This bug was fixed in the package tcpdump - 4.6.2-3ubuntu1
--------------- tcpdump (4.6.2-3ubuntu1) vivid; urgency=low
* Merge from Debian unstable (LP: #1397558). Remaining changes: * debian/control: - Build-Depends on dh-apparmor. - Suggests apparmor * debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump, debian/patches/patches/90_man_apparmor.diff, debian/install, debian/rules: - Install enforcing AppArmor profile. * debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. (LP: #1229664)
tcpdump (4.6.2-3) unstable; urgency=high
* Cherry-pick commit 0f95d441e4 from upstream Git to fix a buffer overflow in the PPP dissector (CVE-2014-9140).
tcpdump (4.6.2-2) unstable; urgency=high
* Urgency high due to security fixes. * Add three patches extracted from various upstream commits fixing vulnerabilities in three dissectors: + CVE-2014-8767: missing bounds checks in OLSR dissector (closes: #770434). + CVE-2014-8768: missing bounds checks in Geonet dissector (closes: #770415). + CVE-2014-8769: missing bounds checks in AOVD dissector (closes: #770424). -- Gianfranco Costamagna <email address hidden> Sat, 29 Nov 2014 17:52:14 +0100
This bug was fixed in the package tcpdump - 4.6.2-3ubuntu1
---------------
tcpdump (4.6.2-3ubuntu1) vivid; urgency=low
* Merge from Debian unstable (LP: #1397558). Remaining changes: README. Debian, debian/ tcpdump. dirs, debian/ usr.sbin. tcpdump, patches/ patches/ 90_man_ apparmor. diff, usr.sbin. tcpdump: allow capability net_admin to support '-j'. Patch
* debian/control:
- Build-Depends on dh-apparmor.
- Suggests apparmor
* debian/
debian/
debian/install, debian/rules:
- Install enforcing AppArmor profile.
* debian/
thanks to Graeme Hewson. (LP: #1229664)
tcpdump (4.6.2-3) unstable; urgency=high
* Cherry-pick commit 0f95d441e4 from upstream Git to fix a buffer overflow
in the PPP dissector (CVE-2014-9140).
tcpdump (4.6.2-2) unstable; urgency=high
* Urgency high due to security fixes.
* Add three patches extracted from various upstream commits fixing
vulnerabilities in three dissectors:
+ CVE-2014-8767: missing bounds checks in OLSR dissector (closes: #770434).
+ CVE-2014-8768: missing bounds checks in Geonet dissector
(closes: #770415).
+ CVE-2014-8769: missing bounds checks in AOVD dissector (closes: #770424).
-- Gianfranco Costamagna <email address hidden> Sat, 29 Nov 2014 17:52:14 +0100