ESB-2018.1033 - [Win][UNIX/Linux] Wireshark: Denial of service - Remote with user interaction 2018-04-05

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1033
               Wireshark 2.2.14 and 2.4.6 are now available
                               5 April 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Wireshark
Publisher:         Wireshark
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Denial of Service -- Remote with User Interaction
Resolution:        Patch/Upgrade

Original Bulletin: 
   https://www.wireshark.org/lists/wireshark-announce/201804/msg00000.html
   https://www.wireshark.org/lists/wireshark-announce/201804/msg00001.html

Comment: This bulletin contains two (2) Wireshark security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

I'm proud to announce the release of Wireshark 2.2.14.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-15
       The MP4 dissector could crash. ([2]Bug 13777)
     * [3]wnpa-sec-2018-16
       The ADB dissector could crash. ([4]Bug 14460)
     * [5]wnpa-sec-2018-17
       The IEEE 802.15.4 dissector could crash. ([6]Bug 14468)
     * [7]wnpa-sec-2018-18
       The NBAP dissector could crash. ([8]Bug 14471)
     * [9]wnpa-sec-2018-19
       The VLAN dissector could crash. ([10]Bug 14469)
     * [11]wnpa-sec-2018-20
       The LWAPP dissector could crash. ([12]Bug 14467)
     * [13]wnpa-sec-2018-23
       The Kerberos dissector could crash. ([14]Bug 14576)
     * [15]wnpa-sec-2018-24
       Multiple dissectors and other modules could leak memory. The TN3270
       ([16]Bug 14480), ISUP ([17]Bug 14481), LAPD ([18]Bug 14482), SMB2
       ([19]Bug 14483), GIOP ([20]Bug 14484), ASN.1 ([21]Bug 14485), MIME
       multipart ([22]Bug 14486), H.223 ([23]Bug 14487), and PCP ([24]Bug
       14488) dissectors were susceptible along with Wireshark and TShark
       ([25]Bug 14489).

   The following bugs have been fixed:
     * Lua script calling Ethernet dissector runs OK in 1.12.4 but crashes
       in later releases. ([26]Bug 14293)
     * PEEKREMOTE dissector lacks 80mhz support, short preamble support
       and spatial streams encoding. ([27]Bug 14452)
     * Typo error in enumeration value of speech version identifier.
       ([28]Bug 14528)
     * WCCP logical error in CHECK_LENGTH_ADVANCE_OFFSET macros. ([29]Bug
       14538)
     * Buildbot crash output: fuzz-2018-03-19-19114.pcap. ([30]Bug 14544)
     * alloca() used in wsutil/getopt_long.c without <alloca.h> inclusion.
       ([31]Bug 14552)
     * HP-UX HP ANSI C requires -Wp,-H200000 flag to compile. ([32]Bug
       14554)
     * Makefile.in uses non-portable "install" command. ([33]Bug 14555)
     * HP-UX HP ANSI C doesn't support assigning {} to a variable in
       epan/app_mem_usage.c. ([34]Bug 14556)
     * PPP in SSTP, HDLC framing not parsed properly. ([35]Bug 14559)
     * Using the DIAMETER dictionary causes the standard input to be
       closed when the dictionary is read. ([36]Bug 14577)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   6LoWPAN, ADB, DNS, Ethernet, GIOP, GSM BSSMAP, H.223, IEEE 802.11, IEEE
   802.11 Radiotap, IEEE 802.15.4, ISUP, Kerberos, LAPD, LWAPP, MIME
   multipart, MP4, NBAP, PCP, PEEKREMOTE, S1AP, SMB2, SSTP, T.30, TN3270,
   VLAN, WCCP, and WSP

  New and Updated Capture File Support

   There is no new or updated capture file support in this release.

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.

  Major API Changes

   There are no major API changes in this release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [37]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [38]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([39]Bug 1419)

   The BER dissector might infinitely loop. ([40]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([41]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([42]Bug 2234)

   Application crash when changing real-time option. ([43]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([44]Bug 4985)

   Wireshark should let you work with multiple capture files. ([45]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [46]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [47]the web site.

