On Thu, Feb 27, 2003 at 12:51:51PM -0800, Bill Fenner wrote: > > Hi, > > We've released tcpdump 3.7.2 and libpcap 0.7.2 . tcpdump 3.7.2 addresses > today's iDEFENSE Advisory 02.27.03, as well as a couple of other security > problems. libpcap 0.7.2 has no security updates, just some bugfixes and > minor new functionality.
Hi. Do these security problems also affect tcpdump 3.6.2? If yes, do you have plans on a new release for 3.6.x? (I see there's a CVS tag named "tcpdump_3_6rel3"... are there any security fixes applied to this branch?) I'm asking that because I have to update "old" Conectiva Linux distributions that shipped with tcpdump 3.6.x. Thanks in advance. > > The releases are available both from www.tcpdump.org and sourceforge. > Enjoy! > > Bill > > tcpdump CHANGES: > Fixed infinite loop when parsing malformed isakmp packets. > (reported by iDefense; already fixed in CVS) > Fixed infinite loop when parsing malformed BGP packets. > Fixed buffer overflow with certain malformed NFS packets. -- Ademar de Souza Reis Jr. <[EMAIL PROTECTED]> Never be afraid to try something new. Remember that amateurs built the Ark. Professionals built the Titanic. ^[:wq! - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
