Wireshark (32-bit) 歷史舊版本 Page1

更新時間：2017-12-01
更新細節：

What's new in this version:

Bug Fixes:
- [1]wnpa-sec-2017-47 The IWARP_MPA dissector could crash
- [3]wnpa-sec-2017-48 The NetBIOS dissector could crash
- [5]wnpa-sec-2017-49 The CIP Safety dissector could crash
- "tshark -G ?" doesn't provide expected help
- File loading is very slow with TRANSUM dissector enabled
- packet-knxnetip.c:936: bad bitmask ?
- packet-q931.c:1306: bad compare ?
- SSL Dissection bug
- Wireshark crashes when exporting various files to .csv, txt and other `non-capture file' formats
- RLC reassembly doesn't work for RLC over UDP heuristic dissector
- HTTP Object export fails with long extension (possibly query string)
- 3GPP Civic Address not displayed in Packet Details
- Wireshark prefers packet.dll in System32Npcap over the one in System32
- PEEKREMOTE dissector does not decode 11ac MCS rates properly
- Visual Studio Community Edition 2015 lacks tools named in developer guide
- TCP: Malformed data with Riverbed Probe option
- Wireshark Crash when trying to use Preferences | Advanced
- Right click on SMB2 Message ID and then Apply as Column causes Runtime Error
- Return [Enter] should apply change (Column title - Button Label toolbars)
- Wireshark crashes if "rip.display_routing_domain" is set to TRUE in preferences file
- Entry point inflatePrime not found for androiddump.exe and randpktdump.exe
- BGP: IPv6 NLRI is received with Add-path ID, then Wire shark is not able to decode the packet correctly
- Wrong SSL decryption when using EXTENDED MASTER SECRET and Client certificate request (mutual authentication)
- Frame direction isn't always set if it comes from the pcapng record header rather than the packet pseudo-header

Updated Protocol Support:
- 3GPP NAS, BGP, CIP Safety, DTLS, IEEE 802.11 Radio, IWARP_MPA, KNXnet/IP, LCSAP, MQTT, NetBIOS, PEEKREMOTE, Q.931, RIP, RLC, SIP, SSL/TLS, TCP, and TRANSUM

更新時間：2017-10-11
更新細節：

What's new in this version:

The following bugs have been fixed:
- wnpa-sec-2017-42
- BT ATT dissector crash (Bug 14049) CVE-2017-15192
- wnpa-sec-2017-43
- MBIM dissector crash (Bug 14056) CVE-2017-15193
- wnpa-sec-2017-44
- DMP dissector crash (Bug 14068) CVE-2017-15191
- wnpa-sec-2017-45
- RTSP dissector crash (Bug 14077) CVE-2017-15190
- wnpa-sec-2017-46
- DOCSIS infinite loop (Bug 14080) CVE-2017-15189
- Wireshark crash when end capturing with "Update list of packets in real-time" option off. (Bug 13024)
- Diameter service response time statistics broken in 2.2.4. (Bug 13442)
- Sequence number isn’t shown as the X axis in TCP Stream Graph - RTT. (Bug 13740)
- Using an SSL subdissector will cause SSL data to not be decoded (related to reassembly of application data). (Bug 13885)
- Wireshark 2.4.0 doesn’t build with Qt 4.8. (Bug 13909)
- Some Infiniband Connect Req fields are not decoded correctly. (Bug 13997)
- Voip Flow Sequence button crash. (Bug 14010)
- wireshark-2.4.1/epan/dissectors/packet-dmp.c:1034: sanity check in wrong place ?. (Bug 14016)
- wireshark-2.4.1/ui/qt/tcp_stream_dialog.cpp:1206: sanity check in odd place ?. (Bug 14017)
- [oss-fuzz] ASAN: 232 byte(s) leaked in 4 allocation(s). (Bug 14025)
- [oss-fuzz] ASAN: 47 byte(s) leaked in 1 allocation(s). (Bug 14032)
- Own interface toolbar logger dialog for each log command. (Bug 14033)
- Wireshark crashes when dissecting DOCSIS REGRSPMP which contains UCD. (Bug 14038)
- Broken installation instructions for Visual Studio Community Edition. (Bug 14039)
- RTP Analysis "save as CSV" saves twice the forward stream, if two streams are selected. (Bug 14040)
- VWR file read ends early with vwr: Invalid data length 0. (Bug 14051)
- reordercap fails with segmentation fault 11 on MacOS. (Bug 14055)
- Cannot Apply Bitmask to Long Unsigned. (Bug 14063)
- text2pcap since version 2.4 aborts when there are no arguments. (Bug 14082)
- gtpprime: Missing in frame.protocols. (Bug 14083)
- HTTP dissector believes ICY response is a request. (Bug 14091)

