ESB-2018.2567 - [Win][UNIX/Linux] Wireshark: Denial of service - Remote with user interaction 2018-08-30

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2567
               Wireshark new releases - 2.2.17, 2.4.9, 2.6.3
                              30 August 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Wireshark
Publisher:         Wireshark
Operating System:  Windows
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Denial of Service -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-16058 CVE-2018-16057 CVE-2018-16056

Original Bulletin: 
   https://www.wireshark.org/lists/wireshark-announce/201808/msg00002.html
   https://www.wireshark.org/lists/wireshark-announce/201808/msg00001.html
   https://www.wireshark.org/lists/wireshark-announce/201808/msg00000.html

Comment: This bulletin contains three (3) Wireshark security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

I'm proud to announce the release of Wireshark 2.2.17.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

   This is the final release of Wireshark 2.2. It will reach its official
   end of life on September 7, 2018. If you are still using Wireshark 2.2
   you are encouraged to upgrade to Wireshark 2.6.

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-44
       Bluetooth AVDTP dissector crash. [2]Bug 14884. [3]CVE-2018-16058.
     * [4]wnpa-sec-2018-45
       Bluetooth Attribute Protocol dissector crash. [5]Bug 14994.
       [6]CVE-2018-16056.
     * [7]wnpa-sec-2018-46
       Radiotap dissector crash. [8]Bug 15022. [9]CVE-2018-16057.

   The following bugs have been fixed:
     * udpdump frame too long error. [10]Bug 14989.
     * ASTERIX Category 062 / 135 Altitude has wrong value. [11]Bug 15030.
     * Wireshark cannot decrypt SSL/TLS session if it was proxied over
       HTTP tunnel. [12]Bug 15042.
     * TLS records in a HTTP tunnel are displayed as "Encrypted Handshake
       Message". [13]Bug 15043.
     * Diameter AVP User Location Info, Mobile Network Code decoded not
       correctly. [14]Bug 15068.
     * Heartbeat message "Info" displayed without comma separator. [15]Bug
       15079.

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASTERIX, Bluetooth ATT, Bluetooth AVDTP, DTLS, E.212, HTTP, K12, and
   Radiotap

  New and Updated Capture File Support

   pcapng

  New and Updated Capture Interfaces support

   ciscodump

  Major API Changes

   There are no major API changes in this release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [16]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [17]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([18]Bug 1419)

   The BER dissector might infinitely loop. ([19]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([20]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([21]Bug 2234)

   Application crash when changing real-time option. ([22]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([23]Bug 4985)

   Wireshark should let you work with multiple capture files. ([24]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [25]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [26]the web site.

   Official Wireshark training and certification are available from
   [27]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [28]Wireshark web site.
     __________________________________________________________________

   Last updated 2018-08-29 16:53:25 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2018-44.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16058
   4. https://www.wireshark.org/security/wnpa-sec-2018-45.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16056
   7. https://www.wireshark.org/security/wnpa-sec-2018-46.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16057
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15030
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15042
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15043
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15068
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079
  16. https://www.wireshark.org/download.html
  17. https://www.wireshark.org/download.html#thirdparty
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  25. https://ask.wireshark.org/
  26. https://www.wireshark.org/lists/
  27. http://www.wiresharktraining.com/
  28. https://www.wireshark.org/faq.html


Digests

wireshark-2.2.17.tar.bz2: 32551027 bytes
SHA256(wireshark-2.2.17.tar.bz2)=923d39ff9c6df83b9594868542061da33bf330e12526778a8cb3adcf912eebb0
RIPEMD160(wireshark-2.2.17.tar.bz2)=06086c787720d126be5d47411b601ff59d9f4ba9
SHA1(wireshark-2.2.17.tar.bz2)=ed21da5b2348d47560481937243821ce1faab724

Wireshark-win64-2.2.17.exe: 56211152 bytes
SHA256(Wireshark-win64-2.2.17.exe)=49df6f1b64a9d68b4c6c2491781b74f2f09f71fd616d2ddbd8f413bab2aad413
RIPEMD160(Wireshark-win64-2.2.17.exe)=e80720bd8c0c0dbaf1a02215b3f2f29a3c110585
SHA1(Wireshark-win64-2.2.17.exe)=2f0864c932aaecb887ed14a67ec8a033b2ad411c

