Wireshark · Wireshark-dev: [Wireshark-dev] Wireshark 2.1.1 is now available

[Gerald Combs <gerald@xxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I'm proud to announce the release of Wireshark 2.1.1.


   This is a semi-experimental release intended to test new features for
   Wireshark 2.2.
     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  New and Updated Features

   The following features are new (or have been significantly updated)
   since version 2.1.0:
     * Added -d option for Decode As support in Wireshark (mimics TShark
       functionality)
     * The Qt UI, GTK+ UI, and TShark can now export packets as JSON.
       TShark can additionally export packets as Elasticsearch-compatible
       JSON.
     * The Qt UI now supports the -j, -J, and -l flags. The -m flag is now
       deprecated.
     * The Conversations and Endpoints dialogs are more responsive when
       viewing large numbers of items.
     * The RTP player now allows up to 30 minutes of silence frames.
     * Packet bytes can now be displayed as EBCDIC.
     * The Qt UI loads captures faster on Windows.

   The following features are new (or have been significantly updated)
   since version 2.0.0:
     * The intelligent scroll bar now sits to the left of a normal scroll
       bar and provides a clickable map of nearby packets.
     * You can now switch between between Capture and File Format
       dissection of the current capture file via the View menu in the Qt
       GUI.
     * You can now show selected packet bytes as ASCII, HTML, Image, ISO
       8859-1, Raw, UTF-8, a C array, or YAML.
     * You can now use regular expressions in Find Packet and in the
       advanced preferences.
     * Name resolution for packet capture now supports asynchronous DNS
       lookups only. Therefore the "concurrent DNS resolution" preference
       has been deprecated and is a no-op. To enable DNS name resolution
       some build dependencies must be present (currently c-ares). If that
       is not the case DNS name resolution will be disabled (but other
       name resolution mechanisms, such as host files, are still
       available).
     * The byte under the mouse in the Packet Bytes pane is now
       highlighted.
     * TShark supports exporting PDUs via the -U flag.
     * The Windows and OS X installers now come with the "sshdump" and
       "ciscodump" extcap interfaces.
     * Most dialogs in the Qt UI now save their size and positions.
     * The Follow Stream dialog now supports UTF-16.
     * The Firewall ACL Rules dialog has returned.
     * The Flow (Sequence) Analysis dialog has been improved.
     * We no longer provide packages for 32-bit versions of OS X.
     * The Bluetooth Device details dialog has been added.

  New File Format Decoding Support

   Wireshark is able to display the format of some types of files (rather
   than displaying the contents of those files). This is useful when
   you're curious about, or debugging, a file and its format. To open a
   capture file (such as PCAP) in this mode specify "MIME Files Format" as
   the file's format in the Open File dialog.

   New files that Wireshark can open in this mode include:

  New Protocol Support

   Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol,
   Bluetooth Pseudoheader for BR/EDR, CISCO ERSPAN3 Marker, Edge Control
   Protocol (ECP), Ericsson IPOS Kernel Packet Header Dissector Added
   (IPOS), Extensible Control & Management Protocol (eCMP), FLEXRAY
   Protocol dissector added (automotive bus), IEEE 802.1BR E-Tag, ISO
   8583-1, ISO14443, ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP),
   LAT protocol (DECNET), Metamako trailers, Network-Based IP Flow
   Mobility (NBIFOM), Nokia Intelligent Service Interface (ISI), Open
   Mobile Alliance Lightweight Machine to Machine TLV payload Added (LwM2M
   TLV), Real Time Location System (RTLS), RTI TCP Transport Layer
   (RTITCP), STANAG 5602 SIMPLE, USB3 Vision Protocol (USB machine vision
   cameras), USBIP Protocol, UserLog Protocol, and Zigbee Protocol
   Clusters Dissectors Added (Closures Lighting General Measurement &
   Sensing HVAC Security & Safety)

  Updated Protocol Support

   Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex),
   allow to DecodeAs it over USB, TCP and UDP.

   A preference was added to TCP dissector for handling IPFIX process
   information. It has been disabled by default.

  New and Updated Capture File Support

   and Micropross mplog

  New and Updated Capture Interfaces support

   Non-empty section placeholder.

  Major API Changes

   The libwireshark API has undergone some major changes:
     * The address macros (e.g., SET_ADDRESS) have been removed. Use the
       (lower case) functions of the same names instead.
     * "old style" dissector functions (that don't return number of bytes
       used) have been replaced in name with the "new style" dissector
       functions.
     * tvb_get_string and tvb_get_stringz have been replaced with
       tvb_get_string_enc and tvb_get_stringz_enc respectively.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [1]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [2]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([3]Bug 1419)

   The BER dissector might infinitely loop. ([4]Bug 1516)

   Capture filters aren't applied when capturing from named pipes. ([5]Bug
   1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([6]Bug 2234)

   Application crash when changing real-time option. ([7]Bug 4035)

   Packet list rows are oversized. ([8]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([9]Bug 4985)

   Wireshark should let you work with multiple capture files. ([10]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([11]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [12]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [13]the web site.

