Change log for tcpdump package in Ubuntu
| 1 → 75 of 112 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
tcpdump (4.99.4-3ubuntu4) noble; urgency=high * No change rebuild against libssl3t64. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 16:50:51 +0200
Available diffs
- diff from 4.99.4-3ubuntu3 to 4.99.4-3ubuntu4 (324 bytes)
tcpdump (4.99.4-3ubuntu3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 17:18:58 +0000
Available diffs
- diff from 4.99.4-3ubuntu2 to 4.99.4-3ubuntu3 (312 bytes)
tcpdump (4.99.4-3ubuntu2) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek <email address hidden> Tue, 05 Mar 2024 01:24:11 +0000
Available diffs
- diff from 4.99.4-3ubuntu1 to 4.99.4-3ubuntu2 (335 bytes)
tcpdump (4.9.3-4ubuntu0.3) focal; urgency=medium
* debian/usr.sbin.tcpdump: allow read/write to .cap and .pcapng files
along with a permission to the .pcap, .pcapng, .cap files followed by
a numeric suffix required by the -W parameter (LP: #2052493)
-- Georgia Garcia <email address hidden> Thu, 08 Feb 2024 10:08:41 -0300
Available diffs
- diff from 4.9.3-4ubuntu0.2 to 4.9.3-4ubuntu0.3 (597 bytes)
tcpdump (4.99.1-3ubuntu0.2) jammy; urgency=medium
* debian/usr.bin.tcpdump: allow read/write to .pcapng files along with
a permission to the .pcap, .pcapng, .cap files followed by a numeric
suffix required by the -W parameter (LP: #2052493)
-- Georgia Garcia <email address hidden> Thu, 08 Feb 2024 10:21:43 -0300
Available diffs
- diff from 4.99.1-3ubuntu0.1 to 4.99.1-3ubuntu0.2 (602 bytes)
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
tcpdump (4.99.4-3ubuntu1) mantic; urgency=medium
* Merge with Debian unstable. Remaining changes:
- debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr
when running from a container (LP #1667016)
* Dropped:
- d/usr.sbin.tcpdump: Allow pcapng files (LP #2024017)
[In 4.99.4-3]
-- Andreas Hasenack <email address hidden> Tue, 01 Aug 2023 11:49:37 -0300
Available diffs
- diff from 4.99.3-1ubuntu2 to 4.99.4-3ubuntu1 (23.9 KiB)
tcpdump (4.99.3-1ubuntu2) mantic; urgency=medium [ Chris Kuethe ] * d/usr.sbin.tcpdump: Allow pcapng files (LP: #2024017) -- Andreas Hasenack <email address hidden> Fri, 14 Jul 2023 18:07:50 -0300
Available diffs
- diff from 4.99.3-1ubuntu1 to 4.99.3-1ubuntu2 (539 bytes)
tcpdump (4.99.1-3ubuntu0.1) jammy; urgency=medium
* debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
running from a container (LP: #1667016)
-- Georgia Garcia <email address hidden> Fri, 10 Feb 2023 15:14:22 -0300
Available diffs
tcpdump (4.99.1-4ubuntu0.1) kinetic; urgency=medium
* debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
running from a container (LP: #1667016)
-- Georgia Garcia <email address hidden> Fri, 10 Feb 2023 15:15:53 -0300
Available diffs
tcpdump (4.9.3-4ubuntu0.2) focal; urgency=medium
* debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
running from a container (LP: #1667016)
-- Georgia Garcia <email address hidden> Fri, 10 Feb 2023 08:34:14 -0300
Available diffs
tcpdump (4.9.3-0ubuntu0.18.04.3) bionic; urgency=medium
* debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
running from a container (LP: #1667016)
-- Georgia Garcia <email address hidden> Fri, 10 Feb 2023 15:11:16 -0300
Available diffs
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
tcpdump (4.99.3-1ubuntu1) lunar; urgency=medium
* debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
running from a container (LP: #1667016)
-- Georgia Garcia <email address hidden> Fri, 10 Feb 2023 15:17:18 -0300
Available diffs
tcpdump (4.99.3-1) unstable; urgency=medium * New upstream release. * Drop Hurd build patch, which doesn't seem to be right anymore. -- Romain Francoise <email address hidden> Sat, 14 Jan 2023 18:23:25 +0100
Available diffs
- diff from 4.99.2-1 to 4.99.3-1 (20.3 KiB)
tcpdump (4.99.2-1) unstable; urgency=medium * New upstream release. * Re-enable all tests. * Bump Standards-Version to 4.6.2. -- Romain Francoise <email address hidden> Sun, 01 Jan 2023 18:19:40 +0100
Available diffs
- diff from 4.99.1-4 to 4.99.2-1 (133.8 KiB)
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
tcpdump (4.99.1-4) unstable; urgency=medium
* debian/usr.bin.tcpdump: account for numerical suffix in filenames
added by -W (closes: #1010688).
-- Romain Francoise <email address hidden> Sun, 08 May 2022 18:25:45 +0200
Available diffs
tcpdump (4.9.3-4ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: buffer overflow in read_infile
- debian/patches/CVE-2018-16301.patch: Add check of
file size before allocating and reading content in
tcpdump.c and netdissect-stdinc.h.
- CVE-2018-16301
* SECURITY UPDATE: resource exhaustion with big packets
- debian/patches/CVE-2020-8037.patch: Add a limit to the
amount of space that can be allocated when reading the
packet.
- CVE-2020-8037
-- David Fernandez Gonzalez <email address hidden> Thu, 07 Apr 2022 13:15:51 +0200
Available diffs
tcpdump (4.9.3-0ubuntu0.18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: buffer overflow in read_infile
- debian/patches/CVE-2018-16301.patch: Add check of
file size before allocating and reading content in
tcpdump.c and netdissect-stdinc.h.
- CVE-2018-16301
* SECURITY UPDATE: resource exhaustion with big packets
- debian/patches/CVE-2020-8037.patch: Add a limit to the
amount of space that can be allocated when reading the
packet.
- CVE-2020-8037
-- David Fernandez Gonzalez <email address hidden> Thu, 07 Apr 2022 17:43:23 +0200
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
tcpdump (4.99.1-3build2) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Fri, 25 Mar 2022 10:52:20 +0100
Available diffs
tcpdump (4.99.1-3build1) jammy; urgency=medium * No-change rebuild against openssl3 -- Simon Chopin <email address hidden> Thu, 25 Nov 2021 14:28:38 +0200
Available diffs
- diff from 4.99.1-3 (in Debian) to 4.99.1-3build1 (343 bytes)
| Superseded in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
| Deleted in impish-proposed (Reason: Moved to jammy) |
tcpdump (4.99.0-2build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:25:22 +0200
Available diffs
- diff from 4.99.0-2 (in Debian) to 4.99.0-2build1 (346 bytes)
tcpdump (4.99.1-3) unstable; urgency=medium
* Clean up AppArmor local profile for /usr/sbin/tcpdump, if it's still
empty (closes: #990554).