Updated Protocol Support:
- 6LoWPAN, Bluetooth, BOOTP/DHCP, BT ATT, BT LE, DCERPC, DMP, DOCSIS, EPL, GTP, H.248, HTTP, InfiniBand, MBIM, RPC, RTSP, SSL, and WSP

New and Updated Capture File Support:
Vendor-supplied Packages:
- Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site

File Locations:
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system

更新時間：2017-08-30
更新細節：

What's new in this version:

Bug Fixes:
- wnpa-sec-2017-38. MSDP dissector infinite loop
- wnpa-sec-2017-39. Profinet I/O buffer overrun
- wnpa-sec-2017-40. Modbus dissector crash
- wnpa-sec-2017-41. IrCOMM dissector buffer overrun
- Incorrect presentation of Ascend-Data-Filter (RADIUS attribute 242)
- Confusing "Apply a display filter " keyboard shortcut
- Wireshark crashes at startup if it needs to display a dialog early in the startup process
- RADIUS dictionary: BEGIN-VENDOR does not support format=Extended-Vendor-Specific-*
- Dumpcap on big-endian machines writes out corrupt, unreadable Enhanced Packet Blocks
- Interface Toolbar support for Windows
- Wireshark should behave better on high resolution displays on Windows
- Udpdump.pod missing from build
- RTP Player Format Error
- VNC Protocol disector: Framebuffer Updates
- DNS LOC RRs with out-of-range longitude or latitude aren’t shown as errors
- DIS Dissector Entity Appearance Record displayed in wrong location
- Win64 CMake bug - (CYGWIN_INSTALL_PATH redefinition) causing missing packages when using CMake 3.9.0
- APL records parsed incorrectly for IPv4 prefixes
- File→Merge dialog doesn’t show all options. Resizing doesn’t help
- TCAP SRT Analysis incorrectly matched TCAP begins and ends
- Error in MKA Distributed SAK parameter set dissection
- E.212: Check length before trying 3-digits MNC
- mpeg_descriptor: AC3 System A: Respect descriptor length
- Crash in Wireshark using Dumper:dump() from Lua
- MRCPv2 not decoded correctly
- UDP Checksum verification not working for 0x0000 checksum
- OSPF v3 LSA Type not well parsed
- GTPv2 - decoding issue for Packet Flow ID (type 123)
- TRANSUM fails to calculate RTE figures for DCE-RPC where request Packet Type is zero
- BTLE Hop and SCA fields incorrectly dissected in BLE CONNECT_REQ
- [oss-fuzz] BGP memleak: ASAN: 276 byte(s) leaked in 5 allocation(s)
- Some Infiniband Connect Req fields are not decoded correctly
- GTP: gtp.ext_comm_flags_II_pmtsmi bit not decoded correctly
- InfiniBand: sIP and dIP inside IP CM Private Data are decoded in the wrong order
- 802.11 wlan.ft.subelem.r0kh_id should be sequence of bytes
- USB capture: Unrecognized libpcap format or not libpcap data
- SQ Header Pointer in NVMoF response capsule is decoded with the wrong endian

Updated Protocol Support:
- BGP, BT LE, DIS, DNS, E.212, EPL, GTP, GTPv2, IEEE 802.11, InfiniBand, IPv4, IrCOMM, MKA, Modbus, MPEG Descriptor, MRCPv2, MSDP, MTP2, Nordic BLE, NVMe, OSPF, pcapng MIME, PMIPv6, Profinet I/O, RADIUS, SML, TCAP, TRANSUM, UA3G, UDP, VNC, and ZigBee

更新時間：2017-07-22
更新細節：

What's new in this version:

