                         Wireshark 1.12.4 Release Notes
     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2015-06
       The ATN-CPDLC dissector could crash. ([2]Bug 9952) [3]CVE-2015-2187
     * [4]wnpa-sec-2015-07
       The WCP dissector could crash. ([5]Bug 10844) [6]CVE-2015-2188
     * [7]wnpa-sec-2015-08
       The pcapng file parser could crash. ([8]Bug 10895) [9]CVE-2015-2189
     * [10]wnpa-sec-2015-09
       The LLDP dissector could crash. ([11]Bug 10983) [12]CVE-2015-2190
     * [13]wnpa-sec-2015-10
       The TNEF dissector could go into an infinite loop. Discovered by
       Vlad Tsyrklevich. ([14]Bug 11023) [15]CVE-2015-2191
     * [16]wnpa-sec-2015-11
       The SCSI OSD dissector could go into an infinite loop. Discovered
       by Vlad Tsyrklevich. ([17]Bug 11024) [18]CVE-2015-2192

   The following bugs have been fixed:
     * RTP player crashes on decode of long call: BadAlloc (insufficient
       resources for operation). ([19]Bug 2630)
     * "Telephony->SCTP->Analyse This Association" crashes Wireshark on
       manufactured SCTP packet. ([20]Bug 9849)
     * IPv6 Mobility Header Link Layer Address is parsed incorrectly.
       ([21]Bug 10006)
     * DNS NXT RR is parsed incorrectly. ([22]Bug 10615)
     * IPv6 AUTH mobility option parses Mobility SPI and Authentication
       Data incorrectly. ([23]Bug 10626)
     * IPv6 Mobility Header Link-Layer Address Mobility Option is parsed
       incorrectly. ([24]Bug 10627)
     * HTTP chunked response includes data beyond the chunked response.
       ([25]Bug 10707)
     * DHCP Option 125 Suboption: (1) option-len always expects 1 but
       specification allows for more. ([26]Bug 10784)
     * Incorrect decoding of IPv4 Interface/Neighbor Address sub-TLVs in
       Extended IS Reachability TLV of IS-IS. ([27]Bug 10837)
     * Little-endian OS X Bluetooth PacketLogger files aren't handled.
       ([28]Bug 10861)
     * X.509 certificate serial number incorrectly interpreted as negative
       number. ([29]Bug 10862)
     * Malformed Packet on rsync-version with length 2. ([30]Bug 10863)
     * ZigBee epoch time is incorrectly displayed in OTA cluster. ([31]Bug
       10872)
     * BGP EVPN - Route Type 4 - "Invalid length of IP Address" - "Expert
       Info" shows a false error. ([32]Bug 10873)
     * Bad bytes read for extended rnc id value in GTP dissector. ([33]Bug
       10877)
     * "ServiceChangeReasonStr" messages are not shown in txt generated by
       tshark. ([34]Bug 10879)
     * Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI.
       ([35]Bug 10897)
     * MEGACO wrong decoding on media port. ([36]Bug 10898)
     * Wrong media format. ([37]Bug 10899)
     * BSSGP Status PDU decoding fault (missing Mandatory element (0x04)
       BVCI for proper packet). ([38]Bug 10903)
     * DNS LOC Precision missing units. ([39]Bug 10940)
     * Packets on OpenBSD loopback decoded as raw not null. ([40]Bug
       10956)
     * Display Filter Macro unable to edit. ([41]Bug 10957)
     * IPv6 Local Mobility Anchor Address mobility option code is treated
       incorrectly. ([42]Bug 10961)
     * SNTP server list improperly formatted in DHCPv6 packet details.
       ([43]Bug 10964)
     * Juniper Packet Mirror dissector expects ipv6 flow label = 0.
       ([44]Bug 10976)
     * NS Trace (NetScaler Trace) file format is not able to export
       specified packets. ([45]Bug 10998)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ACN, ANSI IS-637-A, AppleMIDI, ATN-CPDLC, BGP, BSSGP, CMIP, DHCP,
   DHCPv6, DIS, DLM3, DMP, DNS, Extreme Networks, ForCES, FTAM, GMHDR, GSM
   A BSSMAP, GSM A-bis OML, GSM MAP, GSM RLC MAC, GTP, H.248, H.264, HTTP,
   IEEE 802.11, IPv6, IS-IS, ISMACryp, J1939, Juniper Jmirror, KDP, L2CAP,
   LDAP, LLDP, MGCP, MIP6, NBNS, NET/ROM, Netflow, Novell PKIS, PANA,
   PPPoE, RSL, RSYNC, RTMPT, RTP, SCSI OSD, SDP, SMB Pipe, SMPP,
   SYNCHROPHASOR, TETRA, TiVoConnect, TNEF, USB HID, V.52, VSS-Monitoring,
   X.509AF, Zebra, and ZigBee

  New and Updated Capture File Support

   NetScaler, PacketLogger, and Pcapng
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [46]http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [47]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([48]Bug 1419)

   The BER dissector might infinitely loop. ([49]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([50]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([51]Bug 2234)

   The 64-bit Windows installer does not support Kerberos decryption.
   ([52]Win64 development page)

   Resolving ([53]Bug 9044) reopens ([54]Bug 3528) so that Wireshark no
   longer automatically decodes gzip data when following a TCP stream.

   Application crash when changing real-time option. ([55]Bug 4035)

   Hex pane display issue after startup. ([56]Bug 4056)

   Packet list rows are oversized. ([57]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([58]Bug 4985)
     __________________________________________________________________

Getting Help

   Community support is available on [59]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [60]the web site.

   Official Wireshark training and certification are available from
   [61]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [62]Wireshark web site.
     __________________________________________________________________

   Last updated 2015-03-04 08:53:00 PST

References

   1. https://www.wireshark.org/security/wnpa-sec-2015-06.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9952
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2187
   4. https://www.wireshark.org/security/wnpa-sec-2015-07.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188
   7. https://www.wireshark.org/security/wnpa-sec-2015-08.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2189
  10. https://www.wireshark.org/security/wnpa-sec-2015-09.html
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10983
  12. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2190
  13. https://www.wireshark.org/security/wnpa-sec-2015-10.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
  15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2191
  16. https://www.wireshark.org/security/wnpa-sec-2015-11.html
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024
  18. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2192
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2630
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9849
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10006
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10615
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10626
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10627
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10707
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10784
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10837
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10861
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10862
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10863
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10872
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10873
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10877
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10879
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10897
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10898
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10899
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10903
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10940
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10956
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10957
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10961
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10964
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10976
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10998
  46. http://www.wireshark.org/download.html
  47. http://www.wireshark.org/download.html#thirdparty
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  52. http://wiki.wireshark.org/Development/Win64
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  59. http://ask.wireshark.org/
  60. http://www.wireshark.org/lists/
  61. http://www.wiresharktraining.com/
  62. http://www.wireshark.org/faq.html
