                         Wireshark 2.0.4 Release Notes
     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2016-29
       The SPOOLS dissector could go into an infinite loop. Discovered by
       the CESG.
     * [2]wnpa-sec-2016-30
       The IEEE 802.11 dissector could crash. ([3]Bug 11585)
     * [4]wnpa-sec-2016-31
       The IEEE 802.11 dissector could crash. Discovered by Mateusz
       Jurczyk. ([5]Bug 12175)
     * [6]wnpa-sec-2016-32
       The UMTS FP dissector could crash. ([7]Bug 12191)
     * [8]wnpa-sec-2016-33
       Some USB dissectors could crash. Discovered by Mateusz Jurczyk.
       ([9]Bug 12356)
     * [10]wnpa-sec-2016-34
       The Toshiba file parser could crash. Discovered by iDefense Labs.
       ([11]Bug 12394)
     * [12]wnpa-sec-2016-35
       The CoSine file parser could crash. Discovered by iDefense Labs.
       ([13]Bug 12395)
     * [14]wnpa-sec-2016-36
       The NetScreen file parser could crash. Discovered by iDefense Labs.
       ([15]Bug 12396)
     * [16]wnpa-sec-2016-37
       The Ethernet dissector could crash. ([17]Bug 12440)

   The following bugs have been fixed:
     * Saving pcap capture file with ERF encapsulation creates an invalid
       pcap file. ([18]Bug 3606)
     * Questionable calling of Ethernet dissector by encapsulating
       protocol dissectors. ([19]Bug 9933)
     * Wireshark 1.12.0 does not dissect HTTP correctly. ([20]Bug 10335)
     * Don't copy details of hidden columns. ([21]Bug 11788)
     * RTP audio player crashes. ([22]Bug 12166)
     * Crash when saving RTP audio Telephony->RTP->RTP
       Streams->Analyze->Save->Audio. ([23]Bug 12211)
     * Edit - preferences - add column field not showing dropdown for
       choices. ([24]Bug 12321)
     * Using _ws.expert in a filter can cause a crash. ([25]Bug 12335)
     * Crash in SCCP dissector UAT (Qt UI only). ([26]Bug 12364)
     * J1939 frame without data = malformed packet ? ([27]Bug 12366)
     * The stream number in tshark's "-z follow,tcp,<stream number>"
       option is 0-origin rather than 1-origin. ([28]Bug 12383)
     * IP Header Length display filter should show calculated value.
       ([29]Bug 12387)
     * Multiple file radio buttons should be check boxes. ([30]Bug 12388)
     * Wrong check for getaddrinfo and gethostbyname on Solaris 11.
       ([31]Bug 12391)
     * ICMPv6 dissector doesn't respect actual packet length. ([32]Bug
       12400)
     * Format DIS header timestamp mm:ss.nnnnnn. ([33]Bug 12402)
     * RTP Stream Analysis can no longer be sorted in 2.0.3. ([34]Bug
       12405)
     * RTP Stream Analysis fails to complete in 2.0.3 when packets are
       sliced. ([35]Bug 12406)
     * Network-Layer Name Resolution uses first 32-bits of IPv6 DNS
       address as IPv4 address in some circumstances. ([36]Bug 12412)
     * BACnet decoder incorrectly flags a valid APDU as a "Malformed
       Packet". ([37]Bug 12422)
     * Valid ISUP messages marked with warnings. ([38]Bug 12423)
     * Profile command line switch "-C" not working in Qt interface.
       ([39]Bug 12425)
     * MRCPv2: info column not showing info correctly. ([40]Bug 12426)
     * Diameter: Experimental result code 5142. ([41]Bug 12428)
     * Tshark crashes when analyzing RTP due to pointer being freed not
       allocated. ([42]Bug 12430)
     * NFS: missing information in getattr for supported exclusive create
       attributes. ([43]Bug 12435)
     * Ethernet type field with a value of 9100 is shown as "Unknown".
       ([44]Bug 12441)
     * Documentation does not include support for Windows Server 2012 R2.
       ([45]Bug 12455)
     * Column preferences ruined too easily. ([46]Bug 12465)
     * SMB Open andX extended response decoded incorrectly. ([47]Bug
       12472)
     * SMB NtCreate andX with extended response sometimes incorrect.
       ([48]Bug 12473)
     * Viewing NFSv3 Data, checking SRTs doesn't work. ([49]Bug 12478)
     * Make wireshark with Qt enabled buildable on ARM. ([50]Bug 12483)

