Univention Bugzilla – Bug 50397
tcpdump: Multiple issues (4.3)
Last modified: 2019-10-23 15:28:18 CEST
New Debian tcpdump 4.9.3-1~deb9u1 fixes: This update addresses the following issues: * heap-based buffer over-read in aoe_print in print-aoe.c and lookup_emem in addrtoname.c (CVE-2017-16808) * tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103) * tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105) * Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461) * Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462) * Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463) * Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464) * Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465) * Buffer over-read in print-icmp6.c (CVE-2018-14466) * Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467) * Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468) * Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469) * Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470) * Buffer overflow in get_next_file() in tcpdump.c (CVE-2018-14879) * Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880) * Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881) * Buffer over-read in print-icmp6.c (CVE-2018-14882) * Buffer over-read in print-802_11.c (CVE-2018-16227) * Buffer over-read in print_prefix() function in print-hncp.c (CVE-2018-16228) * Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229) * Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230) * Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300) * Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451) * Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452) * Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/tcpdump_4.9.2-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-5/source/tcpdump_4.9.3-1~deb9u1.dsc @@ -1,3 +1,9 @@ +4.9.3-1~deb9u1 [Sat, 19 Oct 2019 17:18:00 +0200] Romain Francoise <rfrancoise@debian.org>: + + * New upstream release, with fixes for 24 different CVEs (closes: #941698). + This is an upstream update on top of the 4.9.2-1~deb9u1 package. + * Disable tests that require a newer libpcap version. + 4.9.2-1~deb9u1 [Sat, 09 Sep 2017 20:33:48 +0200] Romain Francoise <rfrancoise@debian.org>: * New upstream release, fixing 90 new CVEs. See the upstream changelog <http://10.200.17.11/4.3-5/#4269081964802899867>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-5] 608fe02e47 Bug #50397: tcpdump 4.9.3-1~deb9u1 doc/errata/staging/tcpdump.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) [4.3-5] c8114478fb Bug #50397: tcpdump 4.9.3-1~deb9u1 doc/errata/staging/tcpdump.yaml | 75 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+)
<http://errata.software-univention.de/ucs/4.3/605.html>