Fedora 29 nfdump Update FEDORA-2019-9013b5e75d Critical: Buffer Overflow

Nfdump is a set of tools to collect and process NetFlow data. It's fast and has

a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9

and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA

(NSEL) and CISCO NAT (NEL) devices which export event logging records as v9

flows. Nfdump is fully IPv6 compatible.

2019-08-14 - Fix compile issues - Fix output buffer size for

lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06

- Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1

array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in

AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound

checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove

COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge

pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in

nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile,

nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some more monitoring -Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix

hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo

decompress function 2019-07-25 - Rework nfpcapd and add it officially to the

nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer

underflow #171 2019-07-16 - Add latency extension if dumping flowcache

2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM

otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix

display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add

empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix

mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix

spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix

protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix

some error messages to be printed to the correct stream #135 - Add missing -M

command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug

to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper

type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8

repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list -Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge

#120 pull request for -z parameter to nfreplay - Update man page nfreplay

* Wed Aug 14 2019 Denis Fateyev - 1.6.18-1

- Update to version 1.6.18

* Thu Jul 25 2019 Fedora Release Engineering - 1.6.17-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Fri Feb 1 2019 Fedora Release Engineering - 1.6.17-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

[ 1 ] Bug #1735649 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735649

[ 2 ] Bug #1735555 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735555

[ 3 ] Bug #1735648 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735648

[ 4 ] Bug #1735554 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735554

su -c 'dnf upgrade --advisory FEDORA-2019-9013b5e75d' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/