Accepting request 655854 from home:pmonrealgonzalez:branches:network:utilities

- Security fix [bsc#1117267, CVE-2018-19519]
  * Buffer overread in print-hncp.c:print_prefix.
  * Added patch tcpdump-CVE-2018-19519.patch

OBS-URL: https://build.opensuse.org/request/show/655854
OBS-URL: https://build.opensuse.org/package/show/network:utilities/tcpdump?expand=0&rev=45

tcpdump-CVE-2018-19519.patch

@@ -0,0 +1,23 @@
+From 32af00b05a6ef573d0b340f97b54c13eb9509dc7 Mon Sep 17 00:00:00 2001
+From: Pedro Monreal <pmgdeb@gmail.com>
+Date: Thu, 6 Dec 2018 12:18:38 +0100
+Subject: [PATCH] CVE-2018-19519 buffer overread. Initialize buf in
+ print-hncp.c:print_prefix.
+
+---
+ print-hncp.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+Index: tcpdump-4.9.2/print-hncp.c
+===================================================================
+--- tcpdump-4.9.2.orig/print-hncp.c
++++ tcpdump-4.9.2/print-hncp.c
+@@ -206,6 +206,8 @@ print_prefix(netdissect_options *ndo, co
+     int plenbytes;
+     char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")];
+ 
++    buf[0] = '\0';
++
+     if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 &&
+         is_ipv4_mapped_address(&prefix[1])) {
+         struct in_addr addr;

tcpdump.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Dec  6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
+
+- Security fix [bsc#1117267, CVE-2018-19519]
+  * Buffer overread in print-hncp.c:print_prefix.
+  * Added patch tcpdump-CVE-2018-19519.patch
+
 -------------------------------------------------------------------
 Tue Sep 12 15:23:04 UTC 2017 - pmonrealgonzalez@suse.com
 

tcpdump.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package tcpdump
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -30,6 +30,8 @@ Source2:        http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
 Source3:        http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
 # PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test
 Patch0:         tcpdump-ikev2pI2.patch
+# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix
+Patch1:         tcpdump-CVE-2018-19519.patch
 BuildRequires:  libpcap-devel >= %{min_libpcap_version}
 BuildRequires:  libsmi-devel
 BuildRequires:  openssl-devel
@@ -43,6 +45,7 @@ ethernet. It can be used to debug specific network problems.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 
 %build
 export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing"