Version history Wireshark for Mac OS X (PPC)

<<Back

Changes from v1.2.2 -> v1.2.3

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• The Paltalk dissector could crash on alignment-sensitive processors. (Bug 3689)
• Versions affected: 1.2.0 to 1.2.2
• The DCERPC/NT dissector could crash.
• Versions affected: 0.10.10 to 1.2.2
• The SMB dissector could crash.
• Versions affected: 1.2.0 to 1.2.2
• The following bugs have been fixed:
• Wireshark memory leak with each file open and/or display filter change. (Bug 2375)
• DHCP Dissector displays negative lease time. (Bug 2733)
• Invalid advertised window line on tcptrace style graph. (Bug 3417)
• SMB get_dfs_referral referral entry is not dissected correctly. (Bug 3542)
• Error dissecting eMule sourceOBFU message. (Bug 3848)
• Typos in Diameter XML files. (Bug 3878)
• RSL dissector for MS Power IE is broken. (Bug 4017)
• Manifest problem in 1.2.2 Win64 build. (Bug 4024)
• FIP dissector throws assertion. (Bug 4046)
• TCAP problem with indefinite length 'components' SEQ OF. (Bug 4053)
• GSM MAP: an-APDU not decoded. (Bug 4095)
• Add "Drag and Drop entries..." message on Columns preferences page. (Bug 4099)
• Editcap -t and -w option parses fractional digits incorrectly. (Bug 4162)
• New and Updated Features
• The 32-bit and 64-bit Windows packages now include WinPcap 4.1.1. .
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP, Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS
• Updated Capture File Support
• Capture file support is unchanged in this release.

Changes from v1.2.1 -> v1.2.2

• The GSM A RR dissector could crash. (Bug 3893)
• Versions affected: 1.2.0 to 1.2.1
• The OpcUa dissector could use excessive CPU and memory. (Bug 3986)
• Versions affected: 0.99.6 to 1.0.8, 1.2.0 to 1.2.1
• The TLS dissector could crash on some platforms. (Bug 4008)
• Versions affected: 1.2.0 to 1.2.1
• The following bugs have been fixed:
• The "Capture->Interfaces" window can't be closed. (Bug 1740)
• tshark-1.0.2 (dumpcap) signal abort core saved. (Bug 2767)
• Memory leak fixes. (Bug 3330)
• Display filter autocompletion doesn't work for some RADIUS and WiMAX ASNCP fields. (Bug 3538)
• Wireshark Portable includes wrong WinPcap installer. (Bug 3547)
• Crash when loading a profile. (Bug 3640)
• The proto,colinfo tap doesn't work if the INFO column isn't being printed. (Bug 3675)
• Flow Graph adds too much unnecessary garbage. (Bug 3693)
• The EAP Diameter dictionary file was missing in the distribution. (Bug 3761)
• Graph analysis window is behind other window. (Bug 3773)
• IKEv2 Cert Request payload dissection error. (Bug 3782)
• DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name. (Bug 3792)
• Malformed RTCP Packet error while sending Payload specific RTCP feedback packet( as per RFC 4585). (Bug 3800)
• 802.11n Block Ack packet Bitmap field missing. (Bug 3806)
• Wireshark doesn't decode WBXML/ActiveSync information correctly. (Bug 3811)
• Malformed packet when IPv6 packet has Next Header == 59. (Bug 3820)
• Wireshark could crash while reading an ERF file. (Bug 3849)
• Minor errors in gsm rr dissectors. (Bug 3889)
• WPA Decryption Issues. (Bug 3890)
• GSM A RR sys info dissection problem. (Bug 3901)
• GSM A RR inverts MEAS-VALID values. (Bug 3915)
• PDML output leaks ~300 bytes / packet. (Bug 3913)
• Incorrect station identifier parsing in Kingfisher dissector. (Bug 3946)
• DHCPv6, Vendor-Specific Informantion, SubOption"Option Request" parser incorrect. (Bug 3987)
• Wireshark could leak memory while analyzing SSL.
• Wireshark could crash while updating menu items after reading a file in some cases.
• The Mac OS X ChmodBPF script now works correctly under Snow Leopard.

