Source: libpcap Version: 1.9.0-2 Severity: important Tags: security upstream
Hi, The following vulnerabilities were published for libpcap. CVE-2018-16301[0]: | libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer | overflow and/or over-read because of errors in pcapng reading. CVE-2019-15165[1]: | sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB | header length before allocating memory. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-16301 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301 [1] https://security-tracker.debian.org/tracker/CVE-2019-15165 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15165 Please adjust the affected versions in the BTS as needed. Regards, Salvatore