New and Updated Features:
- Experimental 32-bit and 64-bit Windows Installer (.msi) packages are available. It is recommended that you use these independently of the NSIS (.exe) installers. That is, you should make sure the NSIS package is completely uninstalled before installing the Windows Installer package and vice-versa
- Source packages are now compressed using xz instead of bzip2
- The legacy (GTK+) UI is disabled by default in the Windows installers
- The legacy (GTK+) UI is disabled by default in the development environment (Autotools and CMake)
- SS7 Point Codes can now be resolved into names with a hosts-like file
- Wireshark can now go fullscreen to have more room for packets
- TShark can now export objects like the other GUI interfaces
- Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library)
- You can now choose the output device when playing RTP streams
- Added support for dissectors to include a unit name natively in their hf field. A field can now automatically append "seconds" or "ms" to its value without additional printf-style APIs
- The Default profile can now be reset to default values
- You can move back and forth in the selection history in the Qt UI
- IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original decryption key preference has been obsoleted
- Extcap utilities can now provide configuration for a GUI interface toolbar to control the extcap utility while capturing
- Extcap utilities can now validate the capture filter
- Display filter function len() can now be used on all string and byte fields
- Added an experimental timeline view for 802.11 wireless packet data which can be enabled via the "802.11 radio information" preferences
- Added TLS 1.3 (draft 21) dissection and decryption support (Bug 12779)
- The (D)TLS Application Layer protocol (e.g. HTTP or CoAP) can now be changed via the Decode As dialog
- The RSA keys dialog for SSL keys has improved feedback for invalid settings and no longer requires the IP address, Port or Protocol fields to be set in addition to the Key File
- TCP Analysis will detect and flag more spurious retransmissions

New Protocol Support:
- Bluetooth HCI Vendor Intel, CAN FD, Citrix NetScaler Metric Exchange Protocol, Citrix NetScaler RPC Protocol, DirectPlay 8 protocol, Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol), Facebook Zero, Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux, GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local Service Discovery (LSD), M2 Application Protocol, Mesh Link Establishment (MLE), MUDURL, Netgear Ensemble Protocol, NetScaler HA Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol, NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs, OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion Messages, Snort Post-dissector, Thread CoAP, UDP based FTP w/ multicast (UFTP and UFTP4), Unified Diagnostic Services (UDS), vSocket, Windows Cluster Management API (clusapi), and X-Rite i1 Display Pro (and derivatives) USB protocol

New and Updated Capture File Support:
- ERF, IxVeriWave, Libpcap, and Pcap-ng

Major API Changes:
- IEEE802.11: wlan_mgt display filter element got renamed to wlan
- Libgcrypt is now a required dependency

File Locations:
- Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system

更新時間：2017-07-19
更新細節：

What's new in this version:

BUG FIXES:
The following vulnerabilities have been fixed:
- [1]wnpa-sec-2017-13: WBMXL dissector infinite loop ([2]Bug 13477, [3]Bug 13796), [4]CVE-2017-7702, [5]CVE-2017-11410
- [6]wnpa-sec-2017-28: openSAFETY dissector memory exhaustion ([7]Bug 13649,[8]Bug 13755), [9]CVE-2017-9350, [10]CVE-2017-11411
- [11]wnpa-sec-2017-34: AMQP dissector crash. ([12]Bug 13780) [13]CVE-2017-11408
- [14]wnpa-sec-2017-35: MQ dissector crash. ([15]Bug 13792) [16]CVE-2017-11407
- [17]wnpa-sec-2017-36: DOCSIS infinite loop. ([18]Bug 13797) [19]CVE-2017-11406

The following bugs have been fixed:
- Y.1711 dissector reverses defect type order. ([20]Bug 8292)
- Packet list keeps scrolling back to selected packet while names are being resolved. ([21]Bug 12074)
- [REGRESSION] Export Objects do not show files from a SMB2 capture. ([22]Bug 13214)
- LTE RRC: lte-rrc.q_RxLevMin filter fails on negative values. ([23]Bug 13481)
- Hexpane showing in proportional font again. ([24]Bug 13638)
- Regression in SCCP fragments handling. ([25]Bug 13651)
- TCAP SRT incorrectly matches TC_BEGINs and TC_ENDs. ([26]Bug 13739)
- Dissector for WSMP (IEEE 1609.3) not current. ([27]Bug 13766)
- RANAP: possible issue in the heuristic code. ([28]Bug 13770)
- [oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type int in packet-btrfcomm.c:314:37. ([29]Bug 13783)
- RANAP: false positives on heuristic algorithm. ([30]Bug 13791)
- Automatic name resolution not saved to PCAP-NG NRB. ([31]Bug 13798)
- DAAP dissector dissect_daap_one_tag recursion stack exhausted. ([32]Bug 13799)
- Malformed DCERPC PNIO packet decode, exception handler invalid poionter reference. ([33]Bug 13811)
- It seems SPVID was decoded from wrong field. ([34]Bug 13821)
- README.dissectors: Add notes about predefined string structures not available to plugin authors. ([35]Bug 13828)
- Statistics->Packet Lengths doesn't display details for 5120 or greater. ([36]Bug 13844)
- cmake/modules/FindZLIB.cmake doesn't find inflatePrime. ([37]Bug 13850)
- BGP: incorrect decoding COMMUNITIES whose length is larger than 255. ([38]Bug 13872)

