Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Fedora 30: 2019-eaa681d33e Critical: libpcap Network Security Fix

fedora
Calendar Grey October 26, 2019
Dist Fedora Esm H88
Fedora 34 release for libcurl resolves various vulnerabilities. Keep your environment safe by applying the most recent patches.
Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165

Summary

Libpcap provides a portable framework for low-level network

monitoring. Libpcap can provide network statistics collection,

security monitoring and network debugging. Since almost every system

vendor provides a different interface for packet capture, the libpcap

authors created this system-independent API to ease in porting and to

alleviate the need for several system-dependent packet capture modules

in each application.

Install libpcap if you need to do low-level network traffic monitoring

on your network.

Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163,

CVE-2019-15164, CVE-2019-15165

* Fri Oct 11 2019 Michal Ruprich - 14:1.9.1-1

- New version 1.9.1

- Fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165

[ 1 ] Bug #1760623 - CVE-2019-15161 libpcap: Mishandled length values in reused variables

https://bugzilla.redhat.com/show_bug.cgi?id=1760623

[ 2 ] Bug #1760622 - CVE-2019-15162 libpcap: Information disclosure in rpcapd/daemon.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760622

[ 3 ] Bug #1760621 - CVE-2019-15163 libpcap: Null pointer dereference in rpcapd/daemon.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760621

[ 4 ] Bug #1760619 - CVE-2019-15164 libpcap: Server side request forgery in rpcapd/daemon.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760619

[ 5 ] Bug #1760618 - CVE-2019-15165 libpcap: Resource exhaustion while PHB header length validation

https://bugzilla.redhat.com/show_bug.cgi?id=1760618

[ 6 ] Bug #1760500 - CVE-2018-16301 libpcap: Buffer overflow in pcapng reader

https://bugzilla.redhat.com/show_bug.cgi?id=1760500

su -c 'dnf upgrade --advisory FEDORA-2019-eaa681d33e' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory fedora buffer overflow network monitoring update information information disclosure libpcap

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 30
Version: 1.9.1
Release: 1.fc30
URL: https://www.tcpdump.org/
Summary: A system-independent interface for user-level packet capture

Topics%20covered

Topics Covered

security advisory fedora buffer overflow network monitoring update information information disclosure libpcap

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here