ESB-2018.0561 - [Win][UNIX/Linux] wireshark: Denial of service - Remote with user interaction 2018-02-26

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.0561
               Wireshark 2.2.13 and 2.4.5 are now available
                             26 February 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           wireshark
Publisher:         Wireshark
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Denial of Service -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-7420 CVE-2018-7419 CVE-2018-7418
                   CVE-2018-7417 CVE-2018-7337 CVE-2018-7336
                   CVE-2018-7335 CVE-2018-7334 CVE-2018-7320

Original Bulletin: 
   https://www.wireshark.org/lists/wireshark-announce/201802/msg00001.html
   https://www.wireshark.org/lists/wireshark-announce/201802/msg00002.html

Comment: This bulletin contains two (2) Wireshark security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

I'm proud to announce the release of Wireshark 2.2.13.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-05
       The IEEE 802.11 dissector could crash. [2]Bug 14442,
       [3]CVE-2018-7335
     * [4]wnpa-sec-2018-06
       Multiple dissectors could go into large infinite loops. All ASN.1
       BER dissectors ([5]Bug 14444), along with the DICOM ([6]Bug 14411),
       DMP ([7]Bug 14408), LLTD ([8]Bug 14419), OpenFlow ([9]Bug 14420),
       RELOAD ([10]Bug 14445), RPCoRDMA ([11]Bug 14449), RPKI-Router
       ([12]Bug 14414), S7COMM ([13]Bug 14423), SCCP ([14]Bug 14413),
       Thread ([15]Bug 14428), Thrift ([16]Bug 14379), USB ([17]Bug
       14421), and WCCP ([18]Bug 14412) dissectors were susceptible.
     * [19]wnpa-sec-2018-07
       The UMTS MAC dissector could crash. [20]Bug 14339,
       [21]CVE-2018-7334
     * [22]wnpa-sec-2018-09
       The FCP dissector could crash. [23]Bug 14374, [24]CVE-2018-7336
     * [25]wnpa-sec-2018-10
       The SIGCOMP dissector could crash. [26]Bug 14398, [27]CVE-2018-7320
     * [28]wnpa-sec-2018-11
       The pcapng file parser could crash. [29]Bug 14403,
       [30]CVE-2018-7420
     * [31]wnpa-sec-2018-12
       The IPMI dissector could crash. [32]Bug 14409, [33]CVE-2018-7417
     * [34]wnpa-sec-2018-13
       The SIGCOMP dissector could crash. [35]Bug 14410, [36]CVE-2018-7418
     * [37]wnpa-sec-2018-14
       The NBAP disssector could crash. [38]Bug 14443, [39]CVE-2018-7419

   The following bugs have been fixed:
     * Change placement of "double chevron" in Filter Toolbar to eliminate
       overlap. ([40]Bug 14121)
     * GET MAX LUN wLength decoded as big-endian - USB Mass Storage.
       ([41]Bug 14360)
     * Buildbot crash output: fuzz-2018-01-28-15874.pcap. ([42]Bug 14371)
     * [oss-fuzz] #6028 RPC_NETLOGON: Direct-leak in g_malloc
       (generate_hash_key). ([43]Bug 14407)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 BER, BOOTP/DHCP, DCE RPC NETLOGON, DICOM, DIS, DMP, DOCSIS, FCP,
   IAX2, IEEE 802.11, IPMI, LLTD, NBAP, OpenFlow, RELOAD, RPCoRDMA,
   RPKI-Router, S7COMM, SCCP, SIGCOMP, Thread, Thrift, UMTS MAC, USB, USB
   Mass Storage, and WCCP

  New and Updated Capture File Support

   pcapng

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.

  Major API Changes

   There are no major API changes in this release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [44]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [45]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([46]Bug 1419)

   The BER dissector might infinitely loop. ([47]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([48]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([49]Bug 2234)

   Application crash when changing real-time option. ([50]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([51]Bug 4985)

   Wireshark should let you work with multiple capture files. ([52]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [53]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [54]the web site.

   Official Wireshark training and certification are available from
   [55]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [56]Wireshark web site.
     __________________________________________________________________