Changes from v1.2.0 -> v1.2.1

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• The IPMI dissector could overrun a buffer. Versions affected: 1.2.0
• The AFS dissector could crash. Versions affected: 0.9.2 to 1.2.0
• The Infiniband dissector could crash on some platforms. Versions affected: 1.0.6 to 1.2.0
• The Bluetooth L2CAP dissector could crash. Versions affected: 1.2.0
• The RADIUS dissector could crash. Versions affected: 1.2.0
• The MIOP dissector could crash. Versions affected: 1.2.0
• The sFlow dissector could use excessive CPU and memory. Versions affected: 1.2.0
• The following bugs have been fixed:
• Wireshark could crash while reading a pcap-ng file.
• Wireshark could crash while reading a PacketLogger file.
• CFLOW decoding is wrong for IPv6 fields (Bug 3328)
• Buildbot crash output: fuzz-2009-04-24-2891.pcap (Bug 3438)
• packet-dcm, corrupt DICOM export files (Bug 3493)
• GeoIP map should use random temporary file name (Bug 3530)
• Wireshark crashes when range_string is the data type (Bug 3536)
• Pcap-ng breaks VoIP call data (Bug 3539)
• ANSI MAP legInformation BER Error (Bug 3541)
• Starting Wireshark Portable 1.2.0 gives error message. (Bug 3547)
• On Windows, Wireshark could crash on startup. (Bug 3555)
• The title in the TCP sequence graphs is too short. (Bug 3556)
• USB Packets in pcap-ng Files Not Dissected Properly (Bug 3560)
• 802.11 decryption is broken (Bug 3590)
• SMB2 Error Response doesn't decode properly (Bug 3609)
• configure.in uses deprecated autoconf test for gnutls detection (Bug 3627)
• Radius Malformed Packet error message (Bug 3635)
• Wireshark could crash when loading a profile. (Bug 3640)
• Analyze->Decode as... menu item becomes unavailable (Bug 3642)
• btsnoop: Incorrect error message for not supported datalink type (Bug 3645)
• Decode error for network-id in BICC BCU-ID (Bug 3648)
• IEC 60870-5-104 dissector decodes nothing (Bug 3650)
• radius_register_avp_dissector() can stop RADIUS dissector from working correctly (Bug 3651)
• ANSI ISUP Cause indicators with coding standard=ANSI fail to dissect. (Bug 3654)
• Wrong field position in PacketCable Multimedia Extended Classifier (Bug 3656)
• FF Protocol "FMS Initiate - Version OD Calling" field packet data not unpacked properly (Bug 3694)
• hci_h4: Optimize column/field handling (Bug 3703)
• BSSLAP Protocol Not Decoded In BSSMAP-LE Messages (Bug 3711)
• Description of tshark -t dd missing from tshark.pod (Bug 3723)
• Problem in packet-per.c for ASN.1 PER Encoding (Bug 3733)
• [SNMP] Crash when dissecting packet (custom MIB) (Bug 3746)
• New and Updated Features
• There are no new or updated features in this release.
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• AFS, ANSI ISUP, ANSI MAP, ASN.1 PER, Bluetooth HCI H4, Bluetooth L2CAP, BSS CFLOW, COPS, Diameter, DICOM, FF-HSE, ICMPv6, IEC-60870-5-104, IEEE 802.11, Infiniband, IPMI, MIOP, RADIUS, RSVP, sFlow, SNMP, SMB2, ZIOP
• New Capture File Support
• Btsnoop, DCT3, Packetlogger, pcap-ng.

