Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 606516 (CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486)

Summary: <net-analyzer/tcpdump-4.9.0 - multiple vulnerabilities
Product: Gentoo Security Reporter: Denis Ovsienko <denis>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: jer, vapier, zerochaos
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa cve]
Package list:
=net-libs/libpcap-1.8.1 arm =net-analyzer/tcpdump-4.9.0
Runtime testing required: ---

Description Denis Ovsienko 2017-01-19 15:49:56 UTC
This is _the_ upstream announcement. To state the obvious, it is not intended to be public yet. This copy contains an updated URL for the 4.9.0 source code.



== Affected components
The tcpdump command-line network protocol analyzer before version 4.9.0 has a
number of vulnerabilities that may cause it to experience a segmentation fault
due to a buffer overflow or an infinite loop caused by an integer overflow.

== Attack vectors
These vulnerabilities can be exploited in two ways. The first is to produce a
.pcap file with crafted packet(s) for the protocol(s) concerned and make the
target system try to decode the file using tcpdump. The second is to send
specially crafted packet(s) to the network segment where the target system is
running a tcpdump process that is decoding a live packet capture. In the latter
case it depends on the specific network protocol if the crafted packet(s) may
be sent from the local segment only or from a remote Internet host.

== Discoverer(s)/Credits
Those vulnerabilities were discovered and reported by Hanno Boeck,
Carlo Beccaria, Brian Carpenter, Kamil Frankowicz and other researchers.

== Bugfix release
The Tcpdump Group on 18 Jan 2017 has prepared a bugfix release of tcpdump,
4.9.0, which is available for download as a source code tarball at the
URL below. It incorporates more than 100 git commits that address the listed
vulnerabilities and also all the changes made since the last regular release
more than 1.5 years ago (that is, all commits in the current git master branch
of tcpdump). For this reason it is suggested that upgrading to version 4.9.0
should be more feasible than patching any of the previous versions.

http://www.tcpdump.org/4.9.0-u82xFZBjZxWv/tcpdump-4.9.0.tar.gz
SHA-256 sum: eae98121cbb1c9adbedd9a777bf2eae9fa1c1c676424a54740311c8abcee5a5e

The same tarball will be published as a regular release in a few weeks.

== Contacts
Please send any questions regarding this announcement to security@tcpdump.org

== List of vulnerabilities addressed
CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().
CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().
CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().
CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
CVE-2017-5485 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
CVE-2017-5486 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
Comment 1 Denis Ovsienko 2017-01-19 15:50:52 UTC
Sweet. Just 2 emails sent out instead of 41 as in bug #606508.
Comment 2 Denis Ovsienko 2017-01-19 15:51:33 UTC
*** Bug 606508 has been marked as a duplicate of this bug. ***
Comment 3 Jeroen Roovers gentoo-dev 2017-01-24 06:32:14 UTC
OK, now what?
Comment 4 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-01-24 07:27:43 UTC
(In reply to Denis Ovsienko from comment #1)
> Sweet. Just 2 emails sent out instead of 41 as in bug #606508.

Did they give you an embargo date or just a tentative "few weeks?"

Also, they have made the release which is already in the Gentoo repo considering no embargo details were given.  This report is so backwards and tcpdump has done this completely wrong... assuming their intent was to restrict the release.
Comment 5 Denis Ovsienko 2017-01-24 11:15:09 UTC
The embargo date for tcpdump-4.9.0 is February 2nd. I do not monitor what is going on in Gentoo repository, whatever it is I am not responsible for that.
Comment 6 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-01-24 11:21:53 UTC
(In reply to Denis Ovsienko from comment #5)
> The embargo date for tcpdump-4.9.0 is February 2nd. I do not monitor what is
> going on in Gentoo repository, whatever it is I am not responsible for that.

A report with no embargo date is unsatisfactory.  Only out of due diligence we restricted the bug and now we ask for clarification and we receive none from the original reporter?

