Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2018-12-11 15:45:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.19453 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tcpdump" Tue Dec 11 15:45:42 2018 rev:37 rq:655857 version:4.9.2 Changes: -------- --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-09-18 19:54:09.085764601 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.19453/tcpdump.changes 2018-12-11 15:46:16.578309228 +0100 @@ -1,0 +2,7 @@ +Thu Dec 6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez <[email protected]> + +- Security fix [bsc#1117267, CVE-2018-19519] + * Buffer overread in print-hncp.c:print_prefix. + * Added patch tcpdump-CVE-2018-19519.patch + +------------------------------------------------------------------- New: ---- tcpdump-CVE-2018-19519.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tcpdump.spec ++++++ --- /var/tmp/diff_new_pack.7l7N34/_old 2018-12-11 15:46:17.186308559 +0100 +++ /var/tmp/diff_new_pack.7l7N34/_new 2018-12-11 15:46:17.190308555 +0100 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -30,6 +30,8 @@ Source3: http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring # PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test Patch0: tcpdump-ikev2pI2.patch +# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix +Patch1: tcpdump-CVE-2018-19519.patch BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -43,6 +45,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" ++++++ tcpdump-CVE-2018-19519.patch ++++++ >From 32af00b05a6ef573d0b340f97b54c13eb9509dc7 Mon Sep 17 00:00:00 2001 From: Pedro Monreal <[email protected]> Date: Thu, 6 Dec 2018 12:18:38 +0100 Subject: [PATCH] CVE-2018-19519 buffer overread. Initialize buf in print-hncp.c:print_prefix. --- print-hncp.c | 2 ++ 1 file changed, 2 insertions(+) Index: tcpdump-4.9.2/print-hncp.c =================================================================== --- tcpdump-4.9.2.orig/print-hncp.c +++ tcpdump-4.9.2/print-hncp.c @@ -206,6 +206,8 @@ print_prefix(netdissect_options *ndo, co int plenbytes; char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")]; + buf[0] = '\0'; + if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && is_ipv4_mapped_address(&prefix[1])) { struct in_addr addr;
