Beuc <notificati...@github.com> wrote:
> I'm part of the Debian Long Term Support team, and I'd like to assess
> if our packaged versions of libpcap are affected by CVE-2018-16301.
Yes.
> 81c4e00e says it relates to "errors in pcapng reading", but I cannot
> identify the related commit.
> In addition, https://www.tcpdump.org/public-cve-list.txt doesn't list
> it as fixed, and marks it as affecting tcpdump rather than libpcap.
!A 2018-08-01 Include Security F1: [libpcap] Remote Packet Capture Daemon
(RPCAPD) Integer Overflow Leads to Heap Buffer Overflow
rpcapd/daemon.c:daemon_unpackapplyfilter(), fixed in 1.9 branch, not master,
CVE-2019-15161
CVE-2018-16301 is, I think, a duplicate of CVE-2019-15161 (libpcap).
It is fixed in 7f8d184f60bf3a228e3d17407dcc7c4a8689eb47.
It is in rpcapd, which I think that Debian does not ship, and was not present
in libpcap 1.8.x
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