* Switch to debhelper compat level 13.
* Set `Rules-Requires-Root' to "no".
* Bump Standards-Version to 4.6.0.
-- Romain Francoise <email address hidden> Sun, 12 Sep 2021 18:55:44 +0200
Available diffs
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
| Deleted in impish-release (Reason: Moved to impish-proposed) |
| Deleted in impish-proposed (Reason: Moved to impish) |
| Deleted in hirsute-proposed (Reason: moved to impish-proposed) |
tcpdump (4.99.0-2) unstable; urgency=medium * Add autopkgtest support, running the upstream test suite. -- Romain Francoise <email address hidden> Fri, 15 Jan 2021 23:41:47 +0100
Available diffs
- diff from 4.9.3-7 to 4.99.0-2 (1.9 MiB)
- diff from 4.99.0-1 to 4.99.0-2 (592 bytes)
tcpdump (4.99.0-1) unstable; urgency=medium
* New upstream release.
* Mention in debian/NEWS that tcpdump is now installed to /usr/bin
instead of /usr/sbin.
* Rename AppArmor profile to match new binary location and add
maintscript stanza to move the previous conffile if present.
* Temporarily disable tests that require the just-released libpcap 1.10,
we don't want to tie the migration of the two just before the bullseye
freeze.
* Drop unused lintian override.
* Bump Standards-Version to 4.5.1.
-- Romain Francoise <email address hidden> Sun, 03 Jan 2021 21:28:16 +0100
Available diffs
- diff from 4.9.3-7 to 4.99.0-1 (1.9 MiB)
| Superseded in impish-release |
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
tcpdump (4.9.3-7) unstable; urgency=high
* Cherry-pick commit 32027e1993 from the upstream tcpdump-4.9 branch to fix
untrusted input issue in the PPP printer (CVE-2020-8037, closes: #973877).
-- Romain Francoise <email address hidden> Sat, 07 Nov 2020 13:19:14 +0100
Available diffs
- diff from 4.99.0-2 to 4.9.3-7 (1.9 MiB)
- diff from 4.9.3-6 to 4.9.3-7 (1.3 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
tcpdump (4.9.3-6) unstable; urgency=medium
[ Simon Deziel ]
* debian/usr.sbin.tcpdump: use profile name specifier instead of
'/usr/sbin/tcpdump'.
-- Romain Francoise <email address hidden> Thu, 28 May 2020 19:23:57 +0200
Available diffs
- diff from 4.9.3-5 to 4.9.3-6 (506 bytes)
tcpdump (4.9.3-5) unstable; urgency=medium
* Minor packaging fixes courtesy of the Janitor bot and lintian-brush:
+ Set upstream metadata fields: Bug-Submit, Repository, Repository-
Browse.
* Bump Standards-Version to 4.5.0.
-- Romain Francoise <email address hidden> Sat, 09 May 2020 20:42:57 +0200
Available diffs
- diff from 4.9.3-4 to 4.9.3-5 (790 bytes)
tcpdump (4.9.3-0ubuntu0.12.04.1) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: Updated to 4.9.3 to fix multiple security issues
- debian/patches/disable-tests.diff: disable tests that require newer
libpcap.
- CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167
-- <email address hidden> (Leonidas S. Barbosa) Mon, 27 Jan 2020 13:00:35 -0300
tcpdump (4.9.3-0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: Updated to 4.9.3 to fix multiple security issues
- debian/patches/disable-tests.diff: disable tests that require newer
libpcap.
- CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167
-- Marc Deslauriers <email address hidden> Fri, 24 Jan 2020 07:57:54 -0500
tcpdump (4.9.3-0ubuntu0.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: Updated to 4.9.3 to fix multiple security issues
- debian/patches/disable-tests.diff: disable tests that require newer
libpcap.
- CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167
-- Marc Deslauriers <email address hidden> Fri, 24 Jan 2020 07:57:54 -0500
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
tcpdump (4.9.3-4) unstable; urgency=medium * Set upstream metadata fields: Bug-Database. -- Romain Francoise <email address hidden> Tue, 31 Dec 2019 19:24:04 +0100
Available diffs
- diff from 4.9.3-3 to 4.9.3-4 (420 bytes)
tcpdump (4.9.3-3) unstable; urgency=medium
* Minor packaging fixes courtesy of the Janitor bot and lintian-brush:
+ Use secure URI in debian/watch.
+ Use secure URI in Homepage field.
+ Bump debhelper from old 11 to 12.
+ Set debhelper-compat version in Build-Depends.
+ Re-export upstream signing key without extra signatures.
-- Romain Francoise <email address hidden> Sun, 08 Dec 2019 13:56:42 +0100
Available diffs
- diff from 4.9.3-2 to 4.9.3-3 (1.4 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to Release) |
tcpdump (4.9.3-2) unstable; urgency=medium
* Disable failing IKEv2 test yet again to fix build on ppc64el (again)
(closes: #942171).
-- Romain Francoise <email address hidden> Fri, 11 Oct 2019 20:48:04 +0200
Available diffs
- diff from 4.9.3~git20190901-2 to 4.9.3-2 (31.6 KiB)
- diff from 4.9.3-1 to 4.9.3-2 (758 bytes)
tcpdump (4.9.3-1) unstable; urgency=medium * New upstream release, with fixes for 24 different CVEs (closes: #941698). * Build-depend on libpcap >= 1.9.1 to make all build-time tests pass. * Bump Standards-Version to 4.4.1. -- Romain Francoise <email address hidden> Thu, 10 Oct 2019 21:31:38 +0200
Available diffs
- diff from 4.9.3~git20190901-2 to 4.9.3-1 (31.6 KiB)
tcpdump (4.9.3~git20190901-2) unstable; urgency=medium * Disable failing IKEv2 test again to fix build on ppc64el. -- Romain Francoise <email address hidden> Sat, 07 Sep 2019 12:14:43 +0200
Available diffs
tcpdump (4.9.3~git20190901-1ubuntu1) eoan; urgency=medium * re-enable disable-tests.diff -- Gianfranco Costamagna <email address hidden> Tue, 03 Sep 2019 08:55:24 +0200
Available diffs
| Superseded in eoan-proposed |
tcpdump (4.9.3~git20190901-1) unstable; urgency=low
* New upstream snapshot from the tcpdump-4.9 branch:
+ Includes fix for CVE-2017-16808 (closes: #881862).
+ Fixes ESP decryption on ppc64el (and others), re-enable tests.
* Drop root privileges by default (closes: #935112):
+ debian/rules: Configure --with-user=tcpdump.
