Recent Releases
4.3.104 Aug 2024 20:25
minor feature:
Many improvements and to the graphing dialogs, including I/O
Graphs, Flow Graph / VoIP Calls, and TCP Stream Graphs.
Wireshark now supports automatic profile switching. You can associate
a display filter with a configuration profile, and when you open a.
Capture file that matches the filter, Wireshark will automatically
Switch to that profile.
Support for Lua 5.3 and 5.4 has been added, and support for Lua 5.1.
And 5.2 has been removed. The Windows and macOS installers now ship
With Lua 5.4.6.
Improved display filter support for value strings (optional string.
Representations for numeric fields).
Display filter functions can be implemented as runtime-loadable C.
Plugins.
Display filters can be translated to pcap filters using "Edit Copy
Display filter as pcap filter" if each display filter field has a.
Corresponding pcap filter equivalent.
Custom columns can be defined using any valid field expression, such
as display filter functions, slices, arithmetic calculations, logical.
Tests, raw byte addressing, and the layer modifier.
Custom output fields for `tshark -e` can also be defined using any.
Valid field expression.
Wireshark can be built with the zlib-ng instead of zlib for compressed.
File support. Zlib-ng is substantially faster than zlib. The official
Windows and macOS packages have this feature included.
Many other improvements have been made. See the New and Updated
Features section below for more details.
New and Updated Features.
The following features are either new or have been significantly.
Updated since version 4.2.0:
Improvements to the "I/O Graphs" dialog:
A number of crasher have been.
The protocol tree context menu can open a I/O graph of the.
Currently selected field. 1
Smaller intervals can be used, down to 1 microsecond. 13682 2 .
A larger number of I/O Graph item buckets can be used, up to
225 items. 3 .
The memory usage has been improved, the size of an item has.
Been reduced from 152 bytes to 88 bytes.
When the Y field or Y axis ch
4.3.003 Jan 2024 13:56
minor feature:
This is an experimental release intended to test new features for Wireshark 4.4.
2.4.1618 Jul 2019 12:25
minor feature:
This is the final release of the Wireshark 2.4 branch. It will reach
its official end of life on July 19, 2019. If you are still using
Wireshark 2.4 you are encouraged to upgrade to Wireshark 3.0.
The following vulnerabilities have been :
1 wnpa-sec-2019-20 ASN.1 BER and related dissectors crash. 2 15870. 3 CVE-2019-13619.
The following have been :
BTLE doesn't properly detect start fragment of L2CAP PDUs. 4 15807.
Problems with sshdump "Error by extcap pipe: sh: sudo: command not
found". 5 .
editcap won't change encapsulation type when writing pcap format.
6 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
ASN.1, BTLE, CUPS, DNS, DPNSS, GSM RLC/MAC, HiQnet, MAC LTE, MIME
multipart, MQ, SMB, and TNEF.
New and Updated Capture File Support.
Ascend, and pcapng.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
2.4.1523 May 2019 03:17
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2019-19 Wireshark dissection engine crash. 2 15778.
The following have been :
Help file doesn't display for extcap interfaces. 3 .
Wrong NTP timestamp for RTCP XR RR packets (hf_rtcp_xr_timestamp
field). 4 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
DDP, IS-IS CLV, and RTCP XR RR.
New and Updated Capture File Support.
pcapng.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
2.4.1410 Apr 2019 00:05
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2019-09 NetScaler file parser crash. 2 .
3 CVE-2019-10895.
4 wnpa-sec-2019-10 SRVLOC dissector crash. 5 .
6 CVE-2019-10899.
7 wnpa-sec-2019-14 GSS-API dissector crash. 8 .
9 CVE-2019-10894.
10 wnpa-sec-2019-15 DOF dissector crash. 11 .
12 CVE-2019-10896.
13 wnpa-sec-2019-17 LDSS dissector crash. 14 .
15 CVE-2019-10901.
16 wnpa-sec-2019-18 DCERPC SPOOLSS dissector crash. 17 .
