[Bug 1662177] Re: tcpdump multiple CVEs
This bug was fixed in the package tcpdump - 4.9.0-1ubuntu1~ubuntu16.10.1
---
tcpdump (4.9.0-1ubuntu1~ubuntu16.10.1) yakkety-security; urgency=medium
* Backport to yakkety to fix CVEs (LP: #1662177).
* Reset libpcap dependency to yakkety version
* Enable crypto support, dropped in zesty because of openssl.
* Disable some tests failing with older pcap versions
tcpdump (4.9.0-1ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
tcpdump (4.9.0-1) unstable; urgency=high
* New upstream security release, fixing the following:
+ CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
+ CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
+ CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
+ CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
+ CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
+ CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
+ CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
+ CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
+ CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
+ CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
+ CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
+ CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
+ CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
+ CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
+ CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
+ CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
+ CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
+ CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
+ CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
+ CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
+ CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
+ CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
+ CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
+ CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
+ CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
+ CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
+ CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
lightweight resolver protocol, PIM).
+ CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
+ CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
+ CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
+ CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
+ CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
+ CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
print-ether.c:ether_print().
+ CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
+ CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
+ CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
+ CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
* Re-enable all tests and bump build-dep on libpcap0.8-dev to >= 1.8
accordingly.
* Switch Vcs-Git URL to the https one.
* Adjust lintian override name about dh 9.
tcpdump (4.8.1-2ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
tcpdump (4.8.1-2) unstable; urgency=medium
* Disable new HNCP test, which fails on some buildds for some
as-of-yet unexplained reason.
tcpdump (4.8.1-1) unstable; urgency=medium
* New upstream release.
* Re-enable Geneve tests (disabled in 4.7.4-1) and bump build-dep on
libpcap0.8-dev to >= 1.7 accordingly.
* Disable new pcap version tests which require libpcap 1.8+.
tcpdump (4.7.4-3ubuntu1) zesty; urgency=medium
* Merge from Debian unstable. (LP: #1624633) Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install
[Bug 1662177] Re: tcpdump multiple CVEs
This bug was fixed in the package tcpdump - 4.9.0-1ubuntu1~ubuntu12.04.1
---
tcpdump (4.9.0-1ubuntu1~ubuntu12.04.1) precise-security; urgency=medium
[ Gianfranco Costamagna ]
* Backport to precise to fix CVEs (LP: #1662177).
* Reset libpcap dependency to precise version
* Enable crypto support, dropped in zesty because of openssl.
* Disable some tests failing with older pcap versions
tcpdump (4.9.0-1ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
tcpdump (4.9.0-1) unstable; urgency=high
* New upstream security release, fixing the following:
+ CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
+ CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
+ CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
+ CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
+ CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
+ CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
+ CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
+ CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
+ CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
+ CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
+ CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
+ CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
+ CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
+ CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
+ CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
+ CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
+ CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
+ CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
+ CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
+ CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
+ CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
+ CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
+ CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
+ CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
+ CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
+ CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
+ CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
lightweight resolver protocol, PIM).
+ CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
+ CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
+ CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
+ CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
+ CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
+ CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
print-ether.c:ether_print().
+ CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
+ CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
+ CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
+ CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
* Re-enable all tests and bump build-dep on libpcap0.8-dev to >= 1.8
accordingly.
* Switch Vcs-Git URL to the https one.
* Adjust lintian override name about dh 9.
tcpdump (4.8.1-2ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr.sbin.tcpdump,
install, rules, patches/patches/90_man_apparmor.diff}:
+ Add AppArmor profile.
- debian/usr.sbin.tcpdump:
+ Allow capability net_admin to support '-j'.
tcpdump (4.8.1-2) unstable; urgency=medium
* Disable new HNCP test, which fails on some buildds for some
as-of-yet unexplained reason.
tcpdump (4.8.1-1) unstable; urgency=medium
* New upstream release.
* Re-enable Geneve tests (disabled in 4.7.4-1) and bump build-dep on
libpcap0.8-dev to >= 1.7 accordingly.
* Disable new pcap version tests which require libpcap 1.8+.
tcpdump (4.7.4-3ubuntu1) zesty; urgency=medium
* Merge from Debian unstable. (LP: #1624633) Remaining changes:
- debian/{control, README.Debian, tcpdump.dirs, usr
[Bug 1662177] Re: tcpdump multiple CVEs
Thanks for the comments. Ack on the debdiffs, I've built them with a couple of minor nitpicks and will be releasing them today. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
hi Tyler, sorry for the long delay! >Thanks for the debdiffs! I'll need a little more info before I seriously begin sponsoring them. Note >that since tcpdump is in main, I'll still need to do my own QA. sure, no problem (BTW I can upload in main too FWIW) >What investigation did you perform to feel comfortable in disabling the tests that were disabled? short story: the tests are *new* tests, and they need a new pcap to perform correctly (yes, the old pcap will fail and make tcpdump crash in such corner cases, this is the current status quo, and unless you want me to update libpcap won't change) the investigation is: Debian disabled the same tests to the same security uploads, against the same pcap versions (and I confirmed the tests were failing in Ubuntu too) long story: these new tests are e.g. catching some issues with *broken* pcap files, they were discovered after pcap was released, and "fixed" in new pcap versions. Of course they aren't faults in tcpdump, but tcpdump people like to catch them :) Debian usually when a test requires a new libpcap to succeed just bumps the bounds of the required pcap version, and lives happy. In this case we need to revert such bump and avoid such tests. They aren't regressions, probably you can just grab the pcap file from the source code, try to run against them and you will see the same failures. >What amount of testing did you perform? In which Ubuntu releases and in what environment (whether or >not in a VM, the CPU architecture, etc.)? everything is amd64, I did test them on Xenial (my primary system), and tcpdumped my network interface for some time (I can see the packets correctly). I setup a Trusty VM and a Yakkety one to test the same things. Everything has been working correctly. "sudo tcpdump -i interface" is my test. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Changed in: tcpdump (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
Thanks for the debdiffs! I'll need a little more info before I seriously begin sponsoring them. Note that since tcpdump is in main, I'll still need to do my own QA. What investigation did you perform to feel comfortable in disabling the tests that were disabled? What amount of testing did you perform? In which Ubuntu releases and in what environment (whether or not in a VM, the CPU architecture, etc.)? ** Changed in: tcpdump (Ubuntu) Assignee: (unassigned) => LocutusOfBorg (costamagnagianfranco) ** Changed in: tcpdump (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Tags added: patch ** Tags added: trusty xenial yakkety -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Information type changed from Public to Public Security ** Changed in: tcpdump (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Attachment added: "debdiff-yakkety.filtered" https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+attachment/4814073/+files/debdiff-yakkety.filtered -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Attachment added: "debdiff-xenial.filtered" https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+attachment/4814074/+files/debdiff-xenial.filtered -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Attachment added: "debdiff-trusty" https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+attachment/4814053/+files/debdiff-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Attachment added: "debdiff-trusty.filtered" https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+attachment/4814075/+files/debdiff-trusty.filtered ** Description changed: - debdiffs attached + disclaimer for the version bump: Debian did the same, so I presume their + security team had good reasons to do it + + [14:39:59] reverse-depends... tcpdump is a tool, not a library + [14:40:17] I reverse-depends can use it by calling the binary, and the commandline didn't change + [14:40:23] so, I presume everything is fine + [14:40:38] wrt apparmor, you are right + [14:41:52] btw I'm using tcpdump on xenial right now, it works as usual -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Attachment added: "debdiff-yakkety" https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+attachment/4814051/+files/debdiff-yakkety -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662177] Re: tcpdump multiple CVEs
** Attachment added: "debdiff-xenial" https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+attachment/4814052/+files/debdiff-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662177 Title: tcpdump multiple CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1662177/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