Changes from v1.2.0 Pre 2 -> v1.2.0

• Bug Fixes
• Too many bugs have been fixed since the 1.0 release to list here.
• Some notable fixes are:
• Type-ahead search now works properly.
• Several bugs that affected capture from pipes have been fixed.
• Many Lua-related bugs have been fixed.
• Several memory leaks have been found and fixed.
• The "Follow TCP Stream" feature could show two streams at the same time The hex dump view has been narrowed.
• WPA and SSL decryption bugs have been fixed.
• Readability problems on 256-color displays on Windows have been fixed.
• New and Updated Features:
• The following features are new (or have been significantly updated) since version 1.0:
• Wireshark has a spiffy new start page.
• Display filters now autocomplete.
• A 64-bit Windows (x64) installer is now provided.
• Support for the c-ares resolver library has been added. It has many advantages over ADNS.
• Many new protocol dissectors and capture file formats have been added (see below for a complete list).
• Macintosh OS X support has been improved.
• GeoIP database lookups.
• OpenStreetMap + GeoIP integration.
• Improved Postscript(R) print output.
• The preference handling code is now much smarter about changes.
• Support for Pcap-ng, the next-generation capture file format.
• Support for process information correlation via IPFIX.
• Column widths are now saved.
• The last used configuration profile is now saved.
• Protocol preferences are changeable from the packet details context menu.
• Support for IP packet comparison.
• Capinfos now shows the average packet rate.
• GTK1 is no longer supported. (Yes, this is a feature.)
• Official Windows packages are now built using Microsoft Visual C++ 2008 SP1.
• New Protocol Support:
• Anything in Anything Protocol, ATM PW, N-to-one Cell Mode, B.A.T.M.A.N. Layer 3 Protocol, BACnet MS/TP, BSS LCS Assistance Protocol, Canon BJNP, CESoPSN basic NxDS0 mode (no RTP support), Charging ASE, Cimetrics MS/TP, DECT Protocol, Digital Private Signalling System No 1 Link Layer, DOCSIS Mac Domain Description, DOCSIS Registration Request Multipart, DOCSIS Registration Response Multipart, DOCSIS Synchronisation Message, E100 Encapsulation, EHS, Enhanced Variable Rate Codec, Ethernet Global Data, Ethernet PW, Exchange 2003 Directory Request For Response, Far End Failure Detection, FCoE Initialization Protocol, GOOSE, GPEF, GPRS Tunneling Protocol V2, GSM A-I/F COMMON, GSM A-I/F GPRS Mobility and Session Management, GSM SACCH, GSM Um Interface, HDLC PW, FR port mode (no CW), HDLC-like framing for PPP, IEC 60870-5-104,Apci, IEC 60870-5-104,Asdu, IEEE 802.15.4 Low-Rate Wireless PAN non-ASK PHY, IEEE C37.118 Synchrophasor Protocol, Intelligent Platform Management Interface (Session Wrapper), Inter-Integrated Circuit, Internal TDM, IPSICTL, ISMACryp Protocol, iWARP Direct Data Placement and Remote Direct Memory Access Protocol, iWARP Marker Protocol data unit Aligned framing, Kontiki Delivery Protocol, LANforge Traffic Generator, Layer 1 Event Messages, Lb-I/F BSSMAP LE, LeCroy VICP, Link Access Procedure, Channel Dm (LAPDm), Local Download Sharing Service, LTE Radio Resource Control (RRC) protocol, MAC-LTE, Memcache Protocol, Mesh Header, MP4V-ES, Nasdaq TotalView-ITCH, Nasdaq-SoupTCP version 2.0, NAT Port Mapping Protocol, Netdump Protocol, Non-Access-Stratum (NAS)PDU, PacketLogger, Paltalk Messenger Protocol, PDCP-LTE, PW Associated Channel Header, PW Ethernet Control Word, PW Frame Relay DLCI Control Word, PW MPLS Control Word (generic/preferred), Real-Time Publish-Subscribe Wire Protocol 2.x, Remote Packet Capture, RLC-LTE, SAToP (no RTP support), SERCOS III V1.1, SIMULCRYPT Protocol, Subnetwork Dependent Convergence Protocol XID, Teamspeak2 Protocol, TTEthernet, TTEthernet Protocol Control Frame, Turbocell Aggregate Data, Turbocell Header, TURN Channel, Unreliable Multicast Inter-ORB Protocol, VCDU, Wave Short Message Protocol(IEEE P1609.3), Wireless Access Station Session Protocol, Wireshark Expert Info, World of Warcraft, Xpress Transport Protocol, ZigBee Application Framework, ZigBee Application Support Layer, ZigBee Device Profile, ZigBee Encapsulation Protocol, ZigBee Network Layer, Zipped Inter-ORB Protocol, ZRTP
• Updated Protocol Support:
• There are too many updates to list here.
• New Capture File Support:
• Apple Bluetooth PacketLogger, Daintree's Sensor Network Analyzer, dct3trace, Pcap-NG, TNEF (yes, those silly winmail.dat attachments)

Changes from v1.0.3 -> v1.1.0 Development Release

• Wireshark 1.1.0 has been released. Installers for Windows, Mac OS X Intel 10.5, and source code is now available. This is a development release, intended to be used as a platform for testing new features. The latest stable release of Wireshark is still 1.0.3.