18 CVE-2019-10903.
The following have been :
GSM-A-RR variable bitmap decoding may report ARFCNs 1023. 19 15549.
Possible buffer overflow in function ssl_md_final for crafted SSL
3.0 sessions. 20 .
randpkt -r causes segfault when count 1. 21 .
Packets with metadata but no data get the Protocol Info column
overwritten. 22 .
Buildbot crash output: fuzz-2019-03-23-1789.pcap. 23 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
DCERPC SPOOLSS, DOF, GSM A RR, GSS-API, HL7, IEEE 802.15.4, ISO 14443,
LDSS, SRVLOC, and TLS.
New and Updated Capture File Support.
NetScaler, and pcap.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
3.005 Mar 2019 06:16
major feature:
https://www.wireshark.org/docs/relnotes/wireshark-3.0.0.html
2.4.1328 Feb 2019 03:18
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2019-06 ASN.1 BER and related dissectors crash. 2 15447. 3 CVE-2019-9209.
4 wnpa-sec-2019-07 TCAP dissector crash. 5 .
6 CVE-2019-9208.
7 wnpa-sec-2019-08 RPCAP dissector crash. 8 .
The following have been :
dftest should be distributed with the Windows installer. 9 13825.
Alignment Lost after Editing Column. 10 .
Crash on applying display filters or coloring rules on capture
files containing non-UTF-8 data. 11 .
Decoding of MEGACO/H.248 request shows the Remote descriptor as.
Local descriptor". 12 .
Repeated NFS in Protocol Display field. 13 .
Wireshark heap out-of-bounds read in infer_pkt_encap. 14 15463.
Column width and hidden when switching profiles. 15 15466.
GTPv1-C SGSN Context Response / Forward Relocation Request decode
GGSN address IPV6. 16 .
Lua Error on startup: init.lua: dofile has been disabled due to
running Wireshark as superuser. 17 .
Multiple out-of-bounds reads in NetScaler trace handling.
wiretap/netscaler.c). 18 .
Wrong endianess when dissecting the "chain offset" in SMB2 protocol
header. 19 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
ASN.1 BER, BSSAP, DNP3, ETSI CAT, GTP, MEGACO, MPLS Echo, RPC, RPCAP,
SMB2, and TCAP.
New and Updated Capture File Support.
NetScaler, and Sniffer.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
2.4.1209 Jan 2019 03:25
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2019-02 The P_MUL dissector could crash. 2 .
3 CVE-2019-5717.
4 wnpa-sec-2019-03 The RTSE dissector and other dissectors could
crash. 5 . 6 CVE-2019-5718.
7 wnpa-sec-2019-04 The ISAKMP dissector could crash. 8 .
9 CVE-2019-5719.
10 wnpa-sec-2019-05 The ISAKMP dissector could crash. 11 14470.
The following have been :
console.lua not found in a folder with non-ASCII characters in its
name. 12 .
Disabling Update list of packets in real time. will generally
trigger crash after three start capture, stop capture cycles.
13 .
UDP Multicast Stream double counts. 14 .
text2pcap et al. set snaplength to 64kiB-1, while processing frames
of 256kiB. 15 .
Builds without libpcap fail if the libpcap headers aren't
installed. 16 .
TCAP AnalogRedirectRecord parameter incorrectly coded as mandatory
in QualReq_rr message. 17 .
Wireshark jumps behind other windows when opening UAT dialogs.
18 .
Pathnames containing non-ASCII characters are mangled in error
dialogs on Windows. 19 .
Executing -z http,stat -r file.pcapng throws a segmentation fault.
20 .
IS-41 TCAP RegistrationNotification Invoke has borderCellAccess
parameter coded as tag 50 (as denyAccess) but should be 58. 21 15372.
GTPv2 APN dissect problem. 22 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
ANSI MAP, ENIP, GSM A, GTPv2, IMF, ISAKMP, P_MUL, RTSE, and TCAP.
New and Updated Capture File Support.
There is no new or updated capture file support in this release.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
2.4.1129 Nov 2018 11:05
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-51 The Wireshark dissection engine could crash.
