Back

Fedora 30: libpcap FEDORA-2019-eaa681d33e

Date 26 Oct 2019

Category Fedora Linux Distribution - Security Advisories

671

Posted By LinuxSecurity Advisories

Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-eaa681d33e
2019-10-27 01:08:27.202809
--------------------------------------------------------------------------------

Name        : libpcap
Product     : Fedora 30
Version     : 1.9.1
Release     : 1.fc30
URL         : https://www.tcpdump.org
Summary     : A system-independent interface for user-level packet capture
Description :
Libpcap provides a portable framework for low-level network
monitoring.  Libpcap can provide network statistics collection,
security monitoring and network debugging.  Since almost every system
vendor provides a different interface for packet capture, the libpcap
authors created this system-independent API to ease in porting and to
alleviate the need for several system-dependent packet capture modules
in each application.

Install libpcap if you need to do low-level network traffic monitoring
on your network.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163,
CVE-2019-15164, CVE-2019-15165
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 11 2019 Michal Ruprich  - 14:1.9.1-1
- New version 1.9.1
- Fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1760623 - CVE-2019-15161 libpcap: Mishandled length values in reused variables
        https://bugzilla.redhat.com/show_bug.cgi?id=1760623
  [ 2 ] Bug #1760622 - CVE-2019-15162 libpcap: Information disclosure in rpcapd/daemon.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760622
  [ 3 ] Bug #1760621 - CVE-2019-15163 libpcap: Null pointer dereference in rpcapd/daemon.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760621
  [ 4 ] Bug #1760619 - CVE-2019-15164 libpcap: Server side request forgery in rpcapd/daemon.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760619
  [ 5 ] Bug #1760618 - CVE-2019-15165 libpcap: Resource exhaustion while PHB header length validation
        https://bugzilla.redhat.com/show_bug.cgi?id=1760618
  [ 6 ] Bug #1760500 - CVE-2018-16301 libpcap: Buffer overflow in pcapng reader
        https://bugzilla.redhat.com/show_bug.cgi?id=1760500
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-eaa681d33e' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.