-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2016.1838.2
                     Wireshark 2.0.5 is now available
                              15 August 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Wireshark
Publisher:        Wireshark
Operating System: Windows
                  UNIX variants (UNIX, Linux, OSX)
Impact/Access:    Denial of Service -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2016-6511 CVE-2016-6510 CVE-2016-6509
                  CVE-2016-6508 CVE-2016-6507 CVE-2016-6506
                  CVE-2016-6505  

Revision History: August 15 2016: Added CVEs
                  July   28 2016: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I'm proud to announce the release of Wireshark 2.0.5.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2016-39
       CORBA IDL dissector crash on 64-bit Windows. ([2]Bug 12495)
     * [3]wnpa-sec-2016-41
       PacketBB crash. ([4]Bug 12577)
     * [5]wnpa-sec-2016-42
       WSP infinite loop. ([6]Bug 12594)
     * [7]wnpa-sec-2016-44
       RLC long loop. ([8]Bug 12660)
     * [9]wnpa-sec-2016-45
       LDSS dissector crash. ([10]Bug 12662)
     * [11]wnpa-sec-2016-46
       RLC dissector crash. ([12]Bug 12664)
     * [13]wnpa-sec-2016-47
       OpenFlow long loop. ([14]Bug 12659)
     * [15]wnpa-sec-2016-48
       MMSE, WAP, WBXML, and WSP infinite loop. ([16]Bug 12661)
     * [17]wnpa-sec-2016-49
       WBXML crash. ([18]Bug 12663)

   The following bugs have been fixed:
     * T30 FCF byte decoding masks DTC, CIG and NCS. ([19]Bug 1918)
     * TShark crashes with option "-z io,stat,..." in the presence of
       negative relative packet timestamps. ([20]Bug 9014)
     * Packet size limited during capture msg is repeated in the Info
       column. ([21]Bug 9826)
     * Wireshark loses windows decorations on second screen when
       restarting maximized using GNOME. ([22]Bug 11303)
     * Cannot launch GTK+ version of wireshark as a normal user. ([23]Bug
       11400)
     * Restart current capture fails with "no interface selected" error
       when capturing in promiscuous mode. ([24]Bug 11834)
     * Add field completion suggestions when adding a Display filter or Y
       Field to the IO Graph. ([25]Bug 11899)
     * Wireshark Qt always indicates locale as "C". ([26]Bug 11960)
     * Wireshark crashes every time open Statistics -> Conversations |
       Endpoints. ([27]Bug 12288)
     * Find function within the conversations window does not work.
       ([28]Bug 12363)
     * Invalid values for USB SET_REQUEST packets. ([29]Bug 12511)
     * Display filter dropdown hides cursor. ([30]Bug 12520)
     * Filter for field name tcp.options.wscale.multiplier cannot exceed
       255. ([31]Bug 12525)
     * Ctrl+ shortcuts that are not text-related do not work when focus is
       on display filter field. ([32]Bug 12533)
     * Closing Statistics window results in black screen. ([33]Bug 12544)
     * OSPF: Incorrect description of N/P-bit in NSSA LSA. ([34]Bug 12555)
     * Inconsistent VHT data rate. ([35]Bug 12558)
     * DCE/RPC malformed error when stub-data is missing but a
       sub-dissector has been registered. ([36]Bug 12561)
     * Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length
       is larger than 239 bytes. ([37]Bug 12568)
     * "Edit Resolved Name" is not saved in current pcapng file. ([38]Bug
       12629)
     * MPTCP: MP_JOIN B bit not decoded correctly. ([39]Bug 12635)
     * MPTCP MP_PRIO header with AddrID: incorrect AddrID. ([40]Bug 12641)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge,
   LDSS, MPTCP, OSPF, PacketBB, PRP, RLC, RMT-FEC, RSVP, RTP MIDI, T.30,
   TDS, USB, WAP, WBXML, WiMax RNG-RSP, and WSP

  New and Updated Capture File Support

   and pcapng

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [41]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [42]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([43]Bug 1419)

   The BER dissector might infinitely loop. ([44]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([45]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([46]Bug 2234)

   Resolving ([47]Bug 9044) reopens ([48]Bug 3528) so that Wireshark no
   longer automatically decodes gzip data when following a TCP stream.

   Application crash when changing real-time option. ([49]Bug 4035)

   Hex pane display issue after startup. ([50]Bug 4056)

   Packet list rows are oversized. ([51]Bug 4357)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([52]Bug 4985)

   The 64-bit version of Wireshark will leak memory on Windows when the
   display depth is set to 16 bits ([53]Bug 9914)

   Wireshark should let you work with multiple capture files. ([54]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([55]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [56]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [57]the web site.