2 . 3 CVE-2018-19625.
4 wnpa-sec-2018-52 The DCOM dissector could crash. 5 .
6 CVE-2018-19626.
7 wnpa-sec-2018-53 The LBMPDM dissector could crash. 8 .
9 CVE-2018-19623.
10 wnpa-sec-2018-54 The MMSE dissector could go into an infinite
loop. 11 . 12 CVE-2018-19622.
13 wnpa-sec-2018-55 The IxVeriWave file parser could crash.
14 . 15 CVE-2018-19627.
16 wnpa-sec-2018-56 The PVFS dissector could crash. 17 .
18 CVE-2018-19624.
The following have been :
VoIP Calls dialog doesn't include RTP stream when preparing a
filter. 19 .
Wireshark installs on macOS with permissions for.
Library/Application Support/Wireshark that are too restrictive.
20 .
Closing Enabled Protocols dialog crashes wireshark. 21 .
Encrypted Alerts corresponds to a wrong selection in the packet
bytes pane. 22 .
MATE unable to extract fields for PDU. 23 .
Malformed Packet: SV. 24 .
ISUP (ANSI) packets malformed in WS versions later than 2.4.8.
25 .
Handover candidate enquire message not decoded. 26 .
MLE security suite display incorrect. 27 .
Message for incorrect IPv4 option lengths is incorrect. 28 15290.
TACACS+ dissector does not properly reassemble large accounting
messages. 29 .
NLRI of S-PMSI A-D BGP route not being displayed. 30 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
BGP, DCOM, GSM A BSSMAP, IEEE 802.11 Radiotap, ISUP, LBMPDM, LISP, MLE,
MMSE, PVFS, SLL, SSL/TLS, SV, and TACACS+.
New and Updated Capture File Support.
3GPP TS 32.423 Trace, and IxVeriWave.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
2.4.1012 Oct 2018 09:25
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-47
MS-WSP dissector crash. 2 . 3 CVE-2018-18227.
4 wnpa-sec-2018-50
OpcUA dissector crash. 5 CVE-2018-12086.
The following have been :
HTTP2 dissector decodes first SSL record only. 6 .
Undocumented sub-option for -N option in man page and tshark -N
help. 7 .
Mishandling of Port Control Protocol option padding. 8 .
MGCP: parameter lines are case-insensitive. 9 .
details of 2nd sub-VSA in bundled RADIUS VSA are incorrect. 10 15073.
Heuristic DPLAY dissector fails to recognize DPLAY packets. 11 15092.
gsm_rlcmac_dl dissector exception. 12 .
Buildbot crash output: fuzz-2018-09-07-29306.pcap. 13 .
Wildcard expansion doesn't work on Windows 10 for command-line
programs in cmd.exe or PowerShell. 14 .
SSL Reassembly Error New fragment past old data limits. 15 15158.
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
ASN.1 PER, CIP, DPLAY, HTTP, MGCP, MS-WSP, OpcUa, PCP, RADIUS, and TLS.
New and Updated Capture File Support.
Ascend, and pcapng.
New and Updated Capture Interfaces support.
There are no new or updated capture interfaces supported in this
release.
2.4.930 Aug 2018 06:45
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-44
Bluetooth AVDTP dissector crash. 2 . 3 CVE-2018-16058.
4 wnpa-sec-2018-45
Bluetooth Attribute Protocol dissector crash. 5 .
6 CVE-2018-16056.
7 wnpa-sec-2018-46
Radiotap dissector crash. 8 . 9 CVE-2018-16057.
The following have been :
Incorrect presentation of dissected data item (NETMASK) in ISAKMP
dissector. 10 .
udpdump frame too long error. 11 .
ASTERIX Category 062 / 135 Altitude has wrong value. 12 .
Wireshark cannot decrypt SSL/TLS session if it was proxied over
HTTP tunnel. 13 .
TLS records in a HTTP tunnel are displayed as "Encrypted Handshake
Message". 14 .
BTATT Dissector: Temperature Measurement: Celsius and Fahrenheit
swapped. 15 .
