Fedora Legacy Test Update Notification: tcpdump (redux for version fubar)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2004-1222
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1222
2004-01-21
- ---------------------------------------------------------------------

Name        : tcpdump
Version 7.2 : 2.1a11-17.7.2.4 
Version 7.3 : 2.1a11-17.7.3.4
Version 8.0 : 2.1a11-17.7.3.5
Summary     : A network traffic monitoring tool.
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of the
packet headers, or just the ones that match particular criteria.

- ---------------------------------------------------------------------
Update Information:

CAN-2003-0989:
tcpdump before 3.8.1 allows remote attackers to cause a denial of service
(infinite loop) via certain ISAKMP packets, a different vulnerability than
CAN-2004-0057.

CAN-2004-0055:
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and
earlier allows remote attackers to cause a denial of service (segmentation
fault) via a RADIUS attribute with a large length value.

CAN-2004-0057:
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for
tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of
service (segmentation fault) via malformed ISAKMP packets that cause
invalid "len" or "loc" values to be used in a loop, a different
vulnerability than CAN-2003-0989.

- ---------------------------------------------------------------------
Changelog:

7.2, 7.3:
* Fri Jan 16 2004 Christian Pearce <pearcec@xxxxxxxxxxx -17.x.x.4

- - CAN-2003-0989 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989
- - CAN-2004-0055, CAN-2004-0057 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0055
- - http://marc.theaimsgroup.com/?l=tcpdump-workers&m=107325073018070&w=

8.0:
* Wed Jan 21 2004 Christian Pearce <pearcec@xxxxxxxxxxx> -17.8.05

- - Added BuildRequires autoconf213.
- - Changed autoheader to autoheader-2.12
- - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=90208

* Fri Jan 16 2004 Christian Pearce <pearcec@xxxxxxxxxxx> -17.x.x.4

- - CAN-2003-0989 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989
- - CAN-2004-0055, CAN-2004-0057 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0055
- - http://marc.theaimsgroup.com/?l=tcpdump-work

- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/redhat/
(sha1sums)

a10c0d99cd919f459a25fdb5562d6907667b33d3
7.2/updates-testing/SRPMS/tcpdump-3.6.3-17.7.2.4.legacy.src.rpm
e3777ee05d6b57a81fa08a96b64aa45a0758e42f
7.2/updates-testing/i386/tcpdump-3.6.3-17.7.2.4.legacy.i386.rpm
8e860cb231b7dd59345c2f82531d527ca78090b5
7.2/updates-testing/i386/arpwatch-2.1a11-17.7.2.4.legacy.i386.rpm
795dd99495f288aacea6a8775e9aba8eb801e570
7.2/updates-testing/i386/libpcap-0.6.2-17.7.2.4.legacy.i386.rpm

3b7cb6c9f62c259e2c24d056263281a44a5ce406
7.3/updates-testing/SRPMS/tcpdump-3.6.3-17.7.3.4.legacy.src.rpm
cc1f3f75f7eb32a1ea2aa224cbae64190e5dcaf5
7.3/updates-testing/i386/tcpdump-3.6.3-17.7.3.4.legacy.i386.rpm
7fbb66ee934dcb388489c94551c56ac74c3d0540
7.3/updates-testing/i386/arpwatch-2.1a11-17.7.3.4.legacy.i386.rpm
5aeb410a107e4b82d0f62c6f8931d20998a8e1de
7.3/updates-testing/i386/libpcap-0.6.2-17.7.3.4.legacy.i386.rpm

c9e455ef10ea70f69e269f6d71c3ded700424ca1
8.0/updates-testing/SRPMS/tcpdump-3.6.3-17.8.0.5.legacy.src.rpm
cbb7cd725a50be1cbdbc8ee75a357229e847afac
8.0/updates-testing/i386/tcpdump-3.6.3-17.8.0.5.legacy.i386.rpm
1f9aacbd480af1a754adc9d6190ddc06d2b491ab
8.0/updates-testing/i386/arpwatch-2.1a11-17.8.0.5.legacy.i386.rpm
643931721424765748895f57f4ca53dba896378c
8.0/updates-testing/i386/libpcap-0.6.2-17.8.0.5.legacy.i386.rpm

- ---------------------------------------------------------------------

Please test and comment in bugzilla.

- -- 
Jesse Keating RHCE MCSE	(http://geek.j2solutions.net)
Fedora Legacy Team	(http://www.fedora.us/wiki/FedoraLegacy)
Mondo DevTeam		(www.mondorescue.org)
GPG Public Key		(http://geek.j2solutions.net/jkeating.j2solutions.pub)

Was I helpful?  Let others know:
 http://svcs.affero.net/rm.php?r=jkeating
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAD1nr4v2HLvE71NURAshIAJsHNJBrVCPk1F/D7tkjFDKcs+IGmgCgumcr
m4IRBWknIf+Shyn/YuHcTiI=
=yO8V
-----END PGP SIGNATURE-----




[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux