1 files changed, 91 insertions, 93 deletions

diff --git a/NEWS b/NEWS
index c722aba67c..f4ef7e33ed 100644
--- a/NEWS
+++ b/NEWS
@@ -1,4 +1,4 @@
-                        Wireshark 1.10.13 Release Notes
+                        Wireshark 1.10.14 Release Notes
      __________________________________________________________________
 
 What is Wireshark?
@@ -12,39 +12,39 @@ What's New
   Bug Fixes
 
    The following vulnerabilities have been fixed.
-     * [1]wnpa-sec-2015-07
-       The WCP dissector could crash. ([2]Bug 10844) [3]CVE-2015-2188
-     * [4]wnpa-sec-2015-08
-       The pcapng file parser could crash. ([5]Bug 10895) [6]CVE-2015-2189
-     * [7]wnpa-sec-2015-10
-       The TNEF dissector could go into an infinite loop. Discovered by
-       Vlad Tsyrklevich. ([8]Bug 11023) [9]CVE-2015-2190
+     * [1]wnpa-sec-2015-14
+       The WCP dissector could crash while decompressing data. ([2]Bug
+       10978) [3]CVE-2015-3811
+     * [4]wnpa-sec-2015-15
+       The X11 dissector could leak memory. ([5]Bug 11088)
+       [6]CVE-2015-3812
+     * [7]wnpa-sec-2015-17
+       The IEEE 802.11 dissector could go into an infinite loop. ([8]Bug
+       11110) [9]CVE-2015-3814
 
    The following bugs have been fixed:
-     * IPv6 AUTH mobility option parses Mobility SPI and Authentication
-       Data incorrectly. ([10]Bug 10626)
-     * DHCP Option 125 Suboption: (1) option-len always expects 1 but
-       specification allows for more. ([11]Bug 10784)
-     * Little-endian OS X Bluetooth PacketLogger files aren't handled.
-       ([12]Bug 10861)
-     * X.509 certificate serial number incorrectly interpreted as negative
-       number. ([13]Bug 10862)
-     * H.248 "ServiceChangeReasonStr" messages are not shown in text
-       generated by tshark. ([14]Bug 10879)
-     * Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI.
-       ([15]Bug 10897)
-     * MEGACO wrong decoding on media port. ([16]Bug 10898)
-     * Wrong media format. ([17]Bug 10899)
-     * BSSGP Status PDU decoding fault (missing Mandatory element (0x04)
-       BVCI for proper packet). ([18]Bug 10903)
-     * Packets on OpenBSD loopback decoded as raw not null. ([19]Bug
-       10956)
-     * Display Filter Macro unable to edit. ([20]Bug 10957)
-     * IPv6 Local Mobility Anchor Address mobility option code is treated
-       incorrectly. ([21]Bug 10961)
-     * Juniper Packet Mirror dissector expects ipv6 flow label = 0.
-       ([22]Bug 10976)
-     * Infinite loop DoS in TNEF dissector. ([23]Bug 11023)
+     * Wireshark crashes if "Update list of packets in real time" is
+       disabled and a display filter is applied while capturing. ([10]Bug
+       6217)
+     * Wireshark relative ISN set incorrectly if raw ISN set to 0.
+       ([11]Bug 10713)
+     * Buffer overrun in encryption code. ([12]Bug 10849)
+     * ICMP Parameter Problem message contains Length of original datagram
+       is treated as the total IPv4 length. ([13]Bug 10991)
+     * ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. ([14]Bug
+       10992)
+     * Interface Identifier incorrectly represented by Wireshark. ([15]Bug
+       11053)
+     * Annoying popup when trying to capture on bonding devices on Linux.
+       ([16]Bug 11058)
+     * CanOpen dissector fails on frames with RTR and 0 length. ([17]Bug
+       11083)
+     * Typo in secp521r1 curve wrongly identified as sect521r1. ([18]Bug
+       11106)
+     * packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn't filter ENUM. ([19]Bug
+       11120)
+     * Typo: "LTE Positioning Protocol" abbreviated as "LPP", not "LLP".
+       ([20]Bug 11141)
 
   New and Updated Features
 
@@ -56,24 +56,25 @@ What's New
 
   Updated Protocol Support
 
-   ANSI IS-637-A, DHCP, GSM MAP, H.248, IPv6, Juniper Jmirror, and X.509AF
+   ASN.1 PER, CANopen, GSM RLC/MAC, GSMTAP, ICMP, IEEE 802.11, LPP,
+   MEGACO, PKCS-1, PPP IPv6CP, SRVLOC, SSL, TCP, WCP, X11, and ZigBee ZCL
 
   New and Updated Capture File Support
 
-   PacketLogger, and Pcapng
+   and Savvius OmniPeek Visual Networks
      __________________________________________________________________
 
 Getting Wireshark
 
    Wireshark source code and installation packages are available from
-   [24]http://www.wireshark.org/download.html.
+   [21]http://www.wireshark.org/download.html.
 
