-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.1406
                             wireshark update
                                2 June 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Wireshark
Publisher:        Wireshark
Operating System: UNIX variants (UNIX, Linux, OSX)
                  Windows
                  Mac OS
Impact/Access:    Denial of Service -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2017-9354 CVE-2017-9353 CVE-2017-9352
                  CVE-2017-9351 CVE-2017-9350 CVE-2017-9349
                  CVE-2017-9348 CVE-2017-9347 CVE-2017-9346
                  CVE-2017-9345 CVE-2017-9344 CVE-2017-9343

Comment: This bulletin contains two (2) Wireshark security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

I'm proud to announce the release of Wireshark 2.2.7.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2017-22
       Bazaar dissector infinite loop ([2]Bug 13599) [3]CVE-2017-9352
     * [4]wnpa-sec-2017-23
       DOF dissector read overflow ([5]Bug 13608) [6]CVE-2017-9348
     * [7]wnpa-sec-2017-24
       DHCP dissector read overflow ([8]Bug 13609, [9]Bug 13628)
       [10]CVE-2017-9351
     * [11]wnpa-sec-2017-25
       SoulSeek dissector infinite loop ([12]Bug 13631) [13]CVE-2017-9346
     * [14]wnpa-sec-2017-26
       DNS dissector infinite loop ([15]Bug 13633) [16]CVE-2017-9345
     * [17]wnpa-sec-2017-27
       DICOM dissector infinite loop ([18]Bug 13685) [19]CVE-2017-9349
     * [20]wnpa-sec-2017-28
       openSAFETY dissector memory exhaustion ([21]Bug 13649)
       [22]CVE-2017-9350
     * [23]wnpa-sec-2017-29
       BT L2CAP dissector divide by zero ([24]Bug 13701) [25]CVE-2017-9344

     * [26]wnpa-sec-2017-30
       MSNIP dissector crash ([27]Bug 13725) [28]CVE-2017-9343

     * [29]wnpa-sec-2017-31
       ROS dissector crash ([30]Bug 13637) [31]CVE-2017-9347

     * [32]wnpa-sec-2017-32
       RGMP dissector crash ([33]Bug 13646) [34]CVE-2017-9354

     * [35]wnpa-sec-2017-33
       IPv6 dissector crash ([36]Bug 13675) [37]CVE-2017-9353

   The following bugs have been fixed:
     * DICOM dissection error. ([38]Bug 13164)
     * Qt: drag & drop of one column header in PacketList moves other
       columns. ([39]Bug 13183)
     * Can not export captured DICOM objects in version 2.2.5. ([40]Bug
       13570)
     * False complain about bad checksum of ICMP extension header.
       ([41]Bug 13586)

     * LibFuzzer: ISUP dissector bug (isup.number_different_meaning).
       ([42]Bug 13588)
     * Dissector Bug, protocol BT ATT. ([43]Bug 13590)
     * Wireshark dispalys
       RRCConnectionReestablishmentRejectRRCConnectionReestablishmentRejec
       t in Info column. ([44]Bug 13595)

     * [oss-fuzz] UBSAN: shift exponent 105 is too large for 32-bit type
       int in packet-ositp.c:551:79. ([45]Bug 13606)

     * [oss-fuzz] UBSAN: shift exponent -77 is negative in
       packet-netflow.c:7717:23. ([46]Bug 13607)

     * [oss-fuzz] UBSAN: shift exponent 1959 is too large for 32-bit type
       int in packet-sigcomp.c:2128:28. ([47]Bug 13610)

     * [oss-fuzz] UBSAN: shift exponent 63 is too large for 32-bit type
       guint32 (aka unsigned int) in packet-rtcp.c:917:24. ([48]Bug 13611
)

     * [oss-fuzz] UBSAN: shift exponent 70 is too large for 64-bit type
       guint64 (aka unsigned long) in dwarf.c:42:43. ([49]Bug 13616)

     * [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type
       int in packet-xot.c:260:23. ([50]Bug 13618)

     * [oss-fuzz] UBSAN: shift exponent -5 is negative in
       packet-sigcomp.c:1722:36. ([51]Bug 13619)