Wireshark-win32-2.2.17.exe: 44707592 bytes
SHA256(Wireshark-win32-2.2.17.exe)=e50bf2aa9560c3a1052a9179f26f729acf27e929836d98937605d14b69fe2f2f
RIPEMD160(Wireshark-win32-2.2.17.exe)=c796a9bf7dd0f1a481fc0d7698bf842c9ddb4a29
SHA1(Wireshark-win32-2.2.17.exe)=c86f0622740d07e25ccd5e02c215392ec3f6d4ce

WiresharkPortable_2.2.17.paf.exe: 46336584 bytes
SHA256(WiresharkPortable_2.2.17.paf.exe)=1e627c1422e127ab5d558b60e321297d3391b35cbb370afa4fcc8a5fea128819
RIPEMD160(WiresharkPortable_2.2.17.paf.exe)=7c2f118739fdc5feeef3f75b1876f948c1c39de0
SHA1(WiresharkPortable_2.2.17.paf.exe)=a7d445f6f980cd69504f2b8d452258031a906f1c

Wireshark 2.2.17 Intel 64.dmg: 40014949 bytes
SHA256(Wireshark 2.2.17 Intel
64.dmg)=fb58dd8ab1eae1d5665c340decb8e30f00d1dd1ec899330239a58d8b141ba1e5
RIPEMD160(Wireshark 2.2.17 Intel
64.dmg)=8e006530f1594216d7fc20d637a8c8ab50a12e24
SHA1(Wireshark 2.2.17 Intel 64.dmg)=9bec5f176a2347bd9c76760405d24a3a7e5f27a6

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

- -------------------------------------------------------------------------------

I'm proud to announce the release of Wireshark 2.4.9.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2018-44
       Bluetooth AVDTP dissector crash. [2]Bug 14884. [3]CVE-2018-16058.
     * [4]wnpa-sec-2018-45
       Bluetooth Attribute Protocol dissector crash. [5]Bug 14994.
       [6]CVE-2018-16056.
     * [7]wnpa-sec-2018-46
       Radiotap dissector crash. [8]Bug 15022. [9]CVE-2018-16057.

   The following bugs have been fixed:
     * Incorrect presentation of dissected data item (NETMASK) in ISAKMP
       dissector. [10]Bug 14987.
     * udpdump frame too long error. [11]Bug 14989.
     * ASTERIX Category 062 / 135 Altitude has wrong value. [12]Bug 15030.
     * Wireshark cannot decrypt SSL/TLS session if it was proxied over
       HTTP tunnel. [13]Bug 15042.
     * TLS records in a HTTP tunnel are displayed as "Encrypted Handshake
       Message". [14]Bug 15043.
     * BTATT Dissector: Temperature Measurement: Celsius and Fahrenheit
       swapped. [15]Bug 15058.
     * Diameter AVP User Location Info, Mobile Network Code decoded not
       correctly. [16]Bug 15068.
     * Heartbeat message "Info" displayed without comma separator. [17]Bug
       15079.
     * DTAP CC Start DTMF keypad information parsing error. [18]Bug 15088.

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASTERIX, Bluetooth ATT, Bluetooth AVDTP, DHCP, DTLS, E.212, HTTP,
   ISAKMP, K12, Nordic BLE, Radiotap, and SSL

  New and Updated Capture File Support

   pcapng

  New and Updated Capture Interfaces support

   ciscodump udpdump
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [19]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [20]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([21]Bug 1419)

   The BER dissector might infinitely loop. ([22]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([23]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([24]Bug 2234)

   Application crash when changing real-time option. ([25]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([26]Bug 4985)

   Wireshark should let you work with multiple capture files. ([27]Bug
   10488)
     __________________________________________________________________

Getting Help

   Community support is available on [28]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [29]the web site.

   Official Wireshark training and certification are available from
   [30]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [31]Wireshark web site.
     __________________________________________________________________

   Last updated 2018-08-29 16:51:51 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2018-44.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16058
   4. https://www.wireshark.org/security/wnpa-sec-2018-45.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16056
   7. https://www.wireshark.org/security/wnpa-sec-2018-46.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
   9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16057
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14987
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15030
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15042
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15043
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15058
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15068
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15088
  19. https://www.wireshark.org/download.html
  20. https://www.wireshark.org/download.html#thirdparty
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  28. https://ask.wireshark.org/
  29. https://www.wireshark.org/lists/
  30. http://www.wiresharktraining.com/
  31. https://www.wireshark.org/faq.html


