Version History of Wireshark 1.8.8

Bug Fixes

The following vulnerabilities have been fixed.

  • wnpa-sec-2013-32
  • The CAPWAP dissector could crash. Discovered by Laurent Butti. (Bug 8725)
  • Versions affected: 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
  • wnpa-sec-2013-33
  • The GMR-1 BCCH dissector could crash. Discovered by Sylvain Munaut and Laurent Butti. (Bug 7664, Bug 8726 )
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-34
  • The PPP dissector could crash. Discovered by Laurent Butti. (Bug 7880, Bug 8727 )
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-35
  • The NBAP dissector could crash. (Bug 8697)
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-36
  • The RDP dissector could crash. Discovered by Laurent Butti (Bug 8729)
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-37
  • The GSM CBCH dissector could crash. Discovered by Laurent Butti (Bug 8730)
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-38
  • The Assa Abloy R3 dissector could consume excessive memory and CPU. (Bug 8764)
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-39
  • The HTTP dissector could overrun the stack. (Bug 8733)
  • Versions affected: 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.
  • wnpa-sec-2013-40
  • The Ixia IxVeriWave file parser could overflow the heap. Discovered by Sachin Shinde. (Bug 8760)
  • Versions affected: 1.8.0 to 1.8.7.
  • wnpa-sec-2013-41
  • The DCP ETSI dissector could crash. (Bug 8717)
  • Versions affected: 1.10.0, 1.8.0 to 1.8.7, 1.6.0 to 1.6.15.

The following bugs have been fixed:

  • TRY_TO_FAKE_THIS_ITEM disables bounds errors. (Bug 3290)
  • Multiple expert info in a packet does not cause the most "severe" to be displayed in expert column. (Bug 7733)
  • tshark -z io,stat reports bad byte counts if filter doesn't match anything. (Bug 8066)
  • Add decryption for WPA eapol 4-way handshake. (Bug 8680)
  • wireshark is crashing while attempting to use 'SCTP' -> 'Prepare Filter for this Association'. (Bug 8731)
  • Crash analyzing VoIP Calls (T38). (Bug 8736)
  • IMAP Dissector, Missing byte. (Bug 8739)
  • C12.22 Invocation Id shows negative sometimes. (Bug 8744)
  • gsm_a_dtap dissector (SMS): under certain conditions fillbits may be displayed for an alphanumeric TP-Originating-Address. (Bug 8756)
  • TETRA dissector assertion. (Bug 8768)
  • Mark retransmitted SYN and FIN packets as retransmissions.

New and Updated Features

  • There are no new features in this release.

New Protocol Support

  • There are no new protocols in this release.

Updated Protocol Support

  • Bittorrent DHT, C12.22, CAPWAP, DCP ETSI, EAPOL, GMR-1 BCCH, GSM CBCH, GSM SMS, HTTP, IMAP, NBAP, PPP, R3, RDP, SGsAP, T.38, TETRA

New and Updated Capture File Support

  • Ixia IxVeriWave.

Getting Wireshark

  • Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.

Vendor-supplied Packages

  • Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations

  • Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.

Known Problems

  • Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
  • The BER dissector might infinitely loop. (Bug 1516)
  • Capture filters aren't applied when capturing from named pipes. (Bug 1814)
  • Filtering tshark captures with display filters (-R) no longer works. (Bug 2234)
  • The 64-bit Windows installer does not support Kerberos decryption. (Win64 development page)
  • Application crash when changing real-time option. (Bug 4035)
  • Hex pane display issue after startup. (Bug 4056)
  • Packet list rows are oversized. (Bug 4357)
  • Summary pane selected frame highlighting not maintained. (Bug 4445)
  • Wireshark and TShark will display incorrect delta times in some cases. (Bug 4985)

Getting Help

  • Community support is available on Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the web site.
  • Official Wireshark training and certification are available from Wireshark University.

Frequently Asked Questions

  • A complete FAQ is available on the Wireshark web site.