Changes from v1.0.8 -> v1.0.10

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• The RADIUS dissector could crash.
• Versions affected: 0.10.10 to 1.0.9, 1.2.0
• CVE-CVE-2009-2560
• The DCERPC/NT dissector could crash.
• Versions affected: 0.10.10 to 1.2.2
• New and Updated Features
• There are no new or updated features in this release.
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• DCERPC NT, RADIUS

Changes from v1.0.7 -> v1.0.8

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• The PCNFSD dissector could crash.
• Versions affected: 0.8.20 to 1.0.7
• CVE-2009-????
• The following bugs have been fixed:
• Lua integration could crash. (Bug 2453)
• The SCCP dissector could crash when loading more than one file in a single session. (Bug 3409)
• The NDMP dissector could crash if reassembly was enabled. (Bug 3470)
• New and Updated Features
• There are no new or updated features in this release.
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• All ASN.1 protocols, DICOM, NDMP, PCNFSD, RTCP, SCCP, SSL, STANAG 5066
• New and Updated Capture File Support
• There are no new or updated capture file formats in this release.

Changes from v1.0.6 -> v1.0.7

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382). Versions affected: 0.99.6 to 1.0.6. CVE-2009-1210
• The LDAP dissector could crash on Windows. (Bug 3262). Versions affected: 0.99.2 to 1.0.6. CVE-2009-1267
• The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269). Versions affected: 0.9.6 to 1.0.6. CVE-2009-1268
• Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366). Versions affected: 0.99.6 to 1.0.6. CVE-2009-1269
• The following bugs have been fixed:
• Correct use of proto_tree_add_int_format() (Bug 3048)
• RTP dynamic payload clock rates incorrectly determined (Bug 3067)
• TShark fails to properly close capture files when opening new ones (Bug 3172)
• ANSI MAP digits type decode and bitmask corrections (Bug 3233)
• Two small patches for ipvs-syncd dissector (Bug 3236)
• BGP capability dissection failure (Bug 3247)
• ANSI MAP fix for missing MEID/MSC ID number in RegNot (Bug 3255)
• BACnet PrivateTransferError shows malformed packet (Bug 3257)
• Windows silent installer is not that silent (Bug 3260)
• Crash in ASN.1 dissector when using 'type table' (Bug 3271)
• 802.11n SM Power save mode value 0x3 label is incorrect (Bug 3276)
• 802.11 WME ie displayed incorrectly (Bug 3284)
• "Copy as filter" from the packet list has been fixed.
• New and Updated Features
• There are no new or updated features in this release.
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• ACN, ANSI MAP, ASN.1 BACnet, BGP, CPHAP, GSM MAP, IEEE 802.11, IPVS, LDAP, NetFlow/IPFIX, PROFINET, RTP, SNMP, WSP
• New and Updated Capture File Support
• (TBD)

Changes from v1.0.5 -> v1.0.6

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters. Discovered by babi. (Bug 3150)
• Wireshark could crash while reading a malformed NetScreen snoop file. Discovered by babi. (Bug 3151)
• Wireshark could crash while reading a Tektronix K12 text capture file. (Bug 1937)
• The following bugs have been fixed:
• Crash when loading capture file and Preferences: NO Info column (Bug 2902)
• Some Lua scripts may lead to corruption via out of bounds stack (Bug 3062)
• Build with GLib 1.2 fails with error: 'G_MININT32' undeclared (Bug 3109)
• Wrong decoding IMSI with GSM MAP protocol (Bug 3116)
• Segmentation fault for "Follow TCP stream" (Bug 3119)
• SMPP optional parameter 'network_error_code' incorrectly decoded (Bug 3128)
• DHCPv6 dissector doesn't handle malformed FQDN (Bug 3134)
• WCCP overrides CFLOW as decoded protocol (Bug 3175)
• Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object (Bug 3179)
• ANSI MAP fix for TRN digits/SMS and OTA subdissection (Bug 3214)
• The 1.0 branch can now be built with Visual Studio 2008.
• New and Updated Features
• The version of GNUTLS included with the Windows packages has been updated from 2.3.8 to 2.6.3.
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS
• New and Updated Capture File Support
• NetScreen snoop