     * [oss-fuzz] UBSAN: index 2049 out of bounds for type char [2049] in=

       packet-quakeworld.c:134:5. ([52]Bug 13624)

     * [oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type
       int in packet-netsync.c:467:25. ([53]Bug 13639)

     * [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type
       int in packet-sigcomp.c:3857:24. ([54]Bug 13641)

     * [oss-fuzz] ASAN: stack-use-after-return
       epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field.
       ([55]Bug 13662)
     * Welcome screen invalid capture filter wihtout WinPcap installed
       causes runtime error. ([56]Bug 13672)
     * SMB protocol parser does not parse SMB_COM_TRANSACTION2_SECONDARY
       (0x33) command correctly. ([57]Bug 13690)
     * SIP packets with SDP marked as malformed. ([58]Bug 13698)

     * [oss-fuzz] UBSAN: index 8 out of bounds for type gboolean const[8]
       in packet-ieee80211-radiotap.c:1836:12. ([59]Bug 13713)
     * Crash on "Show packet bytes..." context menu item click. ([60]Bug
       13723)
     * DNP3 dissector does not properly decode packed variations with
       prefixed qualifiers. ([61]Bug 13733)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   Bazaar, BT ATT, BT L2CAP, DHCP, DICOM, DNP3, DNS, DOF, DWARF, ICMP,
   IEEE 802.11, IPv6, ISUP, LTE RRC, MSNIP, Netflow, Netsync, openSAFETY,

   OSITP, QUAKEWORLD, Radiotap, RGMP, ROS, RTCP, SIGCOMP, SMB, SoulSeek,
   and XOT

  New and Updated Capture File Support

   There is no new or updated capture file support in this release.

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.

  Major API Changes

   There are no major API changes in this release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [62]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [63]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([64]Bug 1419)

   The BER dissector might infinitely loop. ([65]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([66]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([67]Bug 2234)

   Application crash when changing real-time option. ([68]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([69]Bug 4985)

   Wireshark should let you work with multiple capture files. ([70]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([71]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [72]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [73]the web site.

   Official Wireshark training and certification are available from
   [74]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [75]Wireshark web site.
     __________________________________________________________________

   Last updated 2017-06-01 18:22:54 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2017-22.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13599
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9352
   4. https://www.wireshark.org/security/wnpa-sec-2017-23.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13608
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9348
   7. https://www.wireshark.org/security/wnpa-sec-2017-24.html
   8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13609
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13628
  10. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9351
  11. https://www.wireshark.org/security/wnpa-sec-2017-25.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13631
  13. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9346
  14. https://www.wireshark.org/security/wnpa-sec-2017-26.html
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13633
  16. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9345
  17. https://www.wireshark.org/security/wnpa-sec-2017-27.html
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13685
  19. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9349
  20. https://www.wireshark.org/security/wnpa-sec-2017-28.html
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13649
  22. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9350
  23. https://www.wireshark.org/security/wnpa-sec-2017-29.html
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13701
  25. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9344
  26. https://www.wireshark.org/security/wnpa-sec-2017-30.html
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13725
  28. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9343
  29. https://www.wireshark.org/security/wnpa-sec-2017-31.html
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13637
  31. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9347
  32. https://www.wireshark.org/security/wnpa-sec-2017-32.html
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13646
  34. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9354
  35. https://www.wireshark.org/security/wnpa-sec-2017-33.html
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13675
  37. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9353
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13164
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13183
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13570
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13586
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13588
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13590
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13595
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13606
  46. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13607
  47. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13610
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13611
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13616
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13618
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13619
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13624
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13639
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13641
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13662
  56. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13672
  57. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13690
  58. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13698
  59. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13713
  60. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13723
  61. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13733
  62. https://www.wireshark.org/download.html
  63. https://www.wireshark.org/download.html#thirdparty
  64. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D1419
  65. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D1516
  66. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D1814
  67. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D2234
  68. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D4035
  69. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D4985
  70. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D10488
  71. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D12036
  72. https://ask.wireshark.org/
  73. https://www.wireshark.org/lists/
  74. http://www.wiresharktraining.com/
  75. https://www.wireshark.org/faq.html


