Wireshark 3.0.2 Release Notes
What is Wireshark
Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.
The Windows installers now ship with Qt 5.12.3. They previously shipped with Qt 5.12.1.
The Windows installers now ship with Npcap 0.995. They previously shipped with Npcap 0.992.
The macOS packages are now notarized.
The following vulnerabilities have been fixed:
wnpa-sec-2019-19 Wireshark dissection engine crash. Bug 15778.
The following bugs have been fixed:
Add (IETF) QUIC Dissector. Bug 13881.
Wireshark Hangs on startup initializing external capture plugins. Bug 14657.
[oss-fuzz] ERROR: Adding ospf.v3.prefix.options.nu would put more than 1000000 items in the tree?—?possible infinite loop. Bug 14978.
Wireshark can call extcap with empty multicheck argument. Bug 15065.
CMPv2 KUR message disection gives unexpected value for serialNumber under OldCertId fields. Bug 15154.
"(Git Rev Unknown from unknown)" in version string for official tarball. Bug 15544.
External extcap does not get all arguments sometimes. Bug 15586.
Help file doesn’t display for extcap interfaces. Bug 15592.
Buildbot crash output: randpkt-2019-03-14-4670.pcap. Bug 15604.
Building only libraries on windows fails due to CLEAN_C_FILES empty. Bug 15662.
Statistics→Conversations→TCP→Follow Stream - incorrect behavior. Bug 15672.
Wrong NTP timestamp for RTCP XR RR packets (hf_rtcp_xr_timestamp field). Bug 15687.
ws_pipe: leaks pipe handles on errors. Bug 15689.
Build issue in Wireshark - 3.0.1 on RHEL6. Bug 15706.
ISAKMP: Segmentation fault with non-hex string for IKEv1 Decryption Table Initiator Cookie. Bug 15709.
extcap: non-boolean call arguments can be appended without value on selector Reload. Bug 15725.
Incorrectly interpreted format of MQTT PUBLISH payload data. Bug 15738.
print.c: Memory leak in ek_check_protocolfilter. Bug 15758.
IETF QUIC dissector incorrectly parses retry packet. Bug 15764.
Bacnet(app): fix wrong value for id 183 (logging-device → logging-object). Bug 15767.
The SMB2 code to look up decryption keys by session ID assumes it’s running on a little-endian machine. Bug 15772.
tshark -G folders leaves mmdbresolve process behind. Bug 15777.
Dissector bug, protocol TLS - failed assertion "data". Bug 15780.
WSMP : header_opt_ind field is not correctly set. Bug 15786.
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
BACapp, DDP, EPL, Frame, IEEE 802.11, IS-IS CLV, ISAKMP, K12, KNXIP, MQTT, PNIO, QUIC, RTCP XR RR, SCTP, SMB2, TDS, TLS, WSMP, and ZEBRA
New and Updated Capture File Support
New and Updated Capture Interfaces support
There is no new or updated capture file support in this release.
Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
The User’s Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/
Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site.
Bugs and feature requests can be reported on the bug tracker.
Official Wireshark training and certification are available from Wireshark University.
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site.
Last updated 2019-05-22 16:40:14 UTC
Wireshark v3.0.2 绿色便携版
Wireshark v1.4.9 完整汉化绿色便携版 //该版支持WindowsXP系统
WinPcap v4.1.3 官方安装包 //捕获网络封包所需的底层库