+ debian/tcpdump.post{inst,rm}: Create/delete a 'tcpdump' system group
and user.
+ debian/control: Add dependency on adduser.
+ debian/patches/drop-privs-after-opening-savefile.diff: New patch
(from Fedora) to drop root privileges *after* opening the savefile
when possible, to alleviate possible inconvenience if the target
directory is not writable by user tcpdump.
+ debian/patches/drop-privs-silently.diff: New patch (from Fedora) to
drop root privileges silently.
+ debian/usr.sbin.tcpdump: Add chown capability, and update rules
about device discovery.
+ debian/NEWS: Mention how to run tcpdump as root.
* Bump Standards-Version to 4.4.0.
-- Romain Francoise <email address hidden> Sun, 01 Sep 2019 13:05:24 +0200
| Superseded in eoan-release |
| Obsolete in disco-release |
| Obsolete in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
tcpdump (4.9.2-3) unstable; urgency=medium
[ Jamie Strandboge ]
* debian/usr.sbin.tcpdump: drop 'capability sys_module' since we already
have 'net_admin' and network module loading (which happens with -D) is
allowed with 'net_admin' (LP: #1759029) (closes: #894161)
[ Romain Francoise ]
* Switch to debhelper compatibility level 11.
* Bump Standards-Version to 4.1.3.
-- Romain Francoise <email address hidden> Sat, 31 Mar 2018 22:22:36 +0200
Available diffs
tcpdump (4.9.2-2ubuntu1) bionic; urgency=medium
* debian/usr.sbin.tcpdump: drop 'capability sys_module' since we already
have 'net_admin' and network module loading (which happens with -D) is
allowed with 'net_admin' (LP: #1759029)
-- Jamie Strandboge <email address hidden> Mon, 26 Mar 2018 20:28:20 +0000
Available diffs
- diff from 4.9.2-2build1 to 4.9.2-2ubuntu1 (613 bytes)
tcpdump (4.9.2-2build1) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov <email address hidden> Mon, 05 Feb 2018 16:54:46 +0000
Available diffs
- diff from 4.9.2-2 (in Debian) to 4.9.2-2build1 (533 bytes)
tcpdump (4.9.2-2) unstable; urgency=medium * Use new URLs on salsa.debian.org for Vcs-* fields. * Bump Standards-Version to 4.1.2. -- Romain Francoise <email address hidden> Sun, 31 Dec 2017 15:53:41 +0100
Available diffs
- diff from 4.9.2-1 to 4.9.2-2 (2.5 KiB)
tcpdump (4.9.2-0ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: multiple security issues in tcpdump
- CVE-2017-13011: buffer overflow in util-print.c:
bittok2str_internal().
- CVE-2017-12989: RESP parser infinite loop in print-resp.c:
resp_get_length().
- CVE-2017-12990: ISAKMP parser infinite loops in print-isakmp.c,
several functions.
- CVE-2017-12995 DNS parser infinite loop in print-domain.c:
ns_print().
- CVE-2017-12997: LLDP parser infinite loop in print-lldp.c:
lldp_private_8021_print().
- CVE-2017-12893: buffer over-read in smbutil.c:name_len().
- CVE-2017-12894: buffer over-read in addrtoname.c:
lookup_bytestring().
- CVE-2017-12895: buffer over-read in print-icmp.c:icmp_print().
- CVE-2017-12896: buffer over-read in print-isakmp.c:
isakmp_rfc3948_print().
- CVE-2017-12897: buffer over-read in print-isoclns.c:
isoclns_print().
- CVE-2017-12898: buffer over-read in print-nfs.c:interp_reply().
- CVE-2017-12899: buffer over-read in print-decnet.c:
decnet_print().
- CVE-2017-12900: buffer over-read in util-print.c:tok2strbuf().
- CVE-2017-12901: buffer over-read in print-eigrp.c:eigrp_print().
- CVE-2017-12902: buffer over-read in print-zephyr.c, several
functions.
- CVE-2017-12985: buffer over-read in print-ip6.c:ip6_print().
- CVE-2017-12986: buffer over-read in print-rt6.c:rt6_print().
- CVE-2017-12987: buffer over-read in print-802_11.c:
parse_elements().
- CVE-2017-12988: buffer over-read in print-telnet.c:
telnet_parse().
- CVE-2017-12991: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-12992: buffer over-read in print-ripng.c:ripng_print().
- CVE-2017-12993: buffer over-read in print-juniper.c, several
functions.
- CVE-2017-12994: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-12996: buffer over-read in print-pim.c:pimv2_print().
- CVE-2017-12998: buffer over-read in print-isoclns.c:
isis_print_extd_ip_reach().
- CVE-2017-12999: buffer over-read in print-isoclns.c:isis_print().
- CVE-2017-13000: buffer over-read in print-802_15_4.c:
ieee802_15_4_if_print().
- CVE-2017-13001: buffer over-read in print-nfs.c:nfs_printfh().
- CVE-2017-13002: buffer over-read in print-aodv.c:
aodv_extension().
- CVE-2017-13003: buffer over-read in print-lmp.c:lmp_print().
- CVE-2017-13004: buffer over-read in print-juniper.c:
juniper_parse_header().
- CVE-2017-13005: buffer over-read in print-nfs.c:xid_map_enter().
- CVE-2017-13006: buffer over-read in print-l2tp.c, several
functions.
- CVE-2017-13007: buffer over-read in print-pktap.c:
pktap_if_print().
- CVE-2017-13008: buffer over-read in print-802_11.c:
parse_elements().
- CVE-2017-13009: buffer over-read in print-mobility.c:
mobility_print().
- CVE-2017-13010: buffer over-read in print-beep.c:l_strnstart().
- CVE-2017-13012: buffer over-read in print-icmp.c:icmp_print().
- CVE-2017-13013: buffer over-read in print-arp.c, several
functions.
- CVE-2017-13014: buffer over-read in print-wb.c:wb_prep(), several
functions.
- CVE-2017-13015: buffer over-read in print-eap.c:eap_print().
- CVE-2017-13016: buffer over-read in print-isoclns.c:esis_print().
- CVE-2017-13017: buffer over-read in print-dhcp6.c:
dhcp6opt_print().
- CVE-2017-13018: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13019: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13020: buffer over-read in print-vtp.c:vtp_print().
- CVE-2017-13021: buffer over-read in print-icmp6.c:icmp6_print().
- CVE-2017-13022: buffer over-read in print-ip.c:ip_printroute().
- CVE-2017-13023, CVE-2017-13024, CVE-2017-13025: multiple buffer
over-reads in print-mobility.c:mobility_opt_print().
- CVE-2017-13026: buffer over-read in print-isoclns.c, several functions.
- CVE-2017-13027: buffer over-read in print-lldp.c:
lldp_mgmt_addr_tlv_print().
- CVE-2017-13028: buffer over-read in print-bootp.c:bootp_print().
