wireshark/docbook/release-notes.xml

<?xml version="1.0"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [

<!-- $Id$ -->

<!--
DOCUMENT SECTION
-Use this section to encode all document information
-->

<!--
Wireshark Info
-->
  <!ENTITY WiresharkCurrentVersion "0.99.5">

]>

<article>
  <title>Wireshark &WiresharkCurrentVersion; Release Notes</title>

  <section id="WhatIs"><title>What is Wireshark?</title>
    <para>
      Wireshark is the world's most popular network protocol analyzer.  It
      is used for troubleshooting, analysis, development, and education.
    </para>
  </section>

  <section id="WhatsNew"><title>What's New</title>
    <section><title>Bug Fixes</title>
    <para>

      The following vulnerabilities have been fixed.  See the
      <ulink url="http://www.wireshark.org/security/wnpa-sec-2007-01.html">security advisory</ulink> for details and a workaround.

      <itemizedlist>

        <listitem><para>
	  The TCP dissector could hang or crash while reassembling HTTP packets.
	  <!-- Fixed in r19859 -->
	  <!-- Bug IDs: 1200 -->
	  Versions affected: 0.99.2 to 0.99.4
        </para></listitem>

        <listitem><para>
	  The HTTP dissector could crash.
	  <!-- Fixed in 19899 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.99.3 to 0.99.4
        </para></listitem>

        <listitem><para>
	  On some systems, the IEEE 802.11 dissector could crash.
	  <!-- Fixed in 20126 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.10.14 to 0.99.4
        </para></listitem>

        <listitem><para>
	  On some systems, the LLT dissector could crash.
	  <!-- Fixed in 20007 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.99.3 to 0.99.4
        </para></listitem>

        <listitem><para>
          The ISUP statistics report could overflow a buffer and crash when
          displaying IPv6 addresses.
	  <!-- Fixed in 20607 -->
	  <!-- Bug IDs: None -->
	  Versions affected: 0.10.12 to 0.99.4
        </para></listitem>

      </itemizedlist>

    </para>

    <para>

    The following bugs have been fixed:

      <itemizedlist>

        <listitem><para>
          On Windows systems the packet list scroll bar could sometimes
          disappear or become unusable.
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220">Bug
          220</ulink>)
        </para></listitem>

        <listitem><para>
          The end of HTTP chunked encoding wasn't being displayed.
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=646">Bug
          646</ulink>)
        </para></listitem>

        <listitem><para>
          The Follow TCP Stream window could omit characters.
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1043">Bug
          1043</ulink>)
        </para></listitem>

        <listitem><para>
          Opening a flow graph could crash Wireshark.
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1117">Bug
          1117</ulink>)
        </para></listitem>

        <listitem><para>
          Follow TCP Stream would sometimes get the direction wrong.
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1138">Bug
          1138</ulink>)
        </para></listitem>

        <listitem><para>
          The foreground text in the coloring rules editor was always black..
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1164">Bug
          1164</ulink>)
        </para></listitem>

        <listitem><para>
          The CSV export format was incorrect.
          (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1173">Bug
          1173</ulink>)
        </para></listitem>

	<listitem><para>
	  On some Windows systems Wireshark could take a long time to start up.
	</para></listitem>

	<listitem><para>
	  Malformed UDLD packets could cause an exception.
	</para></listitem>

      </itemizedlist>
    </para>

    </section>

    <section><title>New and Updated Features</title>
    <para>
      The following features are new (or have been significantly updated)
      since the last release:
      <itemizedlist>

        <listitem><para>
        We are now offering Wireshark as a U3 package for Windows.  U3
        packages are suitable for using on USB drives and CD-ROMs.  It's
        still experimental, but you're welcome to try it out and report
        any problems or successes.
        </para></listitem>

        <listitem><para>
        Decryption support for WPA/WPA2 and SNMPv3 has been added.  The TDS /
        MS SQL dissector now de-obfuscates passwords.
        </para></listitem>

        <listitem><para>
        64-bit file handling has been improved.
        </para></listitem>

        <listitem><para>
        The <guimenuitem>Find</guimenuitem> function now selects the
        corresponding packet detail item.
        <guimenuitem>Find</guimenuitem> functionality has been added to the TCP
        and SSL stream dialogs.
        </para></listitem>

        <listitem><para>
        Main window keyboard navigation has been improved.
        </para></listitem>

        <listitem><para>
        Windows file dialogs now show the navigation bar.  File dialogs now
        default to "My Documents" in accordance with Microsoft's HIG.
        </para></listitem>