Digests

wireshark-2.2.7.tar.bz2: 32309420 bytes
SHA256(wireshark-2.2.7.tar.bz2)=3D689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5
RIPEMD160(wireshark-2.2.7.tar.bz2)=3Dbaf598f495c04f3709cb02c9046b8176f5f5c72e
SHA1(wireshark-2.2.7.tar.bz2)=3D2bb1cdf56a93fb22a66e8179214b587c71f06c9e
MD5(wireshark-2.2.7.tar.bz2)=3Da4d880554c7f925dafef60fa313b580d

Wireshark-win64-2.2.7.exe: 49400720 bytes
SHA256(Wireshark-win64-2.2.7.exe)=3Dcc8e6feff1e72d1baaafb277e33c9137a76a5edeca629fe4c764070a0719df50
RIPEMD160(Wireshark-win64-2.2.7.exe)=3De1b5395752ff672593bb02e02c9d43b969a6d136
SHA1(Wireshark-win64-2.2.7.exe)=3Dbb9f0c2f8448069e8ef33302e3e8a5182a066788
MD5(Wireshark-win64-2.2.7.exe)=3D30570a7b54c17da897cf155e35a2f44a

Wireshark-win32-2.2.7.exe: 44550128 bytes
SHA256(Wireshark-win32-2.2.7.exe)=3D6f5ef2ed9aed62f3613f66b960f50663cfb4ec4b59c9fe1fa11ff08137c8a0c0
RIPEMD160(Wireshark-win32-2.2.7.exe)=3D14aa5ae001272ac7ce1eea2d166f02b89a1de76c
SHA1(Wireshark-win32-2.2.7.exe)=3D1c778e2885fbf0668f75567841d0b00c73b9c7d6
MD5(Wireshark-win32-2.2.7.exe)=3Dab254d59f70aec9178aeb8a76a24de50

WiresharkPortable_2.2.7.paf.exe: 46147736 bytes
SHA256(WiresharkPortable_2.2.7.paf.exe)=3D3fc82830a4d2b0d620ef37c1fd406d99e5cad7ff2c831b1d284f5e87282ae2c1
RIPEMD160(WiresharkPortable_2.2.7.paf.exe)=3D2d699d1fe6d1bd2e30000cff21837d17d069725f
SHA1(WiresharkPortable_2.2.7.paf.exe)=3D5cc73524dfc49780ce22f8dfe4d74876c2f9eb5a
MD5(WiresharkPortable_2.2.7.paf.exe)=3Dd05d04a6ce82a7253949d45cc5fb6186

Wireshark 2.2.7 Intel 64.dmg: 32873230 bytes
SHA256(Wireshark 2.2.7 Intel
64.dmg)=3D6d46e7270fc6b661ece24c0fcaf56c7e4ce4f65501ef055ea46c6cfdf95c6dcb
RIPEMD160(Wireshark 2.2.7 Intel
64.dmg)=3D7b1ab739f9dc24c03b9b825a8533e0e891ee822f
SHA1(Wireshark 2.2.7 Intel 64.dmg)=3D50fa591d6fb0d4f59a5c2c9c12c1f114522f8377
MD5(Wireshark 2.2.7 Intel 64.dmg)=3D2814af6a4f0c851e1d44213d96428919

=========================================================================



I'm proud to announce the release of Wireshark 2.0.13.