UPDATED PROTOCOL SUPPORT:
AMQP, BGP, BSSMAP, BT RFCOMM, DAAP, DOCSIS, E.212, FDDI, GSM A GM, GSM BSSMAP, IEEE 802.11, IP, ISIS LSP, LTE RRC, MQ, OpenSafety, OSPF, PROFINET IO, RANAP, SCCP, SGSAP, SMB2, TCAP, TCP, UMTS FP, UMTS RLC, WBXML, WSMP, and Y.1711

更新時間：2017-06-02
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- wnpa-sec-2017-22
- Bazaar dissector infinite loop (Bug 13599) CVE-2017-9352
- wnpa-sec-2017-23
- DOF dissector read overflow (Bug 13608) CVE-2017-9348
- wnpa-sec-2017-24
- DHCP dissector read overflow (Bug 13609, Bug 13628) CVE-2017-9351
- wnpa-sec-2017-25
- SoulSeek dissector infinite loop (Bug 13631) CVE-2017-9346
- wnpa-sec-2017-26
- DNS dissector infinite loop (Bug 13633) CVE-2017-9345
- wnpa-sec-2017-27
- DICOM dissector infinite loop (Bug 13685) CVE-2017-9349
- wnpa-sec-2017-28
- openSAFETY dissector memory exhaustion (Bug 13649) CVE-2017-9350
- wnpa-sec-2017-29
- BT L2CAP dissector divide by zero (Bug 13701) CVE-2017-9344
- wnpa-sec-2017-30
- MSNIP dissector crash (Bug 13725) CVE-2017-9343
- wnpa-sec-2017-31
- ROS dissector crash (Bug 13637) CVE-2017-9347
- wnpa-sec-2017-32
- RGMP dissector crash (Bug 13646) CVE-2017-9354
- wnpa-sec-2017-33
- IPv6 dissector crash (Bug 13675) CVE-2017-9353

The following bugs have been fixed:
- DICOM dissection error. (Bug 13164)
- Qt: drag & drop of one column header in PacketList moves other columns. (Bug 13183)
- Can not export captured DICOM objects in version 2.2.5. (Bug 13570)
- False complain about bad checksum of ICMP extension header. (Bug 13586)
- LibFuzzer: ISUP dissector bug (isup.number_different_meaning). (Bug 13588)
- Dissector Bug, protocol BT ATT. (Bug 13590)
- Wireshark dispalys RRCConnectionReestablishmentRejectRRCConnectionReestablishmentReject in Info column. (Bug 13595)
- [oss-fuzz] UBSAN: shift exponent 105 is too large for 32-bit type int in packet-ositp.c:551:79. (Bug 13606)
- [oss-fuzz] UBSAN: shift exponent -77 is negative in packet-netflow.c:7717:23. (Bug 13607)
- [oss-fuzz] UBSAN: shift exponent 1959 is too large for 32-bit type int in packet-sigcomp.c:2128:28. (Bug 13610)
- [oss-fuzz] UBSAN: shift exponent 63 is too large for 32-bit type guint32 (aka unsigned int) in packet-rtcp.c:917:24. (Bug 13611)
- [oss-fuzz] UBSAN: shift exponent 70 is too large for 64-bit type guint64 (aka unsigned long) in dwarf.c:42:43. (Bug 13616)
- [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type int in packet-xot.c:260:23. (Bug 13618)
- [oss-fuzz] UBSAN: shift exponent -5 is negative in packet-sigcomp.c:1722:36. (Bug 13619)
- [oss-fuzz] UBSAN: index 2049 out of bounds for type char [2049] in packet-quakeworld.c:134:5. (Bug 13624)
- [oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type int in packet-netsync.c:467:25. (Bug 13639)
- [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type int in packet-sigcomp.c:3857:24. (Bug 13641)
- [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field. (Bug 13662)
- Welcome screen invalid capture filter wihtout WinPcap installed causes runtime error. (Bug 13672)
- SMB protocol parser does not parse SMB_COM_TRANSACTION2_SECONDARY (0x33) command correctly. (Bug 13690)
- SIP packets with SDP marked as malformed. (Bug 13698)
- [oss-fuzz] UBSAN: index 8 out of bounds for type gboolean const[8] in packet-ieee80211-radiotap.c:1836:12. (Bug 13713)
- Crash on "Show packet bytes…" context menu item click. (Bug 13723)
- DNP3 dissector does not properly decode packed variations with prefixed qualifiers. (Bug 13733)