Diameter AVP User Location Info, Mobile Network Code decoded not
correctly. 16 .
Heartbeat message "Info" displayed without comma separator. 17 15079.
DTAP CC Start DTMF keypad information parsing error. 18 .
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
ASTERIX, Bluetooth ATT, Bluetooth AVDTP, DHCP, DTLS, E.212, HTTP,
ISAKMP, K12, Nordic BLE, Radiotap, and SSL.
New and Updated Capture File Support.
pcapng.
New and Updated Capture Interfaces support.
ciscodump udpdump.
2.4.819 Jul 2018 20:45
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-34
BGP dissector large loop. 2 . 3 CVE-2018-14342.
4 wnpa-sec-2018-35
ISMP dissector crash. 5 . 6 CVE-2018-14344.
7 wnpa-sec-2018-36
Multiple dissectors could crash. 8 . 9 CVE-2018-14340.
10 wnpa-sec-2018-37
ASN.1 BER dissector crash. 11 . 12 CVE-2018-14343.
13 wnpa-sec-2018-38
MMSE dissector infinite loop. 14 . 15 CVE-2018-14339.
16 wnpa-sec-2018-39
DICOM dissector crash. 17 . 18 CVE-2018-14341.
19 wnpa-sec-2018-40
Bazaar dissector infinite loop. 20 . 21 CVE-2018-14368.
22 wnpa-sec-2018-41
HTTP2 dissector crash. 23 . 24 CVE-2018-14369.
25 wnpa-sec-2018-42
CoAP dissector crash. 26 . 27 CVE-2018-14367.
28 wnpa-sec-2018-43
IEEE 802.11 dissector crash. 29 .
The following have been :
ISMP.EDP "Tuples" dissected incorrectly. ( 30 ).
Wireshark crashes when changing profiles. ( 31 ).
Crash when switching to TRANSUM enabled profile. ( 32 ).
Wireshark crashes with single quote string display filter. ( 33 14084).
randpkt can write packets that libwiretap can't read. ( 34 14107).
Crafted UDP packet causes large memory usage. ( 35 ).
Error received from dissect_wccp2_hash_assignment_info(). ( 36 14573).
Extraction of SMB file results in wrong size. ( 37 ).
Crafted UDP packet causes large memory usage. ( 38 ).
IP address to name resolution doesn't work in TShark. ( 39 14711).
proto_tree_add_protocol_format might leak memory. ( 40 ).
tostring for NSTime objects in lua gives wrong results. ( 41 14720).
DICOM dissector needs to check for packet offset overflow. ( 42 14742).
Formatting of OSI area addresses/address pregoes past the end
of the area address/address pre. ( 43 ).
ICMPv6 Router Renumbering - Packet Dissector - malformed. ( 44 14755).
WiMAX HARQ MAP decoder segfaults when length is too short. ( 45 14780).
HTTP PUT request following a HEAD request is not correctly decoded.
46 ).
SYNC PDU type 3 miss the last PDU length. ( 47 ).
Reversed 128 bits service UUIDs when Bluetooth Low Energy
adve
2.4.723 May 2018 16:45
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-25
The LDSS dissector could crash. ( 2 ).
3 wnpa-sec-2018-28
Multiple dissectors could consume excessive memory. ( 4 ).
5 wnpa-sec-2018-29
The DNS dissector could crash. ( 6 ).
7 wnpa-sec-2018-30
The GSM A DTAP dissector could crash. ( 8 ).
9 wnpa-sec-2018-31
The Q.931 dissector could crash. ( 10 ).
11 wnpa-sec-2018-33
Multiple dissectors could crash. ( 12 ).
The following have been :
Double "Full Screen" menu item on macOS. ( 13 ).
Segmentation fault when switching profiles. ( 14 ).
extcap: InterfaceToolbar control pipe broken. ( 15 ).
SIP Response-time not being well calculated. ( 16 ).
HP-UX HP ANSI C requires -Wp,-H200000 flag to compile. ( 17 14554).