Digests

wireshark-2.4.9.tar.xz: 29094756 bytes
SHA256(wireshark-2.4.9.tar.xz)=63c4f24665269536f0e2ec321d394336fef6ba12466241a0e2433e936ac633e3
RIPEMD160(wireshark-2.4.9.tar.xz)=410212dcbcac97dd9942f947ad34419779ee3e1d
SHA1(wireshark-2.4.9.tar.xz)=631db6203d21ca5512b8bf6b9239e48d6b492b53

Wireshark-win32-2.4.9.exe: 52756664 bytes
SHA256(Wireshark-win32-2.4.9.exe)=15b60c8cda9ec0812c64160f4813ef681d4adcf6fae4dd251634c02875f813fd
RIPEMD160(Wireshark-win32-2.4.9.exe)=a8581d13814e43e5d245325f3d2cafb566697df9
SHA1(Wireshark-win32-2.4.9.exe)=97a50913671ef8a2c5d9be835ca42b4bb0ee5025

Wireshark-win64-2.4.9.exe: 57971840 bytes
SHA256(Wireshark-win64-2.4.9.exe)=05d6631a9a9bcaeea117ae39be2578b7faf2d5d3b22d85c9cfb93c09fa9e4aa3
RIPEMD160(Wireshark-win64-2.4.9.exe)=7e62a320384af7724883f29778687fbed39de249
SHA1(Wireshark-win64-2.4.9.exe)=b344d04cff80f7a4546e83b690092fb18a2ae963

Wireshark-win32-2.4.9.msi: 42008576 bytes
SHA256(Wireshark-win32-2.4.9.msi)=ce3ee23968b5bb6985a3e0b04ea17ea4d0eeec4cb97c4d24eb06073281d36c17
RIPEMD160(Wireshark-win32-2.4.9.msi)=bf24cea6f0525f5c2b9503655039bddb51c584b7
SHA1(Wireshark-win32-2.4.9.msi)=57c79bcb5d39b8d30c88f34dfba7dbb53455983f

Wireshark-win64-2.4.9.msi: 47075328 bytes
SHA256(Wireshark-win64-2.4.9.msi)=79529af55a04940e6e8c93324189ba1c47c7bae900ff730e4d182179bcebd043
RIPEMD160(Wireshark-win64-2.4.9.msi)=e49919ca51a168789bef6d6fc42144956db3089c
SHA1(Wireshark-win64-2.4.9.msi)=8489b8a3e192bebec3f0da98d10937c48dc8de59

WiresharkPortable_2.4.9.paf.exe: 45431688 bytes
SHA256(WiresharkPortable_2.4.9.paf.exe)=ed5e185adb6a1265b6ca536cea755494e52770a89c33c615286cb66e8720d9e8
RIPEMD160(WiresharkPortable_2.4.9.paf.exe)=7631187b5126f0bdf0372e652b4dbe329b96ed91
SHA1(WiresharkPortable_2.4.9.paf.exe)=117e3e28b07888f6b87a486f86c50d01b1bd3801

Wireshark 2.4.9 Intel 64.dmg: 42532464 bytes
SHA256(Wireshark 2.4.9 Intel
64.dmg)=52869e0ab8e85a949512c334c622f5250248623630a89b4dd70298fd3bf92a65
RIPEMD160(Wireshark 2.4.9 Intel
64.dmg)=6f52debc382057cbbf076c3b77bea82a49fd690b
SHA1(Wireshark 2.4.9 Intel 64.dmg)=fb4177f8b015d7482b33eea88f908f0f64f96caa

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

- -------------------------------------------------------------------------------

I'm proud to announce the release of Wireshark 2.6.3.


 What is Wireshark?

  Wireshark is the world's most popular network protocol analyzer. It is
  used for troubleshooting, analysis, development and education.

 What's New

  Bug Fixes

   The following vulnerabilities have been fixed:

     * wnpa-sec-2018-44[1] Bluetooth AVDTP dissector crash. Bug 14884[2].
       CVE-2018-16058[3].

     * wnpa-sec-2018-45[4] Bluetooth Attribute Protocol dissector crash.
       Bug 14994[5]. CVE-2018-16056[6].

     * wnpa-sec-2018-46[7] Radiotap dissector crash. Bug 15022[8].
       CVE-2018-16057[9].

   The following bugs have been fixed:

     * Wireshark Hangs on startup initializing external capture plugins.
       Bug 14657[10].

     * Qt: SCTP Analyse Association Dialog: Segmentation fault when
       clicking twice the Filter Association button. Bug 14970[11].

