SUSE: 2019:14191-1 important: tcpdump

    Date15 Oct 2019
    CategorySuSE
    285
    Posted ByLinuxSecurity Advisories
    Suse Large
    An update that fixes 83 vulnerabilities is now available.
    
       SUSE Security Update: Security update for tcpdump
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:14191-1
    Rating:             important
    References:         #1057247 #1153098 #1153332 
    Cross-References:   CVE-2017-12893 CVE-2017-12894 CVE-2017-12896
                        CVE-2017-12897 CVE-2017-12898 CVE-2017-12899
                        CVE-2017-12900 CVE-2017-12901 CVE-2017-12902
                        CVE-2017-12985 CVE-2017-12986 CVE-2017-12987
                        CVE-2017-12988 CVE-2017-12991 CVE-2017-12992
                        CVE-2017-12993 CVE-2017-12995 CVE-2017-12996
                        CVE-2017-12998 CVE-2017-12999 CVE-2017-13001
                        CVE-2017-13002 CVE-2017-13003 CVE-2017-13004
                        CVE-2017-13005 CVE-2017-13006 CVE-2017-13008
                        CVE-2017-13009 CVE-2017-13010 CVE-2017-13012
                        CVE-2017-13013 CVE-2017-13014 CVE-2017-13016
                        CVE-2017-13017 CVE-2017-13018 CVE-2017-13019
                        CVE-2017-13021 CVE-2017-13022 CVE-2017-13023
                        CVE-2017-13024 CVE-2017-13025 CVE-2017-13027
                        CVE-2017-13028 CVE-2017-13029 CVE-2017-13030
                        CVE-2017-13031 CVE-2017-13032 CVE-2017-13034
                        CVE-2017-13035 CVE-2017-13036 CVE-2017-13037
                        CVE-2017-13038 CVE-2017-13041 CVE-2017-13047
                        CVE-2017-13048 CVE-2017-13049 CVE-2017-13051
                        CVE-2017-13053 CVE-2017-13055 CVE-2017-13687
                        CVE-2017-13688 CVE-2017-13689 CVE-2017-13725
                        CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
                        CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
                        CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
                        CVE-2018-14468 CVE-2018-14469 CVE-2018-14881
                        CVE-2018-14882 CVE-2018-16229 CVE-2018-16230
                        CVE-2018-16300 CVE-2018-16301 CVE-2018-16451
                        CVE-2018-16452 CVE-2019-15166
    Affected Products:
                        SUSE Linux Enterprise Server 11-SP4-LTSS
                        SUSE Linux Enterprise Point of Sale 11-SP3
                        SUSE Linux Enterprise Debuginfo 11-SP4
                        SUSE Linux Enterprise Debuginfo 11-SP3
    ______________________________________________________________________________
    
       An update that fixes 83 vulnerabilities is now available.
    
    Description:
    
       This update for tcpdump fixes the following issues:
    
       Security issues fixed:
    
