 2.4.0 (32-bit) RC1
更新細節:
New and Updated Features:
Experimental 32-bit and 64-bit Windows Installer (.msi) packages are available. It is recommended that you use these independently of the NSIS (.exe) installers. That is, you should make sure the NSIS package is completely uninstalled before installing the Windows Installer package and vice-versa.
Source packages are now compressed using xz instead of bzip2.
The legacy (GTK+) UI is disabled by default in the Windows installer.
The legacy (GTK+) UI is disabled by default in Autotools and CMake.
SS7 Point Codes can now be resolved into names with a hosts-like file.
Wireshark can now go fullscreen to have more room for packets.
TShark can now export objects like the other GUI interfaces.
Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library).
You can now choose the output device when playing RTP streams.
Added support for dissectors to include a unit name natively in their hf field. A field can now automatically append "seconds" or "ms" to its value without additional printf-style APIs.
The Default profile can now be reset to default values.
You can move back and forth in the selection history in the Qt UI.
IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original decryption key preference has been obsoleted.
Extcap utilities can now provide configuration for a GUI interface toolbar to control the extcap utility while capturing.
Extcap utilities can now validate the capture filter.
Display filter function len() can now be used on all string and byte fields.
Added timeline view for 802.11 wireless packet data.
New Protocol Support:
(Facebook) Zero, Bluetooth HCI Vendor Intel, CAN FD, DirectPlay 8 protocol, Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol), Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux, GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local Service Discovery (LSD), M2 Application Protocol, Mesh Link Establishment (MLE), Netgear Ensemble Protocol, NetScaler HA Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol, NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs, OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion Messages, Snort Post-dissector, Thread CoAP, Unified Diagnostic Services (UDS), vSocket, Windows Cluster Management API (clusapi), and X-Rite i1 Display Pro (and derivatives) USB protocol.
New and Updated Capture File Support:
Non-empty section placeholder.
New and Updated Capture Interfaces support:
Non-empty section placeholder.
IEEE802.11: wlan_mgt display filter element got renamed to wlan.Libgcrypt is now a required dependency.
版本下載:Wireshark 2.4.0 (32-bit) RC1
Wireshark 2.4.0 (64-bit) RC1
更新細節:
New and Updated Features:
Experimental 32-bit and 64-bit Windows Installer (.msi) packages are available. It is recommended that you use these independently of the NSIS (.exe) installers. That is, you should make sure the NSIS package is completely uninstalled before installing the Windows Installer package and vice-versa.
Source packages are now compressed using xz instead of bzip2.
The legacy (GTK+) UI is disabled by default in the Windows installer.
The legacy (GTK+) UI is disabled by default in Autotools and CMake.
SS7 Point Codes can now be resolved into names with a hosts-like file.
Wireshark can now go fullscreen to have more room for packets.
TShark can now export objects like the other GUI interfaces.
Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library).
You can now choose the output device when playing RTP streams.
Added support for dissectors to include a unit name natively in their hf field. A field can now automatically append "seconds" or "ms" to its value without additional printf-style APIs.
The Default profile can now be reset to default values.
You can move back and forth in the selection history in the Qt UI.
IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original decryption key preference has been obsoleted.
Extcap utilities can now provide configuration for a GUI interface toolbar to control the extcap utility while capturing.
Extcap utilities can now validate the capture filter.
Display filter function len() can now be used on all string and byte fields.
Added timeline view for 802.11 wireless packet data.
New Protocol Support:
(Facebook) Zero, Bluetooth HCI Vendor Intel, CAN FD, DirectPlay 8 protocol, Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol), Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux, GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local Service Discovery (LSD), M2 Application Protocol, Mesh Link Establishment (MLE), Netgear Ensemble Protocol, NetScaler HA Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol, NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs, OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion Messages, Snort Post-dissector, Thread CoAP, Unified Diagnostic Services (UDS), vSocket, Windows Cluster Management API (clusapi), and X-Rite i1 Display Pro (and derivatives) USB protocol.
New and Updated Capture File Support:
Non-empty section placeholder.
New and Updated Capture Interfaces support:
Non-empty section placeholder.
IEEE802.11: wlan_mgt display filter element got renamed to wlan.Libgcrypt is now a required dependency.
版本下載:Wireshark 2.4.0 (64-bit) RC1
Wireshark 2.2.7 (64-bit)
更新細節:
The following vulnerabilities have been fixed:
Bazaar dissector infinite loop.
DOF dissector read overflow.
DHCP dissector read overflow.
SoulSeek dissector infinite loop.
DNS dissector infinite loop.
DICOM dissector infinite loop.
openSAFETY dissector memory exhaustion.
BT L2CAP dissector divide by zero.
MSNIP dissector crash.
ROS dissector crash.
RGMP dissector crash.
IPv6 dissector crash.
The following bugs have been fixed:
DICOM dissection error.
Qt: drag & drop of one column header in PacketList moves other columns.
Can not export captured DICOM objects in version 2.2.5.
False complain about bad checksum of ICMP extension header.
LibFuzzer: ISUP dissector bug (isup.number_different_meaning).
Dissector Bug, protocol BT ATT.