   Last updated 2018-02-23 19:32:20 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2018-05.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7335
   4. https://www.wireshark.org/security/wnpa-sec-2018-06.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14411
   7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14445
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14379
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14412
  19. https://www.wireshark.org/security/wnpa-sec-2018-07.html
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339
  21. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7334
  22. https://www.wireshark.org/security/wnpa-sec-2018-09.html
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374
  24. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7336
  25. https://www.wireshark.org/security/wnpa-sec-2018-10.html
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398
  27. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7320
  28. https://www.wireshark.org/security/wnpa-sec-2018-11.html
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
  30. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7420
  31. https://www.wireshark.org/security/wnpa-sec-2018-12.html
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409
  33. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7417
  34. https://www.wireshark.org/security/wnpa-sec-2018-13.html
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410
  36. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7418
  37. https://www.wireshark.org/security/wnpa-sec-2018-14.html
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443
  39. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7419
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14121
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14360
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14371
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14407
  44. https://www.wireshark.org/download.html
  45. https://www.wireshark.org/download.html#thirdparty
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  53. https://ask.wireshark.org/
  54. https://www.wireshark.org/lists/
  55. http://www.wiresharktraining.com/
  56. https://www.wireshark.org/faq.html


Digests

wireshark-2.2.13.tar.bz2: 32420199 bytes
SHA256(wireshark-2.2.13.tar.bz2)=be090fb0fee5f890b352d2317666d43ab055056faead5f802dc44f5d8bd1cd2b
RIPEMD160(wireshark-2.2.13.tar.bz2)=83a910f43351ca25d941d27a1ecb445651f7c96d
SHA1(wireshark-2.2.13.tar.bz2)=02556f82d9c4a0a9d4f183b662181fc81dc77a67

Wireshark-win64-2.2.13.exe: 56155984 bytes
SHA256(Wireshark-win64-2.2.13.exe)=0d766eed8c8cf1ba65adbaba68fccc25d9ffbd86cf7fb300a04c56cd319354e4
RIPEMD160(Wireshark-win64-2.2.13.exe)=992b3127f923e6f60637bdbb6aec8ec16d14b117
SHA1(Wireshark-win64-2.2.13.exe)=9d30a543aa0f4495b96838d56914d8491dc22ec8

Wireshark-win32-2.2.13.exe: 44660056 bytes
SHA256(Wireshark-win32-2.2.13.exe)=cb1f3e51487932a3a901f6fd5fb0b28c276cb1d1530c7df681db1835671b4951
RIPEMD160(Wireshark-win32-2.2.13.exe)=cc19fa35e890b0f8a6d29dd05911b997b06b922a
SHA1(Wireshark-win32-2.2.13.exe)=1a43d038e6d1351dae876d23c6e03f3e600c5ed7

WiresharkPortable_2.2.13.paf.exe: 46292896 bytes
SHA256(WiresharkPortable_2.2.13.paf.exe)=e7298850b99f913b887313c394fa222a1d691d269c4025281463ae508178c060
RIPEMD160(WiresharkPortable_2.2.13.paf.exe)=411678cdf9326cb994bcfba654f28ee8b27f202e
SHA1(WiresharkPortable_2.2.13.paf.exe)=173bde10931b6f06f701e0dd5692a6c2e87752b3

Wireshark 2.2.13 Intel 64.dmg: 39971586 bytes
SHA256(Wireshark 2.2.13 Intel
64.dmg)=17a8ee0b82f74539f131f4e137f1c2733c7e316e9760c7cbab28a3f2d566f43a
RIPEMD160(Wireshark 2.2.13 Intel
64.dmg)=1a1681acc300e763282d8cf43ffb416fee10f0aa
SHA1(Wireshark 2.2.13 Intel 64.dmg)=2411ac14dd75f6d3f1d58501be0fe1768953a180

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz


- -------------------------------------------------------------------------------


I'm proud to announce the release of Wireshark 2.4.5.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-05
       The IEEE 802.11 dissector could crash. [2]Bug 14442,
       [3]CVE-2018-7335
     * [4]wnpa-sec-2018-06
       Multiple dissectors could go into large infinite loops. All ASN.1
       BER dissectors ([5]Bug 14444), along with the DICOM ([6]Bug 14411),
       DMP ([7]Bug 14408), LLTD ([8]Bug 14419), OpenFlow ([9]Bug 14420),
       RELOAD ([10]Bug 14445), RPCoRDMA ([11]Bug 14449), RPKI-Router
       ([12]Bug 14414), S7COMM ([13]Bug 14423), SCCP ([14]Bug 14413),
       Thread ([15]Bug 14428), Thrift ([16]Bug 14379), USB ([17]Bug
       14421), and WCCP ([18]Bug 14412) dissectors were susceptible.
     * [19]wnpa-sec-2018-07
       The UMTS MAC dissector could crash. [20]Bug 14339,
       [21]CVE-2018-7334
     * [22]wnpa-sec-2018-08
       The DOCSIS dissector could crash. [23]Bug 14446, [24]CVE-2018-7337
     * [25]wnpa-sec-2018-09
       The FCP dissector could crash. [26]Bug 14374, [27]CVE-2018-7336
     * [28]wnpa-sec-2018-10
       The SIGCOMP dissector could crash. [29]Bug 14398, [30]CVE-2018-7320
     * [31]wnpa-sec-2018-11
       The pcapng file parser could crash. [32]Bug 14403,
       [33]CVE-2018-7420
     * [34]wnpa-sec-2018-12
       The IPMI dissector could crash. [35]Bug 14409, [36]CVE-2018-7417
     * [37]wnpa-sec-2018-13
       The SIGCOMP dissector could crash. [38]Bug 14410, [39]CVE-2018-7418
     * [40]wnpa-sec-2018-14
       The NBAP disssector could crash. [41]Bug 14443, [42]CVE-2018-7419

