pool/tcpdump
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 734985 from network:utilities

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/734985
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tcpdump?expand=0&rev=39
This commit is contained in:
Dominique Leuenberger 2019-10-11 13:11:24 +00:00 committed by Git OBS Bridge
commit ac9d560f84
9 changed files with 48 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tcpdump-4.9.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:798b3536a29832ce0cbb07fafb1ce5097c95e308a6f592d14052e1ef1505fe79
size 2298386

BIN
tcpdump-4.9.2.tar.gz.sig
View File

Binary file not shown.

3
tcpdump-4.9.3.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2cd47cb3d460b6ff75f4a9940f594317ad456cfbf2bd2c8e5151e16559db6410
size 2333119

BIN
tcpdump-4.9.3.tar.gz.sig Normal file
View File

Binary file not shown.

26
tcpdump-CVE-2017-16808.patch
View File

@ -1,26 +0,0 @@
From 28f610026d901660dd370862b62ec328727446a2 Mon Sep 17 00:00:00 2001
From: Denis Ovsienko <denis@ovsienko.info>
Date: Thu, 31 Aug 2017 21:15:37 +0100
Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
In aoev1_reserve_print() check bounds before trying to print an Ethernet
address.
This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.
---
print-aoe.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/print-aoe.c b/print-aoe.c
index 97e93df2e..2c78a55d3 100644
--- a/print-aoe.c
+++ b/print-aoe.c
@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
goto invalid;
/* addresses */
for (i = 0; i < nmacs; i++) {
+ ND_TCHECK2(*cp, ETHER_ADDR_LEN);
ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
cp += ETHER_ADDR_LEN;
}

28
tcpdump-CVE-2019-1010220.patch
View File

@ -1,28 +0,0 @@
From 511915bef7e4de2f31b8d9f581b4a44b0cfbcf53 Mon Sep 17 00:00:00 2001
From: Guy Harris <guy@alum.mit.edu>
Date: Sat, 1 Jun 2019 14:42:09 -0700
Subject: [PATCH] If decode_prefix6() returns a negative number, don't print
buf.
If it returns a negative number, it hasn't necessarily filled in buf, so
just return immediately; this is similar to the IPv4 code path, wherein
we just return a negative number, and print nothing, on an error.
This should fix GitHub issue #763.
---
print-hncp.c | 2 ++
1 file changed, 2 insertions(+)
Index: tcpdump-4.9.2/print-hncp.c
===================================================================
--- tcpdump-4.9.2.orig/print-hncp.c
+++ tcpdump-4.9.2/print-hncp.c
@@ -231,6 +231,8 @@ print_prefix(netdissect_options *ndo, co
plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
} else {
plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
+ if (plenbytes < 0)
+ return plenbytes;
}
ND_PRINT((ndo, "%s", buf));

20
tcpdump-ikev2pI2.patch
View File

@ -1,20 +0,0 @@
Index: tcpdump-4.9.2/tests/crypto.sh
===================================================================
--- tcpdump-4.9.2.orig/tests/crypto.sh
+++ tcpdump-4.9.2/tests/crypto.sh
@@ -72,15 +72,6 @@ then
echo $failed >.failed
exitcode=1
fi
- if ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file ikev2pI2-secrets.txt" -v -v -v -v'
- then
- passed=`expr $passed + 1`
- echo $passed >.passed
- else
- failed=`expr $failed + 1`
- echo $failed >.failed
- exitcode=1
- fi
if ./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-E "file esp-secrets.txt"'
then
passed=`expr $passed + 1`

38
tcpdump.changes
View File

@ -1,3 +1,41 @@
-------------------------------------------------------------------
Wed Oct 2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update to 4.9.3
* Fix buffer overflow/overread vulnerabilities:
- CVE-2017-16808 (AoE)
- CVE-2018-14468 (FrameRelay)
- CVE-2018-14469 (IKEv1)
- CVE-2018-14470 (BABEL)
- CVE-2018-14466 (AFS/RX)
- CVE-2018-14461 (LDP)
- CVE-2018-14462 (ICMP)
- CVE-2018-14465 (RSVP)
- CVE-2018-14881 (BGP)
- CVE-2018-14464 (LMP)
- CVE-2018-14463 (VRRP)
- CVE-2018-14467 (BGP)
- CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
- CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
- CVE-2018-14880 (OSPF6)
- CVE-2018-16451 (SMB)
- CVE-2018-14882 (RPL)
- CVE-2018-16227 (802.11)
- CVE-2018-16229 (DCCP)
- CVE-2018-16301 (was fixed in libpcap)
- CVE-2018-16230 (BGP)
- CVE-2018-16452 (SMB)
- CVE-2018-16300 (BGP)
- CVE-2018-16228 (HNCP)
- CVE-2019-15166 (LMP)
- CVE-2019-15167 (VRRP)
* Fix for cmdline argument/local issues:
- CVE-2018-14879 (tcpdump -V)
- Drop patches fixed upstream:
* tcpdump-CVE-2017-16808.patch
* tcpdump-CVE-2019-1010220.patch
* tcpdump-ikev2pI2.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>

25
tcpdump.spec
View File

@ -16,31 +16,24 @@
# #
%define min_libpcap_version 1.8.1 %define min_libpcap_version 1.9.1
Name: tcpdump Name: tcpdump
Version: 4.9.2 Version: 4.9.3
Release: 0 Release: 0
Summary: A Packet Sniffer Summary: A Packet Sniffer
License: BSD-3-Clause License: BSD-3-Clause
Group: Productivity/Networking/Diagnostic Group: Productivity/Networking/Diagnostic
Url: http://www.tcpdump.org/ Url: https://www.tcpdump.org/
Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz Source: https://www.tcpdump.org/release/%{name}-%{version}.tar.gz
Source1: tcpdump-qeth Source1: tcpdump-qeth
Source2: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source2: https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3: http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring Source3: https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test
Patch0: tcpdump-ikev2pI2.patch
# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix # PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix
Patch1: tcpdump-CVE-2018-19519.patch Patch0: tcpdump-CVE-2018-19519.patch
# PATCH-FIX-UPSTREAM bsc#1068716 CVE-2017-16808 Heap-based buffer over-read related to aoe_print and lookup_emem
Patch2: tcpdump-CVE-2017-16808.patch
# PATCH-FIX-UPSTREAM bsc#1142439 CVE-2019-1010220 Buffer Over-read in print_prefix
Patch3: tcpdump-CVE-2019-1010220.patch
BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libpcap-devel >= %{min_libpcap_version}
BuildRequires: libsmi-devel BuildRequires: libsmi-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
Requires: libpcap >= %{min_libpcap_version} Requires: libpcap >= %{min_libpcap_version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
This program can "read" all or only certain packets going over the This program can "read" all or only certain packets going over the
@ -49,9 +42,6 @@ ethernet. It can be used to debug specific network problems.
%prep %prep
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build %build
export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing"
@ -70,7 +60,6 @@ rm %{buildroot}/%{_sbindir}/tcpdump.%{version}
make check %{?_smp_mflags} make check %{?_smp_mflags}
%files %files
%defattr(-,root,root)
%license LICENSE %license LICENSE
%doc CHANGES CREDITS README* *.awk %doc CHANGES CREDITS README* *.awk
%{_mandir}/man?/* %{_mandir}/man?/*