Updated Protocol Support:
- Bazaar, BT ATT, BT L2CAP, DHCP, DICOM, DNP3, DNS, DOF, DWARF, ICMP, IEEE 802.11, IPv6, ISUP, LTE RRC, MSNIP, Netflow, Netsync, openSAFETY, OSITP, QUAKEWORLD, Radiotap, RGMP, ROS, RTCP, SIGCOMP, SMB, SoulSeek, and XOT

更新時間：2017-04-13
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- IMAP dissector crash
- WBMXL dissector infinite loop
- NetScaler file parser infinite loop
- RPCoRDMA dissector infinite loop
- BGP dissector infinite loop
- DOF dissector infinite loop
- PacketBB dissector crash
- SLSK dissector long loop
- SIGCOMP dissector infinite loop
- WSP dissector infinite loop

The following bugs have been fixed:
- T30 FCF byte decoding masks DTC, CIG and NCS
- Wireshark gives decoding error during rnsap message dissection(SCCP reassembly)
- Added IEEE 802.15.4-2003 AES-CCM security modes (packet-ieee802154)
- Payload in 2 SCCP DT1 messages in the same frame isn’t (sub)dissected
- IEEE 802.15.4: an area of Payload IEs is dissected twice
- Qt UI: Wireshark crash when deleting IO graph string while it’s in editing mode
- Crash on exit due to an invalid frame data sequence state
- Access Violation using Lua dissector
- Some bytes ignored in every packet in NetScaler packet trace when vmnames are included in packet headers
- VOIP RTP stream Find Reverse button doesn’t work
- Lua dissector: ProtoField int&42; do not allow FT_HEX or FT_OCT, crash when set to FT_HEX_DEC or FT_DEC_HEX
- GIOP LocateRequest v1.0 is improperly indicated as "malformed"
- Bug in ZigBee - Zone Status Change Notification
- Packet exception in packet-ua3g and incomplete strings in packet-noe
- Wrong BGP capability dissect
- Endpoint statistics column labels seem incorrect
- Strange automatic jump in packet details for a certain DNS response packet
- When a Lua enum or bool preference is changed via context menu, prefs_changed isn’t called with Qt Wireshark
- IO Graph selects wrong packet or displays "Packet number x isn’t displayed"
- tshark’s -z endpoints,ip ignores optional filter
- SSL: Handshake type in Info column not always separated by comma
- libfuzzer: PEEKREMOTE dissector bug
- libfuzzer: packetBB dissector bug (packetbb.msg.addr.valuecustom)
- libfuzzer: WSP dissector bug (wsp.header.x_wap_tod)
- libfuzzer: MIH dissector bug
- libfuzzer: DNS dissector bug
- libfuzzer: WLCCP dissector bug
- libfuzzer: TAPA dissector bug
- libfuzzer: lapsat dissector bug
- libfuzzer: wassp dissector bug
- Illegal reassembly of GSM SMS packets
- SSH Dissector uses incorrect length for protocol field (ssh.protocol)
- NBAP malformed packet for short Binding ID
- libfuzzer: WSP dissector bug (wsp.header.x_up_1.x_up_proxy_tod)
- libfuzzer: asterix dissector bug (asterix.021_230_RA)
- RTPproxy dissector adds multi lines to info column

更新時間：2017-03-05
更新細節：

What's new in this version:

BUG FIXES:

The following vulnerabilities have been fixed:
- [1]wnpa-sec-2017-03 LDSS dissector crash
- [3]wnpa-sec-2017-04 RTMTP dissector infinite loop
- [5]wnpa-sec-2017-05 WSP dissector infinite loop
- [7]wnpa-sec-2017-06 STANAG 4607 file parser infinite loop
- [9]wnpa-sec-2017-07 NetScaler file parser infinite loop
- [11]wnpa-sec-2017-08 NetScaler file parser crash
- [13]wnpa-sec-2017-09 K12 file parser crash
- [15]wnpa-sec-2017-10 IAX2 dissector infinite loop
- [17]wnpa-sec-2017-11 NetScaler file parser infinite loop