Changes from v1.0.4 -> v1.0.5

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• The SMTP dissector could consume excessive amounts of CPU and memory. Versions affected: 1.0.4
• The WLCCP dissector could go into an infinte loop. Versions affected: 0.99.7 to 1.0.4
• The following bugs have been fixed:
• Missing CRLF during HTTP POST in the "packet details" window (Bug 2534)
• Memory assertion in time_secs_to_str_buf() when compiled with GCC 4.2.3 (Bug 2777)
• Diameter dissector fails RFC 4005 compliance (Bug 2828)
• LDP vendor private TLV type is not correctly shown (Bug 2832)
• Wireshark on MacOS does not run when there are spaces in its path (Bug 2844)
• OS X Intel package incorrectly claims to be Universal (Bug 2979)
• Compilation broke when compiling without zlib (Bug 2993)
• Memory leak: saved_repoid (Bug 3017)
• Memory leak: follow_info (Bug 3018)
• Memory leak: follow_info (Bug 3019)
• Memory leak: tacplus_data (Bug 3020)
• Memory leak: col_arrows (Bug 3021)
• Memory leak: col_arrows (Bug 3022)
• Incorrect address structure assigned for find_conversation() in WSP (Bug 3071)
• Memory leak with unistim in voip_calls (Bug 3079)
• Error parsing the BSSGP protocol (Bug 3085)
• Assertion thrown in fvalue_get_uinteger when decoding TIPC (Bug 3086)
• LUA script : Wireshark crashes after closing and opening again a window used by a listener.draw() function. (Bug 3090)

Changes from v1.0.3 -> v1.0.4

• Bug Fixes
• The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
• Florent Drouin and David Maciejak found that the Bluetooth ACL dissector could crash or abort. (Bug 1513) Versions affected: 0.99.2 to 1.0.3
• The Q.931 dissector could crash or abort. (Bug 2870) Versions affected: 0.10.3 to 1.0.3
• Wireshark could abort while reading Tamos CommView capture files. (Bug 2926) Versions affected: 0.99.7 to 1.0.3
• David Maciejak found that the USB dissector could crash or abort. This led to the disovery of a similar problem in the Bluetooth RFCOMM dissector. (Bug 2922) Versions affected: 0.99.7 to 1.0.3
• Vivek Gupta and David Maciejak found that the PRP and MATE dissectors could make Wireshark crash. (Neither PRP nor MATE are enabled by default.) (Bug 2549) Versions affected: 0.99.2 to 1.0.3
• The following bugs have been fixed:
• Let MP2T call its subdissectors, even without tree (Bug 2627)
• Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1 (Bug 2685)
• Failure to dissect long SASL wrapped LDAP response (Bug 2687)
• Fix compiler warnings (Bug 2823)
• Homeplug dissection bugs (Bug 2859)
• Malformed Packet DCP ETSI error (Bug 2860)
• Wrong size of selected_registrar in WPS dissector (Bug 2865)
• Dissector assertion displaying cookies in DTLS frames (Bug 2876)
• Missing field type in documentation (Bug 2889)
• Wireshark -p switch seems to have no effect to PROMISCUOUS mode (Bug 2891)
• Misspelled PPI error vector magnitude filter (Bug 2903)
• Modbus Function 43 Encapsulated Interface Transport decoding (Bug 2917)
• Crash when printing or exporting some protocol data (Bug 2934)
• Crash when selecting "Export Selected Packet Bytes" (Bug 2964)
• New and Updated Features
• There are no new or updated features in this release.
• New Protocol Support
• There are no new protocols in this release.
• Updated Protocol Support
• AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug, IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL, SNMP, USB, WPS
• New and Updated Capture File Support
• AiroPeek, CommView

<<Back