[arch-commits] Commit in tcpdump/trunk (CVE-2015-3138.patch PKGBUILD)

Giovanni Scafora Sun, 19 Apr 2015 03:13:07 -0700

    Date: Sunday, April 19, 2015 @ 12:12:46
  Author: giovanni
Revision: 237416


upgpkg: tcpdump 4.7.3-2

Fixed CVE-2015-3138

Added:
  tcpdump/trunk/CVE-2015-3138.patch
Modified:
  tcpdump/trunk/PKGBUILD

---------------------+
 CVE-2015-3138.patch |   29 +++++++++++++++++++++++++++++
 PKGBUILD            |   10 +++++++---
 2 files changed, 36 insertions(+), 3 deletions(-)

Added: CVE-2015-3138.patch
===================================================================
--- CVE-2015-3138.patch                         (rev 0)
+++ CVE-2015-3138.patch 2015-04-19 10:12:46 UTC (rev 237416)
@@ -0,0 +1,29 @@
+--- a/print-wb.c       2014-11-13 12:02:47.000000000 +0100
++++ b/print-wb.c       2015-04-19 11:57:04.127876067 +0200
+@@ -202,7 +202,7 @@
+       len -= sizeof(*io) * nid;
+       io = (struct id_off *)(id + 1);
+       cp = (char *)(io + nid);
+-      if (!ND_TTEST2(cp, len)) {
++      if (ND_TTEST2(cp, len)) {
+               ND_PRINT((ndo, "\""));
+               fn_print(ndo, (u_char *)cp, (u_char *)cp + len);
+               ND_PRINT((ndo, "\""));
+@@ -267,7 +267,7 @@
+       }
+       n = EXTRACT_32BITS(&prep->pp_n);
+       ps = (const struct pgstate *)(prep + 1);
+-      while (--n >= 0 && !ND_TTEST(*ps)) {
++      while (--n >= 0 && ND_TTEST(*ps)) {
+               const struct id_off *io, *ie;
+               char c = '<';
+ 
+@@ -276,7 +276,7 @@
+                   ipaddr_string(ndo, &ps->page.p_sid),
+                   EXTRACT_32BITS(&ps->page.p_uid)));
+               io = (struct id_off *)(ps + 1);
+-              for (ie = io + ps->nid; io < ie && !ND_TTEST(*io); ++io) {
++              for (ie = io + ps->nid; io < ie && ND_TTEST(*io); ++io) {
+                       ND_PRINT((ndo, "%c%s:%u", c, ipaddr_string(ndo, 
&io->id),
+                           EXTRACT_32BITS(&io->off)));
+                       c = ',';

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2015-04-19 04:12:34 UTC (rev 237415)
+++ PKGBUILD    2015-04-19 10:12:46 UTC (rev 237416)
@@ -4,7 +4,7 @@
 
 pkgname=tcpdump
 pkgver=4.7.3
-pkgrel=1
+pkgrel=2
 pkgdesc="A tool for network monitoring and data acquisition"
 arch=('i686' 'x86_64')
 url="http://www.tcpdump.org";
@@ -11,9 +11,11 @@
 license=('BSD')
 depends=('libpcap' 'openssl')
 source=("http://www.tcpdump.org/release/${pkgname}-${pkgver}.tar.gz";
-        'tcpdump_duplicate_executable.patch')
+        'tcpdump_duplicate_executable.patch'
+        'CVE-2015-3138.patch')
 md5sums=('334a4761594b29f80793c1303f0f4acc'
-         '01379e4a12a208ce951c6c2abe80300f')
+         '01379e4a12a208ce951c6c2abe80300f'
+         '4154b0811d56fb05c3839695923bf46c')
 
 prepare() {
   cd "${srcdir}/${pkgname}-${pkgver}"
@@ -20,6 +22,8 @@
 
   # do not install tcpdump-4.1.1 executable (FS#23346)
   patch -Np1 -i "${srcdir}/tcpdump_duplicate_executable.patch"
+  # CVE-2015-3138
+  patch -Np1 -i "${srcdir}/CVE-2015-3138.patch"
 }
 
 build() {

[arch-commits] Commit in tcpdump/trunk (CVE-2015-3138.patch PKGBUILD)

Reply via email to