Re: potential buffer overflow in usr.sbin/tcpdump/print-gre.c

Jose Maldonado wrote: > El Fri, 02 Feb 2024 08:54:58 -0700 > "Theo de Raadt" escribió: > > tcpdump will *NEVER* be updated to newer code, because our tcpdump is > > a significant rewrite for privsep. The upstream tcpdump developers > > don't understand what privsep is. > > > > This means the

Re: potential buffer overflow in usr.sbin/tcpdump/print-gre.c

El Fri, 02 Feb 2024 08:54:58 -0700 "Theo de Raadt" escribió: > tcpdump will *NEVER* be updated to newer code, because our tcpdump is > a significant rewrite for privsep. The upstream tcpdump developers > don't understand what privsep is. > > This means the parsers are run without any

Re: potential buffer overflow in usr.sbin/tcpdump/print-gre.c

tcpdump will *NEVER* be updated to newer code, because our tcpdump is a significant rewrite for privsep. The upstream tcpdump developers don't understand what privsep is. This means the parsers are run without any permissions. They should still be correct (so someone will look at this diff),

potential buffer overflow in usr.sbin/tcpdump/print-gre.c

Neglect this if it's duplicated, I send this again just in case the former email wasn't received because I'm not a member of the mailing list. The tcpdump used in openbsd is an old verison which contains CVE-2016-7939 . Though some of the

potential buffer overflow in usr.sbin/tcpdump/print-gre.c

The tcpdump used in openbsd is an old verison which contains CVE-2016-7939 . Though some of the functions modified in the patch doesn't exist in the