Why would tcpdump upstream release such a confusing report?  Are you affiliated with tcpdump in any official capacity?
Comment 7 Denis Ovsienko 2017-01-24 11:40:45 UTC
I am a member of the tcpdump group and I had composed the report. To set the embargo lift date we needed to get feedback from security teams first, which we now have so the date is as specified above. If you have any other questions, please ask.
Comment 8 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-01-24 11:49:47 UTC
(In reply to Denis Ovsienko from comment #7)
> I am a member of the tcpdump group and I had composed the report. To set the
> embargo lift date we needed to get feedback from security teams first, which
> we now have so the date is as specified above. If you have any other
> questions, please ask.

Yes, I have a couple of more questions.  We have already pushed an ebuild to our repository and the sources have now been mirrored due to the first erroneous bug report.  Due to this error notifications were sent (as you know) to individuals who are not a part of the Gentoo security team, thus making it public.

Do you want us to retain the restriction despite the public disclosure?

Do you have a set time on 2017-02-02 (UTC) you want this restricted until?
Comment 9 Denis Ovsienko 2017-01-24 12:04:02 UTC
Let me ask other team members.
Comment 10 Denis Ovsienko 2017-01-24 22:31:44 UTC
We are still deciding because of time zone differences. Meanwhile, here is a GPG signature for the previously provided tcpdump-4.9.0.tar.gz: http://www.tcpdump.org/4.9.0-u82xFZBjZxWv/tcpdump-4.9.0.tar.gz.sig
Comment 11 Denis Ovsienko 2017-01-26 12:06:46 UTC
The 4.9.0 release will be available from tcpdump.org around 12:00 UTC on 2 February 2017, we will also request to make the CVEs public on the same day. Please retain the restriction before that. Based on the fact that for this release the impact is no more severe than a segfault, we accept the fact the updated packages may become available not on the same date as the formal announce.
Comment 12 Thomas Deutschmann gentoo-dev Security 2017-01-30 11:42:49 UTC
This is now public:

https://www.debian.org/security/2017/dsa-3775

http://seclists.org/oss-sec/2017/q1/230


@ Arches,

please test and mark stable:

=net-libs/libpcap-1.8.1 arm (because you are late, see bug 605224)
=net-analyzer/tcpdump-4.9.0
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2017-01-30 12:13:26 UTC
CVE-2016-7993 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7993):
  A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a
  buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
  lightweight resolver protocol, PIM).

CVE-2016-7992 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7992):
  The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer
  overflow in print-cip.c:cip_if_print().

CVE-2016-7986 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7986):
  The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in
  print-geonet.c, multiple functions.

CVE-2016-7985 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7985):
  The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in
  print-calm-fast.c:calm_fast_print().

CVE-2016-7984 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7984):
  The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-tftp.c:tftp_print().

CVE-2016-7983 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7983):
  The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-bootp.c:bootp_print().

CVE-2016-7975 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7975):
  The TCP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-tcp.c:tcp_print().

CVE-2016-7974 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7974):
  The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c,
  multiple functions.

CVE-2016-7973 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7973):
  The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in
  print-atalk.c, multiple functions.

CVE-2016-7940 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7940):
  The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c,
  multiple functions.

CVE-2016-7939 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7939):
  The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c,
  multiple functions.

CVE-2016-7938 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7938):
  The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in
  print-zeromq.c:zmtp1_print_frame().

CVE-2016-7937 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7937):
  The VAT parser in tcpdump before 4.9.0 has a buffer overflow in
  print-udp.c:vat_print().

CVE-2016-7936 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7936):
  The UDP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-udp.c:udp_print().

CVE-2016-7935 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7935):
  The RTP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-udp.c:rtp_print().

CVE-2016-7934 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7934):
  The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-udp.c:rtcp_print().

CVE-2016-7933 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7933):
  The PPP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-ppp.c:ppp_hdlc_if_print().

CVE-2016-7932 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7932):
  The PIM parser in tcpdump before 4.9.0 has a buffer overflow in
  print-pim.c:pimv2_check_checksum().

CVE-2016-7931 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7931):
  The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in
  print-mpls.c:mpls_print().

