Wireshark (32-bit) 歷史舊版本 Page8

更新時間：2009-10-28
更新細節：

What's new in this version:

Bug Fixes:
- The Paltalk dissector could crash on alignment-sensitive processors.
- The DCERPC/NT dissector could crash.
- The SMB dissector could crash.
- Wireshark memory leak with each file open and/or display filter change.
- DHCP Dissector displays negative lease time.
- Invalid advertised window line on tcptrace style graph.
- SMB get_dfs_referral referral entry is not dissected correctly.
- Error dissecting eMule sourceOBFU message.
- Typos in Diameter XML files.
- RSL dissector for MS Power IE is broken.
- Manifest problem in 1.2.2 Win64 build.
- FIP dissector throws assertion.
- TCAP problem with indefinite length 'components' SEQ OF.
- GSM MAP: an-APDU not decoded.
- Add "Drag and Drop entries..." message on Columns preferences page.
- Editcap -t and -w option parses fractional digits incorrectly.

New and Updated Features:
- The 32-bit and 64-bit Windows packages now include WinPcap 4.1.1.

Updated Protocol Support:
- DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP, Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS

更新時間：2009-09-16
更新細節：

What's new in this version:

Bug Fixes
- The GSM A RR dissector could crash.
- The OpcUa dissector could use excessive CPU and memory.
- The TLS dissector could crash on some platforms.
- The "Capture->Interfaces" window can't be closed.
- tshark-1.0.2 (dumpcap) signal abort core saved.
- Memory leak fixes.
- Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields.
- Wireshark Portable includes wrong WinPcap installer.
- Crash when loading a profile.
- The proto,colinfo tap doesn't work if the INFO column isn't being printed.
- Flow Graph adds too much unnecessary garbage.
- The EAP Diameter dictionary file was missing in the distribution.
- Graph analysis window is behind other window.
- IKEv2 Cert Request payload dissection error.
- DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name.
- Malformed RTCP Packet error while sending Payload specific RTCP feedback packet (as per RFC 4585).
- 802.11n Block Ack packet Bitmap field missing.
- Wireshark doesn't decode WBXML/ActiveSync information correctly.
- Malformed packet when IPv6 packet has Next Header == 59.
- Wireshark could crash while reading an ERF file.
- Minor errors in gsm rr dissectors.
- WPA Decryption Issues.
- GSM A RR sys info dissection problem.
- GSM A RR inverts MEAS-VALID values.
- PDML output leaks ~300 bytes / packet.
- Incorrect station identifier parsing in Kingfisher dissector.
- DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect.
- Wireshark could leak memory while analyzing SSL.
- Wireshark could crash while updating menu items after reading a file in some cases.
- The Mac OS X ChmodBPF script now works correctly under Snow Leopard.

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- DCERPC, DHCPv6, DNS, E.212, GSM A RR, GTPv2, H.248, IEEE 802.11, IPMI, ISAKMP/IKE, ISUP, Kingfisher, LDAP, OpcUA, RTCP, SCTP, SIP, SSL, TCP, WBXML, ZRTP

Updated Capture File Support
- ERF

更新時間：2009-07-21
更新細節：

What's new in this version:

Bug Fixes
- The IPMI dissector could overrun a buffer.
- The AFS dissector could crash.
- The Infiniband dissector could crash on some platforms.
- The Bluetooth L2CAP dissector could crash.
- The RADIUS dissector could crash.
- The MIOP dissector could crash.
- The sFlow dissector could use excessive CPU and memory.