     __________________________________________________________________

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
     __________________________________________________________________

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2017-22
       Bazaar dissector infinite loop ([2]Bug 13599) [3]CVE-2017-9352
     * [4]wnpa-sec-2017-24
       DHCP dissector read overflow ([5]Bug 13609, [6]Bug 13628)
       [7]CVE-2017-9351
     * [8]wnpa-sec-2017-25
       SoulSeek dissector infinite loop ([9]Bug 13631) [10]CVE-2017-9346
     * [11]wnpa-sec-2017-26
       DNS dissector infinite loop ([12]Bug 13633) [13]CVE-2017-9345
     * [14]wnpa-sec-2017-27
       DICOM dissector infinite loop ([15]Bug 13685) [16]CVE-2017-9349
     * [17]wnpa-sec-2017-28
       openSAFETY dissector memory exhaustion ([18]Bug 13649)
       [19]CVE-2017-9350
     * [20]wnpa-sec-2017-29
       BT L2CAP dissector divide by zero ([21]Bug 13701) [22]CVE-2017-9344

     * [23]wnpa-sec-2017-30
       MSNIP dissector crash ([24]Bug 13725) [25]CVE-2017-9343

     * [26]wnpa-sec-2017-32
       RGMP dissector crash ([27]Bug 13646) [28]CVE-2017-9354

   The following bugs have been fixed:
     * DICOM dissection error. ([29]Bug 13164)
     * Can not export captured DICOM objects in version 2.2.5. ([30]Bug
       13570)
     * LibFuzzer: ISUP dissector bug (isup.number_different_meaning).
       ([31]Bug 13588)
     * Dissector Bug, protocol BT ATT. ([32]Bug 13590)
     * [oss-fuzz] UBSAN: shift exponent 105 is too large for 32-bit type
       int in packet-ositp.c:551:79. ([33]Bug 13606)
     * [oss-fuzz] UBSAN: shift exponent -77 is negative in
       packet-netflow.c:7717:23. ([34]Bug 13607)
     * [oss-fuzz] UBSAN: shift exponent 1959 is too large for 32-bit type
       int in packet-sigcomp.c:2128:28. ([35]Bug 13610)
     * [oss-fuzz] UBSAN: shift exponent 63 is too large for 32-bit type
       guint32 (aka unsigned int) in packet-rtcp.c:917:24. ([36]Bug 13611)
     * [oss-fuzz] UBSAN: shift exponent 70 is too large for 64-bit type
       guint64 (aka unsigned long) in dwarf.c:42:43. ([37]Bug 13616)
     * [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type
       int in packet-xot.c:260:23. ([38]Bug 13618)
     * [oss-fuzz] UBSAN: shift exponent -5 is negative in
       packet-sigcomp.c:1722:36. ([39]Bug 13619)
     * [oss-fuzz] UBSAN: index 2049 out of bounds for type char [2049] in
       packet-quakeworld.c:134:5. ([40]Bug 13624)
     * [oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type
       int in packet-netsync.c:467:25. ([41]Bug 13639)
     * [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type
       int in packet-sigcomp.c:3857:24. ([42]Bug 13641)
     * [oss-fuzz] ASAN: stack-use-after-return
       epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field.
       ([43]Bug 13662)
     * Welcome screen invalid capture filter wihtout WinPcap installed
       causes runtime error. ([44]Bug 13672)
     * SMB protocol parser does not parse SMB_COM_TRANSACTION2_SECONDARY
       (0x33) command correctly. ([45]Bug 13690)

  New and Updated Features

   There are no new features in this release.

  New File Format Decoding Support

   There are no new file formats in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   Bazaar, BT ATT, BT L2CAP, DHCP, DICOM, DNS, DWARF, IEEE 802.11, ISUP,
   MSNIP, Netflow, Netsync, openSAFETY, OSITP, QUAKEWORLD, RGMP, RTCP,
   SIGCOMP, SMB, SoulSeek, and XOT

  New and Updated Capture File Support

   There is no new or updated capture file support in this release.

  New and Updated Capture Interfaces support

   There are no new or updated capture interfaces supported in this
   release.
     __________________________________________________________________

Getting Wireshark

   Wireshark source code and installation packages are available from
   [46]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [47]download page on the Wireshark web site.
     __________________________________________________________________

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
     __________________________________________________________________

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([48]Bug 1419)

   The BER dissector might infinitely loop. ([49]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([50]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([51]Bug 2234)

   Application crash when changing real-time option. ([52]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([53]Bug 4985)

   Wireshark should let you work with multiple capture files. ([54]Bug
   10488)

   Dell Backup and Recovery (DBAR) makes many Windows applications crash,
   including Wireshark. ([55]Bug 12036)
     __________________________________________________________________

Getting Help

   Community support is available on [56]Wireshark's Q&A site and on the
   wireshark-users mailing list. Subscription information and archives for
   all of Wireshark's mailing lists can be found on [57]the web site.