       - CVE-2017-12995: Fixed an infinite loop in the DNS parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-12893: Fixed a buffer over-read in the SMB/CIFS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12894: Fixed a buffer over-read in several protocol parsers
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-12896: Fixed a buffer over-read in the ISAKMP parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12897: Fixed a buffer over-read in the ISO CLNS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12898: Fixed a buffer over-read in the NFS parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-12899: Fixed a buffer over-read in the DECnet parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12900: Fixed a buffer over-read in the in several protocol
         parsers that allowed remote DoS (bsc#1057247).
       - CVE-2017-12901: Fixed a buffer over-read in the EIGRP parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12902: Fixed a buffer over-read in the Zephyr parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12985: Fixed a buffer over-read in the IPv6 parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-12986: Fixed a buffer over-read in the IPv6 routing header
         parser that allowed remote DoS (bsc#1057247).
       - CVE-2017-12987: Fixed a buffer over-read in the 802.11 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12988: Fixed a buffer over-read in the telnet parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12991: Fixed a buffer over-read in the BGP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-12992: Fixed a buffer over-read in the RIPng parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12993: Fixed a buffer over-read in the Juniper protocols parser
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-12996: Fixed a buffer over-read in the PIMv2 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12998: Fixed a buffer over-read in the IS-IS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-12999: Fixed a buffer over-read in the IS-IS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13001: Fixed a buffer over-read in the NFS parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13002: Fixed a buffer over-read in the AODV parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13003: Fixed a buffer over-read in the LMP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13004: Fixed a buffer over-read in the Juniper protocols parser
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-13005: Fixed a buffer over-read in the NFS parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13006: Fixed a buffer over-read in the L2TP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13008: Fixed a buffer over-read in the IEEE 802.11 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13009: Fixed a buffer over-read in the IPv6 mobility parser
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-13010: Fixed a buffer over-read in the BEEP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13012: Fixed a buffer over-read in the ICMP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13013: Fixed a buffer over-read in the ARP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13014: Fixed a buffer over-read in the White Board protocol
         parser that allowed remote DoS (bsc#1057247).
       - CVE-2017-13016: Fixed a buffer over-read in the ISO ES-IS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13017: Fixed a buffer over-read in the DHCPv6 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13018: Fixed a buffer over-read in the PGM parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13019: Fixed a buffer over-read in the PGM parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13021: Fixed a buffer over-read in the ICMPv6 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13022: Fixed a buffer over-read in the IP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13023: Fixed a buffer over-read in the IPv6 mobility parser
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-13024: Fixed a buffer over-read in the IPv6 mobility parser
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-13025: Fixed a buffer over-read in the IPv6 mobility parser
         that allowed remote DoS (bsc#1057247).
       - CVE-2017-13027: Fixed a buffer over-read in the LLDP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13028: Fixed a buffer over-read in the BOOTP parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13029: Fixed a buffer over-read in the PPP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13030: Fixed a buffer over-read in the PIM parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13031: Fixed a buffer over-read in the IPv6 fragmentation
         header parser that allowed remote DoS (bsc#1057247).
       - CVE-2017-13032: Fixed a buffer over-read in the RADIUS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13034: Fixed a buffer over-read in the PGM parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13035: Fixed a buffer over-read in the ISO IS-IS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13036: Fixed a buffer over-read in the OSPFv3 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13037: Fixed a buffer over-read in the IP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13038: Fixed a buffer over-read in the PPP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13041: Fixed a buffer over-read in the ICMPv6 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13047: Fixed a buffer over-read in the ISO ES-IS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13048: Fixed a buffer over-read in the RSVP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13049: Fixed a buffer over-read in the Rx protocol parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13051: Fixed a buffer over-read in the RSVP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13053: Fixed a buffer over-read in the BGP parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13055: Fixed a buffer over-read in the ISO IS-IS parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13687: Fixed a buffer over-read in the Cisco HDLC parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13688: Fixed a buffer over-read in the OLSR parser that allowed
         remote DoS (bsc#1057247).
       - CVE-2017-13689: Fixed a buffer over-read in the IKEv1 parser that
         allowed remote DoS (bsc#1057247).
       - CVE-2017-13725: Fixed a buffer over-read in the IPv6 routing header
         parser that allowed remote DoS (bsc#1057247).
       - CVE-2018-10103: Fixed a mishandling of the printing of SMB data
         (bsc#1153098).
       - CVE-2018-10105: Fixed a mishandling of the printing of SMB data
         (bsc#1153098).
       - CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print
         (bsc#1153098).
       - CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print
         (bsc#1153098).
       - CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print
         (bsc#1153098).
       - CVE-2018-14464: Fixed a buffer over-read in
         print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
       - CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print
         (bsc#1153098).
       - CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find
         (bsc#1153098).
       - CVE-2018-14467: Fixed a buffer over-read in
         print-bgp.c:bgp_capabilities_print (bsc#1153098).
       - CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print
         (bsc#1153098).
       - CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print
         (bsc#1153098).
       - CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
       - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser
         (bsc#1153098).
       - CVE-2018-16229: Fixed a buffer over-read in the DCCP parser
         (bsc#1153098).
       - CVE-2018-16230: Fixed a buffer over-read in the BGP parser in
         print-bgp.c:bgp_attr_print (bsc#1153098).
       - CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that
         allowed denial-of-service by stack consumption (bsc#1153098).
       - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
       - CVE-2018-16451: Fixed several buffer over-reads in
         print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN
         (bsc#1153098).
       - CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata
         (bsc#1153098).
       - CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs
         (bsc#1153098).
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS:
    
          zypper in -t patch slessp4-tcpdump-14191=1
    
       - SUSE Linux Enterprise Point of Sale 11-SP3:
    
          zypper in -t patch sleposp3-tcpdump-14191=1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4:
    
          zypper in -t patch dbgsp4-tcpdump-14191=1
    
       - SUSE Linux Enterprise Debuginfo 11-SP3:
    
          zypper in -t patch dbgsp3-tcpdump-14191=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64):
    
          tcpdump-3.9.8-1.30.13.1
    
       - SUSE Linux Enterprise Point of Sale 11-SP3 (i586):
    
          tcpdump-3.9.8-1.30.13.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64):
    
          tcpdump-debuginfo-3.9.8-1.30.13.1
          tcpdump-debugsource-3.9.8-1.30.13.1
    
       - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):
    
