diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 292 |
1 files changed, 154 insertions, 138 deletions
@@ -1,4 +1,4 @@ - Wireshark 1.10.2 Release Notes + Wireshark 1.10.3 Release Notes __________________________________________________________ What is Wireshark? @@ -13,74 +13,77 @@ What's New Bug Fixes The following vulnerabilities have been fixed. - * [1]wnpa-sec-2013-54 - The Bluetooth HCI ACL dissector could crash. Discovered by - Laurent Butti. ([2]Bug 8827) - Versions affected: 1.10.0 to 1.10.1 - * [3]wnpa-sec-2013-55 + * [1]wnpa-sec-2013-61 + The IEEE 802.15.4 dissector could crash. ([2]Bug 9139) + Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 + [3]CVE-2013-6336 + * [4]wnpa-sec-2013-62 The NBAP dissector could crash. Discovered by Laurent - Butti. ([4]Bug 9005) - Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9 - * [5]wnpa-sec-2013-56 - The ASSA R3 dissector could go into an infinite loop. - Discovered by Ben Schmidt. ([6]Bug 9020) - Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9 - * [7]wnpa-sec-2013-57 - The RTPS dissector could overflow a buffer. Discovered by - Ben Schmidt. ([8]Bug 9019) - Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9 - * [9]wnpa-sec-2013-58 - The MQ dissector could crash. ([10]Bug 9079) - Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9 - * [11]wnpa-sec-2013-59 - The LDAP dissector could crash. Versions affected: 1.10.0 - to 1.10.1, 1.8.0 to 1.8.9 - * [12]wnpa-sec-2013-60 - The Netmon file parser could crash. Discovered by G. - Geshev. ([13]Bug 8742) - Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9 + Butti. ([5]Bug 9168) + Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 + [6]CVE-2013-6337 + * [7]wnpa-sec-2013-63 + The SIP dissector could crash. ([8]Bug 9228) + Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 + [9]CVE-2013-6338 + * [10]wnpa-sec-2013-64 + The OpenWire dissector could go into a large loop. + Discovered by Murali. ([11]Bug 9248) + Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 + [12]CVE-2013-6339 + * [13]wnpa-sec-2013-65 + The TCP dissector could crash. ([14]Bug 9263) + Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 + [15]CVE-2013-6340 The following bugs have been fixed: - * Lua ByteArray:append() causes wireshark crash. ([14]Bug - 4461) - * Lua script can not get "data-text-lines" protocol data. - ([15]Bug 5200) - * Lua: Trying to use Field.new("tcp.segments") to get - reassembled TCP data is failed. ([16]Bug 5201) - * "Edit Interface Settings": "Capture Filter" combo box is - not populated across Wireshark sessions. ([17]Bug 7278) - * PER normally small non-negative whole number decoding is - wrong when >= 64. ([18]Bug 8841) - * Strange behavior of tree expand/collapse in packet details. - ([19]Bug 8908) - * Incorrect parsing of IPFIX *IpTotalLength elements. - ([20]Bug 8918) - * IO graph/advanced, max/min/summ error on frames with - multiple Diameter messages. ([21]Bug 8980) - * pod2man error on reordercap.pod. ([22]Bug 8982) - * SGI Nsym disambiguation is unconditionally displayed when - dissecting VHT. ([23]Bug 8989) - * The Wireshark icon doesn't show up in OS X 10.5. ([24]Bug - 8993) - * Build fails if system Python is version 3+. ([25]Bug 8995) - * SCSI dissector does not parse PERSISTENT RESERVE commands - correctly. ([26]Bug 9012) - * SDP messages throws an assert. ([27]Bug 9022) - * Wireshark fails to decode single-line, multiple Contact: - URIs in SIP responses. ([28]Bug 9031) - * PN_MRP LinkUp Message is shown as LinkDown in info. - ([29]Bug 9035) - * Dissector for EtherCAT: ADS highlighting in the Packet - Bytes Pane is incorrect. ([30]Bug 9036) - * 802.11 HT Extended Capabilities B10 decode incorrect. - ([31]Bug 9038) - * Wrong dissection of MSTI Root Identifiers for all MSTIs. - ([32]Bug 9088) - * Weird malformed HTTP error. ([33]Bug 9101) - * Warning for attempting to install 64-bit Wireshark on a - 32-bit machine has an embedded "\n". ([34]Bug 9103) - * Wireshark crashes when using "Export Specified Packets" > - "Displayed". ([35]Bug 9106) + * new_packet_list: EAP-TLS reassemble does not happen when + NEW_PACKET_LIST is toggled. ([16]Bug 5349) + * TLS decryption fails with XMPP start_tls. ([17]Bug 8871) + * Wrong Interpretation of GTS starting slot. ([18]Bug 8946) + * "Follow TCP Stream" shows only the first HTTP req+res. + ([19]Bug 9044) + * The value of SEND_TO_UE in the DIAMETER Gx dictionary for + Packet-Filter-Usage AVP is 0 instead of 1. ([20]Bug 9126) + * Crash then try to delete the same entry (length range) + twice. ([21]Bug 9129) + * Crash if wrong "packet lengths range" entered. ([22]Bug + 9130) + * Bssgp => SGSN-INVOKE-TRACE use the wrong function... + ([23]Bug 9157) + * Minor correction to dissection of DLR frames in Ethernet/IP + dissector. ([24]Bug 9186) + * WebSphere MQ V7 Bug Fix 8322 TSHM_EBCDIC. ([25]Bug 9198) + * EDNS0 "Higher bits in extended RCODE" incorrectly decoded + in packet-dns.c. ([26]Bug 9199) + * Files with pcap-ng Simple Packet Blocks can't be read. + ([27]Bug 9200) + * Bug in RTP dissector if RTP extension is present. ([28]Bug + 9204) + * Improve "eHRPD Indicator" NVSE dissection in 3GPP2 A11 + Registration Request. ([29]Bug 9206) + * "make debian-package" fails, missing wsicon32.xpm. ([30]Bug + 9209) + * Fix typo in MODCOD list of DVB-S2 dissector. ([31]Bug 9218) + * Ring buffer crash when tshark gets too far behind dumpcap. + ([32]Bug 9258) + * PTP Dissector Wrongfully Reports Malformed Packet. ([33]Bug + 9262) + * Wireshark lua dissector unable to load for + media_type=application/octet-stream. ([34]Bug 9296) + * Wireshark crash when dissecting packet with NTLMSSP. + ([35]Bug 9299) + * Padding in uint64 field in DCERPC protocol wrongly + reported. ([36]Bug 9300) + * DCERPC data_blobs are not correctly dissected when NDR64 + encoding is used. ([37]Bug 9301) + * Multiple PDUs in the same DCERPC packet are not correctly + decrypted. ([38]Bug 9302) + * The tshark summary line doesn't display the frame number or + displays it sporadically. ([39]Bug 9317) + * Bluetooth: SDP improvements and minor fixes. ([40]Bug 9327) + * Duplicate IRC header field abbreviation breaks filter + (example: irc.response.command). ([41]Bug 9360) New and Updated Features @@ -92,26 +95,27 @@ What's New Updated Protocol Support - ASN.1 PER, ASSA R3, Bluetooth HCI ACL, EtherCAT AMS, GTPv2, - HTTP, IEEE 802.11, IPFIX, ISDN SUP, LDAP, MQ, NBAP, Novell SSS, - PROFINET MRP, Radiotap, ROHC, RTPS, SCSI, SIP, and STP + 3GPP2 A11, Bluetooth SDP, BSSGP, DCERPC, DCERPC NDR, DCERPC NT, + DIAMETER, DNS, DVB-S2, Ethernet, EtherNet/IP, H.225, IEEE + 802.15.4, IRC, NBAP, NTLMSSP, OpenWire, PTP, RTP, SIP, TCP, + WiMax, and XMPP New and Updated Capture File Support - and Microsoft Network Monitor, pcap-ng. + and . __________________________________________________________ Getting Wireshark Wireshark source code and installation packages are available - from [36]http://www.wireshark.org/download.html. + from [42]http://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list - of third-party packages can be found on the [37]download page + of third-party packages can be found on the [43]download page on the Wireshark web site. __________________________________________________________ @@ -125,102 +129,114 @@ File Locations Known Problems - Dumpcap might not quit if Wireshark or TShark crashes. ([38]Bug + Dumpcap might not quit if Wireshark or TShark crashes. ([44]Bug 1419) - The BER dissector might infinitely loop. ([39]Bug 1516) + The BER dissector might infinitely loop. ([45]Bug 1516) Capture filters aren't applied when capturing from named pipes. - ([40]Bug 1814) + ([46]Bug 1814) Filtering tshark captures with read filters (-R) no longer - works. ([41]Bug 2234) + works. ([47]Bug 2234) The 64-bit Windows installer does not support Kerberos - decryption. ([42]Win64 development page) + decryption. ([48]Win64 development page) - Application crash when changing real-time option. ([43]Bug + Resolving ([49]Bug 9044) reopens ([50]Bug 3528) so that + Wireshark no longer automatically decodes gzip data when + following a TCP stream. + + Application crash when changing real-time option. ([51]Bug 4035) - Hex pane display issue after startup. ([44]Bug 4056) + Hex pane display issue after startup. ([52]Bug 4056) - Packet list rows are oversized. ([45]Bug 4357) + Packet list rows are oversized. ([53]Bug 4357) Summary pane selected frame highlighting not maintained. - ([46]Bug 4445) + ([54]Bug 4445) Wireshark and TShark will display incorrect delta times in some - cases. ([47]Bug 4985) + cases. ([55]Bug 4985) __________________________________________________________ Getting Help - Community support is available on [48]Wireshark's Q&A site and + Community support is available on [56]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found - on [49]the web site. + on [57]the web site. Official Wireshark training and certification are available - from [50]Wireshark University. + from [58]Wireshark University. __________________________________________________________ Frequently Asked Questions - A complete FAQ is available on the [51]Wireshark web site. + A complete FAQ is available on the [59]Wireshark web site. __________________________________________________________ - Last updated 2013-09-10 08:39:52 PDT + Last updated 2013-11-01 09:27:30 PDT References - 1. https://www.wireshark.org/security/wnpa-sec-2013-54 - 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8827 - 3. https://www.wireshark.org/security/wnpa-sec-2013-55 - 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9005 - 5. https://www.wireshark.org/security/wnpa-sec-2013-56 - 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9020 - 7. https://www.wireshark.org/security/wnpa-sec-2013-57 - 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019 - 9. https://www.wireshark.org/security/wnpa-sec-2013-58 - 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9079 - 11. https://www.wireshark.org/security/wnpa-sec-2013-59 - 12. https://www.wireshark.org/security/wnpa-sec-2013-60 - 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8742 - 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4461 - 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5200 - 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5201 - 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7278 - 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8841 - 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8908 - 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8918 - 21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8980 - 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8982 - 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8989 - 24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8993 - 25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8995 - 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9012 - 27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9022 - 28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9031 - 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9035 - 30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9036 - 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9038 - 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9088 - 33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9101 - 34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9103 - 35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9106 - 36. http://www.wireshark.org/download.html - 37. http://www.wireshark.org/download.html#thirdparty - 38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 - 39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 - 40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 - 41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 - 42. https://wiki.wireshark.org/Development/Win64 - 43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 - 44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056 - 45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 - 46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445 - 47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 - 48. http://ask.wireshark.org/ - 49. http://www.wireshark.org/lists/ - 50. http://www.wiresharktraining.com/ - 51. http://www.wireshark.org/faq.html + 1. https://www.wireshark.org/security/wnpa-sec-2013-61.html + 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9139 + 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6336 + 4. https://www.wireshark.org/security/wnpa-sec-2013-62.html + 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9168 + 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6337 + 7. https://www.wireshark.org/security/wnpa-sec-2013-63.html + 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9228 + 9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6338 + 10. https://www.wireshark.org/security/wnpa-sec-2013-64.html + 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9248 + 12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6339 + 13. https://www.wireshark.org/security/wnpa-sec-2013-65.html + 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9263 + 15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6340 + 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5349 + 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8871 + 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8946 + 19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044 + 20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9126 + 21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9129 + 22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9130 + 23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9157 + 24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9186 + 25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9198 + 26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9199 + 27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9200 + 28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9204 + 29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9206 + 30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9209 + 31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9218 + 32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9258 + 33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9262 + 34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9296 + 35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9299 + 36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9300 + 37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9301 + 38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9302 + 39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9317 + 40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9327 + 41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9360 + 42. http://www.wireshark.org/download.html + 43. http://www.wireshark.org/download.html#thirdparty + 44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 + 45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 + 46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 + 47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 + 48. https://wiki.wireshark.org/Development/Win64 + 49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044 + 50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528 + 51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 + 52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056 + 53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 + 54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445 + 55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 + 56. http://ask.wireshark.org/ + 57. http://www.wireshark.org/lists/ + 58. http://www.wiresharktraining.com/ + 59. http://www.wireshark.org/faq.html |