- CVE-2017-13029: buffer over-read in print-ppp.c:
print_ccp_config_options().
- CVE-2017-13030: buffer over-read in print-pim.c, several functions.
- CVE-2017-13031: buffer over-read in print-frag6.c:frag6_print().
- CVE-2017-13032: buffer over-read in print-radius.c:print_attr_string().
- CVE-2017-13033: buffer over-read in print-vtp.c:vtp_print().
- CVE-2017-13034: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13035: buffer over-read in print-isoclns.c:isis_print_id().
- CVE-2017-13036: buffer over-read in print-ospf6.c:ospf6_decode_v3().
- CVE-2017-13037: buffer over-read in print-ip.c:ip_printts().
- CVE-2017-13038: buffer over-read in print-ppp.c:handle_mlppp().
- CVE-2017-13039: buffer over-read in print-isakmp.c, several
functions.
- CVE-2017-13040: buffer over-read in print-mptcp.c, several
functions.
- CVE-2017-13041: buffer over-read in print-icmp6.c:
icmp6_nodeinfo_print().
- CVE-2017-13042: buffer over-read in print-hncp.c:dhcpv6_print().
- CVE-2017-13043: buffer over-read in print-bgp.c:
decode_multicast_vpn().
- CVE-2017-13044: buffer over-read in print-hncp.c:dhcpv4_print().
- CVE-2017-13045: buffer over-read in print-vqp.c:vqp_print().
- CVE-2017-13046: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-13047: buffer over-read in print-isoclns.c:esis_print().
- CVE-2017-13048: buffer over-read in print-rsvp.c:
rsvp_obj_print().
- CVE-2017-13049: buffer over-read in print-rx.c:ubik_print().
- CVE-2017-13050: buffer over-read in print-rpki-rtr.c:
rpki_rtr_pdu_print().
- CVE-2017-13051: buffer over-read in print-rsvp.c:
rsvp_obj_print().
- CVE-2017-13052: buffer over-read in print-cfm.c:cfm_print().
- CVE-2017-13053: buffer over-read in print-bgp.c:
decode_rt_routing_info().
- CVE-2017-13054: buffer over-read in print-lldp.c:
lldp_private_8023_print().
- CVE-2017-13055: buffer over-read in print-isoclns.c:
isis_print_is_reach_subtlv().
- CVE-2017-13687: buffer over-read in print-chdlc.c:chdlc_print().
- CVE-2017-13688: buffer over-read in print-olsr.c:olsr_print().
- CVE-2017-13689: buffer over-read in print-isakmp.c:
ikev1_id_print().
- CVE-2017-13690: buffer over-read in print-isakmp.c, several
functions.
- CVE-2017-13725: buffer over-read in print-rt6.c:rt6_print().
* Merge from Debian unstable. Remaining changes:
- debian/control:
+ keep older libpcap0.8-dev dependency
+ don't add breaks/replaces on apparmor-profiles-extras, as
tcpdump profile is already dropped from there in xenial.
+ drop multi-arch: foreign
- debian/patches/disable_tests.diff: disable additional tests
failing with older pcap versions
- debian/patches/90_man_apparmor.diff: mention apparmor profile
- debian/tcpdump.dirs: for apparmor force-complain dir
Available diffs
tcpdump (4.9.2-0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: multiple security issues in tcpdump
- CVE-2017-13011: buffer overflow in util-print.c:
bittok2str_internal().
- CVE-2017-12989: RESP parser infinite loop in print-resp.c:
resp_get_length().
- CVE-2017-12990: ISAKMP parser infinite loops in print-isakmp.c,
several functions.
- CVE-2017-12995 DNS parser infinite loop in print-domain.c:
ns_print().
- CVE-2017-12997: LLDP parser infinite loop in print-lldp.c:
lldp_private_8021_print().
- CVE-2017-12893: buffer over-read in smbutil.c:name_len().
- CVE-2017-12894: buffer over-read in addrtoname.c:
lookup_bytestring().
- CVE-2017-12895: buffer over-read in print-icmp.c:icmp_print().
- CVE-2017-12896: buffer over-read in print-isakmp.c:
isakmp_rfc3948_print().
- CVE-2017-12897: buffer over-read in print-isoclns.c:
isoclns_print().
- CVE-2017-12898: buffer over-read in print-nfs.c:interp_reply().
- CVE-2017-12899: buffer over-read in print-decnet.c:
decnet_print().
- CVE-2017-12900: buffer over-read in util-print.c:tok2strbuf().
- CVE-2017-12901: buffer over-read in print-eigrp.c:eigrp_print().
- CVE-2017-12902: buffer over-read in print-zephyr.c, several
functions.
- CVE-2017-12985: buffer over-read in print-ip6.c:ip6_print().
- CVE-2017-12986: buffer over-read in print-rt6.c:rt6_print().
- CVE-2017-12987: buffer over-read in print-802_11.c:
parse_elements().
- CVE-2017-12988: buffer over-read in print-telnet.c:
telnet_parse().
- CVE-2017-12991: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-12992: buffer over-read in print-ripng.c:ripng_print().
- CVE-2017-12993: buffer over-read in print-juniper.c, several
functions.
- CVE-2017-12994: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-12996: buffer over-read in print-pim.c:pimv2_print().
- CVE-2017-12998: buffer over-read in print-isoclns.c:
isis_print_extd_ip_reach().
- CVE-2017-12999: buffer over-read in print-isoclns.c:isis_print().
- CVE-2017-13000: buffer over-read in print-802_15_4.c:
ieee802_15_4_if_print().
- CVE-2017-13001: buffer over-read in print-nfs.c:nfs_printfh().
- CVE-2017-13002: buffer over-read in print-aodv.c:
aodv_extension().
- CVE-2017-13003: buffer over-read in print-lmp.c:lmp_print().
- CVE-2017-13004: buffer over-read in print-juniper.c:
juniper_parse_header().
- CVE-2017-13005: buffer over-read in print-nfs.c:xid_map_enter().
- CVE-2017-13006: buffer over-read in print-l2tp.c, several
functions.
- CVE-2017-13007: buffer over-read in print-pktap.c:
pktap_if_print().
- CVE-2017-13008: buffer over-read in print-802_11.c:
parse_elements().
- CVE-2017-13009: buffer over-read in print-mobility.c:
mobility_print().
- CVE-2017-13010: buffer over-read in print-beep.c:l_strnstart().
- CVE-2017-13012: buffer over-read in print-icmp.c:icmp_print().
- CVE-2017-13013: buffer over-read in print-arp.c, several
functions.
- CVE-2017-13014: buffer over-read in print-wb.c:wb_prep(), several
functions.
- CVE-2017-13015: buffer over-read in print-eap.c:eap_print().
- CVE-2017-13016: buffer over-read in print-isoclns.c:esis_print().
