From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] tcpdump: Update to 4.9.2
Date: Mon, 11 Sep 2017 21:15:15 +0100
Message-ID: <1505160915.2507.7.camel@ipfire.org>
In-Reply-To: <20170908161339.18821-1-matthias.fischer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============8012688301018679813=="
List-Id: <development.lists.ipfire.org>

--===============8012688301018679813==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Wow, that is a lot of CVE numbers.

Merged!

-Michael

On Fri, 2017-09-08 at 18:13 +0200, Matthias Fischer wrote:
> Changelog:
>=20
> "Sunday September 3, 2017 denis(a)ovsienko.info
>   Summary for 4.9.2 tcpdump release
>     Do not use getprotobynumber() for protocol name resolution.  Do not do
>       any protocol name resolution if -n is specified.
>       Improve errors detection in the test scripts.
>       Fix a segfault with OpenSSL 1.1 and improve OpenSSL usage.
>       Clean up IS-IS printing.
>       Fix buffer overflow vulnerabilities:
>       CVE-2017-11543 (SLIP)
>       CVE-2017-13011 (bittok2str_internal)
>       Fix infinite loop vulnerabilities:
>       CVE-2017-12989 (RESP)
>       CVE-2017-12990 (ISAKMP)
>       CVE-2017-12995 (DNS)
>       CVE-2017-12997 (LLDP)
>       Fix buffer over-read vulnerabilities:
>       CVE-2017-11541 (safeputs)
>       CVE-2017-11542 (PIMv1)
>       CVE-2017-12893 (SMB/CIFS)
>       CVE-2017-12894 (lookup_bytestring)
>       CVE-2017-12895 (ICMP)
>       CVE-2017-12896 (ISAKMP)
>       CVE-2017-12897 (ISO CLNS)
>       CVE-2017-12898 (NFS)
>       CVE-2017-12899 (DECnet)
>       CVE-2017-12900 (tok2strbuf)
>       CVE-2017-12901 (EIGRP)
>       CVE-2017-12902 (Zephyr)
>       CVE-2017-12985 (IPv6)
>       CVE-2017-12986 (IPv6 routing headers)
>       CVE-2017-12987 (IEEE 802.11)
>       CVE-2017-12988 (telnet)
>       CVE-2017-12991 (BGP)
>       CVE-2017-12992 (RIPng)
>       CVE-2017-12993 (Juniper)
>       CVE-2017-11542 (PIMv1)
>       CVE-2017-11541 (safeputs)
>       CVE-2017-12994 (BGP)
>       CVE-2017-12996 (PIMv2)
>       CVE-2017-12998 (ISO IS-IS)
>       CVE-2017-12999 (ISO IS-IS)
>       CVE-2017-13000 (IEEE 802.15.4)
>       CVE-2017-13001 (NFS)
>       CVE-2017-13002 (AODV)
>       CVE-2017-13003 (LMP)
>       CVE-2017-13004 (Juniper)
>       CVE-2017-13005 (NFS)
>       CVE-2017-13006 (L2TP)
>       CVE-2017-13007 (Apple PKTAP)
>       CVE-2017-13008 (IEEE 802.11)
>       CVE-2017-13009 (IPv6 mobility)
>       CVE-2017-13010 (BEEP)
>       CVE-2017-13012 (ICMP)
>       CVE-2017-13013 (ARP)
>       CVE-2017-13014 (White Board)
>       CVE-2017-13015 (EAP)
>       CVE-2017-11543 (SLIP)
>       CVE-2017-13016 (ISO ES-IS)
>       CVE-2017-13017 (DHCPv6)
>       CVE-2017-13018 (PGM)
>       CVE-2017-13019 (PGM)
>       CVE-2017-13020 (VTP)
>       CVE-2017-13021 (ICMPv6)
>       CVE-2017-13022 (IP)
>       CVE-2017-13023 (IPv6 mobility)
>       CVE-2017-13024 (IPv6 mobility)
>       CVE-2017-13025 (IPv6 mobility)
>       CVE-2017-13026 (ISO  IS-IS)
>       CVE-2017-13027 (LLDP)
>       CVE-2017-13028 (BOOTP)
>       CVE-2017-13029 (PPP)
>       CVE-2017-13030 (PIM)
>       CVE-2017-13031 (IPv6 fragmentation header)
>       CVE-2017-13032 (RADIUS)
>       CVE-2017-13033 (VTP)
>       CVE-2017-13034 (PGM)
>       CVE-2017-13035 (ISO IS-IS)
>       CVE-2017-13036 (OSPFv3)
>       CVE-2017-13037 (IP)
>       CVE-2017-13038 (PPP)
>       CVE-2017-13039 (ISAKMP)
>       CVE-2017-13040 (MPTCP)
>       CVE-2017-13041 (ICMPv6)
>       CVE-2017-13042 (HNCP)
>       CVE-2017-13043 (BGP)
>       CVE-2017-13044 (HNCP)
>       CVE-2017-13045 (VQP)
>       CVE-2017-13046 (BGP)
>       CVE-2017-13047 (ISO ES-IS)
>       CVE-2017-13048 (RSVP)
>       CVE-2017-13049 (Rx)
>       CVE-2017-13050 (RPKI-Router)
>       CVE-2017-13051 (RSVP)
>       CVE-2017-13052 (CFM)
>       CVE-2017-13053 (BGP)
>       CVE-2017-13054 (LLDP)
>       CVE-2017-13055 (ISO IS-IS)
>       CVE-2017-13687 (Cisco HDLC)
>       CVE-2017-13688 (OLSR)
>       CVE-2017-13689 (IKEv1)
>       CVE-2017-13690 (IKEv2)
>       CVE-2017-13725 (IPv6 routing headers)
>=20
> Sunday July 23, 2017 denis(a)ovsienko.info
>   Summary for 4.9.1 tcpdump release
>     CVE-2017-11108/Fix bounds checking for STP.
>     Make assorted documentation updates and fix a few typos in tcpdump outp=
ut.
>     Fixup -C for file size >2GB (GH #488).
>     Show AddressSanitizer presence in version output.
>     Fix a bug in test scripts (exposed in GH #613).
>     On FreeBSD adjust Capsicum capabilities for netmap.
>     On Linux fix a use-after-free when the requested interface does not exi=
st."
>=20
> Best,
> Matthias
>=20
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
>  lfs/tcpdump | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>=20
> diff --git a/lfs/tcpdump b/lfs/tcpdump
> index 42536f16a..acf752ce2 100644
> --- a/lfs/tcpdump
> +++ b/lfs/tcpdump
> @@ -24,7 +24,7 @@
> =20
>  include Config
> =20
> -VER        =3D 4.9.0
> +VER        =3D 4.9.2
> =20
>  THISAPP    =3D tcpdump-$(VER)
>  DL_FILE    =3D $(THISAPP).tar.gz
> @@ -32,7 +32,7 @@ DL_FROM    =3D $(URL_IPFIRE)
>  DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
>  TARGET     =3D $(DIR_INFO)/$(THISAPP)
>  PROG       =3D tcpdump
> -PAK_VER    =3D 8
> +PAK_VER    =3D 9
> =20
>  DEPS       =3D ""
> =20
> @@ -44,7 +44,7 @@ objects =3D $(DL_FILE)
> =20
>  $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
> =20
> -$(DL_FILE)_MD5 =3D 2b83364eef53b63ca3181b4eb56dab0c
> +$(DL_FILE)_MD5 =3D 9bbc1ee33dab61302411b02dd0515576
> =20
>  install : $(TARGET)
> =20

--===============8012688301018679813==
Content-Type: application/pgp-signature
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="signature.asc"
MIME-Version: 1.0

LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSXpCQUFCQ2dBZEZpRUU1L3JXNWwzR0dl
Mnlwa3R4Z0hudy8yK1FDUWNGQWxtMjd0TUFDZ2tRZ0hudy8yK1EKQ1FlVStnLy9mWU5XajQ5anhj
ZjdlSWU0bDFYYUtVRkZtQ0tQOWJ4UlB0dFNjeGlxcDE1K3ByWGI4M040c2dWbgpxaC9GR3JHNTdr
M1Q2OU1QcTR1dnFSQkpvSENiZVovdlQ1cTgwcTkydmp4dkZWaXZ0R1F5ZWRFRVVSSEg4WEg5CkV6
RDJiekdENFRBaE5RdU5JbEsxcUlCRXp4K0YyajRaTU1Eanh0dkVVNm90aVIwT09nSkJxYS9raStQ
enExTzUKbWNSMlpYK25sdXV6VjBvM0E4YXJQYUh2S2s2Y1lyeDhWK21wL253S1JyRmhIeTV6V0FO
RGpLa3ZFaHN0aE9nNQo2akFMczhhUTMyWDNkaW5YN1Y4NkdiQzNLNTFmK3NPckhvekJwb3RRR0hR
NWQyNVgxSTdreUI2dlRsVmc5L0JVCmtXRnBUUnc0UjRPSlNVRW1ma2MrdHY4Q1diWHZwM2VHcWx0
WnozeEVtVVJCVGhRRFJTQXZHTWVIV2QrNEdWcHIKRUY1cHN1SEpLbVVFMVBuQStSdUFqODZvV09s
NWd5Ymt3bW9yajBjSkFUYkZSZ2d1c1JwRGlIOXlmUXEySHhZVgp6OGM2WmVtWUZBMDZaM2EydmdB
K2dhL3Q5b2NiN0VNTkpOOVUzd3pBTzExekVnUndldGNQdkhQL214ZVdrVmc5CjdDWlVHMzUraG1N
eTZrK0tYQ1doZnRVeG5ncFBVdE4xVDJrSEUyQ1RtN042ZXRnUzVoanhXMVpYRXF4QVRrWUYKNVVR
N0FLUWdIaTkyeUFtRkdwby9mK09ITk93OEs0V1pPVFJRU1N2b1lReWxCT2dvMDBiQ0dvRHJWelRm
S3laMQpHbmdneTRRdkVBbWdQcG1EUWI0UU9zUDExeWdGbXMvNENoMTE3UkJ3VkpoZjE2aTF0NVU9
Cj1KLzhzCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo=

--===============8012688301018679813==--