   Official Wireshark training and certification are available from
   [58]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [59]Wireshark web site.
     __________________________________________________________________

   Last updated 2016-07-27 19:30:09 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2016-39.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495
   3. https://www.wireshark.org/security/wnpa-sec-2016-41.html
   4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12577
   5. https://www.wireshark.org/security/wnpa-sec-2016-42.html
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594
   7. https://www.wireshark.org/security/wnpa-sec-2016-44.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660
   9. https://www.wireshark.org/security/wnpa-sec-2016-45.html
  10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662
  11. https://www.wireshark.org/security/wnpa-sec-2016-46.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
  13. https://www.wireshark.org/security/wnpa-sec-2016-47.html
  14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659
  15. https://www.wireshark.org/security/wnpa-sec-2016-48.html
  16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
  17. https://www.wireshark.org/security/wnpa-sec-2016-49.html
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
  19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1918
  20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9014
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9826
  22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11303
  23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11400
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11834
  25. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11899
  26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11960
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12288
  28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12363
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12511
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12520
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12525
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12533
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12544
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12555
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12558
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12561
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12568
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12629
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12635
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12641
  41. https://www.wireshark.org/download.html
  42. https://www.wireshark.org/download.html#thirdparty
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9914
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036
  56. https://ask.wireshark.org/
  57. https://www.wireshark.org/lists/
  58. http://www.wiresharktraining.com/
  59. https://www.wireshark.org/faq.html


Digests

wireshark-2.0.5.tar.bz2: 31124989 bytes
SHA256(wireshark-2.0.5.tar.bz2)=0ce0241330828973f5b4efee422a3760cab8ce0b41e7721c4b9fd185be1bb10b
RIPEMD160(wireshark-2.0.5.tar.bz2)=6b6755986c23fd195ddda9344d340a132439420c
SHA1(wireshark-2.0.5.tar.bz2)=ab77c632d8babf731bf0ecac0876fe3ff2923d04
MD5(wireshark-2.0.5.tar.bz2)=627b5fc6cf0aeca196c75debd5e69b14

Wireshark-win32-2.0.5.exe: 43980792 bytes
SHA256(Wireshark-win32-2.0.5.exe)=6c382691dc1ab2da1c5efd02ab03c38babf30d39f31285fc55602ca6135ce593
RIPEMD160(Wireshark-win32-2.0.5.exe)=df40554004d3ada5e8bcd35442abe5a7ff9cf401
SHA1(Wireshark-win32-2.0.5.exe)=eb31d6492db724089667c2a4a7ab3fa18d075e0b
MD5(Wireshark-win32-2.0.5.exe)=cf50a5bc2872d97e43b89fe151e7d3be

Wireshark-win64-2.0.5.exe: 47611856 bytes
SHA256(Wireshark-win64-2.0.5.exe)=e5f923ec8541dae548536bf9fd1505e344025240d677b7914ab8b0314f93d03c
RIPEMD160(Wireshark-win64-2.0.5.exe)=583e8b325bcc8472cb241a051314b3e1d41e7cff
SHA1(Wireshark-win64-2.0.5.exe)=2295d1d0643d1d33916036f574896924b640380e
MD5(Wireshark-win64-2.0.5.exe)=168626a41abca4e94021e46413ff772a

WiresharkPortable_2.0.5.paf.exe: 43667584 bytes
SHA256(WiresharkPortable_2.0.5.paf.exe)=b9b11fda813ecdd8d7bb0a5a04ffd69c2a62ffa35e2ab558645db9096713f1af
RIPEMD160(WiresharkPortable_2.0.5.paf.exe)=b852a809cf6d3f428fde4e69bdedbbfe4981d3f3
SHA1(WiresharkPortable_2.0.5.paf.exe)=ba09f8afc89e0466b0a43788b6b64b049da9ca16
MD5(WiresharkPortable_2.0.5.paf.exe)=b14eb13faa7e9d420423fd8b5b09c608

Wireshark 2.0.5 Intel 32.dmg: 32422153 bytes
SHA256(Wireshark 2.0.5 Intel
32.dmg)=f07b50919586fb316be08e1f856d287da1495a35fc666387283cada71164b3b3
RIPEMD160(Wireshark 2.0.5 Intel
32.dmg)=1b42ec3e04548801cb8a1acee2df157a3713a9d8
SHA1(Wireshark 2.0.5 Intel 32.dmg)=9bdaaf2989c64b142731c083049824420d15c74e
MD5(Wireshark 2.0.5 Intel 32.dmg)=395c1d169d2be16d11b7ed17e47d398d

