Wireshark-dev: Re: [Wireshark-dev] Wireshark 2.2.0rc1 is now available
From: Gerald Combs <[email protected]>
Date: Tue, 23 Aug 2016 11:07:13 -0700
Done: https://code.wireshark.org/review/#/c/17273/

On 8/23/16 3:26 AM, Roland Knall wrote:
> Hi Gerald
> 
> Could you mention the fix
> for https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11892 in the
> release notes - "extcap utilities keep running, after capture shut down".
> 
> regards
> Roland
> 
> On Tue, Aug 23, 2016 at 12:49 AM, Gerald Combs <[email protected]
> <mailto:[email protected]>> wrote:
> 
>     I'm proud to announce the release of Wireshark 2.2.0rc1.
> 
> 
>        This is the first release candidate for Wireshark 2.2.0.
>          __________________________________________________________________
> 
>     What is Wireshark?
> 
>        Wireshark is the world's most popular network protocol analyzer. It is
>        used for troubleshooting, analysis, development and education.
>          __________________________________________________________________
> 
>     What's New
> 
>          * Invalid coloring rules are now disabled instead of discarded. This
>            will provide backward compatibility with a coloring rule change in
>            Wireshark 2.2.
> 
>       Bug Fixes
> 
>          * Upgrading to latest version uninstalls Microsoft Visual C++
>            redistributable. ([1]Bug 12712)
> 
>       New and Updated Features
> 
>        There have been no new or significantly updated features since version
>        2.1.1.
> 
>        The following features are new (or have been significantly updated)
>        since version 2.1.0:
>          * Added -d option for Decode As support in Wireshark (mimics TShark
>            functionality)
>          * The Qt UI, GTK+ UI, and TShark can now export packets as JSON.
>            TShark can additionally export packets as Elasticsearch-compatible
>            JSON.
>          * The Qt UI now supports the -j, -J, and -l flags. The -m flag is now
>            deprecated.
>          * The Conversations and Endpoints dialogs are more responsive when
>            viewing large numbers of items.
>          * The RTP player now allows up to 30 minutes of silence frames.
>          * Packet bytes can now be displayed as EBCDIC.
>          * The Qt UI loads captures faster on Windows.
>          * proto_tree_add_checksum was added as an API. This attempts to
>            standardize how checksums are reported and filtered for within
>            *Shark. There are no more individual "good" and "bad" filter
>            fields, protocols now have a "checksum.status" field that records
>            "Good", "Bad" and "Unverified" (neither good or bad). Color filters
>            provided with Wireshark have been adjusted to the new display
>            filter names, but custom ones may need to be updated.
> 
>        The following features are new (or have been significantly updated)
>        since version 2.0.0:
>          * The intelligent scroll bar now sits to the left of a normal scroll
>            bar and provides a clickable map of nearby packets.
>          * You can now switch between between Capture and File Format
>            dissection of the current capture file via the View menu in the Qt
>            GUI.
>          * You can now show selected packet bytes as ASCII, HTML, Image, ISO
>            8859-1, Raw, UTF-8, a C array, or YAML.
>          * You can now use regular expressions in Find Packet and in the
>            advanced preferences.
>          * Name resolution for packet capture now supports asynchronous DNS
>            lookups only. Therefore the "concurrent DNS resolution" preference
>            has been deprecated and is a no-op. To enable DNS name resolution
>            some build dependencies must be present (currently c-ares). If that
>            is not the case DNS name resolution will be disabled (but other
>            name resolution mechanisms, such as host files, are still
>            available).
>          * The byte under the mouse in the Packet Bytes pane is now
>            highlighted.
>          * TShark supports exporting PDUs via the -U flag.
>          * The Windows and OS X installers now come with the "sshdump" and
>            "ciscodump" extcap interfaces.
>          * Most dialogs in the Qt UI now save their size and positions.
>          * The Follow Stream dialog now supports UTF-16.
>          * The Firewall ACL Rules dialog has returned.
>          * The Flow (Sequence) Analysis dialog has been improved.
>          * We no longer provide packages for 32-bit versions of OS X.
>          * The Bluetooth Device details dialog has been added.
> 
>       New File Format Decoding Support
> 
>        Wireshark is able to display the format of some types of files (rather
>        than displaying the contents of those files). This is useful when
>        you're curious about, or debugging, a file and its format. To open a
>        capture file (such as PCAP) in this mode specify "MIME Files Format" as
>        the file's format in the Open File dialog.