- CVE-2017-13017: buffer over-read in print-dhcp6.c:
dhcp6opt_print().
- CVE-2017-13018: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13019: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13020: buffer over-read in print-vtp.c:vtp_print().
- CVE-2017-13021: buffer over-read in print-icmp6.c:icmp6_print().
- CVE-2017-13022: buffer over-read in print-ip.c:ip_printroute().
- CVE-2017-13023, CVE-2017-13024, CVE-2017-13025: multiple buffer
over-reads in print-mobility.c:mobility_opt_print().
- CVE-2017-13026: buffer over-read in print-isoclns.c, several functions.
- CVE-2017-13027: buffer over-read in print-lldp.c:
lldp_mgmt_addr_tlv_print().
- CVE-2017-13028: buffer over-read in print-bootp.c:bootp_print().
- CVE-2017-13029: buffer over-read in print-ppp.c:
print_ccp_config_options().
- CVE-2017-13030: buffer over-read in print-pim.c, several functions.
- CVE-2017-13031: buffer over-read in print-frag6.c:frag6_print().
- CVE-2017-13032: buffer over-read in print-radius.c:print_attr_string().
- CVE-2017-13033: buffer over-read in print-vtp.c:vtp_print().
- CVE-2017-13034: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13035: buffer over-read in print-isoclns.c:isis_print_id().
- CVE-2017-13036: buffer over-read in print-ospf6.c:ospf6_decode_v3().
- CVE-2017-13037: buffer over-read in print-ip.c:ip_printts().
- CVE-2017-13038: buffer over-read in print-ppp.c:handle_mlppp().
- CVE-2017-13039: buffer over-read in print-isakmp.c, several
functions.
- CVE-2017-13040: buffer over-read in print-mptcp.c, several
functions.
- CVE-2017-13041: buffer over-read in print-icmp6.c:
icmp6_nodeinfo_print().
- CVE-2017-13042: buffer over-read in print-hncp.c:dhcpv6_print().
- CVE-2017-13043: buffer over-read in print-bgp.c:
decode_multicast_vpn().
- CVE-2017-13044: buffer over-read in print-hncp.c:dhcpv4_print().
- CVE-2017-13045: buffer over-read in print-vqp.c:vqp_print().
- CVE-2017-13046: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-13047: buffer over-read in print-isoclns.c:esis_print().
- CVE-2017-13048: buffer over-read in print-rsvp.c:
rsvp_obj_print().
- CVE-2017-13049: buffer over-read in print-rx.c:ubik_print().
- CVE-2017-13050: buffer over-read in print-rpki-rtr.c:
rpki_rtr_pdu_print().
- CVE-2017-13051: buffer over-read in print-rsvp.c:
rsvp_obj_print().
- CVE-2017-13052: buffer over-read in print-cfm.c:cfm_print().
- CVE-2017-13053: buffer over-read in print-bgp.c:
decode_rt_routing_info().
- CVE-2017-13054: buffer over-read in print-lldp.c:
lldp_private_8023_print().
- CVE-2017-13055: buffer over-read in print-isoclns.c:
isis_print_is_reach_subtlv().
- CVE-2017-13687: buffer over-read in print-chdlc.c:chdlc_print().
- CVE-2017-13688: buffer over-read in print-olsr.c:olsr_print().
- CVE-2017-13689: buffer over-read in print-isakmp.c:
ikev1_id_print().
- CVE-2017-13690: buffer over-read in print-isakmp.c, several
functions.
- CVE-2017-13725: buffer over-read in print-rt6.c:rt6_print().
* Merge from Debian unstable. Remaining changes:
- debian/control:
+ keep older libpcap0.8-dev dependency
+ don't add breaks/replaces on apparmor-profiles-extras, as
tcpdump profile is already dropped from there.
- debian/patches/disable_tests.diff: disable additional tests
failing with older pcap versions
- debian/patches/90_man_apparmor.diff: mention apparmor profile
- debian/tcpdump.dirs: for apparmor force-complain dir
tcpdump (4.9.2-0ubuntu0.17.04.2) zesty-security; urgency=medium
* SECURITY UPDATE: multiple security issues in tcpdump
- CVE-2017-13011: buffer overflow in util-print.c:
bittok2str_internal().
- CVE-2017-12989: RESP parser infinite loop in print-resp.c:
resp_get_length().
- CVE-2017-12990: ISAKMP parser infinite loops in print-isakmp.c,
several functions.
- CVE-2017-12995 DNS parser infinite loop in print-domain.c:
ns_print().
- CVE-2017-12997: LLDP parser infinite loop in print-lldp.c:
lldp_private_8021_print().
- CVE-2017-12893: buffer over-read in smbutil.c:name_len().
- CVE-2017-12894: buffer over-read in addrtoname.c:
lookup_bytestring().
- CVE-2017-12895: buffer over-read in print-icmp.c:icmp_print().
- CVE-2017-12896: buffer over-read in print-isakmp.c:
isakmp_rfc3948_print().
- CVE-2017-12897: buffer over-read in print-isoclns.c:
isoclns_print().
- CVE-2017-12898: buffer over-read in print-nfs.c:interp_reply().
- CVE-2017-12899: buffer over-read in print-decnet.c:
decnet_print().
- CVE-2017-12900: buffer over-read in util-print.c:tok2strbuf().
- CVE-2017-12901: buffer over-read in print-eigrp.c:eigrp_print().
- CVE-2017-12902: buffer over-read in print-zephyr.c, several
functions.
- CVE-2017-12985: buffer over-read in print-ip6.c:ip6_print().
- CVE-2017-12986: buffer over-read in print-rt6.c:rt6_print().
- CVE-2017-12987: buffer over-read in print-802_11.c:
parse_elements().
- CVE-2017-12988: buffer over-read in print-telnet.c:
telnet_parse().
- CVE-2017-12991: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-12992: buffer over-read in print-ripng.c:ripng_print().
- CVE-2017-12993: buffer over-read in print-juniper.c, several
functions.
- CVE-2017-12994: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-12996: buffer over-read in print-pim.c:pimv2_print().
- CVE-2017-12998: buffer over-read in print-isoclns.c:
isis_print_extd_ip_reach().
- CVE-2017-12999: buffer over-read in print-isoclns.c:isis_print().
- CVE-2017-13000: buffer over-read in print-802_15_4.c:
ieee802_15_4_if_print().
- CVE-2017-13001: buffer over-read in print-nfs.c:nfs_printfh().
- CVE-2017-13002: buffer over-read in print-aodv.c:
aodv_extension().
- CVE-2017-13003: buffer over-read in print-lmp.c:lmp_print().
- CVE-2017-13004: buffer over-read in print-juniper.c:
juniper_parse_header().
- CVE-2017-13005: buffer over-read in print-nfs.c:xid_map_enter().