   Official Wireshark training and certification are available from
   [48]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [49]Wireshark web site.
     __________________________________________________________________

   Last updated 2018-04-03 20:05:23 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2018-15.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
   3. https://www.wireshark.org/security/wnpa-sec-2018-16.html
   4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14460
   5. https://www.wireshark.org/security/wnpa-sec-2018-17.html
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468
   7. https://www.wireshark.org/security/wnpa-sec-2018-18.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471
   9. https://www.wireshark.org/security/wnpa-sec-2018-19.html
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14469
  11. https://www.wireshark.org/security/wnpa-sec-2018-20.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14467
  13. https://www.wireshark.org/security/wnpa-sec-2018-23.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576
  15. https://www.wireshark.org/security/wnpa-sec-2018-24.html
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14480
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14481
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14482
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14483
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14484
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14485
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14486
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14488
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14489
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14293
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14452
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14528
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14538
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14552
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14554
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14555
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14556
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14559
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14577
  37. https://www.wireshark.org/download.html
  38. https://www.wireshark.org/download.html#thirdparty
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  46. https://ask.wireshark.org/
  47. https://www.wireshark.org/lists/
  48. http://www.wiresharktraining.com/
  49. https://www.wireshark.org/faq.html


Digests

wireshark-2.2.14.tar.bz2: 32445055 bytes
SHA256(wireshark-2.2.14.tar.bz2)=e7a3d4f9bbde20ea5ee09103f9f6dba38e3666dfe1d6a6a1c004602b5fac378b
RIPEMD160(wireshark-2.2.14.tar.bz2)=18e91fe0c2b9642d09e8ba52c0c35b46de15aa70
SHA1(wireshark-2.2.14.tar.bz2)=9c1cd205f5755566d363c8f273c3a322e6cfd90b

Wireshark-win32-2.2.14.exe: 44651736 bytes
SHA256(Wireshark-win32-2.2.14.exe)=6e3b62e24a686aab21af7bdf2cc6582bb95f8e8a861213aa19930dd2bba4cfb5
RIPEMD160(Wireshark-win32-2.2.14.exe)=31f80a3f7f2c0aec49e7018e798187526de092b7
SHA1(Wireshark-win32-2.2.14.exe)=e01610f52c79e2172137da1530eb27c4bb49d7ef

Wireshark-win64-2.2.14.exe: 56153200 bytes
SHA256(Wireshark-win64-2.2.14.exe)=131e9b6f6ed9b2409af296d6ce9cc3f181ff8aa1ca444ab91d7358bbcdfa4596
RIPEMD160(Wireshark-win64-2.2.14.exe)=e7354160b235f0824ab8d4d78a8673955d4cb068
SHA1(Wireshark-win64-2.2.14.exe)=daf03c16f75d6d15422aa97c85a5e630a44048b3

WiresharkPortable_2.2.14.paf.exe: 46294176 bytes
SHA256(WiresharkPortable_2.2.14.paf.exe)=219639bae69591010b68047d9e2211662ac01195bf3a27c831e2165bf630af11
RIPEMD160(WiresharkPortable_2.2.14.paf.exe)=f5234236a8c4145d4a03dfd31367a0ed756e41fe
SHA1(WiresharkPortable_2.2.14.paf.exe)=a4b3b6ad7a5b4b6e7c97924aaf4b0e99c67bea27

Wireshark 2.2.14 Intel 64.dmg: 40002647 bytes
SHA256(Wireshark 2.2.14 Intel
64.dmg)=99732e2127e1ad5b5f11da8c9f6756a0a531601e02ff942b33e563dc76c7ff08
RIPEMD160(Wireshark 2.2.14 Intel
64.dmg)=5bb642f3f6a4f6201996310673b4b52631ad2e08
SHA1(Wireshark 2.2.14 Intel 64.dmg)=9d204c7e9d5174b3ea54ac8a2e5b98ac2b8ac36e

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz


===========================================================================

I'm proud to announce the release of Wireshark 2.4.6.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-15
       The MP4 dissector could crash. ([2]Bug 13777)
     * [3]wnpa-sec-2018-16
       The ADB dissector could crash. ([4]Bug 14460)
     * [5]wnpa-sec-2018-17
       The IEEE 802.15.4 dissector could crash. ([6]Bug 14468)
     * [7]wnpa-sec-2018-18
       The NBAP dissector could crash. ([8]Bug 14471)
     * [9]wnpa-sec-2018-19
       The VLAN dissector could crash. ([10]Bug 14469)
     * [11]wnpa-sec-2018-20
       The LWAPP dissector could crash. ([12]Bug 14467)
     * [13]wnpa-sec-2018-21
       The TCP dissector could crash. ([14]Bug 14472)
     * [15]wnpa-sec-2018-22
       The CQL dissector could to into an infinite loop. ([16]Bug 14530)
     * [17]wnpa-sec-2018-23
       The Kerberos dissector could crash. ([18]Bug 14576)
     * [19]wnpa-sec-2018-24
       Multiple dissectors and other modules could leak memory. The TN3270
       ([20]Bug 14480), ISUP ([21]Bug 14481), LAPD ([22]Bug 14482), SMB2
       ([23]Bug 14483), GIOP ([24]Bug 14484), ASN.1 ([25]Bug 14485), MIME
       multipart ([26]Bug 14486), H.223 ([27]Bug 14487), and PCP ([28]Bug
       14488) dissectors were susceptible along with Wireshark and TShark
       ([29]Bug 14489).