> 
>       New Protocol Support
> 
>        Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol,
>        Bluetooth Pseudoheader for BR/EDR, CISCO ERSPAN3 Marker, Edge Control
>        Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS
>        Kernel Packet Header Dissector Added (IPOS), Extensible Control &
>        Management Protocol (eCMP), FLEXRAY Protocol dissector added
>        (automotive bus), IEEE 802.1BR E-Tag, ISO 8583-1, ISO14443, ITU-T
>        G.7041/Y.1303 Generic Framing Procedure (GFP), LAT protocol (DECNET),
>        Metamako trailers, Network-Based IP Flow Mobility (NBIFOM), Nokia
>        Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight
>        Machine to Machine TLV payload Added (LwM2M TLV), Real Time Location
>        System (RTLS), RTI TCP Transport Layer (RTITCP), STANAG 5602 SIMPLE,
>        USB3 Vision Protocol (USB machine vision cameras), USBIP Protocol,
>        UserLog Protocol, and Zigbee Protocol Clusters Dissectors Added
>        (Closures Lighting General Measurement & Sensing HVAC Security &
>        Safety)
> 
>       Updated Protocol Support
> 
>        Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex),
>        allow to DecodeAs it over USB, TCP and UDP.
> 
>        A preference was added to TCP dissector for handling IPFIX process
>        information. It has been disabled by default.
> 
>       New and Updated Capture File Support
> 
>        Micropross mplog
> 
>       New and Updated Capture Interfaces support
> 
>        Non-empty section placeholder.
> 
>       Major API Changes
> 
>        The libwireshark API has undergone some major changes:
>          * The address macros (e.g., SET_ADDRESS) have been removed. Use the
>            (lower case) functions of the same names instead.
>          * "old style" dissector functions (that don't return number of bytes
>            used) have been replaced in name with the "new style" dissector
>            functions.
>          * tvb_get_string and tvb_get_stringz have been replaced with
>            tvb_get_string_enc and tvb_get_stringz_enc respectively.
>          __________________________________________________________________
> 
>     Getting Wireshark
> 
>        Wireshark source code and installation packages are available from
>        [2]https://www.wireshark.org/download.html
>     <https://www.wireshark.org/download.html>.
> 
>       Vendor-supplied Packages
> 
>        Most Linux and Unix vendors supply their own Wireshark packages. You
>        can usually install or upgrade Wireshark using the package management
>        system specific to that platform. A list of third-party packages can be
>        found on the [3]download page on the Wireshark web site.
>          __________________________________________________________________
> 
>     File Locations
> 
>        Wireshark and TShark look in several different locations for preference
>        files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
>        vary from platform to platform. You can use About->Folders to find the
>        default locations on your system.
>          __________________________________________________________________
> 
>     Known Problems
> 
>        Dumpcap might not quit if Wireshark or TShark crashes. ([4]Bug 1419)
> 
>        The BER dissector might infinitely loop. ([5]Bug 1516)
> 
>        Capture filters aren't applied when capturing from named pipes. ([6]Bug
>        1814)
> 
>        Filtering tshark captures with read filters (-R) no longer works.
>        ([7]Bug 2234)
> 
>        Application crash when changing real-time option. ([8]Bug 4035)
> 
>        Packet list rows are oversized. ([9]Bug 4357)
> 
>        Wireshark and TShark will display incorrect delta times in some cases.
>        ([10]Bug 4985)
> 
>        Wireshark should let you work with multiple capture files. ([11]Bug
>        10488)
> 
>        Dell Backup and Recovery (DBAR) makes many Windows applications crash,
>        including Wireshark. ([12]Bug 12036)
>          __________________________________________________________________
> 
>     Getting Help
> 
>        Community support is available on [13]Wireshark's Q&A site and on the
>        wireshark-users mailing list. Subscription information and archives for
>        all of Wireshark's mailing lists can be found on [14]the web site.
> 
>        Official Wireshark training and certification are available from
>        [15]Wireshark University.
>          __________________________________________________________________
> 
>     Frequently Asked Questions
> 
>        A complete FAQ is available on the [16]Wireshark web site.