Power Capability tag interpreted incorrectly. ( 18 ).
while building latest version of wireshark 2.4.6. ( 19 14597).
SMB2 Write requests not displayed. ( 20 ).
Wrong default file format chosen in when saving a capture with
comments added if the original format doesn't support comments.
21 ).
ui/macosx directory missing from source release tarball. ( 22 14627).
Wireshark 2.9.0 snapshot crashes/segfaults on Windows when launched
with -k or -i. ( 23 ).
File missing from release tarball. ( 24 ).
Remove: HACK to support UHD's weird header offset on data packets.
25 ).
WinSparkle 0.5.6 is out of date and is gy. ( 26 ).
RTMPT: incorrect dissection of multiple RTMP packets within a
single TCP packet. ( 27 ).
Erroneous MAC-LTE Dissection for Sidelink Shared Channel Packets.
28 ).
Files missing from docbook CMake file. ( 29 ).
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
Updated Protocol Support.
BATADV, BT LE LL, BVLC, DLT_USER, DNS, GSM A BSSMAP, GSM A DTAP, GSM A
GM, GTP, GTPv2, IEEE 802.11, LAPDm, LDSS, Logcat Text, LwM2M-TLV, MAC
LTE, MP2T, MPEG PES, NBSS, Q.931, RSL, RTMPT, S7COMM, SIP, TCP, and
VITA 49.
New and Updated Capture File Support.
3GPP TS 32.423 Trace, and And
2.4.604 Apr 2018 10:45
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-15
The MP4 dissector could crash. ( 2 ).
3 wnpa-sec-2018-16
The ADB dissector could crash. ( 4 ).
5 wnpa-sec-2018-17
The IEEE 802.15.4 dissector could crash. ( 6 ).
7 wnpa-sec-2018-18
The NBAP dissector could crash. ( 8 ).
9 wnpa-sec-2018-19
The VLAN dissector could crash. ( 10 ).
11 wnpa-sec-2018-20
The LWAPP dissector could crash. ( 12 ).
13 wnpa-sec-2018-21
The TCP dissector could crash. ( 14 ).
15 wnpa-sec-2018-22
The CQL dissector could to into an infinite loop. ( 16 ).
17 wnpa-sec-2018-23
The Kerberos dissector could crash. ( 18 ).
19 wnpa-sec-2018-24
Multiple dissectors and other modules could leak memory. The TN3270.
20 ), ISUP ( 21 ), LAPD ( 22 ), SMB2.
23 ), GIOP ( 24 ), ASN.1 ( 25 ), MIME
multipart ( 26 ), H.223 ( 27 ), and PCP ( 28 14488) dissectors were susceptible along with Wireshark and TShark.
29 ).
The following have been :
TRANSUM doesn't account for DNS retries in the Request Spread.
30 ).
BGP: IPv6 NLRI is received with Add-path ID, then Wireshark is not
able to decode the packet correctly. ( 31 ).
Lua script calling Ethernet dissector runs OK in 1.12.4 but crashes
in later releases. ( 32 ).
PEEKREMOTE dissector lacks 80mhz support, short preamble support
and spatial streams encoding. ( 33 ).
Statistics UDP Multicast Streams Copy Save as.. is broken.
34 ).
Typo error in enumeration value of speech version identifier.
35 ).
In "Unsaved packets" dialog one can NOT use keyboard to choose.
Continue without Saving". ( 36 ).
WCCP logical error in CHECK_LENGTH_ADVANCE_OFFSET macros. ( 37 14538).
Buildbot crash output: fuzz-2018-03-19-19114.pcap. ( 38 ).
alloca() used in wsutil/getopt_long.c without inclusion.
39 ).
HP-UX HP ANSI C requires -Wp,-H200000 flag to compile. ( 40 14554).
Makefile.in uses non-portable "install" command. ( 41 ).
HP-UX HP ANSI C doesn't support assigning to a variable in
epan/app_mem_usage.c. ( 42 ).
PPP in SSTP, HDLC framing not parsed properly. ( 43 ).
