tcpdump 4.9.0-1ubuntu1~ubuntu16.04.1 source package in Ubuntu
Changelog
tcpdump (4.9.0-1ubuntu1~ubuntu16.04.1) xenial-security; urgency=medium * Backport to xenial to fix CVEs (LP: #1662177). * Reset libpcap dependency to xenial version * Enable crypto support, dropped in zesty because of openssl. * Disable some tests failing with older pcap versions tcpdump (4.9.0-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump, install, rules, patches/patches/90_man_apparmor.diff}: + Add AppArmor profile. - debian/usr.sbin.tcpdump: + Allow capability net_admin to support '-j'. tcpdump (4.9.0-1) unstable; urgency=high * New upstream security release, fixing the following: + CVE-2016-7922: buffer overflow in print-ah.c:ah_print(). + CVE-2016-7923: buffer overflow in print-arp.c:arp_print(). + CVE-2016-7924: buffer overflow in print-atm.c:oam_print(). + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print(). + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print(). + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print(). + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print(). + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header(). + CVE-2016-7930: buffer overflow in print-llc.c:llc_print(). + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print(). + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum(). + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print(). + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print(). + CVE-2016-7936: buffer overflow in print-udp.c:udp_print(). + CVE-2016-7937: buffer overflow in print-udp.c:vat_print(). + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame(). + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions. + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions. + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions. + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions. + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print(). + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print(). + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print(). + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print(). + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions. + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print(). + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print(). + CVE-2016-8575: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print(). + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print(). + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print(). + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print(). + CVE-2017-5341: buffer overflow in print-otv.c:otv_print(). + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). + CVE-2017-5482: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse(). + CVE-2017-5484: buffer overflow in print-atm.c:sig_print(). + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap(). + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print(). * Re-enable all tests and bump build-dep on libpcap0.8-dev to >= 1.8 accordingly. * Switch Vcs-Git URL to the https one. * Adjust lintian override name about dh 9. tcpdump (4.8.1-2ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump, install, rules, patches/patches/90_man_apparmor.diff}: + Add AppArmor profile. - debian/usr.sbin.tcpdump: + Allow capability net_admin to support '-j'. tcpdump (4.8.1-2) unstable; urgency=medium * Disable new HNCP test, which fails on some buildds for some as-of-yet unexplained reason. tcpdump (4.8.1-1) unstable; urgency=medium * New upstream release. * Re-enable Geneve tests (disabled in 4.7.4-1) and bump build-dep on libpcap0.8-dev to >= 1.7 accordingly. * Disable new pcap version tests which require libpcap 1.8+. tcpdump (4.7.4-3ubuntu1) zesty; urgency=medium * Merge from Debian unstable. (LP: #1624633) Remaining changes: - debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump, install, rules, patches/patches/90_man_apparmor.diff}: + Add AppArmor profile. - debian/usr.sbin.tcpdump: + Allow capability net_admin to support '-j'. - fix 2015-0261 test with upstream e32088572e960f7d5e1baac2f530793ed7f42e4d tcpdump (4.7.4-3) unstable; urgency=medium * Use dh-autoreconf instead of calling autoconf directly and patching config.{guess,sub}. * Call dh_auto_configure instead of configure in override target, patch by Helmut Grohne (closes: #837951). tcpdump (4.7.4-2) unstable; urgency=medium * Disable crypto support as it causes FTBFS with OpenSSL 1.1.x and we don't have a working fix upstream yet (closes: #828569). * Bump Standards-Version to 3.9.8. * Use cgit URL for Vcs-Browser. tcpdump (4.7.4-1ubuntu1.16.10.1) yakkety; urgency=medium * debian/usr.sbin.tcpdump: Allow the tcpdump binary to be mapped as required by version 4.8 and newer kernels. tcpdump was immediately segfaulting when used inside of LXD containers before this AppArmor profile change. (LP: #1632399) -- Gianfranco Costamagna <email address hidden> Sun, 05 Feb 2017 20:39:58 +0100
Upload details
- Uploaded by:
- Gianfranco Costamagna
- Sponsored by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tcpdump_4.9.0.orig.tar.gz | 1.2 MiB | eae98121cbb1c9adbedd9a777bf2eae9fa1c1c676424a54740311c8abcee5a5e |
tcpdump_4.9.0-1ubuntu1~ubuntu16.04.1.debian.tar.xz | 15.5 KiB | 1bb1d1e89e0c39e6d14ef1359911189cd5da89f2ae5e824b3a0c0de382f426a9 |
tcpdump_4.9.0-1ubuntu1~ubuntu16.04.1.dsc | 2.0 KiB | 828785c978a3f57c6380ee98058e5cd6dc9d3db2119318e385ffe1d69baba01a |
Available diffs
Binary packages built by this source
- tcpdump: command-line network traffic analyzer
This program allows you to dump the traffic on a network. tcpdump
is able to examine IPv4, ICMPv4, IPv6, ICMPv6, UDP, TCP, SNMP, AFS
BGP, RIP, PIM, DVMRP, IGMP, SMB, OSPF, NFS and many other packet
types.
.
It can be used to print out the headers of packets on a network
interface, filter packets that match a certain expression. You can
use this tool to track down network problems, to detect attacks
or to monitor network activities.
- tcpdump-dbgsym: debug symbols for package tcpdump
This program allows you to dump the traffic on a network. tcpdump
is able to examine IPv4, ICMPv4, IPv6, ICMPv6, UDP, TCP, SNMP, AFS
BGP, RIP, PIM, DVMRP, IGMP, SMB, OSPF, NFS and many other packet
types.
.
It can be used to print out the headers of packets on a network
interface, filter packets that match a certain expression. You can
use this tool to track down network problems, to detect attacks
or to monitor network activities.