   Windows installers and PortableApps packages are dual signed using
   SHA-1 and SHA-256 in order to comply with [51]Microsoft Authenticode
   policy. Windows 7 and Windows Server 2008 R2 users should ensure that
   [52]update 3123479 is installed. Windows Vista and Windows Server 2008
   users should ensure that [53]hotfix 2763674 is installed.

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   AFS, ANSI IS-637 A, BACapp, BT BNEP, Cisco FabricPath MiM, CSN.1,
   DCERPC SPOOLS, DIS, Ethernet, GSM A RR, ICMPv6, IEEE 802.11, IPv4,
   ISUP, J1939, JXTA, LAPSat, LPADm, LTE-RRC, MRCPv2, NFS, OpenFlow,
   SGsAP, SMB, STT, TZSP, UMTS FP, and USB

  New and Updated Capture File Support

   Aethra, Catapult DCT2000, CoSine, DBS Etherwatch, ERF, iSeries, Ixia
   IxVeriWave, NetScreen, Toshiba, and VMS TCPIPtrace

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [54]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [55]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([56]Bug 1419)

   The BER dissector might infinitely loop. ([57]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([58]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([59]Bug 2234)

   Resolving ([60]Bug 9044) reopens ([61]Bug 3528) so that Wireshark no
   longer automatically decodes gzip data when following a TCP stream.

   Application crash when changing real-time option. ([62]Bug 4035)

   Hex pane display issue after startup. ([63]Bug 4056)

   Packet list rows are oversized. ([64]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([65]Bug 4985)

   The 64-bit version of Wireshark will leak memory on Windows when the
   display depth is set to 16 bits ([66]Bug 9914)

   Wireshark should let you work with multiple capture files. ([67]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([68]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [69]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [70]the web site.

   Official Wireshark training and certification are available from
   [71]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [72]Wireshark web site.
     __________________________________________________________________

   Last updated 2016-06-07 17:08:47 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2016-29.html
   2. https://www.wireshark.org/security/wnpa-sec-2016-30.html
   3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585
   4. https://www.wireshark.org/security/wnpa-sec-2016-31.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175
   6. https://www.wireshark.org/security/wnpa-sec-2016-32.html
   7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12191
   8. https://www.wireshark.org/security/wnpa-sec-2016-33.html
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356
  10. https://www.wireshark.org/security/wnpa-sec-2016-34.html
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12394
  12. https://www.wireshark.org/security/wnpa-sec-2016-35.html
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12395
  14. https://www.wireshark.org/security/wnpa-sec-2016-36.html
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12396
  16. https://www.wireshark.org/security/wnpa-sec-2016-37.html
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12440
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3606
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9933
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10335
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11788
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12166
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12211
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12321
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12335
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12364
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12366
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12383
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12387
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12388
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12391
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12400
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12402
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12405
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12406
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12412
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12422
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12423
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12425
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12426
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12428
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12430
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12435
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12441
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12455
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12465
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12472
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12473
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12478
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12483
  51. http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx
  52. https://support.microsoft.com/en-us/kb/3123479
  53. https://support.microsoft.com/en-us/kb/2763674
  54. https://www.wireshark.org/download.html
  55. https://www.wireshark.org/download.html#thirdparty
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  63. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  64. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  65. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  66. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9914
  67. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  68. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
  69. https://ask.wireshark.org/
  70. https://www.wireshark.org/lists/
  71. http://www.wiresharktraining.com/
  72. https://www.wireshark.org/faq.html