Wireshark dispalys RRCConnectionReestablishmentRejectRRCConnectionReestablishmentReject in Info column.
UBSAN: shift exponent 105 is too large for 32-bit type int in packet-ositp.c:551:79.
UBSAN: shift exponent -77 is negative in packet-netflow.c:7717:23.
UBSAN: shift exponent 1959 is too large for 32-bit type int in packet-sigcomp.c:2128:28.
UBSAN: shift exponent 63 is too large for 32-bit type guint32 (aka unsigned int) in packet-rtcp.c:917:24.
UBSAN: shift exponent 70 is too large for 64-bit type guint64 (aka unsigned long) in dwarf.c:42:43.
UBSAN: shift exponent 32 is too large for 32-bit type int in packet-xot.c:260:23.
UBSAN: shift exponent -5 is negative in packet-sigcomp.c:1722:36.
UBSAN: index 2049 out of bounds for type char [2049] in packet-quakeworld.c:134:5.
UBSAN: shift exponent 35 is too large for 32-bit type int in packet-netsync.c:467:25.
UBSAN: shift exponent 32 is too large for 32-bit type int in packet-sigcomp.c:3857:24.
[oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field.
Welcome screen invalid capture filter wihtout WinPcap installed causes runtime error.
SMB protocol parser does not parse SMB_COM_TRANSACTION2_SECONDARY (0x33) command correctly.
SIP packets with SDP marked as malformed.
[oss-fuzz] UBSAN: index 8 out of bounds for type gboolean const[8] in packet-ieee80211-radiotap.c:1836:12.
Crash on "Show packet bytes…" context menu item click.
DNP3 dissector does not properly decode packed variations with prefixed qualifiers.
Updated Protocol Support:
Bazaar, BT ATT, BT L2CAP, DHCP, DICOM, DNP3, DNS, DOF, DWARF, ICMP, IEEE 802.11, IPv6, ISUP, LTE RRC, MSNIP, Netflow, Netsync, openSAFETY, OSITP, QUAKEWORLD, Radiotap, RGMP, ROS, RTCP, SIGCOMP, SMB, SoulSeek, and XOT.
版本下載:Wireshark 2.2.7 (64-bit)
Wireshark 2.2.7 (32-bit)
更新細節:
The following vulnerabilities have been fixed:
Bazaar dissector infinite loop.
DOF dissector read overflow.
DHCP dissector read overflow.
SoulSeek dissector infinite loop.
DNS dissector infinite loop.
DICOM dissector infinite loop.
openSAFETY dissector memory exhaustion.
BT L2CAP dissector divide by zero.
MSNIP dissector crash.
ROS dissector crash.
RGMP dissector crash.
IPv6 dissector crash.
The following bugs have been fixed:
DICOM dissection error.
Qt: drag & drop of one column header in PacketList moves other columns.
Can not export captured DICOM objects in version 2.2.5.
False complain about bad checksum of ICMP extension header.
LibFuzzer: ISUP dissector bug (isup.number_different_meaning).
Dissector Bug, protocol BT ATT.
Wireshark dispalys RRCConnectionReestablishmentRejectRRCConnectionReestablishmentReject in Info column.
UBSAN: shift exponent 105 is too large for 32-bit type int in packet-ositp.c:551:79.
UBSAN: shift exponent -77 is negative in packet-netflow.c:7717:23.
UBSAN: shift exponent 1959 is too large for 32-bit type int in packet-sigcomp.c:2128:28.
UBSAN: shift exponent 63 is too large for 32-bit type guint32 (aka unsigned int) in packet-rtcp.c:917:24.
UBSAN: shift exponent 70 is too large for 64-bit type guint64 (aka unsigned long) in dwarf.c:42:43.
UBSAN: shift exponent 32 is too large for 32-bit type int in packet-xot.c:260:23.
UBSAN: shift exponent -5 is negative in packet-sigcomp.c:1722:36.
UBSAN: index 2049 out of bounds for type char [2049] in packet-quakeworld.c:134:5.
UBSAN: shift exponent 35 is too large for 32-bit type int in packet-netsync.c:467:25.
UBSAN: shift exponent 32 is too large for 32-bit type int in packet-sigcomp.c:3857:24.
[oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field.
Welcome screen invalid capture filter wihtout WinPcap installed causes runtime error.
SMB protocol parser does not parse SMB_COM_TRANSACTION2_SECONDARY (0x33) command correctly.
SIP packets with SDP marked as malformed.
[oss-fuzz] UBSAN: index 8 out of bounds for type gboolean const[8] in packet-ieee80211-radiotap.c:1836:12.
Crash on "Show packet bytes…" context menu item click.
DNP3 dissector does not properly decode packed variations with prefixed qualifiers.
Updated Protocol Support:
Bazaar, BT ATT, BT L2CAP, DHCP, DICOM, DNP3, DNS, DOF, DWARF, ICMP, IEEE 802.11, IPv6, ISUP, LTE RRC, MSNIP, Netflow, Netsync, openSAFETY, OSITP, QUAKEWORLD, Radiotap, RGMP, ROS, RTCP, SIGCOMP, SMB, SoulSeek, and XOT.
版本下載:Wireshark 2.2.7 (32-bit)