Package: tcpdump Version: 4.6.2-5 Severity: grave Control: fixed -1 4.7.4-1 Control: tag -1 jessie
I have been using tcpdump like this for ages: /usr/sbin/tcpdump -Z $user -S0 -p -n U -B $bufsz -i $iface -w - "$rule" The important thing here is that tcpdump drops privileges to $user and writes the pcap file to standard output ... which gets piped to another process. Post-processing of the resulting streams broke after upgrading to jessie because tcpdump prints that bit of information about dropping privileges to standard output. This has been fixed in 4.7.4-1 currently part of stretch. Since a backport of that is available via jessie-backports, I'm going to use that on the machines affected. Cheers, -Hilko -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
