From mboxrd@z Thu Jan  1 00:00:00 1970
From: Matthias Fischer <fischerm42@t-online.de>
To: development@lists.ipfire.org
Subject: Re: Pull request - curl / daq
Date: Sat, 27 Jun 2015 13:19:57 +0200
Message-ID: <558E86DD.4020402@t-online.de>
In-Reply-To: <1435403148.13892.90.camel@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5954757670317381776=="
List-Id: <development.lists.ipfire.org>

--===============5954757670317381776==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

On 27.06.2015 13:05, Michael Tremer wrote:
>> >curl - Update to 7.43.0:
>> >http://git.ipfire.org/?p=3Dpeople/mfischer/ipfire-2.x.git;a=3Dcommit;h=3D=
bdb1c525340f70fbc7e00615e23c6e4e22bd07ed
> I merged this right away because it contains some security/stability
> fixes. You may include any CVE numbers in the commit message if there
> are any.

Sorry, I missed that. Next time, I know better. ;-)

Here they are, if still needed (excerpt from CHANGES):

Fixes:

http: do not leak basic auth credentials on re-used connections
CVE-2015-3236

test2040: verify basic auth on re-used connections
- SMB: rangecheck values read off incoming packet
CVE-2015-3237

- SMB: rangecheck values read off incoming packet
CVE-2015-3237

>...
>> >daq: Update to 2.0.5:
>> >http://git.ipfire.org/?p=3Dpeople/mfischer/ipfire-2.x.git;a=3Dcommit;h=3D=
5d1f2fa5d266a19525eab1874c17feff571ac594
> Should we better ship this together with a snort update?

Yep. Don't know why I missed this one. I just saw it yesterday.

> Are there any urgent changes in here?
>

Hm, hard to tell for me - please judge for yourself (Excerpt from=20
'ChangeLog'): ;-)

***SNIP***
Changes in 2.0.5 Release on 2015-04-22:
---------------------------------------
2015-04-22 18:58  jocornet

     * api/daq_common.h:
       Fixed build issue on windows.

2015-04-01 14:56 maltizer

     * configure.ac, os-daq-modules/Makefile.am,
       os-daq-modules/daq_dump.c, os-daq-modules/daq_netmap.c,
       os-daq-modules/daq_static_modules.h, sfbpf/Makefile.am:
       Fixed build issues on FreeBSD.
       Fixed overflowable snaplen in dump module.
       Fixed issues with netmap module.
***SNAP***

Perhaps, "overflowable snaplen" and "netmap" could be important!?

Regards
Matthias


--===============5954757670317381776==--