forked from osmocom/wireshark
309 lines
7.6 KiB
XML
309 lines
7.6 KiB
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
|
|
|
<!-- $Id$ -->
|
|
|
|
<!--
|
|
DOCUMENT SECTION
|
|
-Use this section to encode all document information
|
|
-->
|
|
|
|
<!--
|
|
Wireshark Info
|
|
-->
|
|
<!ENTITY WiresharkCurrentVersion "0.99.3">
|
|
|
|
]>
|
|
|
|
<article>
|
|
<title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
|
|
|
|
<section id="WhatIs"><title>What is Wireshark?</title>
|
|
<para>
|
|
Wireshark is the world's most popular network protocol analyzer. It
|
|
is used for troubleshooting, analysis, development, and education.
|
|
</para>
|
|
</section>
|
|
|
|
<section id="WhatsNew"><title>What's New</title>
|
|
<section><title>Bug Fixes</title>
|
|
<para>
|
|
|
|
The following vulnerabilities have been fixed. See the
|
|
<ulink url="http://www.wireshark.org/security/wnpa-sec-2006-02.html">security advisory</ulink> for details and a workaround.
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem><para>
|
|
The SCSI dissector could crash.
|
|
<!-- Fixed in r18832 -->
|
|
<!-- Bug IDs: 1034 -->
|
|
Versions affected: 0.99.2.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
If Wireshark was compiled with ESP decryption support, the
|
|
IPsec ESP preference parser was susceptible to off-by-one
|
|
errors.
|
|
<!-- Fixed in r18856, r18915, r18943 -->
|
|
<!-- Bug IDs: None -->
|
|
Versions affected: 0.99.2.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
The DHCP dissector (and possibly others) in the Windows version of
|
|
Wireshark could trigger a bug in Glib and crash.
|
|
<!-- Fixed in r18883 -->
|
|
<!-- Bug IDs: 1025 -->
|
|
<!-- Gnome bug ID: 351034 -->
|
|
Versions affected: 0.10.13 - 0.99.2.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
If the SSCOP dissector has a port range configured
|
|
<emphasis>and</emphasis> the SSCOP payload protocol is
|
|
Q.2931, a malformed packet could make the Q.2931 dissector
|
|
use up available memory. No port range is configured
|
|
by default.
|
|
<!-- Fixed in r18992 -->
|
|
<!-- Bug IDs: None -->
|
|
Versions affected: 0.7.9 - 0.99.2.
|
|
</para></listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</para>
|
|
|
|
<para>
|
|
|
|
The following bugs have been fixed:
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem><para>
|
|
The VOIP call analysis feature could cause an assertion.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
The RTP analysis feature could freeze for an extended period.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
Selecting "Apply as Filter" wouldn't work for some tree items.
|
|
</para></listitem>
|
|
|
|
</itemizedlist>
|
|
</para>
|
|
|
|
</section>
|
|
|
|
<section><title>New and Updated Features</title>
|
|
<para>
|
|
The following features are new (or have been significantly updated)
|
|
since the last release:
|
|
<itemizedlist>
|
|
|
|
<listitem><para>
|
|
ESP, Kerberos, and SSL decryption are now supported in the
|
|
Windows installer. (As as result, Wireshark is now subject to
|
|
United States export controls.)
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
The packet list context menu now includes a conversation filter.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
Wireshark can now generate ACL rules for several popular firewall
|
|
products.
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
Wireshark now supports
|
|
<ulink url="http://www.cacetech.com/products/airpcap.htm">AirPcap</ulink>,
|
|
including raw 802.11 captures under Windows.
|
|
</para></listitem>
|
|
|
|
</itemizedlist>
|
|
</para>
|
|
</section>
|
|
|
|
<section><title>New Protocol Support</title>
|
|
<para>
|
|
|
|
Daytime,
|
|
JPEG (RTP payload),
|
|
Pegasus Lightweight Stream Control,
|
|
Pro-MPEG FEC,
|
|
UMTS RRC,
|
|
Veritas Low Latency Transport
|
|
|
|
</para>
|
|
</section>
|
|
|
|
<section><title>Updated Protocol Support</title> <para>
|
|
|
|
All ASN.1 dissectors,
|
|
|
|
3G A11,
|
|
802.11,
|
|
AIM SST,
|
|
AJP13,
|
|
ANSI 637,
|
|
AVS WLAN,
|
|
BACapp,
|
|
BFD,
|
|
CDP,
|
|
Cisco WIDS,
|
|
DCERPC (DCERPC, CONV, DFS, EPM, FLDB, NETLOGON, NT, PN-IO, RS_PGO),
|
|
DCOM,
|
|
DHCP,
|
|
DIAMETER,
|
|
DTLS,
|
|
EAPOL,
|
|
ESP,
|
|
H.225,
|
|
H.245,
|
|
H.450,
|
|
HTTP,
|
|
IPv6,
|
|
ISAKMP,
|
|
Juniper,
|
|
Kerberos,
|
|
L2TP,
|
|
LDAP,
|
|
MSRP,
|
|
NTLMSSP,
|
|
PN-CBA,
|
|
PN-RT,
|
|
Prism,
|
|
RSVP,
|
|
RTCP,
|
|
RUDP,
|
|
SCSI,
|
|
SCTP,
|
|
SDP,
|
|
SIP,
|
|
SIPFRAG,
|
|
Skinny,
|
|
SMB,
|
|
SSL,
|
|
TCP,
|
|
text/media,
|
|
Time,
|
|
XML
|
|
|
|
|
|
</para>
|
|
</section>
|
|
|
|
<section><title>New and Updated Capture File Support</title>
|
|
<para>
|
|
|
|
Catapult DCT2000,
|
|
nettl
|
|
</para>
|
|
</section>
|
|
|
|
</section>
|
|
|
|
<section id="GettingWireshark"><title>Getting Wireshark</title>
|
|
<para>
|
|
Wireshark source code and installation packages are available from
|
|
the <ulink url="http://www.wireshark.org/download.html">download
|
|
page</ulink> on the main web site.
|
|
</para>
|
|
|
|
<section><title>Vendor-supplied Packages</title>
|
|
<para>
|
|
Most Linux and Unix vendors supply their own Wireshark packages.
|
|
You can install or upgrade Wireshark using the package management
|
|
system specific to that platform. A list of third-party packages
|
|
can be found on the <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
|
|
</para>
|
|
</section>
|
|
|
|
</section>
|
|
|
|
<!-- XXX needs to be written
|
|
<section id="RemovingWireshark"><title>Removing Wireshark</title>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
-->
|
|
|
|
<section id="FileLocations"><title>File Locations</title>
|
|
<para>
|
|
Wireshark and TShark look in several different locations for
|
|
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
|
|
These locations vary from platform to platform. You can use
|
|
About->Folders to find the default locations on your system.
|
|
</para>
|
|
</section>
|
|
|
|
<section id="KnownProblems"><title>Known Problems</title>
|
|
|
|
<para>
|
|
On Windows systems the packet list scroll bar can sometimes disappear
|
|
or become unusable. Until the problem is fixed you can work around it
|
|
by resizing the packet list or the main window.
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
|
|
220</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
The <guibutton>Filter</guibutton> button is nonfunctional in the
|
|
file dialogs under Windows.
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942">Bug
|
|
942</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Trying to save flow data may crash Wireshark.
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=396">Bug
|
|
396</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
It may not be possible to re-order coloring rules under Windows.
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=699">Bug
|
|
699</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Multiple tap interfaces may cause a crash under FreeBSD.
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=757">Bug
|
|
757</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Wireshark may crash while viewing TCP streams.
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=852">Bug
|
|
852</ulink>)
|
|
</para>
|
|
|
|
</section>
|
|
|
|
<section id="GettingHelp"><title>Getting Help</title>
|
|
<para>
|
|
Community support is available on the wireshark-users mailing list.
|
|
Subscription information and archives for all of Wireshark's mailing
|
|
lists can be found on <ulink url="http://www.wireshark.org/lists/">the
|
|
web site</ulink>.
|
|
</para>
|
|
<para>
|
|
Commercial support, training, and development services are available
|
|
from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
|
|
</para>
|
|
</section>
|
|
|
|
<section id="FAQ"><title>Frequently Asked Questions</title>
|
|
<para>
|
|
A complete FAQ is available on the
|
|
<ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
|
|
</para>
|
|
</section>
|
|
|
|
</article>
|