- CVE-2017-13006: buffer over-read in print-l2tp.c, several
functions.
- CVE-2017-13007: buffer over-read in print-pktap.c:
pktap_if_print().
- CVE-2017-13008: buffer over-read in print-802_11.c:
parse_elements().
- CVE-2017-13009: buffer over-read in print-mobility.c:
mobility_print().
- CVE-2017-13010: buffer over-read in print-beep.c:l_strnstart().
- CVE-2017-13012: buffer over-read in print-icmp.c:icmp_print().
- CVE-2017-13013: buffer over-read in print-arp.c, several
functions.
- CVE-2017-13014: buffer over-read in print-wb.c:wb_prep(), several
functions.
- CVE-2017-13015: buffer over-read in print-eap.c:eap_print().
- CVE-2017-13016: buffer over-read in print-isoclns.c:esis_print().
- CVE-2017-13017: buffer over-read in print-dhcp6.c:
dhcp6opt_print().
- CVE-2017-13018: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13019: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13020: buffer over-read in print-vtp.c:vtp_print().
- CVE-2017-13021: buffer over-read in print-icmp6.c:icmp6_print().
- CVE-2017-13022: buffer over-read in print-ip.c:ip_printroute().
- CVE-2017-13023, CVE-2017-13024, CVE-2017-13025: multiple buffer
over-reads in print-mobility.c:mobility_opt_print().
- CVE-2017-13026: buffer over-read in print-isoclns.c, several functions.
- CVE-2017-13027: buffer over-read in print-lldp.c:
lldp_mgmt_addr_tlv_print().
- CVE-2017-13028: buffer over-read in print-bootp.c:bootp_print().
- CVE-2017-13029: buffer over-read in print-ppp.c:
print_ccp_config_options().
- CVE-2017-13030: buffer over-read in print-pim.c, several functions.
- CVE-2017-13031: buffer over-read in print-frag6.c:frag6_print().
- CVE-2017-13032: buffer over-read in print-radius.c:print_attr_string().
- CVE-2017-13033: buffer over-read in print-vtp.c:vtp_print().
- CVE-2017-13034: buffer over-read in print-pgm.c:pgm_print().
- CVE-2017-13035: buffer over-read in print-isoclns.c:isis_print_id().
- CVE-2017-13036: buffer over-read in print-ospf6.c:ospf6_decode_v3().
- CVE-2017-13037: buffer over-read in print-ip.c:ip_printts().
- CVE-2017-13038: buffer over-read in print-ppp.c:handle_mlppp().
- CVE-2017-13039: buffer over-read in print-isakmp.c, several
functions.
- CVE-2017-13040: buffer over-read in print-mptcp.c, several
functions.
- CVE-2017-13041: buffer over-read in print-icmp6.c:
icmp6_nodeinfo_print().
- CVE-2017-13042: buffer over-read in print-hncp.c:dhcpv6_print().
- CVE-2017-13043: buffer over-read in print-bgp.c:
decode_multicast_vpn().
- CVE-2017-13044: buffer over-read in print-hncp.c:dhcpv4_print().
- CVE-2017-13045: buffer over-read in print-vqp.c:vqp_print().
- CVE-2017-13046: buffer over-read in print-bgp.c:bgp_attr_print().
- CVE-2017-13047: buffer over-read in print-isoclns.c:esis_print().
- CVE-2017-13048: buffer over-read in print-rsvp.c:
rsvp_obj_print().
- CVE-2017-13049: buffer over-read in print-rx.c:ubik_print().
- CVE-2017-13050: buffer over-read in print-rpki-rtr.c:
rpki_rtr_pdu_print().
- CVE-2017-13051: buffer over-read in print-rsvp.c:
rsvp_obj_print().
- CVE-2017-13052: buffer over-read in print-cfm.c:cfm_print().
- CVE-2017-13053: buffer over-read in print-bgp.c:
decode_rt_routing_info().
- CVE-2017-13054: buffer over-read in print-lldp.c:
lldp_private_8023_print().
- CVE-2017-13055: buffer over-read in print-isoclns.c:
isis_print_is_reach_subtlv().
- CVE-2017-13687: buffer over-read in print-chdlc.c:chdlc_print().
- CVE-2017-13688: buffer over-read in print-olsr.c:olsr_print().
- CVE-2017-13689: buffer over-read in print-isakmp.c:
ikev1_id_print().
- CVE-2017-13690: buffer over-read in print-isakmp.c, several
functions.
- CVE-2017-13725: buffer over-read in print-rt6.c:rt6_print().
* Merge from Debian unstable. Remaining changes:
- debian/control: keep dependency on libssl1.0-dev, don't add
breaks/replaces on apparmor-profiles-extras, as tcpdump profile
is already dropped from there.
- debian/patches/90_man_apparmor.diff: mention apparmor profile
- debian/tcpdump.dirs: for apparmor force-complain dir
Available diffs
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
tcpdump (4.9.2-1) unstable; urgency=high
* New upstream release:
+ Fixes 86 new CVEs, see the upstream changelog for the full list.
+ Now supports OpenSSL 1.1, so move back to libssl-dev (closes: #859740).
* Urgency high due to security fixes.
-- Romain Francoise <email address hidden> Fri, 08 Sep 2017 21:30:47 +0200
Available diffs
- diff from 4.9.1-3 to 4.9.2-1 (988.9 KiB)
tcpdump (4.9.1-3) unstable; urgency=high
* Cherry-pick three upstream commits to fix the following:
+ CVE-2017-11541: buffer over-read in safeputs() (closes: #873804)
+ CVE-2017-11542: buffer over-read in pimv1_print() (closes: #873805)
+ CVE-2017-11543: buffer overflow in sliplink_print() (closes: #873806)
* Urgency high due to security fixes.