   The following bugs have been fixed:
     * TRANSUM doesn't account for DNS retries in the Request Spread.
       ([30]Bug 14210)
     * BGP: IPv6 NLRI is received with Add-path ID, then Wireshark is not
       able to decode the packet correctly. ([31]Bug 14241)
     * Lua script calling Ethernet dissector runs OK in 1.12.4 but crashes
       in later releases. ([32]Bug 14293)
     * PEEKREMOTE dissector lacks 80mhz support, short preamble support
       and spatial streams encoding. ([33]Bug 14452)
     * Statistics > UDP Multicast Streams > [Copy|Save as..] is broken.
       ([34]Bug 14477)
     * Typo error in enumeration value of speech version identifier.
       ([35]Bug 14528)
     * In "Unsaved packets" dialog one can NOT use keyboard to choose
       "Continue without Saving". ([36]Bug 14531)
     * WCCP logical error in CHECK_LENGTH_ADVANCE_OFFSET macros. ([37]Bug
       14538)

     * Buildbot crash output: fuzz-2018-03-19-19114.pcap. ([38]Bug 14544)
     * alloca() used in wsutil/getopt_long.c without <alloca.h> inclusion.
       ([39]Bug 14552)
     * HP-UX HP ANSI C requires -Wp,-H200000 flag to compile. ([40]Bug
       14554)
     * Makefile.in uses non-portable "install" command. ([41]Bug 14555)
     * HP-UX HP ANSI C doesn't support assigning {} to a variable in
       epan/app_mem_usage.c. ([42]Bug 14556)
     * PPP in SSTP, HDLC framing not parsed properly. ([43]Bug 14559)
     * Using the DIAMETER dictionary causes the standard input to be
       closed when the dictionary is read. ([44]Bug 14577)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   6LoWPAN, ADB, BGP, CQL, DNS, Ethernet, GIOP, GSM BSSMAP, H.223, IEEE
   802.11, IEEE 802.11 Radiotap, IEEE 802.15.4, ISUP, Kerberos, LAPD,
   LWAPP, MIME multipart, MP4, NBAP, NORDIC_BLE, PCP, PEEKREMOTE, S1AP,
   SMB2, SSTP, T.30, TCP, TN3270, TRANSUM, VLAN, WCCP, and WSP

  New and Updated Capture File Support
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [45]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [46]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([47]Bug 1419)

   The BER dissector might infinitely loop. ([48]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([49]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([50]Bug 2234)

   Application crash when changing real-time option. ([51]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([52]Bug 4985)

   Wireshark should let you work with multiple capture files. ([53]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [54]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [55]the web site.

   Official Wireshark training and certification are available from
   [56]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [57]Wireshark web site.
     __________________________________________________________________

   Last updated 2018-04-03 20:02:27 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2018-15.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
   3. https://www.wireshark.org/security/wnpa-sec-2018-16.html
   4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14460
   5. https://www.wireshark.org/security/wnpa-sec-2018-17.html
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468
   7. https://www.wireshark.org/security/wnpa-sec-2018-18.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471
   9. https://www.wireshark.org/security/wnpa-sec-2018-19.html
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14469
  11. https://www.wireshark.org/security/wnpa-sec-2018-20.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14467
  13. https://www.wireshark.org/security/wnpa-sec-2018-21.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14472
  15. https://www.wireshark.org/security/wnpa-sec-2018-22.html
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14530
  17. https://www.wireshark.org/security/wnpa-sec-2018-23.html
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576
  19. https://www.wireshark.org/security/wnpa-sec-2018-24.html
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14480
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14481
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14482
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14483
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14484
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14485
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14486
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14488
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14489
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14210
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14241
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14293
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14452
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14477
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14528
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14531
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14538
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14544
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14552
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14554
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14555
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14556
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14559
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14577
  45. https://www.wireshark.org/download.html
  46. https://www.wireshark.org/download.html#thirdparty
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  54. https://ask.wireshark.org/
  55. https://www.wireshark.org/lists/
  56. http://www.wiresharktraining.com/
  57. https://www.wireshark.org/faq.html


Digests

wireshark-2.4.6.tar.xz: 28851192 bytes
SHA256(wireshark-2.4.6.tar.xz)=8e965fd282bc0c09e7c4eba5f08a555d0ccf40a7d1544b939e01b90bc893d5fe
RIPEMD160(wireshark-2.4.6.tar.xz)=4d58798dfbb5a6567a731e0d6308e1dca3c859ee
SHA1(wireshark-2.4.6.tar.xz)=25ba24628acfc12d7541298255f50e8034e694b7

Wireshark-win64-2.4.6.exe: 57924080 bytes
SHA256(Wireshark-win64-2.4.6.exe)=025c68ae6ac5a4ae146ba8318f596089859c9d5d890b688ed8c1498745779412
RIPEMD160(Wireshark-win64-2.4.6.exe)=d861ae68de77ede9c07ce5ca8126ccadb2ccbe94
SHA1(Wireshark-win64-2.4.6.exe)=5f57fe6ff476b619eb83ff4e8d18b6ffca6f0afb

Wireshark-win32-2.4.6.exe: 52729424 bytes
SHA256(Wireshark-win32-2.4.6.exe)=6395ca0265207dcdcb1080073591968dec2711cbea27708efb83bbd6c3a32235
RIPEMD160(Wireshark-win32-2.4.6.exe)=6bc69510b01a9cc1199d2f813d996a692d2f1cb2
SHA1(Wireshark-win32-2.4.6.exe)=a4e3855757d7a92e29b7e2217cf297b589f9e5e9

Wireshark-win32-2.4.6.msi: 41992192 bytes
SHA256(Wireshark-win32-2.4.6.msi)=6efc9545528c76166e00942a2e7ef334c06ff7de15c450d9d685c9a0ffe8936d
RIPEMD160(Wireshark-win32-2.4.6.msi)=afc7b83b434df048b2b645b68ba6b28fc2ef2ff4
SHA1(Wireshark-win32-2.4.6.msi)=667c7f3bc788cdff4b3875c7e709d199b63da2ce

Wireshark-win64-2.4.6.msi: 47026176 bytes
SHA256(Wireshark-win64-2.4.6.msi)=c4b6cac3c8a8814fc9bb6e19a28a467b26067bc0a661150e7018f8923e43d535
RIPEMD160(Wireshark-win64-2.4.6.msi)=76b331d59b0ee1b7b29ccac0c9865094e7f1622f
SHA1(Wireshark-win64-2.4.6.msi)=2a67f3d3ba177686794cf1ff3e64cfd56541c217

WiresharkPortable_2.4.6.paf.exe: 45406800 bytes
SHA256(WiresharkPortable_2.4.6.paf.exe)=bcf10c20f0bfc0ebace4bbfd4022cdc69e642bbe27128a01a3b5bb3f6e532fc3
RIPEMD160(WiresharkPortable_2.4.6.paf.exe)=cd01b4e5aa81f7c3543b6c78224900c1890f0909
SHA1(WiresharkPortable_2.4.6.paf.exe)=7425c8a3f5eb8efa0304b7ac10acc598e3b6eb54

Wireshark 2.4.6 Intel 64.dmg: 42490725 bytes
SHA256(Wireshark 2.4.6 Intel
64.dmg)=0e51f0c7892422df8a755044344cb9f01d4b2bbc9f90bcc63fb4a791000106f8
RIPEMD160(Wireshark 2.4.6 Intel
64.dmg)=7ca143bacb1ee969709c8933fd1d29127be687e1
SHA1(Wireshark 2.4.6 Intel 64.dmg)=5845d6ebe392ec1094c4e4297dd79807a3bab114

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWsWuBYx+lLeg9Ub1AQgeqw//XtnYEmvMqZz6GKt1M5nlE+dgdCk/7mh1
jVMfYjJZ6qGisWWsXFlTuOQwoNGrW0aLIcDFW7Xzdbg7+o7y5HVvV+QGGx+wx1+P
x3hD7rkz6lTKY3TQFnMA7oAmi15ihX6frlI94WpLNjnsb6DZXudyFs1Ud5AYJhFk
vWQS10PSjY7q9dQpzQIRO9AnLeNxczEvfft0G8OHeXyR2/6Cz21B1hM40G9YyI3/
EV5cchkuoQTVjsfyeL2ij1oMIdp7m1qRezUoLPgKvafv9L0HXan9IRINWpj2PrVu
5Roer1rkCN0+bWJ0sYvrh0CLDrNPpR+EolYm4YzeqX4T+alzilkspE1w1UZrWrvu
5aaoJZ0rSXNK7JfHMZL/RaUin3xOpCIc9RiKdggXXBHve0m4VPURqeR/K2h1R9VO
foUjNCU7qYmcjgY0LF/aQL1xscJmwmyHTCf45E8IopCOCZp12L82ylBUKF9oaOus
fRHuMXHks/2VcwWjGFlzJHeSv+l+XrXy4hJYx/MQN2kDGXpeklumgyJRm3owQ/NY
oEtNoWyxoTtbtz5lR8naVp5NeNkDrc2M6MzuAZXMYp6nhP3BKV/V6QcNB0ACFe/5
dzzhhzlcDYSF0G8l9AT/bPpEeXQ1H+Z7rAR9P3D+7IQP274DUFyMeJSkbYhyZ52R
Fgj7InXPRx0=
=UXFU
-----END PGP SIGNATURE-----

« Back to bulletins