= Wireshark wireshark-version:[] Release Notes == What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. == What's New === Bug Fixes // Link templates: ws-buglink:5000[] ws-buglink:6000[Wireshark bug] cve-idlink:2016-7000[] The following vulnerabilities have been fixed: * ws-salink:2016-01[] + DLL hijacking vulnerability. //(ws-buglink:XXXX[]) //cve-idlink:2015-XXXX[] // Fixed in master: 4a79cf2 // Fixed in master-2.0: b33f4c8 // Fixed in master-1.12: f8d67cf * ws-salink:2016-03[] + DNP dissector infinite loop. (ws-buglink:11938[]) //cve-idlink:2015-XXXX[] // Fixed in master: 260afe1 // Fixed in master-2.0: 0cc86bb // Fixed in master-1.12: 0ca7445 * ws-salink:2016-10[] + RSL dissector crash. (ws-buglink:11829[]) //cve-idlink:2015-XXXX[] // Fixed in master: 2930d31, de65fd6 // Fixed in master-2.0: aba3635, 0865707 // Fixed in master-1.12: f899e8a, 08d1876 * ws-salink:2016-11[] + LLRP dissector crash. (ws-buglink:12048[]) //cve-idlink:2015-XXXX[] // Fixed in master: 4a2cd6c // Fixed in master-2.0: 38a01c8 // Fixed in master-1.12: 74085a5 The following bugs have been fixed: //* Wireshark always manages to score tickets for Burning Man, Coachella, and // SXSW while you end up working double shifts. (ws-buglink:0000[]) // cp /dev/null /tmp/buglist.txt ; for bugnumber in `git log --stat v1.12.10rc0..| grep ' Bug:' | cut -f2 -d: | sort -n -u ` ; do gen-bugnote $bugnumber; pbpaste >> /tmp/buglist.txt; done * Questionable calling of ethernet dissector by encapsulating protocol dissectors. (ws-buglink:9933[]) * Improper RPC reassembly (ws-buglink:11913[]) * GTPv1 Dual Stack with one static and one Dynamic IP. (ws-buglink:11945[]) * Failed to parse M3AP IE (TNL information). (ws-buglink:12070[]) * Wrong interpretation of Instance ID value in OSPFv3 packet. (ws-buglink:12072[]) * MP2T Dissector does parse RTP properly in 2.0.1. (ws-buglink:12099[]) * editcap does not adjust time for frames with absolute timestamp 0 < t < 1 secs. (ws-buglink:12116[]) Windows installers and PortableApps(R) packages are now dual signed using SHA-1 and SHA-256 in order to comply with http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx[Microsoft Authenticode policy]. Windows 7 and Windows Server 2008 R2 users should ensure that https://support.microsoft.com/en-us/kb/3123479[update 3123479] is installed. Windows Vista and Windows Server 2008 users should ensure that https://support.microsoft.com/en-us/kb/2763674[hotfix 2763674] is installed. === New and Updated Features There are no new features in this release. === New Protocol Support There are no new protocols in this release. === Updated Protocol Support --sort-and-group-- BATADV DNP3 E100 EIGRP GSM A DTAP GSM SMS GTP HiQnet InfiniBand LLRP M3AP MP2T NFS OSPF RoHC RPC RSL TRILL VXLAN X.509AF --sort-and-group-- === New and Updated Capture File Support //There is no new or updated capture file support in this release. --sort-and-group-- --sort-and-group-- == Getting Wireshark Wireshark source code and installation packages are available from https://www.wireshark.org/download.html. === Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the https://www.wireshark.org/download.html#thirdparty[download page] on the Wireshark web site. == File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system. == Known Problems Dumpcap might not quit if Wireshark or TShark crashes. (ws-buglink:1419[]) The BER dissector might infinitely loop. (ws-buglink:1516[]) Capture filters aren't applied when capturing from named pipes. (ws-buglink:1814[]) Filtering tshark captures with read filters (-R) no longer works. (ws-buglink:2234[]) The 64-bit Windows installer does not support Kerberos decryption. (https://wiki.wireshark.org/Development/Win64[Win64 development page]) Resolving (ws-buglink:9044[]) reopens (ws-buglink:3528[]) so that Wireshark no longer automatically decodes gzip data when following a TCP stream. Application crash when changing real-time option. (ws-buglink:4035[]) Hex pane display issue after startup. (ws-buglink:4056[]) Packet list rows are oversized. (ws-buglink:4357[]) Wireshark and TShark will display incorrect delta times in some cases. (ws-buglink:4985[]) == Getting Help Community support is available on https://ask.wireshark.org/[Wireshark's Q&A site] and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on https://www.wireshark.org/lists/[the web site]. Official Wireshark training and certification are available from http://www.wiresharktraining.com/[Wireshark University]. == Frequently Asked Questions A complete FAQ is available on the https://www.wireshark.org/faq.html[Wireshark web site].