Wireshark 2.0.5 Intel 64.dmg: 31692909 bytes
SHA256(Wireshark 2.0.5 Intel
64.dmg)=9fe81f0738fb718cb7340ab4f08094d84cc6343d0f299df4dd56f153483446a5
RIPEMD160(Wireshark 2.0.5 Intel
64.dmg)=0cc849fd4aec3bd790c1ae7df4701bf96cc9c0da
SHA1(Wireshark 2.0.5 Intel 64.dmg)=9819a72b1bcee4e0879c350e7b0b5392664c765c
MD5(Wireshark 2.0.5 Intel 64.dmg)=4d3861437d9b0c3723d26cb3d350520d
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJXmRZVAAoJEIIkSnjm/q7qGh4QAKEhSdSzbACqKycgEZTUeWcr
yh0zezNftOB4dF5L01d/ViHqnjTgI1S+EbSMK+zHOGlKNWnCBQqL538HwnEdTLFK
O5TOzBqQglTsOZGvjkyD4jtzHMUxvf9uP8ddAzwz4rW13sUroyWWXTkGMBzZFuK4
GJwnpqdTeylbJfLWLImpr/H7TV756MCvdTJDXkJSGBsSUl8ORo2KVBM7hG14zICk
TTetpFBr2ZcwGVQWOxGXUeZ+zACCFjHx9vSjn/8iY8KmGDPT60WLJ3QuMheNWBnc
IoNcn09CPokwBGMOD88FA4b+DRfqUbBM/Dr0r4T+nWd2S0TsCvjrRUFfEkqzi6aV
32tSi8LB+VfTt62RiYobAeIvwP2/9d/7ser+u8DiS7O1YEt+9tUblLBI1qi7cely
bJx/Q/MzRIftpQh8keXyXgiUtYfY2lBPluzAlta0xyjWOafVBl4q72VG5Z8J61TT
XitZGWK9FQGFlMROA6c97voJ/jEvRBWstX8rnIGdK9ch6BfA3lZ6ob1OPGrIHYQj
ywgiZ+k8KUfMN9cJqbG6YMdX/pcmqANImpnIlX8k43mjhojRXRJkiCD/hVktEaPC
gf0mGyJ5xLI+PDzpF30m0FkGvrGbCrOwOvJCMZhlfSGkNbucbHvvzn/zUyUBhzpb
zVLN1T02OBsMYUpURCpR
=vIdc
- -----END PGP SIGNATURE-----
___________________________________________________________________________
Sent via:    Wireshark-announce mailing list <wireshark-announce@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-announce
Unsubscribe: https://wireshark.org/mailman/options/wireshark-announce
             mailto:wireshark-announce-request@wireshark.org?subject=unsubscribe

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBV7EDg4x+lLeg9Ub1AQis2A//ROjauVT5FdbbPIvy+g4Rg2Z6fO1kStJt
NpaehQoyii1+8wtgMRwnJbHOvqUN/2+P0xz6ZwNZBDTp6vkZxO0qJrNxjyBfsDja
xqWTqJpx67/ZEHv+0DAsZLNOrj3U86XMwXO7eteJu36chof3hE6EUwIXYGirUQp0
jdrgxfdflkbbZcpSYvK5+Hz1NsxSXtQtJHwvbuSmNIun0wmfizwwbGjyopvY9L+O
fSntz0dafSjn0sPdcMe5NmOyQDx4RAZ7zB/jDZId2vpTz4SoS4o/OmLBQh9BLJIZ
DitGZ3fYRjzZnNeOPgufL34pxdjg8m4ZdZqa4xXDdQZdSnRUE8x4qeDTR1Bxh3Mc
FLJBqFj8UZs1b6jw7OYVBUvfTqsq7k8JgMFXMB7EzZCs1tFlfsILqKlrr4dId1R4
ryqeXKtMLE4au+ykbjloSoX+d6EqSCI7czDDK6dRYo0TPVC2qF+KL8FbEGcT9euZ
at+w6/Kdz6EF1durLgLOSTty1spkbkdJ30x0lsGBQw9Bc0q0Imbn8vJu5SJFxfHs
sBOsZlhwme0Q8L1DjUa3COMrMKgcmN4x08L00Nqq365jtS1nMs4u5hLobLxruk2b
0AKNvMcO4gM9n5QWXLSPBWm51VU2OKdBXitDalfM1sEAdCFn2Th3L+tfCK/PsiCs
FBG9KIay/NM=
=dr2f
-----END PGP SIGNATURE-----