The following bugs have been fixed:
- Wireshark could crash while reading a pcap-ng file.
- Wireshark could crash while reading a PacketLogger file.
- CFLOW decoding is wrong for IPv6 fields.
- Buildbot crash output: fuzz-2009-04-24-2891.pcap.
- packet-dcm, corrupt DICOM export files.
- GeoIP map should use random temporary file nam.
- Wireshark crashes when range_string is the data type.
- Pcap-ng breaks VoIP call data.
- ANSI MAP legInformation BER Error.
- Starting Wireshark Portable 1.2.0 gives error message.
- On Windows, Wireshark could crash on startup.
- The title in the TCP sequence graphs is too short.
- USB Packets in pcap-ng Files Not Dissected Properly.
- 802.11 decryption is broken.
- SMB2 Error Response doesn't decode properly.
- configure.in uses deprecated autoconf test for gnutls detection.
- Radius Malformed Packet error message.
- Wireshark could crash when loading a profile.
- Analyze->Decode as... menu item becomes unavailable.
- btsnoop: Incorrect error message for not supported datalink type.
- Decode error for network-id in BICC BCU-ID.
- IEC 60870-5-104 dissector decodes nothing.
- radius_register_avp_dissector() can stop RADIUS dissector from working correctly.
- ANSI ISUP Cause indicators with coding standard=ANSI fail to dissect.
- Wrong field position in PacketCable Multimedia Extended Classifier.
- FF Protocol "FMS Initiate - Version OD Calling" field packet data not unpacked properly.
- hci_h4: Optimize column/field handling.
- BSSLAP Protocol Not Decoded In BSSMAP-LE Messages.
- Description of tshark -t dd missing from tshark.pod.
- Problem in packet-per.c for ASN.1 PER Encoding.
- [SNMP] Crash when dissecting packet (custom MIB).

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AFS, ANSI ISUP, ANSI MAP, ASN.1 PER, Bluetooth HCI H4, Bluetooth L2CAP, BSS CFLOW, COPS, Diameter, DICOM, FF-HSE, ICMPv6, IEC-60870-5-104, IEEE 802.11, Infiniband, IPMI, MIOP, RADIUS, RSVP, sFlow, SNMP, SMB2, ZIOP

New Capture File Support
- Btsnoop, DCT3, Packetlogger, pcap-ng.

更新時間：2009-06-16
更新細節：

What's new in this version:

Bug Fixes
- Type-ahead search now works properly.
- Several bugs that affected capture from pipes have been fixed.
- Many Lua-related bugs have been fixed.
- Several memory leaks have been found and fixed.
- The "Follow TCP Stream" feature could show two streams at the same time The hex dump view has been narrowed.
- WPA and SSL decryption bugs have been fixed.
- Readability problems on 256-color displays on Windows have been fixed.

New and Updated Features
- Wireshark has a spiffy new start page.
- Display filters now autocomplete.
- A 64-bit Windows (x64) installer is now provided.
- Support for the c-ares resolver library has been added. It has many advantages over ADNS.
- Many new protocol dissectors and capture file formats have been added (see below for a complete list).
- Macintosh OS X support has been improved.
- GeoIP database lookups.
- OpenStreetMap + GeoIP integration.
- Improved Postscript® print output.
- The preference handling code is now much smarter about changes.
- Support for Pcap-ng, the next-generation capture file format.
- Support for process information correlation via IPFIX.
- Column widths are now saved.
- The last used configuration profile is now saved.
- Protocol preferences are changeable from the packet details context menu.
- Support for IP packet comparison.
- Capinfos now shows the average packet rate.
- GTK1 is no longer supported. (Yes, this is a feature.)
- Official Windows packages are now built using Microsoft Visual C++ 2008 SP1.

