Wireshark 1.4.0, 1.2.11, and 1.0.16 Released
August 30, 2010
Wireshark 1.4.0, 1.2.11, and 1.0.16 have been released. Installers for Windows,
Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available.
New in 1.4.0
-
The packet list internals have been rewritten and are now more
efficient.
-
Columns are easier to use. You can add a protocol field as a column
by right-clicking on its packet detail item, and you can adjust
some column preferences by right-clicking the column header.
-
Preliminary Python scripting support has been added.
-
Many memory leaks have been fixed.
-
Wireshark 1.4 does not support Windows 2000. Please use
Wireshark 1.2 or 1.0 on those systems.
-
Packets can now be ignored (excluded from dissection), similar to
the way they can be marked.
-
Manual IP address resolution is now supported.
-
Columns with seconds can now be displayed as hours, minutes and
seconds.
-
You can now set the capture buffer size on UNIX and Linux if you have
libpcap 1.0.0 or greater.
-
TShark no longer needs elevated privileges on UNIX or Linux to list
interfaces. Only dumpcap requires privileges now.
-
Wireshark and TShark can enable 802.11 monitor mode directly if you
have libpcap 1.0.0 or greater.
-
You can play RTP streams directly from the RTP Analysis window.
-
Capinfos and editcap now respectively support time order checking
and forcing.
-
Wireshark now has a "jump to timestamp" command-line option.
-
You can open JPEG files directly in Wireshark.
For a complete list of changes, please refer to the
1.4.0 release notes.
In 1.2.11 and 1.0.16
A DLL hijacking bug described in
Microsoft
Security Advisory 2269637 has been fixed. See the security
advisories and release notes for more details.
Official releases are available right now from the
download page.