   Vendor-supplied Packages
 
    Most Linux and Unix vendors supply their own Wireshark packages. You
    can usually install or upgrade Wireshark using the package management
    system specific to that platform. A list of third-party packages can be
-   found on the [25]download page on the Wireshark web site.
+   found on the [22]download page on the Wireshark web site.
      __________________________________________________________________
 
 File Locations
@@ -86,91 +87,88 @@ File Locations
 
 Known Problems
 
-   Dumpcap might not quit if Wireshark or TShark crashes. ([26]Bug 1419)
+   Dumpcap might not quit if Wireshark or TShark crashes. ([23]Bug 1419)
 
-   The BER dissector might infinitely loop. ([27]Bug 1516)
+   The BER dissector might infinitely loop. ([24]Bug 1516)
 
    Capture filters aren't applied when capturing from named pipes.
-   ([28]Bug 1814)
+   ([25]Bug 1814)
 
    Filtering tshark captures with read filters (-R) no longer works.
-   ([29]Bug 2234)
+   ([26]Bug 2234)
 
    The 64-bit Windows installer does not support Kerberos decryption.
-   ([30]Win64 development page)
+   ([27]Win64 development page)
 
-   Resolving ([31]Bug 9044) reopens ([32]Bug 3528) so that Wireshark no
+   Resolving ([28]Bug 9044) reopens ([29]Bug 3528) so that Wireshark no
    longer automatically decodes gzip data when following a TCP stream.
 
-   Application crash when changing real-time option. ([33]Bug 4035)
+   Application crash when changing real-time option. ([30]Bug 4035)
 
-   Hex pane display issue after startup. ([34]Bug 4056)
+   Hex pane display issue after startup. ([31]Bug 4056)
 
-   Packet list rows are oversized. ([35]Bug 4357)
+   Packet list rows are oversized. ([32]Bug 4357)
 
-   Summary pane selected frame highlighting not maintained. ([36]Bug 4445)
+   Summary pane selected frame highlighting not maintained. ([33]Bug 4445)
 
    Wireshark and TShark will display incorrect delta times in some cases.
-   ([37]Bug 4985)
+   ([34]Bug 4985)
      __________________________________________________________________
 
 Getting Help
 
-   Community support is available on [38]Wireshark's Q&A site and on the
+   Community support is available on [35]Wireshark's Q&A site and on the
    wireshark-users mailing list. Subscription information and archives for
-   all of Wireshark's mailing lists can be found on [39]the web site.
+   all of Wireshark's mailing lists can be found on [36]the web site.
 
    Official Wireshark training and certification are available from
-   [40]Wireshark University.
+   [37]Wireshark University.
      __________________________________________________________________
 
 Frequently Asked Questions
 
-   A complete FAQ is available on the [41]Wireshark web site.
+   A complete FAQ is available on the [38]Wireshark web site.
      __________________________________________________________________
 
-   Last updated 2015-03-04 09:06:46 PST
+   Last updated 2015-05-12 10:25:54 PDT
 
 References
 
-   1. https://www.wireshark.org/security/wnpa-sec-2015-07.html
-   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
-   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188
-   4. https://www.wireshark.org/security/wnpa-sec-2015-08.html
-   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895
-   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2189
-   7. https://www.wireshark.org/security/wnpa-sec-2015-10.html
-   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
-   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2190
-  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10626
-  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10784
-  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10861
-  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10862
-  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10879
-  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10897
-  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10898
-  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10899
-  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10903
-  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10956
-  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10957
-  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10961
-  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10976
-  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
-  24. http://www.wireshark.org/download.html
-  25. http://www.wireshark.org/download.html#thirdparty
-  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
-  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
-  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
-  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
-  30. https://wiki.wireshark.org/Development/Win64
-  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
-  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
-  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
-  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
-  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
-  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
-  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
-  38. http://ask.wireshark.org/
-  39. http://www.wireshark.org/lists/
-  40. http://www.wiresharktraining.com/
-  41. http://www.wireshark.org/faq.html
+   1. https://www.wireshark.org/security/wnpa-sec-2015-14.html
+   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10978
+   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3811
+   4. https://www.wireshark.org/security/wnpa-sec-2015-15.html
+   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088
+   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3812
+   7. https://www.wireshark.org/security/wnpa-sec-2015-17.html
+   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11110
+   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3814
+  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6217
+  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10713
+  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10849
+  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10991
+  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10992
+  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11053
+  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11058
+  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11083
+  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11106
+  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11120
+  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11141
+  21. http://www.wireshark.org/download.html
+  22. http://www.wireshark.org/download.html#thirdparty
+  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
+  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
+  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
+  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
+  27. https://wiki.wireshark.org/Development/Win64
+  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
+  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
+  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
+  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
+  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
+  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
+  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
+  35. http://ask.wireshark.org/
+  36. http://www.wireshark.org/lists/
+  37. http://www.wiresharktraining.com/
+  38. http://www.wireshark.org/faq.html