= Wireshark wireshark-version:[] Release Notes == What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. == What's New === Bug Fixes // Link templates: ws-buglink:5000[] ws-buglink:6000[Wireshark bug] cve-idlink:2013-2486[] The following vulnerabilities have been fixed. * ws-salink:2015-13[] + The WebSocket dissector could recurse excessively. // Fixed in master: g4ee6bcb // Fixed in master-1.12: gcdb1fc6 // Fixed in master-1.10: Unknown (ws-buglink:10989[]) //cve-idlink:2015-XXXX[] * ws-salink:2015-14[] + The WCP dissector could crash while decompressing data. // Fixed in master: ga6fc6aa // Fixed in master-1.12: g65db378 // Fixed in master-1.10: ge5a9cf3 (ws-buglink:10978[]) //cve-idlink:2015-XXXX[] * ws-salink:2015-15[] + The X11 dissector could leak memory. // Fixed in master: gb8ccc2a // Fixed in master-1.12: g7b58f02 // Fixed in master-1.10: g7cb179e (ws-buglink:11088[]) //cve-idlink:2015-XXXX[] * ws-salink:2015-17[] + The IEEE 802.11 dissector could go into an infinite loop. // Fixed in master: ge243b00 // Fixed in master-1.12: gc3bee61 // Fixed in master-1.10: gcd4dd9a (ws-buglink:11110[]) //cve-idlink:2015-XXXX[] The following bugs have been fixed: // Should be sorted numerically. //* Wireshark will practice the jazz flute for hours on end when you're trying // to sleep. (ws-buglink:0000[]) // cp /dev/null /tmp/buglist.txt; for bugnumber in `git log --stat v1.10.15rc0..| grep ' Bug:' | cut -f2 -d: | sort -n -u ` ; do gen-bugnote $bugnumber; pbpaste >> /tmp/buglist.txt; done * Wireshark crashes if "Update list of packets in real time" is disabled and a display filter is applied while capturing. (ws-buglink:6217[]) * Wireshark relative ISN set incorrectly if raw ISN set to 0. (ws-buglink:10713[]) * Buffer overrun in encryption code. (ws-buglink:10849[]) * ICMP Parameter Problem message contains Length of original datagram is treated as the total IPv4 length. (ws-buglink:10991[]) * ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. (ws-buglink:10992[]) * Interface Identifier incorrectly represented by Wireshark. (ws-buglink:11053[]) * Annoying popup when trying to capture on bonding devices on Linux. (ws-buglink:11058[]) * CanOpen dissector fails on frames with RTR and 0 length. (ws-buglink:11083[]) * Typo in secp521r1 curve wrongly identified as sect521r1. (ws-buglink:11106[]) * packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn't filter ENUM. (ws-buglink:11120[]) * Typo: "LTE Positioning Protocol" abbreviated as "LPP", not "LLP". (ws-buglink:11141[]) === New and Updated Features There are no new features in this release. === New Protocol Support There are no new protocols in this release. === Updated Protocol Support --sort-and-group-- ASN.1 PER CANopen GSM RLC/MAC GSMTAP ICMP IEEE 802.11 LPP PKCS-1 PPP IPv6CP SRVLOC TCP WCP X11 ZigBee ZCL --sort-and-group-- === New and Updated Capture File Support --sort-and-group-- Savvius OmniPeek, Visual Networks --sort-and-group-- == Getting Wireshark Wireshark source code and installation packages are available from http://www.wireshark.org/download.html. === Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the http://www.wireshark.org/download.html#thirdparty[download page] on the Wireshark web site. == File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system. == Known Problems Dumpcap might not quit if Wireshark or TShark crashes. (ws-buglink:1419[]) The BER dissector might infinitely loop. (ws-buglink:1516[]) Capture filters aren't applied when capturing from named pipes. (ws-buglink:1814[]) Filtering tshark captures with read filters (-R) no longer works. (ws-buglink:2234[]) The 64-bit Windows installer does not support Kerberos decryption. (https://wiki.wireshark.org/Development/Win64[Win64 development page]) Resolving (ws-buglink:9044[]) reopens (ws-buglink:3528[]) so that Wireshark no longer automatically decodes gzip data when following a TCP stream. Application crash when changing real-time option. (ws-buglink:4035[]) Hex pane display issue after startup. (ws-buglink:4056[]) Packet list rows are oversized. (ws-buglink:4357[]) Summary pane selected frame highlighting not maintained. (ws-buglink:4445[]) Wireshark and TShark will display incorrect delta times in some cases. (ws-buglink:4985[]) == Getting Help Community support is available on http://ask.wireshark.org/[Wireshark's Q&A site] and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on http://www.wireshark.org/lists/[the web site]. Official Wireshark training and certification are available from http://www.wiresharktraining.com/[Wireshark University]. == Frequently Asked Questions A complete FAQ is available on the http://www.wireshark.org/faq.html[Wireshark web site].