-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] tcpdump (SSA:2019-274-01) New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/libpcap-1.9.1-i586-1_slack14.2.txz: Upgraded. This update is required for the new version of tcpdump. patches/packages/tcpdump-4.9.3-i586-1_slack14.2.txz: Upgraded. Fix buffer overflow/overread vulnerabilities and command line argument/local issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libpcap-1.9.1-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/tcpdump-4.9.3-i486-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libpcap-1.9.1-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libpcap-1.9.1-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/tcpdump-4.9.3-i486-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libpcap-1.9.1-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.1.txz Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/libpcap-1.9.1-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/tcpdump-4.9.3-i586-1_slack14.2.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/libpcap-1.9.1-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.2.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpcap-1.9.0-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpdump-4.9.2-i586-3.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libpcap-1.9.1-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tcpdump-4.9.3-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 packages: 0855bcc24c0d39f6ec3c6fa7d956ebf4 libpcap-1.9.1-i486-1_slack14.0.txz 1c53d8ea7923c5947dbbf0eb2dfca2aa tcpdump-4.9.3-i486-1_slack14.0.txz Slackware x86_64 14.0 packages: 080435560c6498ba82e3131d9d7f36e4 libpcap-1.9.1-x86_64-1_slack14.0.txz 3740823881e104943cb15be6870a0e7d tcpdump-4.9.3-x86_64-1_slack14.0.txz Slackware 14.1 packages: 7f1dffd77993897a3729c1fb3ea5e395 libpcap-1.9.1-i486-1_slack14.1.txz b267563e154bbddab251e8e2c7a11f69 tcpdump-4.9.3-i486-1_slack14.1.txz Slackware x86_64 14.1 packages: 1177a6f007a4924c2116d15f8cb92900 libpcap-1.9.1-x86_64-1_slack14.1.txz de9844ab61993927903a91fc05450c8c tcpdump-4.9.3-x86_64-1_slack14.1.txz Slackware 14.2 packages: 2672c9a84590170ff8f7f2b233af9a38 libpcap-1.9.1-i586-1_slack14.2.txz 578dbf94aa192915243e2d200c557cc5 tcpdump-4.9.3-i586-1_slack14.2.txz Slackware x86_64 14.2 packages: 16f70962eebe606d3d9668202752bc51 libpcap-1.9.1-x86_64-1_slack14.2.txz 0a4b8400d30a84bc1df774b3537cb4b5 tcpdump-4.9.3-x86_64-1_slack14.2.txz Slackware -current packages: 8765839c82fc67a8075b9e1c5211776b l/libpcap-1.9.0-i586-1.txz 9de3c38d7c061534d28b5b599ab5d563 n/tcpdump-4.9.2-i586-3.txz Slackware x86_64 -current packages: cb278799afec0d6e99ce9a126b9e65f3 l/libpcap-1.9.1-x86_64-1.txz 2d14083ccadb447e5af06e0f940fefa5 n/tcpdump-4.9.3-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg libpcap-1.9.1-i586-1_slack14.2.txz tcpdump-4.9.3-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@xxxxxxxxxxxxx +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@xxxxxxxxxxxxx with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAl2T5LAACgkQakRjwEAQIjNc9ACffoTzkJYou8k8YsrdpO0zcT2N NrwAn3S67vZYd2YJoyerzX7G6s/Tuzlw =8lc8 -----END PGP SIGNATURE-----