Slackware: 2019-274-01: tcpdump Security Update

    Date01 Oct 2019
    CategorySlackware
    369
    Posted ByLinuxSecurity Advisories
    New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    [slackware-security]  tcpdump (SSA:2019-274-01)
    
    New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2,
    and -current to fix security issues.
    
    
    Here are the details from the Slackware 14.2 ChangeLog:
    +--------------------------+
    patches/packages/libpcap-1.9.1-i586-1_slack14.2.txz:  Upgraded.
      This update is required for the new version of tcpdump.
    patches/packages/tcpdump-4.9.3-i586-1_slack14.2.txz:  Upgraded.
      Fix buffer overflow/overread vulnerabilities and command line
      argument/local issues.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
      (* Security fix *)
    +--------------------------+
    
    
    Where to find the new packages:
    +-----------------------------+
    
    Thanks to the friendly folks at the OSU Open Source Lab
    (http://osuosl.org) for donating FTP and rsync hosting
    to the Slackware project!  :-)
    
    Also see the "Get Slack" section on http://slackware.com for
    additional mirror sites near you.
    
    Updated packages for Slackware 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libpcap-1.9.1-i486-1_slack14.0.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/tcpdump-4.9.3-i486-1_slack14.0.txz
    
    Updated packages for Slackware x86_64 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libpcap-1.9.1-x86_64-1_slack14.0.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.0.txz
    
    Updated packages for Slackware 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libpcap-1.9.1-i486-1_slack14.1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/tcpdump-4.9.3-i486-1_slack14.1.txz
    
    Updated packages for Slackware x86_64 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libpcap-1.9.1-x86_64-1_slack14.1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.1.txz
    
    Updated packages for Slackware 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/libpcap-1.9.1-i586-1_slack14.2.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/tcpdump-4.9.3-i586-1_slack14.2.txz
    
    Updated packages for Slackware x86_64 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/libpcap-1.9.1-x86_64-1_slack14.2.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.2.txz
    
    Updated packages for Slackware -current:
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpcap-1.9.0-i586-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpdump-4.9.2-i586-3.txz
    
    Updated packages for Slackware x86_64 -current:
    ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libpcap-1.9.1-x86_64-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tcpdump-4.9.3-x86_64-1.txz
    
    
    MD5 signatures:
    +-------------+
    
    Slackware 14.0 packages:
    0855bcc24c0d39f6ec3c6fa7d956ebf4  libpcap-1.9.1-i486-1_slack14.0.txz
    1c53d8ea7923c5947dbbf0eb2dfca2aa  tcpdump-4.9.3-i486-1_slack14.0.txz
    
    Slackware x86_64 14.0 packages:
    080435560c6498ba82e3131d9d7f36e4  libpcap-1.9.1-x86_64-1_slack14.0.txz
    3740823881e104943cb15be6870a0e7d  tcpdump-4.9.3-x86_64-1_slack14.0.txz
    
    Slackware 14.1 packages:
    7f1dffd77993897a3729c1fb3ea5e395  libpcap-1.9.1-i486-1_slack14.1.txz
    b267563e154bbddab251e8e2c7a11f69  tcpdump-4.9.3-i486-1_slack14.1.txz
    
    Slackware x86_64 14.1 packages:
    1177a6f007a4924c2116d15f8cb92900  libpcap-1.9.1-x86_64-1_slack14.1.txz
    de9844ab61993927903a91fc05450c8c  tcpdump-4.9.3-x86_64-1_slack14.1.txz
    
    Slackware 14.2 packages:
    2672c9a84590170ff8f7f2b233af9a38  libpcap-1.9.1-i586-1_slack14.2.txz
    578dbf94aa192915243e2d200c557cc5  tcpdump-4.9.3-i586-1_slack14.2.txz
    
    Slackware x86_64 14.2 packages:
    16f70962eebe606d3d9668202752bc51  libpcap-1.9.1-x86_64-1_slack14.2.txz
    0a4b8400d30a84bc1df774b3537cb4b5  tcpdump-4.9.3-x86_64-1_slack14.2.txz
    
    Slackware -current packages:
    8765839c82fc67a8075b9e1c5211776b  l/libpcap-1.9.0-i586-1.txz
    9de3c38d7c061534d28b5b599ab5d563  n/tcpdump-4.9.2-i586-3.txz
    
    Slackware x86_64 -current packages:
    cb278799afec0d6e99ce9a126b9e65f3  l/libpcap-1.9.1-x86_64-1.txz
    2d14083ccadb447e5af06e0f940fefa5  n/tcpdump-4.9.3-x86_64-1.txz
    
    
    Installation instructions:
    +------------------------+
    
    Upgrade the packages as root:
    # upgradepkg libpcap-1.9.1-i586-1_slack14.2.txz tcpdump-4.9.3-i586-1_slack14.2.txz
    
    
    +-----+
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.