CVE-2016-7930 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7930):
  The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-llc.c:llc_print().

CVE-2016-7929 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7929):
  The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow
  in print-juniper.c:juniper_parse_header().

CVE-2016-7928 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7928):
  The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in
  print-ipcomp.c:ipcomp_print().

CVE-2016-7927 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7927):
  The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in
  print-802_11.c:ieee802_11_radio_print().

CVE-2016-7926 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7926):
  The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in
  print-ether.c:ethertype_print().

CVE-2016-7925 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7925):
  The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-sl.c:sl_if_print().

CVE-2016-7924 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7924):
  The ATM parser in tcpdump before 4.9.0 has a buffer overflow in
  print-atm.c:oam_print().

CVE-2016-7923 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7923):
  The ARP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-arp.c:arp_print().

CVE-2016-7922 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7922):
  The AH parser in tcpdump before 4.9.0 has a buffer overflow in
  print-ah.c:ah_print().
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2017-01-30 12:14:11 UTC
CVE-2016-8575 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8575):
  The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in
  print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.

CVE-2016-8574 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8574):
  The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in
  print-fr.c:frf15_print().
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2017-01-30 12:16:31 UTC
CVE-2017-5486 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5486):
  The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in
  print-isoclns.c:clnp_print().

CVE-2017-5485 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5485):
  The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in
  addrtoname.c:lookup_nsap().

CVE-2017-5484 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5484):
  The ATM parser in tcpdump before 4.9.0 has a buffer overflow in
  print-atm.c:sig_print().

CVE-2017-5483 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5483):
  The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-snmp.c:asn1_parse().

CVE-2017-5482 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5482):
  The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in
  print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.

CVE-2017-5342 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5342):
  In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE,
  NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
  print-ether.c:ether_print().

CVE-2017-5341 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5341):
  The OTV parser in tcpdump before 4.9.0 has a buffer overflow in
  print-otv.c:otv_print().

CVE-2017-5205 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5205):
  The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-isakmp.c:ikev2_e_print().

CVE-2017-5204 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5204):
  The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in
  print-ip6.c:ip6_print().

CVE-2017-5203 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5203):
  The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in
  print-bootp.c:bootp_print().

CVE-2017-5202 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5202):
  The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in
  print-isoclns.c:clnp_print().
Comment 16 Tobias Klausmann gentoo-dev 2017-01-30 13:19:29 UTC
Stable on alpha.
Comment 17 Agostino Sarubbo gentoo-dev 2017-01-30 13:40:52 UTC
amd64 stable
Comment 18 Jeroen Roovers gentoo-dev 2017-01-31 05:45:06 UTC
Stable for HPPA PPC64.
Comment 19 Agostino Sarubbo gentoo-dev 2017-01-31 11:44:14 UTC
x86 stable
Comment 20 Michael Weber (RETIRED) gentoo-dev 2017-02-08 00:01:17 UTC
ppc stable
Comment 21 Michael Weber (RETIRED) gentoo-dev 2017-02-10 17:28:10 UTC
arm stable
Comment 22 Thomas Deutschmann gentoo-dev Security 2017-02-10 22:17:05 UTC
New GLSA request filed.
Comment 23 Markus Meier gentoo-dev 2017-02-12 20:03:26 UTC
arm stable
Comment 24 Agostino Sarubbo gentoo-dev 2017-02-17 10:58:02 UTC
sparc stable
Comment 25 Agostino Sarubbo gentoo-dev 2017-02-18 14:45:41 UTC
ia64 stable.

Maintainer(s), please cleanup.
Comment 26 GLSAMaker/CVETool Bot gentoo-dev 2017-02-21 00:40:14 UTC
This issue was resolved and addressed in
 GLSA 201702-30 at https://security.gentoo.org/glsa/201702-30
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 27 Thomas Deutschmann gentoo-dev Security 2017-02-21 00:41:08 UTC
Re-opening for cleanup.

@ Maintainer(s): Please cleanup and drop =net-analyzer/tcpdump-4.8.1!