Fedora Legacy Test Update Notification: tcpdump (redux for version fubar)
Jesse Keating
jkeating at j2solutions.net
Thu Jan 22 05:04:43 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2004-1222
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1222
2004-01-21
- ---------------------------------------------------------------------
Name : tcpdump
Version 7.2 : 2.1a11-17.7.2.4
Version 7.3 : 2.1a11-17.7.3.4
Version 8.0 : 2.1a11-17.7.3.5
Summary : A network traffic monitoring tool.
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of the
packet headers, or just the ones that match particular criteria.
- ---------------------------------------------------------------------
Update Information:
CAN-2003-0989:
tcpdump before 3.8.1 allows remote attackers to cause a denial of service
(infinite loop) via certain ISAKMP packets, a different vulnerability than
CAN-2004-0057.
CAN-2004-0055:
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and
earlier allows remote attackers to cause a denial of service (segmentation
fault) via a RADIUS attribute with a large length value.
CAN-2004-0057:
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for
tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of
service (segmentation fault) via malformed ISAKMP packets that cause
invalid "len" or "loc" values to be used in a loop, a different
vulnerability than CAN-2003-0989.
- ---------------------------------------------------------------------
Changelog:
7.2, 7.3:
* Fri Jan 16 2004 Christian Pearce <pearcec at commnav.com -17.x.x.4
- - CAN-2003-0989 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989
- - CAN-2004-0055, CAN-2004-0057 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0055
- - http://marc.theaimsgroup.com/?l=tcpdump-workers&m=107325073018070&w=
8.0:
* Wed Jan 21 2004 Christian Pearce <pearcec at commnav.com> -17.8.05
- - Added BuildRequires autoconf213.
- - Changed autoheader to autoheader-2.12
- - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=90208
* Fri Jan 16 2004 Christian Pearce <pearcec at commnav.com> -17.x.x.4
- - CAN-2003-0989 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989
- - CAN-2004-0055, CAN-2004-0057 fix
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0055
- - http://marc.theaimsgroup.com/?l=tcpdump-work
- ---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedoralegacy.org/redhat/
(sha1sums)
a10c0d99cd919f459a25fdb5562d6907667b33d3
7.2/updates-testing/SRPMS/tcpdump-3.6.3-17.7.2.4.legacy.src.rpm
e3777ee05d6b57a81fa08a96b64aa45a0758e42f
7.2/updates-testing/i386/tcpdump-3.6.3-17.7.2.4.legacy.i386.rpm
8e860cb231b7dd59345c2f82531d527ca78090b5
7.2/updates-testing/i386/arpwatch-2.1a11-17.7.2.4.legacy.i386.rpm
795dd99495f288aacea6a8775e9aba8eb801e570
7.2/updates-testing/i386/libpcap-0.6.2-17.7.2.4.legacy.i386.rpm
3b7cb6c9f62c259e2c24d056263281a44a5ce406
7.3/updates-testing/SRPMS/tcpdump-3.6.3-17.7.3.4.legacy.src.rpm
cc1f3f75f7eb32a1ea2aa224cbae64190e5dcaf5
7.3/updates-testing/i386/tcpdump-3.6.3-17.7.3.4.legacy.i386.rpm
7fbb66ee934dcb388489c94551c56ac74c3d0540
7.3/updates-testing/i386/arpwatch-2.1a11-17.7.3.4.legacy.i386.rpm
5aeb410a107e4b82d0f62c6f8931d20998a8e1de
7.3/updates-testing/i386/libpcap-0.6.2-17.7.3.4.legacy.i386.rpm
c9e455ef10ea70f69e269f6d71c3ded700424ca1
8.0/updates-testing/SRPMS/tcpdump-3.6.3-17.8.0.5.legacy.src.rpm
cbb7cd725a50be1cbdbc8ee75a357229e847afac
8.0/updates-testing/i386/tcpdump-3.6.3-17.8.0.5.legacy.i386.rpm
1f9aacbd480af1a754adc9d6190ddc06d2b491ab
8.0/updates-testing/i386/arpwatch-2.1a11-17.8.0.5.legacy.i386.rpm
643931721424765748895f57f4ca53dba896378c
8.0/updates-testing/i386/libpcap-0.6.2-17.8.0.5.legacy.i386.rpm
- ---------------------------------------------------------------------
Please test and comment in bugzilla.
- --
Jesse Keating RHCE MCSE (http://geek.j2solutions.net)
Fedora Legacy Team (http://www.fedora.us/wiki/FedoraLegacy)
Mondo DevTeam (www.mondorescue.org)
GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAD1nr4v2HLvE71NURAshIAJsHNJBrVCPk1F/D7tkjFDKcs+IGmgCgumcr
m4IRBWknIf+Shyn/YuHcTiI=
=yO8V
-----END PGP SIGNATURE-----
More information about the fedora-legacy-list
mailing list