Summary: | <net-analyzer/tcpdump-4.9.3 - multiple buffer overflow/overread vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [noglsa] | ||
Package list: |
=net-analyzer/tcpdump-4.9.3
=net-libs/libpcap-1.9.1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 637450 |
Description
Jeroen Roovers (RETIRED)
2019-10-02 06:36:19 UTC
CVE-2018-14468,CVE-2018-14469,CVE-2018-14470,CVE-2018-14466,CVE-2018-14461,CVE-2018-14462,CVE-2018-14465,CVE-2018-14881,CVE-2018-14464,CVE-2018-14463,CVE-2018-14467,CVE-2018-10103,CVE-2018-10105,CVE-2018-14880,CVE-2018-16451,CVE-2018-14882,CVE-2018-16227,CVE-2018-16229,CVE-2018-16301,CVE-2018-16230,CVE-2018-16452,CVE-2018-16300,CVE-2018-16228,CVE-2019-15166,CVE-2019-15167,CVE-2018-14879 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=86c4aec29acf3e9d6bded979d104189d3a6b3f42 commit 86c4aec29acf3e9d6bded979d104189d3a6b3f42 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2019-10-02 07:05:08 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2019-10-02 07:06:50 +0000 net-analyzer/tcpdump: Set libpcap version dependency for USE=test Fails several tests with <net-libs/libpcap-1.9.1 Package-Manager: Portage-2.3.76, Repoman-2.3.17 Bug: https://bugs.gentoo.org/show_bug.cgi?id=696040 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-analyzer/tcpdump/tcpdump-4.9.3.ebuild | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) An automated check of this bug failed - the following invalid arch is referenced in the atom list: =net-libs/libpcap-1.9.1 x86 stable arm64 stable amd64 stable ppc stable ppc64 stable sparc stable ia64 stable hppa stable alpha stable s390 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. (In reply to Agostino Sarubbo from comment #13) > s390 stable. > > Maintainer(s), please cleanup. > Security, please add it to the existing request, or file a new one. Keywords for net-libs/libpcap: | a a a a i p p x h m s s s r m | e u s | r | l m r r a p p 8 p 6 3 h p i i | a n l | e | p d m m 6 c c 6 p 8 9 a s p | p u o | p | h 6 6 4 6 a k 0 r c s | i s t | o | a 4 4 4 c v | e | | | d | ------------+-------------------------------+-------+------- 1.8.1 | + + + + + + + + + o + ~ + o ~ | 6 o 0 | gentoo 1.8.1-r2 | ~ ~ ~ ~ ~ ~ ~ ~ ~ o ~ ~ ~ o ~ | 6 # | gentoo 1.9.0 | ~ ~ ~ ~ ~ ~ ~ ~ ~ o ~ ~ ~ ~ ~ | 6 # | gentoo 1.9.0-r1 | ~ ~ ~ ~ ~ ~ ~ ~ ~ o ~ ~ + ~ ~ | 6 # | gentoo [I]1.9.1 | + + ~ + + + + + + o + ~ + ~ ~ | 6 o | gentoo 9999 | o o o o o o o o o o o o o o o | 6 o | gentoo You forgot about ARM... arm stable GLSA Vote: No! Repository is clean, all done! |