        <listitem><para>
        <ulink url="http://www.cacetech.com/products/airpcap.htm">AirPcap</ulink>
        support (which provides raw mode capture under Windows) has been
        enhanced to allow capturing on multiple AirPcap adapters
        simultaneously.
        </para></listitem>

        <listitem><para>
        You can no longer install Wireshark on Windows 95, 98, or ME.  (OK,
        so it's not a <emphasis>feature</emphasis> per se, but it's an
        important change)
        </para></listitem>

        <listitem><para>
        ASN.1 BER-encoded files can now be dissected according to a
        user-specified syntax.
        </para></listitem>

      </itemizedlist>
    </para>
    </section>

    <section><title>New Protocol Support</title>
    <para>

DMP,
Homeplug (INT51X1),
NBD,
OMAPI,
PKCS#12,
RGMP,
Roofnet,
STUN v2

    </para>
    </section>

    <section><title>Updated Protocol Support</title> <para>

2dparityfec,
ACN,
AIM,
AMR,
ANSI 637,
ANSI A,
ANSI MAP,
ARP,
ASN.1 BER,
ASN.1 PER,
BACapp,
BPDU,
CAMEL,
DCERPC (DCERPC, EFS, EVENTLOG, NSPI, PN-IO, WINREG),
DCOM CBA,
DCP,
DHCP,
DHCPv6,
DMP,
DNS,
E.164,
EAP,
EPL,
ETSI DCP,
FCP,
GIOP,
GSM A,
H.245,
H.248,
HPSW,
HTTP,
ICMP,
ICMPv6,
IEEE 802.11,
IMAP,
INAP,
IPMI,
IPsec,
IRC,
ISAKMP,
iSCSI,
ISIS LSP,
IuUP,
K12,
Kerberos,
LDAP,
LLDP,
MEGACO,
MGCP,
MIME Multipart,
MMS,
MMSE,
MSRP,
MySQL,
NetFlow,
NFS,
NTLMSSP,
NTP,
OSPF,
PN-PTCP,
PPPoE,
Q.931,
Radiotap,
RADIUS,
RPC,
RSVP,
RTCP,
S4406,
SCCP,
SCSI,
SDP,
SES,
sFlow,
SIGCOMP,
SIP,
SIR,
Skinny,
SMB (SMB, NETLOGON),
SMTP,
SNMP,
SPNEGO,
SSL,
T.38,
TCP,
TDS,
text/media,
TIPC,
UDLD,
UDP Lite,
UDP,
UMA,
UMTS FP,
USB,
VNC,
WBXML,
WLCCP,
WSP,
X.411,
X.420,
XML,
XOT,
YMSG

    </para>
    </section>

    <section><title>New and Updated Capture File Support</title>
    <para>

Catapult DCT2000, Netttl, Windows Sniffer / NetXray

    </para>
    </section>

  </section>

  <section id="GettingWireshark"><title>Getting Wireshark</title>
    <para>
      Wireshark source code and installation packages are available from
      the <ulink url="http://www.wireshark.org/download.html">download
      page</ulink> on the main web site.
    </para>

    <section><title>Vendor-supplied Packages</title>
      <para>
	Most Linux and Unix vendors supply their own Wireshark packages.
	You can usually install or upgrade Wireshark using the package management
	system specific to that platform.  A list of third-party packages
	can be found on the
	<ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
      </para>
    </section>

  </section>

  <!-- XXX needs to be written
  <section id="RemovingWireshark"><title>Removing Wireshark</title>
    <para>
    </para>
  </section>
  -->

  <section id="FileLocations"><title>File Locations</title>
    <para>
      Wireshark and TShark look in several different locations for
      preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
      These locations vary from platform to platform.  You can use
      About->Folders to find the default locations on your system.
    </para>
  </section>

  <section id="KnownProblems"><title>Known Problems</title>

    <para>
      The <guibutton>Filter</guibutton> button is nonfunctional in the
      file dialogs under Windows.
      (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942">Bug
      942</ulink>)
    </para>

  </section>

  <section id="GettingHelp"><title>Getting Help</title>
    <para>
    Community support is available on the wireshark-users mailing list.
    Subscription information and archives for all of Wireshark's mailing
    lists can be found on <ulink url="http://www.wireshark.org/lists/">the
    web site</ulink>.
    </para>
    <para>
    Commercial support, training, and development services are available
    from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
    </para>
  </section>

  <section id="FAQ"><title>Frequently Asked Questions</title>
    <para>
    A complete FAQ is available on the
    <ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
    </para>
  </section>

</article>