New Protocol Support
- Anything in Anything Protocol, ATM PW, N-to-one Cell Mode, B.A.T.M.A.N. Layer 3 Protocol, BACnet MS/TP, BSS LCS Assistance Protocol, Canon BJNP, CESoPSN basic NxDS0 mode (no RTP support), Charging ASE, Cimetrics MS/TP, DECT Protocol, Digital Private Signalling System No 1 Link Layer, DOCSIS Mac Domain Description, DOCSIS Registration Request Multipart, DOCSIS Registration Response Multipart, DOCSIS Synchronisation Message, E100 Encapsulation, EHS, Enhanced Variable Rate Codec, Ethernet Global Data, Ethernet PW, Exchange 2003 Directory Request For Response, Far End Failure Detection, FCoE Initialization Protocol, GOOSE, GPEF, GPRS Tunneling Protocol V2, GSM A-I/F COMMON, GSM A-I/F GPRS Mobility and Session Management, GSM SACCH, GSM Um Interface, HDLC PW, FR port mode (no CW), HDLC-like framing for PPP, IEC 60870-5-104,Apci, IEC 60870-5-104,Asdu, IEEE 802.15.4 Low-Rate Wireless PAN non-ASK PHY, IEEE C37.118 Synchrophasor Protocol, Intelligent Platform Management Interface (Session Wrapper), Inter-Integrated Circuit, Internal TDM, IPSICTL, ISMACryp Protocol, iWARP Direct Data Placement and Remote Direct Memory Access Protocol, iWARP Marker Protocol data unit Aligned framing, Kontiki Delivery Protocol, LANforge Traffic Generator, Layer 1 Event Messages, Lb-I/F BSSMAP LE, LeCroy VICP, Link Access Procedure, Channel Dm (LAPDm), Local Download Sharing Service, LTE Radio Resource Control (RRC) protocol, MAC-LTE, Memcache Protocol, Mesh Header, MP4V-ES, Nasdaq TotalView-ITCH, Nasdaq-SoupTCP version 2.0, NAT Port Mapping Protocol, Netdump Protocol, Non-Access-Stratum (NAS)PDU, PacketLogger, Paltalk Messenger Protocol, PDCP-LTE, PW Associated Channel Header, PW Ethernet Control Word, PW Frame Relay DLCI Control Word, PW MPLS Control Word (generic/preferred), Real-Time Publish-Subscribe Wire Protocol 2.x, Remote Packet Capture, RLC-LTE, SAToP (no RTP support), SERCOS III V1.1, SIMULCRYPT Protocol, Subnetwork Dependent Convergence Protocol XID, Teamspeak2 Protocol, TTEthernet, TTEthernet Protocol Control Frame, Turbocell Aggregate Data, Turbocell Header, TURN Channel, Unreliable Multicast Inter-ORB Protocol, VCDU, Wave Short Message Protocol(IEEE P1609.3), Wireless Access Station Session Protocol, Wireshark Expert Info, World of Warcraft, Xpress Transport Protocol, ZigBee Application Framework, ZigBee Application Support Layer, ZigBee Device Profile, ZigBee Encapsulation Protocol, ZigBee Network Layer, Zipped Inter-ORB Protocol, ZRTP

Updated Protocol Support
- There are too many updates to list here.

New Capture File Support
- Apple Bluetooth PacketLogger, Daintree's Sensor Network Analyzer, dct3trace, Pcap-NG, TNEF (yes, those silly winmail.dat attachments)

更新時間：2009-05-22
更新細節：

What's new in this version:

The following vulnerabilities have been fixed.
-  The PCNFSD dissector could crash.

The following bugs have been fixed:
- Lua integration could crash.
- The SCCP dissector could crash when loading more than one file in a single session.
- The NDMP dissector could crash if reassembly was enabled.

更新時間：2009-04-09
更新細節：

What's new in this version:

Bug Fixes
- The PROFINET dissector was vulnerable to a format string overflow.
- The LDAP dissector could crash on Windows.
- The Check Point High-Availability Protocol (CPHAP) dissector could crash.
- Wireshark could crash while loading a Tektronix .rf5 file.

The following bugs have been fixed:
- Correct use of proto_tree_add_int_format()
- RTP dynamic payload clock rates incorrectly determined
- TShark fails to properly close capture files when opening new ones
- ANSI MAP digits type decode and bitmask corrections
- Two small patches for ipvs-syncd dissector
- BGP capability dissection failure
- ANSI MAP fix for missing MEID/MSC ID number in RegNot
- BACnet PrivateTransferError shows malformed packet
- Windows silent installer is not that silent
- Crash in ASN.1 dissector when using 'type table'
- 802.11n SM Power save mode value 0x3 label is incorrect
- 802.11 WME ie displayed incorrectly
- "Copy as filter" from the packet list has been fixed.

