Accepted tcpdump 4.9.2-1~deb7u1 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 10 Sep 2017 15:44:06 +0200 Source: tcpdump Binary: tcpdump Architecture: source amd64 Version: 4.9.2-1~deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Romain Francoise <rfranco...@debian.org> Changed-By: Romain Francoise <rfranco...@debian.org> Description: tcpdump- command-line network traffic analyzer Changes: tcpdump (4.9.2-1~deb7u1) wheezy-security; urgency=high . * Backport to wheezy. * Disable pktap-heap-overflow test, which fails with older versions of libpcap. Checksums-Sha1: fe6cce746e4d8d102339777d415d2e758544767b 1947 tcpdump_4.9.2-1~deb7u1.dsc fce857e41fd258176d7e479202131fdec46c0602 14307 tcpdump_4.9.2-1~deb7u1.debian.tar.gz 9a3aabb95725e92265c7e6729f234b50702a3cef 491656 tcpdump_4.9.2-1~deb7u1_amd64.deb Checksums-Sha256: 9431b3dc20e00440907b6cddb0157ce63d5640e0e7c6f95506be0f27d7f112ee 1947 tcpdump_4.9.2-1~deb7u1.dsc a44d557b828893afbcde8c21408187aef787314c046bbb602eb533034d6a44ec 14307 tcpdump_4.9.2-1~deb7u1.debian.tar.gz 8859ca520f781b525b1c281f533bf43ae2e1604eabaf80a65ba1385c58f7a173 491656 tcpdump_4.9.2-1~deb7u1_amd64.deb Files: 40fc58ad0623ab3ea91e82f58f514814 1947 net optional tcpdump_4.9.2-1~deb7u1.dsc 9b09b898531d2a3bac9961e155ec5d66 14307 net optional tcpdump_4.9.2-1~deb7u1.debian.tar.gz 98d4b8284de4a6b2bce070cc142f2a90 491656 net optional tcpdump_4.9.2-1~deb7u1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEvHzQcjh1660F3xzZB7i3sOqYEgsFAlm7oGEACgkQB7i3sOqY EgvpoxAApF7+HUTBSkkhRcxZb9ibEgNA4ChHX6irMMetA/Bp3/Q0/YffspJxEiAB +YIdurLIiO9FPPlY7zU5Ifn9ZvUpz5ziAVHaLCyU/08By+nLMr8yE01OzzHhhQ+w hss8ulUkQkfO9kmjzkDb2FGCDMeEcTcD592Timp2e8ZImojWsTBFZb1hCB8g6t/C cmfZK521jW59KzgzzK5bG2P8eWQIhb0Q/XamsXD0uEJR0Ir4NVpWJgmjZZuj+NLG y+96YrmaGmpJZbAacd4hfjeNAhEXSXv7VWMJW/XroSf/9XIbm/omOVnbX844R2aC Mihvf+4iO/gGKLzBGXd0xMo7rZ05J8nCG1g/wiDZQ5QEzU1B+Fow00KBrGzddeNk ecGP96McL2F+auRvjqYXmjA5+tO3gGqTSwXUUk234vnhbbBdkaIxVeXHVqaqbU+P wFB0tZeMmfcKzFCzwi3tGXS55TbsodT0THpFQdoq7D/mS6gpDC9pw/XLzxSoJ+x5 7ObBtbePJQWNDjZsqNaa9L0Q9j2uEOOZHbHVDvvqEaiwahQmHUJzddkrBlNRu8Y2 d7+EHNAaELdlXDplJ28n+miTbzPTnhlmzQzxLNWjXPtTnJqsT9oIxuX41lgT4/A1 FmysIupcrhTNBbcldnrsuvbQ0SoTL/raCl6toBV432xnSMYs9/I= =iUW/ -END PGP SIGNATURE-
Re: Wheezy update of tcpdump?
Hi, On Thu, Sep 14, 2017 at 02:24:19PM +0200, Guido Günther wrote: > This gives a 404 and the Vcs-Git doesn't have it either. Can you git > push your changes? I can then test it on a live wheezy system and to > the upload and DLA. Reuploaded and pushed, thanks, -- Romain Francoise <rfranco...@debian.org> https://people.debian.org/~rfrancoise/
Re: Wheezy update of tcpdump?
Hi, On Fri, Sep 08, 2017 at 08:50:40PM +0200, Ola Lundqvist wrote: > If that workflow is a burden to you, feel free to just prepare an > updated source package and send it to debian-lts@lists.debian.org > (via a debdiff, or with an URL pointing to the source package, > or even with a pointer to your packaging repository), and the members > of the LTS team will take care of the rest. Indicate clearly whether you > have tested the updated package or not. I have prepared a backport of the upcoming jessie-security version here: https://people.debian.org/~rfrancoise/tcpdump/tcpdump_4.9.2-1~deb7u1_multi.changes It builds and appears to be working for me in a wheezy chroot, but I no longer have live wheezy systems to test it on. Note: the orig tarball is already in the security-master archive but is in the same directory if you need it for your local build. Let me know if you need anything else. Cheers, -- Romain Francoise <rfranco...@debian.org> https://people.debian.org/~rfrancoise/
Re: Anyone having more information about the tcpdump security CVEs?
On Sun, Jan 29, 2017 at 05:14:33PM +0100, Romain Francoise wrote: > Ok, I will prepare the package and upload it next week. Done! I didn't include the upstream tarball as I already uploaded it to jessie-security and IIUC it's the same archive, but I'm not absolutely certain this is right--if the upload gets rejected, I will reupload. -- Romain Francoise <rfranco...@debian.org> http://people.debian.org/~rfrancoise/
Re: Anyone having more information about the tcpdump security CVEs?
Hi, On Sat, Jan 28, 2017 at 09:02:20PM +0100, Ola Lundqvist wrote: > I can issue the DLA if you do the upload. Ok, I will prepare the package and upload it next week. > Are you sure the new tcpdump is backwards compatible? Almost certainly, yes. I will double-check compared to the wheezy version (4.3) which is now quite old, but I don't expect any user-visible changes. -- Romain Francoise <rfranco...@debian.org> https://people.debian.org/~rfrancoise/
Re: Anyone having more information about the tcpdump security CVEs?
Hi, On Fri, Jan 27, 2017 at 10:25:42PM +0100, Ola Lundqvist wrote: > Do anyone have any reference to something that I can have a look at to > judge whether this package need an update in wheezy or not. It definitively needs an update, however you should be aware that for jessie the DSA will just update the package to the new upstream as we don't have broken-out patches for these vulnerabilities. I'm working on this right now. I can prepare packages for wheezy as well if you need, but I'm not yet familiar with how to get them uploaded to wheezy-lts. -- Romain Francoise <rfranco...@debian.org> http://people.debian.org/~rfrancoise/