     * Incorrect presentation of dissected data item (NETMASK) in ISAKMP
       dissector. Bug 14987[12].

     * Decode NFAPI: CONFIG.request Error. Bug 14988[13].

     * udpdump frame too long error. Bug 14989[14].

     * ISDN - LAPD dissector broken since version 2.5.0. Bug 15018[15].

     * ASTERIX Category 062 / 135 Altitude has wrong value. Bug
       15030[16].

     * Wireshark cannot decrypt SSL/TLS session if it was proxied over
       HTTP tunnel. Bug 15042[17].

     * TLS records in a HTTP tunnel are displayed as "Encrypted
       Handshake Message". Bug 15043[18].

     * BTATT Dissector: Temperature Measurement: Celsius and Fahrenheit
       swapped. Bug 15058[19].

     * Diameter AVP User Location Info, Mobile Network Code decoded not
       correctly. Bug 15068[20].

     * Heartbeat message "Info" displayed without comma separator. Bug
       15079[21].

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASTERIX, Bluetooth, Bluetooth ATT, Bluetooth AVDTP, DHCP, DTLS,
   E.212, FP, GSM A RR, HTTP, HTTP2, IEEE 802.11, ISAKMP, ISDN, K12,
   NFAPI, Nordic BLE, PFCP, Radiotap, SSL, Steam IHS Discovery, and TLS
   1.3

  New and Updated Capture File Support

   pcapng

  New and Updated Capture Interfaces support

   ciscodump, udpdump

 Getting Wireshark

  Wireshark source code and installation packages are available from
  https://www.wireshark.org/download.html[22].

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can
   be found on the download page[23] on the Wireshark web site.

 File Locations

  Wireshark and TShark look in several different locations for
  preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
  locations vary from platform to platform. You can use About->Folders to
  find the default locations on your system.

 Known Problems

  The BER dissector might infinitely loop. Bug 1516[24].

  Capture filters aren't applied when capturing from named pipes. Bug
  1814[25].

  Filtering tshark captures with read filters (-R) no longer works. Bug
  2234[26].

  Application crash when changing real-time option. Bug 4035[27].

  Wireshark and TShark will display incorrect delta times in some cases.
  Bug 4985[28].

  Wireshark should let you work with multiple capture files. Bug
  10488[29].

 Getting Help

  Community support is available on Wireshark's Q&A site[30] and on the
  wireshark-users mailing list. Subscription information and archives
  for all of Wireshark's mailing lists can be found on the web site[31].

  Official Wireshark training and certification are available from
  Wireshark University[32].

 Frequently Asked Questions

  A complete FAQ is available on the Wireshark web site[33].

  Last updated 2018-08-29 16:49:22 UTC

 References

   1. https://www.wireshark.org/security/wnpa-sec-2018-44
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
   3. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16058
   4. https://www.wireshark.org/security/wnpa-sec-2018-45
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
   6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16056
   7. https://www.wireshark.org/security/wnpa-sec-2018-46
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
   9. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16057
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14657
  11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14970
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14987
  13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14988
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14989
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15018
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15030
  17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15042
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15043
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15058
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15068
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15079
  22. https://www.wireshark.org/download.html
  23. https://www.wireshark.org/download.html#thirdparty
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  30. https://ask.wireshark.org/
  31. https://www.wireshark.org/lists/
  32. http://www.wiresharktraining.com/
  33. https://www.wireshark.org/faq.html


Digests

wireshark-2.6.3.tar.xz: 28384004 bytes
SHA256(wireshark-2.6.3.tar.xz)=d158a8a626dc0997a826cf12b5316a3d393fb9f93d84cc86e75b212f0044a3ec
RIPEMD160(wireshark-2.6.3.tar.xz)=74a558e7a004c64ff118870d525025beda4a665d
SHA1(wireshark-2.6.3.tar.xz)=d239fd091d59968ac8a1b42b28e61aeef09c20b7

Wireshark-win64-2.6.3.exe: 60001560 bytes
SHA256(Wireshark-win64-2.6.3.exe)=40701d569f75ba08bd3fb9d79e6841095d6d3001e5d8f1e9f50c996bcf0657ff
RIPEMD160(Wireshark-win64-2.6.3.exe)=d2068b7c1d7a95a2d57470ae7831fd988b5183a6
SHA1(Wireshark-win64-2.6.3.exe)=800bc4d9b6a8b1d96844e706863f0e636839b5cc