The following bugs have been fixed:
- Display filter textbox loses focus during live capturing
- Wireshark crashes when saving pcaps, opening pcaps, and exporting specified packets
- tshark stalls on FreeBSD if androiddump is present
- UTF-8 characters in packet list column title
- Recent capture file list should appear immediately on startup
- editcap segfault if a packet length is shorter than ignore bytes parameter
- dftest segfault with automated build of 2.2.5
- UMTS MAC Dissector shows Packet size limited for BCCH payload
- VS2010 win32 ±¥
- EAP AKA not being decoded properly
- Dumpcap crashes during rpcap setup
- Crash on closing SNMP capture file if snmp credentials are present
- GPRS-NS message PDU type displayed in octal instead of hexadecimal

UPDATED PROTOCOL SUPPORT:
- GPRS-NS, GTPv2, IAX2, IEEE 802.11, LDSS, MS-WSP, OpcUa, ROHC, RTMTP, SNMP, STANAG 4607, T.38, and UMTS FP

更新時間：2017-01-24
更新細節：

What's new in this version:

The following vulnerabilities have been fixed:
- The ASTERIX dissector could go into an infinite loop
- The DHCPv6 dissector could go into a large loop

The following bugs have been fixed:
- TCP reassembly: tcp.reassembled_in is not set in first packet
- Duplicated Interfaces instances while refreshing
- Time zone name needs to be converted to UTF-8 on Windows
- Crash on fast local interface changes
- Please align columns in tshark’s output
- Display data rate fields for VHT rates invalid with BCC modulation
- plugin_if_get_ws_info causes Access Violation if called during rescan
- SMTP BDAT dissector not reverting to command-code after DATA
- Wireshark fails to recognize V6 DBS Etherwatch capture files
- Runtime Error when try to merge .pcap files (Wireshark crashes)
- PPP BCP BPDU size reports not header size, but all data underneath and its header size in UI
- In-line UDP checksum bytes in 6LoWPAN IPHC are swapped
- Uninitialized memcmp on data in daintree-sna.c
- Crash when dissect WDBRPC Version 2 protocol with Dissect unknown program numbers enabled
- Contents/Resources/bin directory isn’t in the app bundle after installation
- Regression: IEEE17221 (AVDECC) decoded as IEEE1722 (AVB Transportation Protocol)
- Can’t decode packets captured with OpenBSD enc(4) encapsulating
- UDLD flags are at other end of octet
- MS-WSP dissector no longer works since commit 8c2fa5b5cf789e6d0d19cd0dd34479d0203d177a
- TBCD string decoded wrongly in MAP ATI message
- Filter Documentation: The tilde (~) operator is not documented
- VoIP Flow Sequence Causes Application Crash

Updated Protocol Support:
- 6LoWPAN, DVB-CI, ENC, GSM MAP, IEEE 1722, IEEE 1722.1, ISAKMP, MS-WSP, PPP, QUIC, Radiotap, RPC, SMTP, TCP, UCD, and UDLD

更新時間：2016-12-15
更新細節：

What's new in this version:

Bug Fixes:

The following vulnerabilities have been fixed:
- Arbitrary file deletion on Windows

The following bugs have been fixed:
- Saving all exported objects (SMB/SMB2) results in out of physical memory
- Export HTTP Objects - Single file shows as multiple files in 2.0.2
- Follow Stream and graph buttons remain greyed out in conversation window
- Dicom list of tags in element of VR=AT not properly decoded
- Malformed Packet: BGP Update (withdraw) message
- Install fail on macOS Sierra (error PKInstallErrorDomain Code=112)
- GTP: "Create PDP Context response" message shows back-off timer as malformed when included in the response
- ICMP dissector fails to properly detect timestamps
- RLC misdissection
- Text2pcap on Windows produces corrupt output when writing the capture file to the standard output
- HTML escaping of quotes in error message
- TShark doesn't respect protocols.display_hidden_proto_items setting
- RPC/RDMA dissector should exit when frame is not RPC-over-RDMA
- Some RPC-over-RDMA frames are not recognized as RPC-over-RDMA
- RPC-over-RDMA frames with chunk lists are "Malformed"
- TShark fails to pass RPC-over-RDMA frames to RPC subdissector
- Adding a DOF DPS Identity Secret, session Key, or Mode Template causes Wireshark to crash
- Wireshark shows "MS Video Source Request" in a RTCP packet as "Malformed"

Updated Protocol Support:
- BGP, BOOTP/DHCP, BTLE, DICOM, DOF, Echo, GTP, ICMP, Radiotap, RLC, RPC over RDMA, RTCP, SMB, TCP, UFTP4, and VXLAN