   The following bugs have been fixed:
     * Change placement of "double chevron" in Filter Toolbar to eliminate
       overlap. ([43]Bug 14121)
     * AutoScroll does not work. ([44]Bug 14257)
     * BOOTP/DHCP: malformed packet -> when user class option (77) is
       present. ([45]Bug 14312)
     * GET MAX LUN wLength decoded as big-endian - USB Mass Storage.
       ([46]Bug 14360)
     * Unable to create Filter Expression Button for a yellow filter.
       ([47]Bug 14369)
     * Buildbot crash output: fuzz-2018-01-28-15874.pcap. ([48]Bug 14371)
     * NetScaler RPC segmentation fault / stack overflow. ([49]Bug 14399)
     * [oss-fuzz] #6028 RPC_NETLOGON: Direct-leak in g_malloc
       (generate_hash_key). ([50]Bug 14407)
     * Newline "\n" in packet list field increase line height for all
       rows. ([51]Bug 14424)
     * ieee80211-radio.c preamble duration calculation not correct.
       ([52]Bug 14439)
     * DIS: Malformed packet in SISO-STD-002 transmitter. ([53]Bug 14441)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 BER, BOOTP/DHCP, DCE RPC NETLOGON, DICOM, DIS, DMP, DOCSIS, EPL,
   FCP, GSM A RR, HSRP, IAX2, IEEE 802.11, Infiniband, IPMI, IPv6, LDAP,
   LLTD, NBAP, NetScaler RPC, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router,
   S7COMM, SCCP, SIGCOMP, Thread, Thrift, TLS/SSL, UMTS MAC, USB, USB Mass
   Storage, and WCCP

  New and Updated Capture File Support

   pcap pcapng
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [54]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [55]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([56]Bug 1419)

   The BER dissector might infinitely loop. ([57]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([58]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([59]Bug 2234)

   Application crash when changing real-time option. ([60]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([61]Bug 4985)

   Wireshark should let you work with multiple capture files. ([62]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [63]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [64]the web site.

   Official Wireshark training and certification are available from
   [65]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [66]Wireshark web site.
     __________________________________________________________________

   Last updated 2018-02-23 19:30:37 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2018-05.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7335
   4. https://www.wireshark.org/security/wnpa-sec-2018-06.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14411
   7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14445
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14379
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14412
  19. https://www.wireshark.org/security/wnpa-sec-2018-07.html
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339
  21. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7334
  22. https://www.wireshark.org/security/wnpa-sec-2018-08.html
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446
  24. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7337
  25. https://www.wireshark.org/security/wnpa-sec-2018-09.html
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374
  27. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7336
  28. https://www.wireshark.org/security/wnpa-sec-2018-10.html
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398
  30. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7320
  31. https://www.wireshark.org/security/wnpa-sec-2018-11.html
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
  33. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7420
  34. https://www.wireshark.org/security/wnpa-sec-2018-12.html
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409
  36. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7417
  37. https://www.wireshark.org/security/wnpa-sec-2018-13.html
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410
  39. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7418
  40. https://www.wireshark.org/security/wnpa-sec-2018-14.html
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443
  42. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7419
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14121
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14257
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14312
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14360
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14369
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14371
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14399
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14407
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14424
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14439
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14441
  54. https://www.wireshark.org/download.html
  55. https://www.wireshark.org/download.html#thirdparty
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  62. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  63. https://ask.wireshark.org/
  64. https://www.wireshark.org/lists/
  65. http://www.wiresharktraining.com/
  66. https://www.wireshark.org/faq.html


Digests

wireshark-2.4.5.tar.xz: 28836740 bytes
SHA256(wireshark-2.4.5.tar.xz)=b3b2ec29fba0f4a3a590438abe4054e56f19108d440fc2d61492db9d8ff16fd7
RIPEMD160(wireshark-2.4.5.tar.xz)=f14cbb589a4fbf42f2420a34f2e98a2b274641e6
SHA1(wireshark-2.4.5.tar.xz)=c49dfaba0a62d9e3f8ecda5e148f19cba9800900