>          __________________________________________________________________
> 
>        Last updated 2016-08-22 22:36:11 UTC
> 
>     References
> 
>        1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12712
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12712>
>        2. https://www.wireshark.org/download.html
>     <https://www.wireshark.org/download.html>
>        3. https://www.wireshark.org/download.html#thirdparty
>     <https://www.wireshark.org/download.html#thirdparty>
>        4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419>
>        5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516>
>        6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814>
>        7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234>
>        8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035>
>        9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357>
>       10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985>
>       11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488>
>       12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
>     <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036>
>       13. https://ask.wireshark.org/
>       14. https://www.wireshark.org/lists/ <https://www.wireshark.org/lists/>
>       15. http://www.wiresharktraining.com/ <http://www.wiresharktraining.com/>
>       16. https://www.wireshark.org/faq.html
>     <https://www.wireshark.org/faq.html>
> 
> 
>     Digests
> 
>     wireshark-2.2.0rc1.tar.bz2: 32130789 bytes
>     SHA256(wireshark-2.2.0rc1.tar.bz2)=af5475523e050d2c207d356788ed633fd26a0c35b9198195c7d3a60aaa6f3dc4
>     RIPEMD160(wireshark-2.2.0rc1.tar.bz2)=5fed5880fdf9bdaa87752ff0c9bb4a6ccb6e8d4e
>     SHA1(wireshark-2.2.0rc1.tar.bz2)=29019d95e04cd4ef251859f0ffe545e85b295463
>     MD5(wireshark-2.2.0rc1.tar.bz2)=35b368760cef1bb5d57ee3d9cd42dbae
> 
>     Wireshark-win32-2.2.0rc1.exe: 44800176 bytes
>     SHA256(Wireshark-win32-2.2.0rc1.exe)=b2cc8dea20b2ea08779e6a518d76cacaa59cf14e2e2bb7011a8a2938de4c40ac
>     RIPEMD160(Wireshark-win32-2.2.0rc1.exe)=e4a20b2a06e6ce823928d4d57e4c3c4ad0b24c0f
>     SHA1(Wireshark-win32-2.2.0rc1.exe)=c8269f84f3c698106f3c56e21796d83cc364d1b8
>     MD5(Wireshark-win32-2.2.0rc1.exe)=39a718737437df6520612c3aac71643e
> 
>     Wireshark-win64-2.2.0rc1.exe: 48520312 bytes
>     SHA256(Wireshark-win64-2.2.0rc1.exe)=1b0482e42be6abcd7ecc27657d76016b1dfdaa00490b31bd4b996b3ac6dba9c4
>     RIPEMD160(Wireshark-win64-2.2.0rc1.exe)=2affb413e32a2ca091b38f2e4d03038de2ccbee1
>     SHA1(Wireshark-win64-2.2.0rc1.exe)=279a8c87c2805f38083181577a22cb01ee775acf
>     MD5(Wireshark-win64-2.2.0rc1.exe)=d0f0af9ef0674203ac53639baabf84a2
> 
>     WiresharkPortable_2.2.0rc1.paf.exe: 46429848 bytes
>     SHA256(WiresharkPortable_2.2.0rc1.paf.exe)=2cc5fdc66ae18864205405d7e823571e2f997fac52e84730b52cab06fe4faba6
>     RIPEMD160(WiresharkPortable_2.2.0rc1.paf.exe)=a7a2b9d31cf6e3846bd78e99364b5d6ca3618a42
>     SHA1(WiresharkPortable_2.2.0rc1.paf.exe)=3fe08ccd651e1495ef306cd74857c4cc8c258577
>     MD5(WiresharkPortable_2.2.0rc1.paf.exe)=b320ba87699a411671cb7d44e7d889f3
> 
>     Wireshark 2.2.0rc1 Intel 64.dmg: 32679941 bytes
>     SHA256(Wireshark 2.2.0rc1 Intel
>     64.dmg)=6d6cb29a04f0c509ee69d1ad9a94fb3ccbf9df27e463dbf88a01e1739768732e
>     RIPEMD160(Wireshark 2.2.0rc1 Intel
>     64.dmg)=171f2d9f12f9bf0feffc8ad291c42e0e2494d482
>     SHA1(Wireshark 2.2.0rc1 Intel
>     64.dmg)=32068ed02822a1dd03a803c83de8a2f0622ddeb4
>     MD5(Wireshark 2.2.0rc1 Intel 64.dmg)=54f46270d997ac059493eb39c32ccbfb
> 
> 
>     ___________________________________________________________________________
>     Sent via:    Wireshark-dev mailing list <[email protected]
>     <mailto:[email protected]>>
>     Archives:    https://www.wireshark.org/lists/wireshark-dev
>     <https://www.wireshark.org/lists/wireshark-dev>
>     Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>     <https://wireshark.org/mailman/options/wireshark-dev>
>                  mailto:[email protected]
>     <mailto:[email protected]>?subject=unsubscribe
> 
> 
> 
> 
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <[email protected]>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:[email protected]?subject=unsubscribe
>