Join us June 14-19 in Richmond, Virginia for SharkFest'25 US, the official Wireshark Developer and User Conference

Wireshark 1.10.1 Release Notes

Table of Contents

1. What is Wireshark?
2. What’s New
2.1. Bug Fixes
2.2. New and Updated Features
2.3. New Protocol Support
2.4. Updated Protocol Support
2.5. New and Updated Capture File Support
3. Getting Wireshark
3.1. Vendor-supplied Packages
4. File Locations
5. Known Problems
6. Getting Help
7. Frequently Asked Questions

1. What is Wireshark?

Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

2. What’s New

2.1. Bug Fixes

The following vulnerabilities have been fixed.

The following bugs have been fixed:

  • Mark retransmitted SYN and FIN packets as retransmissions.
  • Wireshark hides under Taskbar. (Bug 3034)
  • IEEE 802.15.4 frame check sequence in "Chipcon mode" not displayed correctly. (Bug 4507)
  • Mask in Lua ProtoField.uint32() does not work as expected. (Bug 5734)
  • Crash when applying filter with Voip calls. (Bug 6090)
  • Delta time regressions to tshark introduced with SVN 45071. (Bug 8160)
  • Add MAC-DATA support to TETRA dissector and other minor improvements. (Bug 8708)
  • Crash analyzing VoIP Calls (T38). (Bug 8736)
  • Wireshark writes empty NRB FQDN which makes trace unloadable. (Bug 8763)
  • Quick launch icon is absent, so it shows up as a generic icon. (Bug 8773)
  • Wrong encoding for 2 pod files, UTF-8 characters in another. (Bug 8774)
  • SCSI (SPC) sense key specific information field must not include SKSV. (Bug 8782)
  • Wireshark crashes when closing Flow Graph with Graph Analysis opened. (Bug 8793)
  • Wrong size of LLRP ProtocolID Parameter in Accessspec Parameter. (Bug 8809)
  • Detection of IPv6 works only on Solaris 8. (Bug 8813)
  • ip.opt.type triggers for TCP NOP option. (Bug 8823)
  • DCOM-SYSACT dissector crash. (Bug 8828)
  • Incorrect decoding of MPLS Echo Request with BGP FEC. (Bug 8835)
  • Buggy IEC104 dissector caused by commit r48958. (Bug 8849)
  • ansi_637_tele dissector displays MSB as MBS for Call-Back Number. (Bug 8851)
  • LISP Map-Notify flags I and R shown incorrectly. (Bug 8852)
  • ONTAP_V4 fhandle decoding leads to dissector bug. (Bug 8853)
  • Dropped bytes in imap dissector. (Bug 8857)
  • Kismet drone/server dissector improvements. (Bug 8864)
  • TShark iostat_draw sizeof mismatch. (Bug 8888)
  • SCTP bytes graph crash. (Bug 8889)
  • Patch to Wireshark/tshark usage info and man pages to document all timestamp (-t) options. (Bug 8906)
  • Strange behavior of tree expand/collapse in packet details. (Bug 8908)
  • Graph Filter field limited to 256 characters. (Bug 8909)
  • Filter doesn’t support cflow ASN larger than 65535. (Bug 8959)
  • Wireshark crashes when switching from a v1.11.0 profile to a v1.4.6 prof and then to a v1.5.1 prof. (Bug 8884)
  • SIP stats shows incorrect values for Max/Ave setup times. (Bug 8897)
  • NFSv4 delegation not reported correctly. (Bug 8920)
  • Issue with Capture Options Adapter List. (Bug 8932)
  • RFC 5844 - IPv4 Support for Proxy Mobile IPv6 - Mobility option IPv4 DHCP Support Mode Option malformed packet. (Bug 8957)
  • RFC 3775 - Mobility Support in IPv6 - Mobility option PadN incorrectly highlights + 2 bytes. (Bug 8958)
  • All mongodb query show as [Malformed Packet: MONGO]. (Bug 8960)

2.2. New and Updated Features

There are no new features in this release.

2.3. New Protocol Support

There are no new protocols in this release.

2.4. Updated Protocol Support

ANSI IS-637-A, ASN.1, ASN.1 PER, Bluetooth OBEX, Bluetooth SDB, DCERPC NDR, DCOM ISystemActivator, DCP ETSI, Diameter 3GPP, DIS, DVB-CI, Ethernet, GSM Common, GSM SMS, H.235, IEC104, IEEE 802.15.4, IEEE 802a, IMAP, IP, KDSP, LISP, LLRP, MAC-LTE,, Mobile IPv6, MONGO, MPLS Echo, Netflow, NFS, NFSv4, P1, PDCP-LTE, PN-IO, PN-RT, PPP, Radiotap, RLC,, RLC-LTE,, SCSI, SIP, SMTP, SoulSeek, TCP, TETRA, and VNC

2.5. New and Updated Capture File Support

and Microsoft Network Monitor, pcap-ng.

3. Getting Wireshark

Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.

3.1. Vendor-supplied Packages

Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

4. File Locations

Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.

5. Known Problems

Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)

The BER dissector might infinitely loop. (Bug 1516)

Capture filters aren’t applied when capturing from named pipes. (Bug 1814)

Filtering tshark captures with read filters (-R) no longer works. (Bug 2234)

The 64-bit Windows installer does not support Kerberos decryption. (Win64 development page)

Application crash when changing real-time option. (Bug 4035)

Hex pane display issue after startup. (Bug 4056)

Packet list rows are oversized. (Bug 4357)

Summary pane selected frame highlighting not maintained. (Bug 4445)

Wireshark and TShark will display incorrect delta times in some cases. (Bug 4985)

6. Getting Help

Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site.

Official Wireshark training and certification are available from Wireshark University.

7. Frequently Asked Questions

A complete FAQ is available on the Wireshark web site.