Wireshark-win32-2.4.5.exe: 52716272 bytes
SHA256(Wireshark-win32-2.4.5.exe)=31687c3c0f9e7c2c0ce610db5c659680083d7204c5fbda4a98fb439a86c90011
RIPEMD160(Wireshark-win32-2.4.5.exe)=68f6b32d6bef1e789dd4783229c7974026986d1f
SHA1(Wireshark-win32-2.4.5.exe)=0825f8d3525b109c55a4c8fb7fc249043d9b822c

Wireshark-win64-2.4.5.exe: 57909112 bytes
SHA256(Wireshark-win64-2.4.5.exe)=867338819182ba636e1b741e87d60f1b06661138c2614db1253f1c75c17ae68c
RIPEMD160(Wireshark-win64-2.4.5.exe)=5f8040361904c6317cac57ae48884182dcd66172
SHA1(Wireshark-win64-2.4.5.exe)=273d4395d9fc6323f4618884ccc46ad640bebb53

Wireshark-win64-2.4.5.msi: 47079424 bytes
SHA256(Wireshark-win64-2.4.5.msi)=201b6b9f4b9f15459287286809daba2d68464aa89320c1d676db565224e8b2ae
RIPEMD160(Wireshark-win64-2.4.5.msi)=700ab32ebb8e72999cf8916b53a3fb71ce279ca6
SHA1(Wireshark-win64-2.4.5.msi)=7408105a82218aa1d9c4c9ce855738403734f230

Wireshark-win32-2.4.5.msi: 41967616 bytes
SHA256(Wireshark-win32-2.4.5.msi)=8a1fff845e5b51c1778f42e43d715a1f41943fd7bced32424eed7eb0b295abf8
RIPEMD160(Wireshark-win32-2.4.5.msi)=7eb658336b6679a3b828d1a54b29acc0a2f6e162
SHA1(Wireshark-win32-2.4.5.msi)=11d8b499d128cf64c7226fb0e76fc44354008d60

WiresharkPortable_2.4.5.paf.exe: 45373920 bytes
SHA256(WiresharkPortable_2.4.5.paf.exe)=b2bb1d15a0c5cbd9fd168688b24cf0aff2445a005641adcae531aa3a605a5964
RIPEMD160(WiresharkPortable_2.4.5.paf.exe)=5a0d230438eae0d33f3410fdf165c885712b96d7
SHA1(WiresharkPortable_2.4.5.paf.exe)=8341f112a2bc90256d2a5b4a6a01655d50c381f5

Wireshark 2.4.5 Intel 64.dmg: 42004449 bytes
SHA256(Wireshark 2.4.5 Intel
64.dmg)=028592817849f180f4014288a9566910e4ab508cb3b53a9721c9c667379acd15
RIPEMD160(Wireshark 2.4.5 Intel
64.dmg)=0c6adbb0068ad4e87af17397a7cfeb33ed80db69
SHA1(Wireshark 2.4.5 Intel 64.dmg)=7b6bc07482f7ef506a559a922d413e2e1989d796

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWpOKTYx+lLeg9Ub1AQhtIg//QGdkmQkfiUIhOB+o/gomdrm383mW8dxr
7EKa2o+BcdPL11GPfs/ny3nE5XrUge9HSs9apXXpn/RZHa694fxo2qUql2hokwhy
dtcWmJ27/BqqIW6Xp3LHV2iRyMZTbHOFXe+3GgoSE/vsFhrBin3pAbyIqIfCNd6N
oOuBkYP4JZRF8Qb/LDbE0yL5oy240OB4odOJpKK9HFwOV7/eRSB7LUOzjxIcaxyO
C1Nn/Poy++HC8SC14SXgpjlWRzX8RtWG2xmIkgNE5rBS+sOzK6eXjq1z83jqSKeC
7sJQtM5RVNkFwsDscn8ScYrvWavvdRWGSkeYLjOnMdP7t3cjtVG2IZoih+a2FkN6
d36sKWqaQizz1PRfJf9CkGjq/3QbMnFuG+Vgc1rm9w+vFgxmYxS0KJgQA91WdD8O
ZGRubmsOzwkOg7PuhpKAbR1jnJWbxxJbPLH54UgJtCP/pECz/ZgDkiDBt/Zck+cf
kjUvOZsZtDXyET2/DaeH2ideInlXRdFp8v1xjEs/6ek8hnlA98whSSTNE3EwqQ0e
hPRzxw6dqCT3wiy6XL6JBlbRrJlPTlteiiYp9o4ipCEalGQkHRMmNHyuFYUIV9jy
eXPSO9FymyjjX80wqjSUwD6jhq2LCNPa8JRvtqRKgf6lMHonYecXwc1Nzg8jMR9G
P0yhwkcFBjs=
=HScD
-----END PGP SIGNATURE-----

« Back to bulletins