Usi
2.4.518 Mar 2018 03:15
minor feature:
The following vulnerabilities have been :
1 wnpa-sec-2018-05
The IEEE 802.11 dissector could crash. 2 .
3 CVE-2018-7335.
4 wnpa-sec-2018-06
Multiple dissectors could go into large infinite loops. All ASN.1
BER dissectors ( 5 ), along with the DICOM ( 6 ),
DMP ( 7 ), LLTD ( 8 ), OpenFlow ( 9 ),
RELOAD ( 10 ), RPCoRDMA ( 11 ), RPKI-Router.
12 ), S7COMM ( 13 ), SCCP ( 14 ),
Thread ( 15 ), Thrift ( 16 ), USB ( 17 14421), and WCCP ( 18 ) dissectors were susceptible.
19 wnpa-sec-2018-07
The UMTS MAC dissector could crash. 20 .
21 CVE-2018-7334.
22 wnpa-sec-2018-08
The DOCSIS dissector could crash. 23 , 24 CVE-2018-7337.
25 wnpa-sec-2018-09
The FCP dissector could crash. 26 , 27 CVE-2018-7336.
28 wnpa-sec-2018-10
The SIGCOMP dissector could crash. 29 , 30 CVE-2018-7320.
31 wnpa-sec-2018-11
The pcapng file parser could crash. 32 .
33 CVE-2018-7420.
34 wnpa-sec-2018-12
The IPMI dissector could crash. 35 , 36 CVE-2018-7417.
37 wnpa-sec-2018-13
The SIGCOMP dissector could crash. 38 , 39 CVE-2018-7418.
40 wnpa-sec-2018-14
The NBAP disssector could crash. 41 , 42 CVE-2018-7419.
The following have been :
Change placement of "double chevron" in Filter Toolbar to eliminate
overlap. ( 43 ).
AutoScroll does not work. ( 44 ).
BOOTP/DHCP: malformed packet - when user class option (77) is
present. ( 45 ).
GET MAX LUN wLength decoded as big-endian - USB Mass Storage.
46 ).
Unable to create Filter Expression Button for a yellow filter.
47 ).
Buildbot crash output: fuzz-2018-01-28-15874.pcap. ( 48 ).
NetScaler RPC segmentation fault / stack overflow. ( 49 ).
oss-fuzz #6028 RPC_NETLOGON: Direct-leak in g_malloc.
generate_hash_key). ( 50 ).
Newline " n" in packet list field increase line height for all
rows. ( 51 ).
ieee80211-radio.c preamble duration calculation not correct.
52 ).
DIS: Malformed packet in SISO-STD-002 transmitter. ( 53 ).
New and Updated Features.
There are no new features in this release.
New Protocol Support.
There are no new protocols in this release.
U
1.99.629 May 2015 09:05
major feature:
The I/O Graph in the Gtk+ UI now supports an unlimited number of
data points (up from 100k).
TShark now resets its state when changing files in ring-buffer
mode.
Expert Info severities can now be configured.
Wireshark now supports external capture interfaces. External
capture interfaces can be anything from a tcpdump-over-ssh pipe to
a program that captures from proprietary or non-standard hardware.
This functionality is not available in the Qt UI yet.
Qt port:
The Qt UI is now the default (program name is wireshark).
A Polish translation has been added.
The Interfaces dialog has been added.
The interface list is now updated when interfaces appear or
disappear.
The Conversations and Endpoints dialogs have been added.
A Japanese translation has been added.
It is now possible to manage remote capture interfaces.
Windows: taskbar progress support has been added.
Most toolbar actions are in place and work.
More command line options are now supported.