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- ACN, ANSI MAP, ASN.1 BACnet, BGP, CPHAP, GSM MAP, IEEE 802.11, IPVS, LDAP, NetFlow/IPFIX, PROFINET, RTP, SNMP, WSP

更新時間：2009-02-07
更新細節：

What's new in this version:

Bug Fixes
- On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters.
- Wireshark could crash while reading a malformed NetScreen snoop file. Discovered by babi.
- Wireshark could crash while reading a Tektronix K12 text capture file.

The following bugs have been fixed:
- Crash when loading capture file and Preferences: NO Info column
- Some Lua scripts may lead to corruption via out of bounds stack
- Build with GLib 1.2 fails with error: 'G_MININT32' undeclared
- Wrong decoding IMSI with GSM MAP protocol
- Segmentation fault for "Follow TCP stream"
- SMPP optional parameter 'network_error_code' incorrectly decoded
- DHCPv6 dissector doesn't handle malformed FQDN
- WCCP overrides CFLOW as decoded protocol
- Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object
- ANSI MAP fix for TRN digits/SMS and OTA subdissection
- The 1.0 branch can now be built with Visual Studio 2008.

New and Updated Features
- The version of GNUTLS included with the Windows packages has been updated from 2.3.8 to 2.6.3.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS

New and Updated Capture File Support
- NetScreen snoop

更新時間：2008-12-11
更新細節：

What's new in this version:

Bug Fixes
- The SMTP dissector could consume excessive amounts of CPU and memory.
- The WLCCP dissector could go into an infinte loop.

The following bugs have been fixed:
- Missing CRLF during HTTP POST in the "packet details" window
- Memory assertion in time_secs_to_str_buf() when compiled with GCC 4.2.3
- Diameter dissector fails RFC 4005 compliance
- LDP vendor private TLV type is not correctly shown
- Wireshark on MacOS does not run when there are spaces in its path
- OS X Intel package incorrectly claims to be Universal
- Compilation broke when compiling without zlib
- Memory leak: saved_repoid
- Memory leak: follow_info
- Memory leak: follow_info
- Memory leak: tacplus_data
- Memory leak: col_arrows
- Memory leak: col_arrows
- Incorrect address structure assigned for find_conversation() in WSP
- Memory leak with unistim in voip_calls
- Error parsing the BSSGP protocol
- Assertion thrown in fvalue_get_uinteger when decoding TIPC
- LUA script : Wireshark crashes after closing and opening again a window used by a listener.draw() function.

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP, MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066, TACACS, TIPC, WLCCP, WSP

New and Updated Capture File Support
- None

Getting Wireshark
- Wireshark source code and installation packages are available from the download page on the main web site.

Vendor-supplied Packages
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

Known Problems
- Wireshark may appear offscreen on multi-monitor Windows systems.
- Wireshark might make your system disassociate from a wireless network on OS X.
- Dumpcap might not quit if Wireshark or TShark crashes.
- The BER dissector might infinitely loop.
- Wireshark can't dynamically update the packet list. This means that host name resolutions above a certain response time threshold won't show up in the packet list.
- Capture filters aren't applied when capturing from named pipes.
- Wireshark might freeze when reading from a pipe.
- Capturing from named pipes might be delayed on Windows.
- Filtering tshark captures with display filters (-R) no longer works.

Getting Help
- Community support is available on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
- Commercial support and development services are available from CACE Technologies.

Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.

更新時間：2008-10-21
更新細節：

What's new in this version:

Bug Fixes
- Florent Drouin and David Maciejak found that the Bluetooth ACL dissector could crash or abort.
- The Q.931 dissector could crash or abort.
- Wireshark could abort while reading Tamos CommView capture files.
- David Maciejak found that the USB dissector could crash or abort. This led to the disovery of a similar problem in the Bluetooth RFCOMM dissector.
- Vivek Gupta and David Maciejak found that the PRP and MATE dissectors could make Wireshark crash. (Neither PRP nor MATE are enabled by default.)