-- Romain Francoise <email address hidden> Mon, 04 Sep 2017 19:45:45 +0200
Available diffs
- diff from 4.9.1-2 to 4.9.1-3 (2.0 KiB)
tcpdump (4.9.1-2) unstable; urgency=medium * Disable IKEv2 test which mysteriously fails on ppc64el (closes: #873377). -- Romain Francoise <email address hidden> Sat, 02 Sep 2017 11:01:30 +0200
Available diffs
- diff from 4.9.1-2~build1 (in Ubuntu) to 4.9.1-2 (346 bytes)
tcpdump (4.9.1-2~build1) artful; urgency=medium * Upload to artful -- Gianfranco Costamagna <email address hidden> Sat, 02 Sep 2017 12:50:01 +0200
Available diffs
- diff from 4.9.0-3 (in Debian) to 4.9.1-2~build1 (22.4 KiB)
- diff from 4.9.1-1 (in Debian) to 4.9.1-2~build1 (723 bytes)
tcpdump (4.9.1-1) unstable; urgency=medium * New upstream release, fixes CVE-2017-11108 (closes: #867718). * Bump Standards-Version to 4.1.0. * debian/watch: add pgpsigurlmangle option. * Add upstream signing key in debian/upstream. -- Romain Francoise <email address hidden> Sat, 26 Aug 2017 18:48:32 +0200
Available diffs
- diff from 4.9.0-3 to 4.9.1-1 (22.1 KiB)
tcpdump (4.9.0-3) unstable; urgency=medium [ intrigeri ] * Include AppArmor profile from Ubuntu (closes: #866682). [ Romain Francoise ] * Bump Standards-Version to 4.0.0. -- Romain Francoise <email address hidden> Sun, 02 Jul 2017 12:13:53 +0200
Available diffs
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
tcpdump (4.9.0-2ubuntu2) zesty; urgency=medium
[ Intrigeri ]
* Support apparmor profiles for merged /usr systems
(LP: #1647188)
-- Gianfranco Costamagna <email address hidden> Fri, 24 Feb 2017 08:22:12 +0100
Available diffs
- diff from 4.9.0-2ubuntu1 to 4.9.0-2ubuntu2 (531 bytes)
tcpdump (4.9.0-1ubuntu1~ubuntu16.10.1) yakkety-security; urgency=medium * Backport to yakkety to fix CVEs (LP: #1662177). * Reset libpcap dependency to yakkety version * Enable crypto support, dropped in zesty because of openssl. * Disable some tests failing with older pcap versions
Available diffs
tcpdump (4.9.0-1ubuntu1~ubuntu16.04.1) xenial-security; urgency=medium * Backport to xenial to fix CVEs (LP: #1662177). * Reset libpcap dependency to xenial version * Enable crypto support, dropped in zesty because of openssl. * Disable some tests failing with older pcap versions
Available diffs
tcpdump (4.9.0-1ubuntu1~ubuntu14.04.1) trusty-security; urgency=medium * Backport to trusty to fix CVEs (LP: #1662177). * Reset libpcap dependency to trusty version * Enable crypto support, dropped in zesty because of openssl. * Disable some tests failing with older pcap versions
Available diffs
tcpdump (4.9.0-1ubuntu1~ubuntu12.04.1) precise-security; urgency=medium [ Gianfranco Costamagna ] * Backport to precise to fix CVEs (LP: #1662177). * Reset libpcap dependency to precise version * Enable crypto support, dropped in zesty because of openssl. * Disable some tests failing with older pcap versions
Available diffs
tcpdump (4.9.0-2ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
-- Gianfranco Costamagna <email address hidden> Mon, 20 Feb 2017 13:23:02 +0100
Available diffs
- diff from 4.9.0-1ubuntu1 to 4.9.0-2ubuntu1 (996 bytes)
tcpdump (4.9.0-1ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
-- Gianfranco Costamagna <email address hidden> Wed, 01 Feb 2017 15:39:27 +0100
Available diffs
- diff from 4.8.1-2ubuntu1 to 4.9.0-1ubuntu1 (139.4 KiB)
tcpdump (4.8.1-2ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
-- Gianfranco Costamagna <email address hidden> Tue, 06 Dec 2016 23:51:56 +0100
Available diffs
- diff from 4.7.4-3ubuntu1 to 4.8.1-2ubuntu1 (256.8 KiB)
tcpdump (4.7.4-3ubuntu1) zesty; urgency=medium * Merge from Debian unstable. (LP: #1624633) Remaining changes: - debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump, install, rules, patches/patches/90_man_apparmor.diff}: + Add AppArmor profile. - debian/usr.sbin.tcpdump: + Allow capability net_admin to support '-j'. - fix 2015-0261 test with upstream e32088572e960f7d5e1baac2f530793ed7f42e4d -- Gianfranco Costamagna <email address hidden> Mon, 28 Nov 2016 15:02:07 +0100
Available diffs
| Superseded in yakkety-updates |
| Superseded in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
| Deleted in yakkety-proposed (Reason: moved to -updates) |
tcpdump (4.7.4-1ubuntu1.16.10.1) yakkety; urgency=medium
* debian/usr.sbin.tcpdump: Allow the tcpdump binary to be mapped as required
by version 4.8 and newer kernels. tcpdump was immediately segfaulting when
used inside of LXD containers before this AppArmor profile change.
(LP: #1632399)
-- Tyler Hicks <email address hidden> Thu, 13 Oct 2016 04:58:52 +0000
Available diffs
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Published in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
tcpdump (4.7.4-1ubuntu1) wily; urgency=low * Merge from Debian unstable. (LP: #1460170) Remaining changes: - debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump, install, rules, patches/patches/90_man_apparmor.diff}: + Add AppArmor profile. - debian/usr.sbin.tcpdump: + Allow capability net_admin to support '-j'. - Drop 60_cve-2015-2153-fix-regression.diff: upstream
Available diffs
- diff from 4.6.2-4ubuntu1 to 4.7.4-1ubuntu1 (110.7 KiB)
tcpdump (4.6.2-1ubuntu1.2) utopic-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
multiple issues (LP: #1444363)
- debian/patches/60_cve-2015-0261.diff: check lengths in
print-mobility.c.
- debian/patches/60_cve-2015-2153.diff: check length in
print-rpki-rtr.c.
- debian/patches/60_cve-2015-2153-fix-regression.diff: more length
checks in print-rpki-rtr.c.
- debian/patches/60_cve-2015-2154.diff: check lengths in
print-isoclns.c.
- debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
in print-forces.c.
- CVE-2015-0261
- CVE-2015-2153
- CVE-2015-2154
- CVE-2015-2155
-- Marc Deslauriers <email address hidden> Fri, 24 Apr 2015 12:51:00 -0400
Available diffs
tcpdump (4.5.1-2ubuntu1.2) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
multiple issues (LP: #1444363)
- debian/patches/60_cve-2015-0261.diff: check lengths in
print-mobility.c.
- debian/patches/60_cve-2015-2153.diff: check length in
print-rpki-rtr.c.
- debian/patches/60_cve-2015-2153-fix-regression.diff: more length
checks in print-rpki-rtr.c.
- debian/patches/60_cve-2015-2154.diff: check lengths in
print-isoclns.c.
- debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
in print-forces.c.
- CVE-2015-0261
- CVE-2015-2153
- CVE-2015-2154
- CVE-2015-2155
-- Marc Deslauriers <email address hidden> Fri, 24 Apr 2015 13:06:07 -0400
Available diffs
tcpdump (4.2.1-1ubuntu2.2) precise-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
multiple issues (LP: #1444363)
- debian/patches/60_cve-2015-0261.diff: check lengths in
print-mobility.c.
- debian/patches/60_cve-2015-2153.diff: check length in
print-rpki-rtr.c.
- debian/patches/60_cve-2015-2153-fix-regression.diff: more length
checks in print-rpki-rtr.c.