New Protocol Support:
(LISP) TCP Control Message, AllJoyn Reliable Datagram Protocol, Android
ADB, Android Logcat text, Apache Tribes Heartbeat, BGP Monitoring
Prototol (BMP), C15 Call History Protocol dissection (C15ch), ceph,
corosync/totemnet corosync cluster engine ( lowest
levelencryption/decryption protocol), corosync/totemsrp corosync
cluster engine ( totem single ring protocol), Couchbase, CP "Cooper"
2179, DJI UAV Drone Control Protocol, Dynamic Source Routing (RFC
4728), Elasticsearch, ETSI Card Application Toolkit - Transport
Protocol, Generic Network Virtualization Encapsulation (Geneve),
Geospatial and Imagery Access Service (GIAS), GVSP GigE Vision (TM)
Streaming Protocol, HCrt, HiQnet, IP Detail Record (IPDR), IPMI Trace,
iSER, KNXnetIP, MACsec Key Agreement - EAPoL-MKA, MCPE (Minecraft
Pocket Edition), OCFS2, OptoMMP, QNEX6 (QNET), RakNet games library,
Remote Shared Virtual Disk - RSVD, Riemann, S7 Communication, Secure
Socket Tunnel Protocol (SSTP), Shared Memory Communications - RDMA,
Stateless Transport
1.99.008 Oct 2014 11:10
major feature:
Version 1.99.0 is an experimental development prerelease in preparation of Wireshark 2.0, which adds significantly updated features.
The I/O Graph in the Gtk+ UI now supports an unlimited number of data points (up from 100k).
TShark now resets its state when changing files in ring-buffer mode.
Expert Info severities can now be configured.
Wireshark now supports external capture interfaces. External capture interfaces can be anything from a tcpdump-over-ssh pipe to a program that captures from proprietary or non-standard hardware. This functionality is not available in the Qt UI yet.
Qt port:
The Qt UI is now the default (program name is wireshark).
A Polish translation has been added.
The Interfaces dialog has been added.
The interface list is now updated when interfaces appear or disappear.
The Conversations and Endpoints dialogs have been added.
A Japanese translation has been added.
It is now possible to manage remote capture interfaces.
Windows: taskbar progress support has been added.
Most toolbar actions are in place and work.
More command line options are now supported
1.12.118 Sep 2014 23:54
minor bugfix:
This release fixes some security bugs.
Wireshark can crash during remote capture (rpcap) configuration.
802.11 capture does not decrypt/decode DHCP response.
Extra quotes around date fields (FT_ABSOLUTE_TIME) when using -E quote=d or =s.
No progress line in "VOIP RTP Player".
MIPv6 Service Selection Identifier parse error.
Probably wrong length check in proto_item_set_end.
802.11 BA sequence number decode is broken.
wmem_alloc_array() "succeeds" (and clobbers memory) when requested to
allocate 0xaaaaaaaa items of size 12.
Different dissection results for same file.
Mergecap wildcard breaks in version 1.12.0.
Diameter TCP reassemble.
TRILL NLPID 0xc0 unknown to Wireshark.
BTLE advertising header flags (RxAdd/TxAdd) dissected incorrectly.
Ethernet OAM (CFM) frames including TLV s are wrongly decoded as malformed.
BGP4: Wireshark skipped some potion of AS_PATH.
MAC address name resolution is broken.
Wrong decoding of RPKI RTR End of Data PDU.
SSL/TLS dissector incorrectly interprets length for status_request_v2 hello
extension.
Misparsed NTP control assignments with empty values.
6LoWPAN multicast address decompression problems.
Netflow v9 flowset not decoded if options template has zero-length scope
section.
GUI Hangs when Selecting Path to GeoIP Files.
AX.25 dissector prints unprintable characters.
6LoWPAN context handling not working.
SIP: When export to a CSV, Info is changed to differ.
Typo in packet-netflow.c.
Incorrect MPEG-TS decoding (OPCR field).
1.12.004 Aug 2014 21:37
major feature:
The limitation of 64K for "on-the-wire" packet lengths has been fixed. Expert information is now filterable when the new API is in use. Transport name resolution is now disabled by default. Support has been added for all versions of the DCBx protocol. Several SCTP dialogs have been added. The statistics tree (the backend for many Statistics and Telephony menu items) dialog has been added. The I/O Graph dialog has been added. The ASN1 plugin has been removed as it s deemed obsolete. There's also broad new protocol support, and some updates. Additionally 1.12.x contains many API changes, and is likely to be the last Gtk release.