   Official Wireshark training and certification are available from
   [58]Wireshark University.
     __________________________________________________________________

Frequently Asked Questions

   A complete FAQ is available on the [59]Wireshark web site.
     __________________________________________________________________

   Last updated 2017-06-01 18:24:28 UTC

References

   1. https://www.wireshark.org/security/wnpa-sec-2017-22.html
   2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13599
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9352
   4. https://www.wireshark.org/security/wnpa-sec-2017-24.html
   5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13609
   6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13628
   7. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9351
   8. https://www.wireshark.org/security/wnpa-sec-2017-25.html
   9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13631
  10. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9346
  11. https://www.wireshark.org/security/wnpa-sec-2017-26.html
  12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13633
  13. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9345
  14. https://www.wireshark.org/security/wnpa-sec-2017-27.html
  15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13685
  16. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9349
  17. https://www.wireshark.org/security/wnpa-sec-2017-28.html
  18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13649
  19. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9350
  20. https://www.wireshark.org/security/wnpa-sec-2017-29.html
  21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13701
  22. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9344
  23. https://www.wireshark.org/security/wnpa-sec-2017-30.html
  24. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13725
  25. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9343
  26. https://www.wireshark.org/security/wnpa-sec-2017-32.html
  27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13646
  28. http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-9354
  29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13164
  30. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13570
  31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13588
  32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13590
  33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13606
  34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13607
  35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13610
  36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13611
  37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13616
  38. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13618
  39. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13619
  40. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13624
  41. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13639
  42. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13641
  43. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13662
  44. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13672
  45. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D13690
  46. https://www.wireshark.org/download.html
  47. https://www.wireshark.org/download.html#thirdparty
  48. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D1419
  49. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D1516
  50. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D1814
  51. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D2234
  52. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D4035
  53. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D4985
  54. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D10488
  55. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3D12036
  56. https://ask.wireshark.org/
  57. https://www.wireshark.org/lists/
  58. http://www.wiresharktraining.com/
  59. https://www.wireshark.org/faq.html


Digests

wireshark-2.0.13.tar.bz2: 31268594 bytes
SHA256(wireshark-2.0.13.tar.bz2)=3D6bb8398edb7b59e7265b763aba54610c3f362af8a0ecfe6d4c9e51069687e243
RIPEMD160(wireshark-2.0.13.tar.bz2)=3D94de44a3cb997f421b31c2568bf291d5de44e155
SHA1(wireshark-2.0.13.tar.bz2)=3Dea0d3170570f1d4b2a70965e255b05675255be7a
MD5(wireshark-2.0.13.tar.bz2)=3D664328bf4f606a334168d1f3a9801b24

Wireshark-win32-2.0.13.exe: 44183496 bytes
SHA256(Wireshark-win32-2.0.13.exe)=3D64738da8fe5316ef2b90af7bb7821a2e05bc190baf99304c42f109b2e9405db8
RIPEMD160(Wireshark-win32-2.0.13.exe)=3Da056f7ae22768339d7a9d49f1c15bb5177bf3d15
SHA1(Wireshark-win32-2.0.13.exe)=3D5018bcba4a8442068468dbec354ecfb0e93e4246
MD5(Wireshark-win32-2.0.13.exe)=3De9e6ba5d248d4521148504aba3ca3e42

Wireshark-win64-2.0.13.exe: 47804584 bytes
SHA256(Wireshark-win64-2.0.13.exe)=3D6968c556c2fc9c20bcec164407e85d84fe1804935bb3825bfcd1cfde93c4a010
RIPEMD160(Wireshark-win64-2.0.13.exe)=3Db0b756c854dc8e8f7a884afe0a22ad1315c887bc
SHA1(Wireshark-win64-2.0.13.exe)=3D973f46f5df7d87ee549b07f436f67be163ef324d
MD5(Wireshark-win64-2.0.13.exe)=3Da66dee5fdab4eb87bbded7c78589dde6

