path: root/docbook/release-notes.asciidoc

= Wireshark wireshark-version:[] Release Notes

== What is Wireshark?

Wireshark is the world's most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.

== What's New

=== Bug Fixes

// Link templates: ws-buglink:5000[]  ws-buglink:6000[Wireshark bug]  cve-idlink:2016-7000[]

The following vulnerabilities have been fixed:

* ws-salink:2016-01[]
+
DLL hijacking vulnerability.
//(ws-buglink:XXXX[])
cve-idlink:2016-2521[]
// Fixed in master: 4a79cf2
// Fixed in master-2.0: b33f4c8
// Fixed in master-1.12: f8d67cf

* ws-salink:2016-03[]
+
DNP dissector infinite loop.
(ws-buglink:11938[])
cve-idlink:2016-2523[]
// Fixed in master: 260afe1
// Fixed in master-2.0: 0cc86bb
// Fixed in master-1.12: 0ca7445

* ws-salink:2016-10[]
+
RSL dissector crash.
(ws-buglink:11829[])
cve-idlink:2016-2530[]
cve-idlink:2016-2531[]
// Fixed in master: 2930d31, de65fd6
// Fixed in master-2.0: aba3635, 0865707
// Fixed in master-1.12: f899e8a, 08d1876

* ws-salink:2016-11[]
+
LLRP dissector crash.
(ws-buglink:12048[])
cve-idlink:2016-2532[]
// Fixed in master: 4a2cd6c
// Fixed in master-2.0: 38a01c8
// Fixed in master-1.12: 74085a5

* ws-salink:2016-14[]
+
GSM A-bis OML dissector crash.
(ws-buglink:11825[])
//cve-idlink:2015-XXXX[]
// Fixed in master: c31425f
// Fixed in master-2.0: 9bc329b
// Fixed in master-1.12: 1d5f600

* ws-salink:2016-15[]
+
ASN.1 BER dissector crash.
(ws-buglink:12106[])
//cve-idlink:2015-XXXX[]
// Fixed in master: 55b5b7c
// Fixed in master-2.0: 271b10d
// Fixed in master-1.12: c43f94f

* ws-salink:2016-18[]
+
ASN.1 BER dissector crash.
(ws-buglink:11822[])
//cve-idlink:2015-XXXX[]
// Fixed in master: 9ff932b
// Fixed in master-2.0: 307bbd2
// Fixed in master-1.12: 8f7a26e

The following bugs have been fixed:

//* Wireshark always manages to score tickets for Burning Man, Coachella, and
//  SXSW while you end up working double shifts. (ws-buglink:0000[])
// cp /dev/null /tmp/buglist.txt ; for bugnumber in `git log --stat v1.12.10rc0..| grep ' Bug:' | cut -f2 -d: | sort -n -u ` ; do gen-bugnote $bugnumber; pbpaste >> /tmp/buglist.txt; done

* Questionable calling of ethernet dissector by encapsulating protocol dissectors. (ws-buglink:9933[])

* Improper RPC reassembly (ws-buglink:11913[])

* GTPv1 Dual Stack with one static and one Dynamic IP. (ws-buglink:11945[])

* Failed to parse M3AP IE (TNL information). (ws-buglink:12070[])

* Wrong interpretation of Instance ID value in OSPFv3 packet. (ws-buglink:12072[])

* MP2T Dissector does parse RTP properly in 2.0.1. (ws-buglink:12099[])

* editcap does not adjust time for frames with absolute timestamp 0 < t < 1 secs. (ws-buglink:12116[])

Windows installers and PortableApps(R) packages are now dual signed using SHA-1 and SHA-256
in order to comply with
http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx[Microsoft Authenticode policy].
Windows 7 and Windows Server 2008 R2 users should ensure that
https://support.microsoft.com/en-us/kb/3123479[update 3123479] is installed.
Windows Vista and Windows Server 2008 users should ensure that
https://support.microsoft.com/en-us/kb/2763674[hotfix 2763674] is installed.

=== New and Updated Features

There are no new features in this release.

=== New Protocol Support

There are no new protocols in this release.

=== Updated Protocol Support

--sort-and-group--
ASN.1 BER
BATADV
DNP3
E100
EIGRP
GSM A DTAP
GSM SMS
GTP
HiQnet
InfiniBand
LLRP
M3AP
MP2T
NFS
OSPF
RoHC
RPC
RSL
TRILL
VXLAN
X.509AF
--sort-and-group--

=== New and Updated Capture File Support

//There is no new or updated capture file support in this release.
--sort-and-group--
--sort-and-group--

== Getting Wireshark

Wireshark source code and installation packages are available from
https://www.wireshark.org/download.html.

=== Vendor-supplied Packages

Most Linux and Unix vendors supply their own Wireshark packages. You can
usually install or upgrade Wireshark using the package management system
specific to that platform. A list of third-party packages can be found
on the https://www.wireshark.org/download.html#thirdparty[download page]
on the Wireshark web site.

== File Locations

Wireshark and TShark look in several different locations for preference
files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary
from platform to platform. You can use About→Folders to find the default
locations on your system.

== Known Problems

Dumpcap might not quit if Wireshark or TShark crashes.
(ws-buglink:1419[])

The BER dissector might infinitely loop.
(ws-buglink:1516[])

Capture filters aren't applied when capturing from named pipes.
(ws-buglink:1814[])

Filtering tshark captures with read filters (-R) no longer works.
(ws-buglink:2234[])

The 64-bit Windows installer does not support Kerberos decryption.
(https://wiki.wireshark.org/Development/Win64[Win64 development page])

Resolving (ws-buglink:9044[]) reopens (ws-buglink:3528[]) so that Wireshark
no longer automatically decodes gzip data when following a TCP stream.

Application crash when changing real-time option.
(ws-buglink:4035[])

Hex pane display issue after startup.
(ws-buglink:4056[])

Packet list rows are oversized.
(ws-buglink:4357[])

Wireshark and TShark will display incorrect delta times in some cases.
(ws-buglink:4985[])

== Getting Help

Community support is available on https://ask.wireshark.org/[Wireshark's
Q&A site] and on the wireshark-users mailing list. Subscription
information and archives for all of Wireshark's mailing lists can be
found on https://www.wireshark.org/lists/[the web site].

Official Wireshark training and certification are available from
http://www.wiresharktraining.com/[Wireshark University].

== Frequently Asked Questions

A complete FAQ is available on the
https://www.wireshark.org/faq.html[Wireshark web site].