diff options
| author | Leo Famulari <leo@famulari.name> | 2017-09-05 14:57:21 -0400 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2017-09-07 17:44:20 -0400 |
| commit | 81635ad03ecb3a51b5248db65919621bde9039f4 (patch) | |
| tree | 6820057f02bdaeed08cb2035ca276c9354361e3c /gnu/packages/patches/tcpdump-CVE-2017-11542.patch | |
| parent | 3b2802f8c451f7d8f0e02ee81a55046648c0735e (diff) | |
gnu: tcpdump: Update to 4.9.2 [security fixes].
Fixes CVE-2017-{12893,12894,12895,12896,12897,12898,12899,12900,12901,12902,
12985,12986,12987,12988,12989,12990,12991,12992,12993,12994,12995,12996,12997,
12998,12999,13000,13001,13002,13003,13004,13005,13006,13007,13008,13009,13010,
13012,13013,13014,13015,13016,13017,13018,13019,13020,13021,13022,13023,13024,
13025,13026,13027,13028,13029,13030,13031,13032,13033,13034,13035,13036,13037,
13038,13039,13040,13041,13042,13043,13044,13045,13046,13047,13048,13049,13050,
13051,13052,13053,13054,13055,13687,13688,13689,13690,13725}.
* gnu/packages/admin.scm (tcpdump): Update to 4.9.2.
[source]: Remove patches and add alternate source URL.
* gnu/packages/patches/tcpdump-CVE-2017-11541.patch,
gnu/packages/patches/tcpdump-CVE-2017-11542.patch,
gnu/packages/patches/tcpdump-CVE-2017-11543.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/patches/tcpdump-CVE-2017-11542.patch')
| -rw-r--r-- | gnu/packages/patches/tcpdump-CVE-2017-11542.patch | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/gnu/packages/patches/tcpdump-CVE-2017-11542.patch b/gnu/packages/patches/tcpdump-CVE-2017-11542.patch deleted file mode 100644 index 24849d5187..0000000000 --- a/gnu/packages/patches/tcpdump-CVE-2017-11542.patch +++ /dev/null @@ -1,37 +0,0 @@ -Fix CVE-2017-11542: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542 - -Patch copied from upstream source repository: - -https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae - -From bed48062a64fca524156d7684af19f5b4a116fae Mon Sep 17 00:00:00 2001 -From: Guy Harris <guy@alum.mit.edu> -Date: Tue, 7 Feb 2017 11:10:04 -0800 -Subject: [PATCH] CVE-2017-11542/PIMv1: Add a bounds check. - -This fixes a buffer over-read discovered by Kamil Frankowicz. - -Add a test using the capture file supplied by the reporter(s). ---- - print-pim.c | 1 + - tests/TESTLIST | 1 + - tests/hoobr_pimv1.out | 25 +++++++++++++++++++++++++ - tests/hoobr_pimv1.pcap | Bin 0 -> 3321 bytes - 4 files changed, 27 insertions(+) - create mode 100644 tests/hoobr_pimv1.out - create mode 100644 tests/hoobr_pimv1.pcap - -diff --git a/print-pim.c b/print-pim.c -index 25525953..ed880ae7 100644 ---- a/print-pim.c -+++ b/print-pim.c -@@ -306,6 +306,7 @@ pimv1_print(netdissect_options *ndo, - pimv1_join_prune_print(ndo, &bp[8], len - 8); - break; - } -+ ND_TCHECK(bp[4]); - if ((bp[4] >> 4) != 1) - ND_PRINT((ndo, " [v%d]", bp[4] >> 4)); - return; |