WiresharkPortable_2.0.13.paf.exe: 43864080 bytes
SHA256(WiresharkPortable_2.0.13.paf.exe)=3D6a3d42ee913ac1387f8e9266277d16899d238e0122deb1d4d78be6e19f6accea
RIPEMD160(WiresharkPortable_2.0.13.paf.exe)=3D41c286edd3a9f93f0fe46c50d8546c652926bb3e
SHA1(WiresharkPortable_2.0.13.paf.exe)=3Daf613a62e5a6a1d3e02732df967f972013532794
MD5(WiresharkPortable_2.0.13.paf.exe)=3D32fd0935cd4a5deb4e59a58e2ab96694

Wireshark 2.0.13 Intel 64.dmg: 31777078 bytes
SHA256(Wireshark 2.0.13 Intel
64.dmg)=3D4e64c19dbeb6b649accc7e491574d441bd78be8e2e3c59bfb8dd75c1d26c94cf
RIPEMD160(Wireshark 2.0.13 Intel
64.dmg)=3Dda9abed98e1af300500061e0ca854393262966e7
SHA1(Wireshark 2.0.13 Intel 64.dmg)=3D11867078cb5fe3eb65971fa3ca9ed7c53b36768c
MD5(Wireshark 2.0.13 Intel 64.dmg)=3D6c3ee6afa2b559af49148e370ea5df8f

Wireshark 2.0.13 Intel 32.dmg: 32527499 bytes
SHA256(Wireshark 2.0.13 Intel
32.dmg)=3D2f89e0903a50adba76f120629006df8db0cc5caac8a8f2f94cce0e957db1548d
RIPEMD160(Wireshark 2.0.13 Intel
32.dmg)=3D1d17d8e303a0a0704cedbdea5f0661a91aa9d14f
SHA1(Wireshark 2.0.13 Intel 32.dmg)=3Ddeeed00d9558d48922624210a6bb0e8675b499b7
MD5(Wireshark 2.0.13 Intel 32.dmg)=3Dbc1dc1462e3825d7984ce10747f1e6ec

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWTDnfYx+lLeg9Ub1AQgKSg/+ME7QCr2Y3xDpwthr8MxvBTmq970s8xwW
WwhxfMDa67lSBdYDOOB4K49NZ0rkOGpXIrMdsL7iqKAQpKBv+3sZfhYoFDRK/6gV
TGn81Ls2JW9SwfoeDnyVTi1fNgMYSxZVv7AkGzlPbfvSBU+qhcrCR2Do9G/M31xJ
GM2iZ5VqIo0q/6LgASu4qdS3DaEy2CQf8HfP2K9+7UaMiayAX4x1aUoC2ctBAkKe
xR0W+vmwhP2ZoPdEvLban+nLSaPYuMKg4/vJ7fWyeTPdHnwpu8lyZUUEFYk/kzH6
3BGjLzRaKSivcH0Ot4qQEVFVWG2lfL+LLEV+KfibeF4sWft0TF3d3IQ4sIKH3pGj
xSVhmvhGhNKj/UFJHBwfk6ZSqrAyv84s9P09qZgU5PZZbYwdUZfr2a9g1m0qzhcG
bB9hU2NobZCrP+qZUY4kQF/BIdbG5mKgUY8vPvx6nt4m4+2WshxN2oA7/jxnP8lT
WSZB9brIqBexXTqJbSEcw4FfZBUTT3/gTK/G6Gr5grz20+Da6JFs26FkrpEiSTlz
tsLSXj3Cz/QBKawWoE/viw1u/K/0wh98NM5mhYJ+67yH6AropVQTRd1jAja7Kh0X
+9N5QPNFDsgPi3j7ao0ZB+e8afsXSmu0yLY0z1AQTFgkOZGsrkjTyuIDkBgsePUw
hmajYLVRw8o=
=5EFd
-----END PGP SIGNATURE-----