Source: libpcap
Version: 1.9.0-2
Severity: important
Tags: security upstream

Hi,

The following vulnerabilities were published for libpcap.

CVE-2018-16301[0]:
| libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer
| overflow and/or over-read because of errors in pcapng reading.


CVE-2019-15165[1]:
| sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB
| header length before allocating memory.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-16301
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
[1] https://security-tracker.debian.org/tracker/CVE-2019-15165
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15165

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply via email to