                     Wireshark 1.12.2 Release Notes
     __________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol
   analyzer. It is used for troubleshooting, analysis, development
   and education.
     __________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2014-20
       SigComp UDVM buffer overflow. ([2]Bug 10662)
       [3]CVE-2014-8710
     * [4]wnpa-sec-2014-21
       AMQP crash. ([5]Bug 10582) [6]CVE-2014-8711
     * [7]wnpa-sec-2014-22
       NCP crashes. ([8]Bug 10552, [9]Bug 10628) [10]CVE-2014-8712
       [11]CVE-2014-8713
     * [12]wnpa-sec-2014-23
       TN5250 infinite loops. ([13]Bug 10596) [14]CVE-2014-8714

   The following bugs have been fixed:
     * Wireshark determine packets of MMS protocol as a packets of
       T.125 protocol. ([15]Bug 10350)
     * 6LoWPAN Mesh headers not treated as encapsulating address.
       ([16]Bug 10462)
     * UCP dissector bug of operation 31 - PID 0639 not
       recognized. ([17]Bug 10463)
     * iSCSI dissector rejects PDUs with "expected data transfer
       length" > 16M. ([18]Bug 10469)
     * GTPv2: trigging_tree under Trace information has wrong
       length. ([19]Bug 10470)
     * openflow_v1 OFPT_FEATURES_REPLY parsed incorrectly.
       ([20]Bug 10493)
     * Capture files from a remote virtual interface on MacOS X
       10.9.5 aren't dissected correctly. ([21]Bug 10502)
     * Problem specifying protocol name for filtering. ([22]Bug
       10509)
     * LLDP TIA Network Policy Unknown Policy Flag Decode is not
       correct. ([23]Bug 10512)
     * Decryption of DCERPC with Kerberos encryption fails.
       ([24]Bug 10538)
     * Dissection of DECRPC NT sid28 shouldn't show expert info if
       tree is null. ([25]Bug 10542)
     * Attempt to render an SMS-DELIVER-REPORT instead of an
       SMS-DELIVER. ([26]Bug 10547)
     * IPv6 Calipso option length is not used properly. ([27]Bug
       10561)
     * The SPDY dissector couldn't dissecting packet correctly.
       ([28]Bug 10566)
     * IPv6 QuickStart option Nonce is read incorrectly. ([29]Bug
       10575)
     * IPv6 Mobility Option IPv6 Address/Prefix marks too many
       bytes for the address/prefix field. ([30]Bug 10576)
     * IPv6 Mobility Option Binding Authorization Data for FMIPv6
       Authenticator field is read beyond the option data.
       ([31]Bug 10577)
     * IPv6 Mobility Option Mobile Node Link Layer Identifier
       Link-layer Identifier field is read beyond the option data.
       ([32]Bug 10578)
     * Wrong offset for hf_mq_id_icf1 in packet-mq.c. ([33]Bug
       10597)
     * Malformed PTPoE announce packet. ([34]Bug 10611)
     * IPv6 Permanent Home Keygen Token mobility option includes
       too many bytes for the token field. ([35]Bug 10619)
     * IPv6 Redirect Mobility Option K and N bits are parsed
       incorrectly. ([36]Bug 10622)
     * IPv6 Care Of Test mobility option includes too many bytes
       for the Keygen Token field. ([37]Bug 10624)
     * IPv6 MESG-ID mobility option is parsed incorrectly.
       ([38]Bug 10625)
     * IPv6 AUTH mobility option parses Mobility SPI and
       Authentication Data incorrectly. ([39]Bug 10626)
     * IPv6 DNS-UPDATE-TYPE mobility option includes too many
       bytes for the MD identity field. ([40]Bug 10629)
     * IPv6 Local Mobility Anchor Address mobility option's code
       and reserved fields are parsed as 2 bytes instead of 1.
       ([41]Bug 10630)
     * WCCP v.2.01 extended assignment data element parsed wrong.
       ([42]Bug 10641)
     * DNS ISDN RR Sub Address field is read one byte early.
       ([43]Bug 10650)
     * TShark crashes when running with PDML on a specific packet.
       ([44]Bug 10651)
     * DNS A6 Address Suffix field is parsed incorrectly. ([45]Bug
       10652)
     * DNS response time: calculation incorrect. ([46]Bug 10657)
     * SMPP does not display properly the hour field in the
       Submit_sm Validity Period field. ([47]Bug 10672)
     * DNS Name Length for Zone RR on root is 6 and Label Count is
       1. ([48]Bug 10674)
     * DNS WKS RR Protocol field is read as 4 bytes instead of 1.
       ([49]Bug 10675)
     * IPv6 Mobility Option Context Request reads an extra
       request. ([50]Bug 10676)