- debian/patches/60_cve-2015-2154.diff: check lengths in
print-isoclns.c.
- debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
in print-forces.c.
- CVE-2015-0261
- CVE-2015-2153
- CVE-2015-2154
- CVE-2015-2155
-- Marc Deslauriers <email address hidden> Fri, 24 Apr 2015 15:15:57 -0400
Available diffs
| Superseded in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
tcpdump (4.6.2-4ubuntu1) vivid; urgency=low * Merge from Debian unstable. (LP: #1433815) Remaining changes: - debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump, install, rules, patches/patches/90_man_apparmor.diff}: + Add AppArmor profile. - debian/usr.sbin.tcpdump: + Allow capability net_admin to support '-j'. * debian/patches/60_cve-2015-2153-fix-regression.diff: - Fix regression due to 60_cve-2015-2153.diff
Available diffs
tcpdump (4.2.1-1ubuntu2.1) precise-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution in
olsr_print
- debian/patches/CVE-2014-8767.patch: improve bounds checking and
error handling in print-olsr.c.
- CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
print-aodv.c
- debian/patches/CVE-2014-8769.patch: improve bounds checking and
length checking in print-aodv.c, aodv.h.
- CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
print-ppp.c
- debian/patches/CVE-2014-9140.patch: improve bounds checking in
print-ppp.c.
- CVE-2014-9140
-- Marc Deslauriers <email address hidden> Wed, 03 Dec 2014 17:05:38 -0500
Available diffs
tcpdump (4.5.1-2ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution in
olsr_print
- debian/patches/CVE-2014-8767.patch: improve bounds checking and
error handling in print-olsr.c.
- CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
geonet_print
- debian/patches/CVE-2014-8768.patch: improve bounds checking and
length checking in print-geonet.c.
- CVE-2014-8768
* SECURITY UPDATE: denial of service and possible code execution in
print-aodv.c
- debian/patches/CVE-2014-8769.patch: improve bounds checking and
length checking in print-aodv.c, aodv.h.
- CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
print-ppp.c
- debian/patches/CVE-2014-9140.patch: improve bounds checking in
print-ppp.c.
- CVE-2014-9140
-- Marc Deslauriers <email address hidden> Wed, 03 Dec 2014 16:39:30 -0500
Available diffs
tcpdump (4.6.2-1ubuntu1.1) utopic-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution in
olsr_print
- debian/patches/CVE-2014-8767.patch: improve bounds checking and
error handling in print-olsr.c.
- CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
geonet_print
- debian/patches/CVE-2014-8768.patch: improve bounds checking and
length checking in print-geonet.c.
- CVE-2014-8768
* SECURITY UPDATE: denial of service and possible code execution in
print-aodv.c
- debian/patches/CVE-2014-8769.patch: improve bounds checking and
length checking in print-aodv.c.
- CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
print-ppp.c
- debian/patches/CVE-2014-9140.patch: improve bounds checking in
print-ppp.c.
- CVE-2014-9140
-- Marc Deslauriers <email address hidden> Wed, 03 Dec 2014 15:27:44 -0500
Available diffs
tcpdump (4.0.0-6ubuntu3.1) lucid-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution in
olsr_print
- debian/patches/CVE-2014-8767.patch: improve bounds checking and
error handling in print-olsr.c.
- CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
print-aodv.c
- debian/patches/CVE-2014-8769.patch: improve bounds checking and
length checking in print-aodv.c, aodv.h.
- CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
print-ppp.c
- debian/patches/CVE-2014-9140.patch: improve bounds checking in
print-ppp.c.
- CVE-2014-9140
-- Marc Deslauriers <email address hidden> Wed, 03 Dec 2014 17:17:23 -0500
Available diffs
tcpdump (4.6.2-3ubuntu1) vivid; urgency=low * Merge from Debian unstable (LP: #1397558). Remaining changes: * debian/control: - Build-Depends on dh-apparmor. - Suggests apparmor * debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump, debian/patches/patches/90_man_apparmor.diff, debian/install, debian/rules: - Install enforcing AppArmor profile. * debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. (LP: #1229664)
Available diffs
| Published in precise-backports |
tcpdump (4.5.1-2ubuntu1~ubuntu12.04.1) precise-backports; urgency=medium * No-change backport to precise (LP: #1393373)
Available diffs
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
tcpdump (4.6.2-1ubuntu1) utopic; urgency=low
* Merge from Debian unstable (LP; #1367260). Remaining changes:
* debian/control:
- Build-Depends on dh-apparmor.
- Suggests apparmor
* debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump,
debian/patches/patches/90_man_apparmor.diff,
debian/install, debian/rules:
- Install enforcing AppArmor profile.
* debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch
thanks to Graeme Hewson. (LP: #1229664)
Available diffs
tcpdump (4.6.1-2ubuntu1) utopic; urgency=low * Merge from Debian unstable (LP: #1352750). Remaining changes: * debian/control: - Build-Depends on dh-apparmor. - Suggests apparmor * debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump, debian/patches/patches/90_man_apparmor.diff, debian/install, debian/rules: - Install enforcing AppArmor profile. * debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. (LP: #1229664)
Available diffs
- diff from 4.5.1-2ubuntu2 to 4.6.1-2ubuntu1 (598.3 KiB)
tcpdump (4.5.1-2ubuntu2) utopic; urgency=medium
* debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch
thanks to Graeme Hewson. (LP: #1229664)
-- Jamie Strandboge <email address hidden> Thu, 26 Jun 2014 08:08:07 -0500
Available diffs
- diff from 4.5.1-2ubuntu1 to 4.5.1-2ubuntu2 (528 bytes)
| Superseded in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
tcpdump (4.5.1-2ubuntu1) trusty; urgency=medium
* Resynchronize on Debian remaining differences:
* debian/control:
- Build-Depends on dh-apparmor.
- Suggests apparmor
* debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump,
debian/patches/patches/90_man_apparmor.diff,
debian/install, debian/rules:
- Install enforcing AppArmor profile.
Available diffs
- diff from 4.4.0-1ubuntu1 to 4.5.1-2ubuntu1 (147.3 KiB)
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Deleted in saucy-proposed (Reason: moved to release) |
tcpdump (4.4.0-1ubuntu1) saucy; urgency=low
* Resynchronize on Debian remaining differences:
* debian/control:
- Build-Depends on dh-apparmor.
- Suggests apparmor
* debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump,
debian/patches/patches/90_man_apparmor.diff,
debian/install, debian/rules:
- Install enforcing AppArmor profile.
Available diffs
- diff from 4.3.0-1ubuntu1 to 4.4.0-1ubuntu1 (104.5 KiB)
| 1 → 75 of 112 results | First • Previous • Next • Last |