   Official Wireshark training and certification are available from
   [14]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [15]Wireshark web site.
     __________________________________________________________________

   Last updated 2016-07-14 20:44:48 UTC

References

   1. https://www.wireshark.org/download.html
   2. https://www.wireshark.org/download.html#thirdparty
   3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
   4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
   7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
  12. https://ask.wireshark.org/
  13. https://www.wireshark.org/lists/
  14. http://www.wiresharktraining.com/
  15. https://www.wireshark.org/faq.html


Digests

wireshark-2.1.1.tar.bz2: 32212684 bytes
SHA256(wireshark-2.1.1.tar.bz2)=8f5e604e8e0bc1f5562b166818f7a247f1b4d1f2ed15614138cc82fedad607e5
RIPEMD160(wireshark-2.1.1.tar.bz2)=3f873078d99ff74ea444cab4dacc4aca6fb92950
SHA1(wireshark-2.1.1.tar.bz2)=82109c3a888d07b5e0418e3f505e456ff1550347
MD5(wireshark-2.1.1.tar.bz2)=f67839cb60121ba80f60600b2bfd3c88

Wireshark-win64-2.1.1.exe: 49176320 bytes
SHA256(Wireshark-win64-2.1.1.exe)=1b5cf9cf91c27c307b32a8cb39a9423c0fbfd2d8cd5908a0ec7f3599042cf222
RIPEMD160(Wireshark-win64-2.1.1.exe)=fc7f49ce938c9afbb3b29f04274cf7855e12b96b
SHA1(Wireshark-win64-2.1.1.exe)=c337ad6694bcd8c288b68742fac801b1d00ee987
MD5(Wireshark-win64-2.1.1.exe)=a042c9798d40f97471f3b604bb08dd0e

Wireshark-win32-2.1.1.exe: 44351120 bytes
SHA256(Wireshark-win32-2.1.1.exe)=f1f7f41d1770f704469ef2fb148b9e1c381496dfd8f4d387fba06ecda294938a
RIPEMD160(Wireshark-win32-2.1.1.exe)=2126d1691c85e3ed415e1e7b70335abaaa349883
SHA1(Wireshark-win32-2.1.1.exe)=bbc21c8d1f8e79fcca7fa17ecc5c4dbabb948ead
MD5(Wireshark-win32-2.1.1.exe)=8c45ef2f9ff88f747c85e4e2f24e5465

WiresharkPortable_2.1.1.paf.exe: 45918216 bytes
SHA256(WiresharkPortable_2.1.1.paf.exe)=83b56320566c340801ab9d67d4d386f5ee5e2285336bddcbd020a9bf7ce59bb2
RIPEMD160(WiresharkPortable_2.1.1.paf.exe)=fd9c7e7cbf8e6133f99aba846bfbaa30ba3adeb7
SHA1(WiresharkPortable_2.1.1.paf.exe)=bae60ba67c4a420129002e473a3b95c41bcb4632
MD5(WiresharkPortable_2.1.1.paf.exe)=39799e8430de05dbe9a3d721435ddccd

Wireshark 2.1.1 Intel 64.dmg: 32637370 bytes
SHA256(Wireshark 2.1.1 Intel
64.dmg)=7acbb4df825018954219837bb86c1a5788367cecb9475d2c058c0dcb74e79ef8
RIPEMD160(Wireshark 2.1.1 Intel
64.dmg)=75aa2d574b706eeb6434c659dff631688cfd3249
SHA1(Wireshark 2.1.1 Intel 64.dmg)=af8cf0c93c79baf924e82760e9d25c9cf2e2dc45
MD5(Wireshark 2.1.1 Intel 64.dmg)=c4aeaca2b95982006aca474c4817b534
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJXh/3sAAoJEIIkSnjm/q7qIOMP/01dbnVZSBELB5oBJiR/HeBY
qJzjDZyJkpFLGBbJKBhqKL18cYThy2Xcb653cNEcSFfbzRXmC33lobT/R+X/KRwL
ziPZgt/5M+ROCPYWiV7/rQ7CidKfkDwlguBSA6Ry9497TxVc8XSJTqaaDoiZj+0i
7NOp1xfxg+CUWCxaOYMngMv7HyIG9tb+shZnfPPuodXEAXUCwlPgzP4UlYK6Wd2y
5a8VgtpVawhTSmSC4u9DhkVFlUxj/N5uB5eJODNanTo15r/9lC6gGrHSK1ZXNFXH
NiALILoXCHkT4esVw7leuGE1o7M6z8GJPu5JI9lR4FjydqChf3LbCqsqdg2yLs1f
4gY6G6vDSmWtxVMXI1w18OP5VXDISuzUX3DvaNa1TKxJHkFTohfS89ldnTguc8H8
XVwBqEz0Px9A3/Lrbk9XUGjITRil6/H3VgL5wZaE/p25n2VgJ6fjUTcRm85tygMK
8fhWUnDdvhcpwp8lx8EY1eBVBVSGx2iyUGBNNDF5QkByasQfNFbhuQ5cGDcorLSG
AlzNDl+lKCP0H2DtlOxIiJKeN4CDRjlkiBwpVfIFkBBUChJhiT5mkuoyTh2s5FIm
rnmhE8CfnRbcFRCSvnq7lMafDFHmJfBmY8eIYXyyd2YTta/i2fomPivHCijKPAVU
g/dd6P4nvzW9V9Daxwwy
=aK/U
-----END PGP SIGNATURE-----