The following bugs have been fixed:
- Let MP2T call its subdissectors, even without tree
- Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
- Failure to dissect long SASL wrapped LDAP response
- Fix compiler warnings
- Homeplug dissection bugs
- Malformed Packet DCP ETSI error
- Wrong size of selected_registrar in WPS dissector
- Dissector assertion displaying cookies in DTLS frames
- Missing field type in documentation
- Wireshark -p switch seems to have no effect to PROMISCUOUS mode
- Misspelled PPI error vector magnitude filter
- Modbus Function 43 Encapsulated Interface Transport decoding
- Crash when printing or exporting some protocol data
- Crash when selecting "Export Selected Packet Bytes"

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug, IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL, SNMP, USB, WPS

New and Updated Capture File Support
- AiroPeek, CommView

Getting Wireshark
- Wireshark source code and installation packages are available from the download page on the main web site.

Vendor-supplied Packages
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

Known Problems
- Wireshark may appear offscreen on multi-monitor Windows systems.
- Wireshark might make your system disassociate from a wireless network on OS X.
- Dumpcap might not quit if Wireshark or TShark crashes.
- The BER dissector might infinitely loop.
- Wireshark can't dynamically update the packet list. This means that host name resolutions above a certain response time threshold won't show up in the packet list.
- Capture filters aren't applied when capturing from named pipes.
- Wireshark might freeze when reading from a pipe.
- Capturing from named pipes might be delayed on Windows.
- Filtering tshark captures with display filters (-R) no longer works.

Getting Help
- Community support is available on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
- Commercial support and development services are available from CACE Technologies.

Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.

更新時間：2008-09-04
更新細節：

What's new in this version:

Bug Fixes
- The NCP dissector was susceptible to a number of problems, including buffer overflows and an infinite loop.
- Wireshark could crash while uncompressing zlib-compressed packet data.
- Wireshark could crash while reading a Tektronix .rf5 file.

The following bugs have been fixed:
- 802.11 WPA/WPA2-PSK Unable to decode Group Keys.
- Packets could wrongly be dissected as "Redback Lawful Intercept"
- MIKEY dissector improvements
- tvb_get_bits{16|32} could read past the end of a tvbuff
- Incorrect wslua function names.
- Memory corruption in wslua.
- Unknown PPPoE TAGs which are present in a PPPoE discovery packet are not displayed under "PPPoE Tags" subtree/section.
- Following a TCP stream could incorrectly reassemble packets.
- SIP decode shows fully expanded "Content-Length" header instead of compact form.
- Segmentation fault loading trace containing NCP packets.
- SIP packets might incorrectly be displayed as malformed.
- RTCP BYE padding interpreted incorrectly.
- Reversed RTP stream is saved as silent .au file, forward stream saves correctly.
- Fix some lint warnings.
- Setting a duration on a capture file would capture for an extra second.

New and Updated Features
- There are no new or updated features in this release.

New Protocol Support
- There are no new protocols in this release.

Updated Protocol Support
- AIM, Bluetooth RFCOMM, ERF, K12, NCP, PPP BCP, PPPoE, Q.933, Redback LI, RTCP, RTP, SIP, SNMP, TCP, V.120, WiMAX

New and Updated Capture File Support
- Endace ERF.

Getting Wireshark
- Wireshark source code and installation packages are available from the download page on the main web site.

Vendor-supplied Packages
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system.

Known Problems
- Wireshark may appear offscreen on multi-monitor Windows systems.
- Wireshark might make your system disassociate from a wireless network on OS X.
- Dumpcap might not quit if Wireshark or TShark crashes.
- The BER dissector might infinitely loop.
- Wireshark can't dynamically update the packet list. This means that host name resolutions above a certain response time threshold won't show up in the packet list.
- Capture filters aren't applied when capturing from named pipes.
- Wireshark might freeze when reading from a pipe.
- Capturing from named pipes might be delayed on Windows.
- Filtering tshark captures with display filters (-R) no longer works.

Getting Help
- Community support is available on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
- Commercial support and development services are available from CACE Technologies.

Frequently Asked Questions
- A complete FAQ is available on the Wireshark web site.