Beuc <notificati...@github.com> wrote: > I'm part of the Debian Long Term Support team, and I'd like to assess > if our packaged versions of libpcap are affected by CVE-2018-16301.
Yes. > 81c4e00e says it relates to "errors in pcapng reading", but I cannot > identify the related commit. > In addition, https://www.tcpdump.org/public-cve-list.txt doesn't list > it as fixed, and marks it as affecting tcpdump rather than libpcap. !A 2018-08-01 Include Security F1: [libpcap] Remote Packet Capture Daemon (RPCAPD) Integer Overflow Leads to Heap Buffer Overflow rpcapd/daemon.c:daemon_unpackapplyfilter(), fixed in 1.9 branch, not master, CVE-2019-15161 CVE-2018-16301 is, I think, a duplicate of CVE-2019-15161 (libpcap). It is fixed in 7f8d184f60bf3a228e3d17407dcc7c4a8689eb47. It is in rpcapd, which I think that Debian does not ship, and was not present in libpcap 1.8.x -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers