Slackware: 2019-274-01: tcpdump Security Update

    Date 01 Oct 2019
    712
    Posted By LinuxSecurity Advisories
    New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    [slackware-security]  tcpdump (SSA:2019-274-01)
    
    New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2,
    and -current to fix security issues.
    
    
    Here are the details from the Slackware 14.2 ChangeLog:
    +--------------------------+
    patches/packages/libpcap-1.9.1-i586-1_slack14.2.txz:  Upgraded.
      This update is required for the new version of tcpdump.
    patches/packages/tcpdump-4.9.3-i586-1_slack14.2.txz:  Upgraded.
      Fix buffer overflow/overread vulnerabilities and command line
      argument/local issues.
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
      (* Security fix *)
    +--------------------------+
    
    
    Where to find the new packages:
    +-----------------------------+
    
    Thanks to the friendly folks at the OSU Open Source Lab
    (https://osuosl.org) for donating FTP and rsync hosting
    to the Slackware project!  :-)
    
    Also see the "Get Slack" section on https://slackware.com for
    additional mirror sites near you.
    
    Updated packages for Slackware 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libpcap-1.9.1-i486-1_slack14.0.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/tcpdump-4.9.3-i486-1_slack14.0.txz
    
    Updated packages for Slackware x86_64 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libpcap-1.9.1-x86_64-1_slack14.0.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.0.txz
    
    Updated packages for Slackware 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libpcap-1.9.1-i486-1_slack14.1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/tcpdump-4.9.3-i486-1_slack14.1.txz
    
    Updated packages for Slackware x86_64 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libpcap-1.9.1-x86_64-1_slack14.1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.1.txz
    
    Updated packages for Slackware 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/libpcap-1.9.1-i586-1_slack14.2.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/tcpdump-4.9.3-i586-1_slack14.2.txz
    
    Updated packages for Slackware x86_64 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/libpcap-1.9.1-x86_64-1_slack14.2.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/tcpdump-4.9.3-x86_64-1_slack14.2.txz
    
    Updated packages for Slackware -current:
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpcap-1.9.0-i586-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpdump-4.9.2-i586-3.txz
    
    Updated packages for Slackware x86_64 -current:
    ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libpcap-1.9.1-x86_64-1.txz
    ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tcpdump-4.9.3-x86_64-1.txz
    
    
    MD5 signatures:
    +-------------+
    
    Slackware 14.0 packages:
    0855bcc24c0d39f6ec3c6fa7d956ebf4  libpcap-1.9.1-i486-1_slack14.0.txz
    1c53d8ea7923c5947dbbf0eb2dfca2aa  tcpdump-4.9.3-i486-1_slack14.0.txz
    
    Slackware x86_64 14.0 packages:
    080435560c6498ba82e3131d9d7f36e4  libpcap-1.9.1-x86_64-1_slack14.0.txz
    3740823881e104943cb15be6870a0e7d  tcpdump-4.9.3-x86_64-1_slack14.0.txz
    
    Slackware 14.1 packages:
    7f1dffd77993897a3729c1fb3ea5e395  libpcap-1.9.1-i486-1_slack14.1.txz
    b267563e154bbddab251e8e2c7a11f69  tcpdump-4.9.3-i486-1_slack14.1.txz
    
    Slackware x86_64 14.1 packages:
    1177a6f007a4924c2116d15f8cb92900  libpcap-1.9.1-x86_64-1_slack14.1.txz
    de9844ab61993927903a91fc05450c8c  tcpdump-4.9.3-x86_64-1_slack14.1.txz
    
    Slackware 14.2 packages:
    2672c9a84590170ff8f7f2b233af9a38  libpcap-1.9.1-i586-1_slack14.2.txz
    578dbf94aa192915243e2d200c557cc5  tcpdump-4.9.3-i586-1_slack14.2.txz
    
    Slackware x86_64 14.2 packages:
    16f70962eebe606d3d9668202752bc51  libpcap-1.9.1-x86_64-1_slack14.2.txz
    0a4b8400d30a84bc1df774b3537cb4b5  tcpdump-4.9.3-x86_64-1_slack14.2.txz
    
    Slackware -current packages:
    8765839c82fc67a8075b9e1c5211776b  l/libpcap-1.9.0-i586-1.txz
    9de3c38d7c061534d28b5b599ab5d563  n/tcpdump-4.9.2-i586-3.txz
    
    Slackware x86_64 -current packages:
    cb278799afec0d6e99ce9a126b9e65f3  l/libpcap-1.9.1-x86_64-1.txz
    2d14083ccadb447e5af06e0f940fefa5  n/tcpdump-4.9.3-x86_64-1.txz
    
    
    Installation instructions:
    +------------------------+
    
    Upgrade the packages as root:
    # upgradepkg libpcap-1.9.1-i586-1_slack14.2.txz tcpdump-4.9.3-i586-1_slack14.2.txz
    
    
    +-----+
    

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/30-do-you-feel-that-the-lawful-access-to-encrypted-data-act-which-aims-to-force-encryption-backdoors-is-a-threat-to-privacy?task=poll.vote&format=json
    30
    radio
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"19","type":"x","order":"1","pct":95,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":5,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.