          tcpdump-debuginfo-3.9.8-1.30.13.1
          tcpdump-debugsource-3.9.8-1.30.13.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2017-12893.html
       https://www.suse.com/security/cve/CVE-2017-12894.html
       https://www.suse.com/security/cve/CVE-2017-12896.html
       https://www.suse.com/security/cve/CVE-2017-12897.html
       https://www.suse.com/security/cve/CVE-2017-12898.html
       https://www.suse.com/security/cve/CVE-2017-12899.html
       https://www.suse.com/security/cve/CVE-2017-12900.html
       https://www.suse.com/security/cve/CVE-2017-12901.html
       https://www.suse.com/security/cve/CVE-2017-12902.html
       https://www.suse.com/security/cve/CVE-2017-12985.html
       https://www.suse.com/security/cve/CVE-2017-12986.html
       https://www.suse.com/security/cve/CVE-2017-12987.html
       https://www.suse.com/security/cve/CVE-2017-12988.html
       https://www.suse.com/security/cve/CVE-2017-12991.html
       https://www.suse.com/security/cve/CVE-2017-12992.html
       https://www.suse.com/security/cve/CVE-2017-12993.html
       https://www.suse.com/security/cve/CVE-2017-12995.html
       https://www.suse.com/security/cve/CVE-2017-12996.html
       https://www.suse.com/security/cve/CVE-2017-12998.html
       https://www.suse.com/security/cve/CVE-2017-12999.html
       https://www.suse.com/security/cve/CVE-2017-13001.html
       https://www.suse.com/security/cve/CVE-2017-13002.html
       https://www.suse.com/security/cve/CVE-2017-13003.html
       https://www.suse.com/security/cve/CVE-2017-13004.html
       https://www.suse.com/security/cve/CVE-2017-13005.html
       https://www.suse.com/security/cve/CVE-2017-13006.html
       https://www.suse.com/security/cve/CVE-2017-13008.html
       https://www.suse.com/security/cve/CVE-2017-13009.html
       https://www.suse.com/security/cve/CVE-2017-13010.html
       https://www.suse.com/security/cve/CVE-2017-13012.html
       https://www.suse.com/security/cve/CVE-2017-13013.html
       https://www.suse.com/security/cve/CVE-2017-13014.html
       https://www.suse.com/security/cve/CVE-2017-13016.html
       https://www.suse.com/security/cve/CVE-2017-13017.html
       https://www.suse.com/security/cve/CVE-2017-13018.html
       https://www.suse.com/security/cve/CVE-2017-13019.html
       https://www.suse.com/security/cve/CVE-2017-13021.html
       https://www.suse.com/security/cve/CVE-2017-13022.html
       https://www.suse.com/security/cve/CVE-2017-13023.html
       https://www.suse.com/security/cve/CVE-2017-13024.html
       https://www.suse.com/security/cve/CVE-2017-13025.html
       https://www.suse.com/security/cve/CVE-2017-13027.html
       https://www.suse.com/security/cve/CVE-2017-13028.html
       https://www.suse.com/security/cve/CVE-2017-13029.html
       https://www.suse.com/security/cve/CVE-2017-13030.html
       https://www.suse.com/security/cve/CVE-2017-13031.html
       https://www.suse.com/security/cve/CVE-2017-13032.html
       https://www.suse.com/security/cve/CVE-2017-13034.html
       https://www.suse.com/security/cve/CVE-2017-13035.html
       https://www.suse.com/security/cve/CVE-2017-13036.html
       https://www.suse.com/security/cve/CVE-2017-13037.html
       https://www.suse.com/security/cve/CVE-2017-13038.html
       https://www.suse.com/security/cve/CVE-2017-13041.html
       https://www.suse.com/security/cve/CVE-2017-13047.html
       https://www.suse.com/security/cve/CVE-2017-13048.html
       https://www.suse.com/security/cve/CVE-2017-13049.html
       https://www.suse.com/security/cve/CVE-2017-13051.html
       https://www.suse.com/security/cve/CVE-2017-13053.html
       https://www.suse.com/security/cve/CVE-2017-13055.html
       https://www.suse.com/security/cve/CVE-2017-13687.html
       https://www.suse.com/security/cve/CVE-2017-13688.html
       https://www.suse.com/security/cve/CVE-2017-13689.html
       https://www.suse.com/security/cve/CVE-2017-13725.html
       https://www.suse.com/security/cve/CVE-2018-10103.html
       https://www.suse.com/security/cve/CVE-2018-10105.html
       https://www.suse.com/security/cve/CVE-2018-14461.html
       https://www.suse.com/security/cve/CVE-2018-14462.html
       https://www.suse.com/security/cve/CVE-2018-14463.html
       https://www.suse.com/security/cve/CVE-2018-14464.html
       https://www.suse.com/security/cve/CVE-2018-14465.html
       https://www.suse.com/security/cve/CVE-2018-14466.html
       https://www.suse.com/security/cve/CVE-2018-14467.html
       https://www.suse.com/security/cve/CVE-2018-14468.html
       https://www.suse.com/security/cve/CVE-2018-14469.html
       https://www.suse.com/security/cve/CVE-2018-14881.html
       https://www.suse.com/security/cve/CVE-2018-14882.html
       https://www.suse.com/security/cve/CVE-2018-16229.html
       https://www.suse.com/security/cve/CVE-2018-16230.html
       https://www.suse.com/security/cve/CVE-2018-16300.html
       https://www.suse.com/security/cve/CVE-2018-16301.html
       https://www.suse.com/security/cve/CVE-2018-16451.html
       https://www.suse.com/security/cve/CVE-2018-16452.html
       https://www.suse.com/security/cve/CVE-2019-15166.html
       https://bugzilla.suse.com/1057247
       https://bugzilla.suse.com/1153098
       https://bugzilla.suse.com/1153332
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":50.65,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.29,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"27","type":"x","order":"3","pct":35.06,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.