  New and Updated Features

   There are no new features in this release.

   The Windows installers no longer include previews of Wireshark
   2. If you want to try the new user interface, please download a
   development (1.99) installer.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   6LoWPAN, AMQP, ANSI IS-637-A, Bluetooth HCI, CoAP, DCERPC
   (all), DCERPC NT, DNS, GSM MAP, GTPv2, H.223, HPSW, HTTP2, IEEE
   802.11, IPv6, iSCSI, Kerberos, LBT-RM, LLDP, MIH, Mobile IPv6,
   MQ, NCP, OpcUa, OpenFlow, PKTAP, PTPoE, SigComp, SMB2, SMPP,
   SPDY, Stanag 4607, T.125, UCP, USB CCID, and WCCP

  New and Updated Capture File Support

   Catapult DCT2000, HP-UX nettl, Ixia IxVeriWave, pcap, pcap-ng,
   RADCOM, and Sniffer (DOS)
     __________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available
   from [51]http://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark
   packages. You can usually install or upgrade Wireshark using
   the package management system specific to that platform. A list
   of third-party packages can be found on the [52]download page
   on the Wireshark web site.
     __________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About->Folders to find the default locations on your system.
     __________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([53]Bug
   1419)

   The BER dissector might infinitely loop. ([54]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([55]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer
   works. ([56]Bug 2234)

   The 64-bit Windows installer does not support Kerberos
   decryption. ([57]Win64 development page)

   Resolving ([58]Bug 9044) reopens ([59]Bug 3528) so that
   Wireshark no longer automatically decodes gzip data when
   following a TCP stream.

   Application crash when changing real-time option. ([60]Bug
   4035)

   Hex pane display issue after startup. ([61]Bug 4056)

   Packet list rows are oversized. ([62]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some
   cases. ([63]Bug 4985)
     __________________________________________________________

Getting Help

   Community support is available on [64]Wireshark's Q&A site and
   on the wireshark-users mailing list. Subscription information
   and archives for all of Wireshark's mailing lists can be found
   on [65]the web site.

   Official Wireshark training and certification are available
   from [66]Wireshark University.
     __________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [67]Wireshark web site.
     __________________________________________________________

   Last updated 2014-11-12 10:07:33 PST

References

   1. https://www.wireshark.org/security/wnpa-sec-2014-20.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10662
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710
   4. https://www.wireshark.org/security/wnpa-sec-2014-21.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10582
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711
   7. https://www.wireshark.org/security/wnpa-sec-2014-22.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10552
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10628
  10. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712
  11. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713
  12. https://www.wireshark.org/security/wnpa-sec-2014-23.html
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10596
  14. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10350
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10462
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10463
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10469
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10470
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10493
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10502
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10509
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10512
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10538
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10542
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10547
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10561
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10566
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10575
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10576
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10577
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10578
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10597
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10611
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10619
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10622
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10624
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10625
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10626
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10629
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10630
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10641
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10650
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10651
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10652
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10657
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10672
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10674
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10675
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10676
  51. http://www.wireshark.org/download.html
  52. http://www.wireshark.org/download.html#thirdparty
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  57. http://wiki.wireshark.org/Development/Win64
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  64. http://ask.wireshark.org/
  65. http://www.wireshark.org/lists/
  66. http://www.wiresharktraining.com/
  67. http://www.wireshark.org/faq.html
