Merge tcpdump 4.6.2-4 (main) from Debian unstable (main)
Bug #1433815 reported by
Artur Rona
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tcpdump (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
tcpdump (4.6.2-4) unstable; urgency=high
* Cherry-pick changes from upstream Git to fix the following security
issues:
+ CVE-2015-0261: missing bounds checks in IPv6 Mobility printer.
+ CVE-2015-2153: missing bounds checks in RPKI/RTR printer.
+ CVE-2015-2154: missing bounds checks in ISOCLNS printer.
+ CVE-2015-2155: missing bounds checks in ForCES printer.
-- Romain Francoise <email address hidden> Sat, 14 Mar 2015 18:43:44 +0100
Related branches
Changed in tcpdump (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Confirmed |
To post a comment you must log in.
Hi Artur - Thanks for the debdiffs! It looks like the new 60_cve- 2015-2153. diff patch has a regression and possibly isn't complete. See https:/ /github. com/the- tcpdump- group/tcpdump/ commit/ fb6e5377f392555 b8c725f66b8b701 f0061a3695 for what looks to be a followup patch.