Wireshark-win32-2.6.3.exe: 54282456 bytes
SHA256(Wireshark-win32-2.6.3.exe)=3b1519d04d982220941a9fff03af74110b68fbe7f1cedd79ad3f097593c5f456
RIPEMD160(Wireshark-win32-2.6.3.exe)=b86dc149ca96f7e1efca3e6c7439ae41d9553e19
SHA1(Wireshark-win32-2.6.3.exe)=cad7ba639d2e7f538eee4b771ed3e6f1c763da25

Wireshark-win64-2.6.3.msi: 49381376 bytes
SHA256(Wireshark-win64-2.6.3.msi)=93e31bc9ec4871475d7ca1c608507e6b9815f7a767cd10aa9cc33dbd078fbd1c
RIPEMD160(Wireshark-win64-2.6.3.msi)=dd4f223c7f471fc482c9f1fc80de1a805c2bd375
SHA1(Wireshark-win64-2.6.3.msi)=78e267546f13596ffedd2d94c6a58c0b99e7dec9

Wireshark-win32-2.6.3.msi: 43741184 bytes
SHA256(Wireshark-win32-2.6.3.msi)=063232cde36dbce1a8a73abf26aacec94798b3d42af4cd423a30c6cc6834c762
RIPEMD160(Wireshark-win32-2.6.3.msi)=9270a9c45c862891c88a07961bbb1a247dee5909
SHA1(Wireshark-win32-2.6.3.msi)=ad302be6a55731d676756d5dc60b6de355f311ff

WiresharkPortable_2.6.3.paf.exe: 37485464 bytes
SHA256(WiresharkPortable_2.6.3.paf.exe)=419a784a070adbb261991eada51e489f704e13808fcd7516b0edb5c6d91a8480
RIPEMD160(WiresharkPortable_2.6.3.paf.exe)=fe4926b7abb83a28bf327de345f2eca10bcc510d
SHA1(WiresharkPortable_2.6.3.paf.exe)=6218dff001e2e1ac8a733f8a82e878622b9647fc

Wireshark 2.6.3 Intel 64.dmg: 169056690 bytes
SHA256(Wireshark 2.6.3 Intel
64.dmg)=5f919d58ba1286631f2a878d7ec5acf430680f57d3d630d76e096077b4494418
RIPEMD160(Wireshark 2.6.3 Intel
64.dmg)=4e35d92b01e15f2500b6f7e4ad8f1225a518c183
SHA1(Wireshark 2.6.3 Intel 64.dmg)=5809c04cdda26e124027bb55d318c99dfd61b008

You can validate these hashes using the following commands (among others):

    Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256
    Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz
    macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg"
    Other: openssl sha256 wireshark-x.y.z.tar.xz

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW4dlxGaOgq3Tt24GAQjP8RAAlguRSFDUNOze53VJWuQ/+Y/f5RubEBf8
Ph1Tng4k8Aiqz1rP6ZGtH2xxt8B2bA2Ps6wcBO91Xjz7bbtj/abTFLv9h8qVNcwp
fpk4xuBl1CIvRV85e1beRXVjc9CtBDruhqKtbkOTEIEFDdkLfG5u6p4b8u3KFBva
T/2fmbUy4ex7j4yZlOZ7xXNWmBjCs/ljVFsOWuNwypTUf9j/wGNj86zWRh+M5TwN
tsuGtZxg4cXYR+C/Fe9GciIgPmYG0Is+bilpE8javpklwgX0B56mw1j8J1TJtica
LpKI4Y/v39tMbRPMKdxnNkfCcnt8qjGYikElO++Ncqy3PokCIoDK6fbsLXjV4vCU
SXlsqLN+xXwfUpBVouyv9/Idki5yv2Wtry2WVkIhmk6aLHKJdCDpX7xp5TSpAaNe
WPdzdpwbb+IXYFeddsf2CQU13hnpwpzAb4u3X72gRp1AcdsxA/S/YWIy3JixTINz
W9lnJ3+SHd6vgSKPazjNEyw4CyJIpODv/O4xiEv4aEG/BYuSDgS1zL7xiVa0DC7f
6hQCdsbOG1ZJPmJCmns9Y8IX5QTQyXSzI4Nx8uAq0vo1mKUEO5HFZ9HCNw8nrUwD
1u0NZpIWNGGWzxxcyl+IEnXEloy+AXC4NT92Blu70nZn9QLv5H6RCDQoZwkEM/vz
7WtFX/ifN10=
=njeX
-----END PGP SIGNATURE-----

« Back to bulletins