https://seclists.org/tcpdump/2024/q3/3 announced:
I hope this finds you well. tcpdump 4.99.5 and libpcap 1.10.5 are now
available in the usual places [1]. It has been almost 1.5 years since
the previous .4 releases, so this time it is many more bug fixes and
improvements than usual. Among other things libpcap 1.10.5 addresses
two CVEs that only apply if libpcap was built with the remote packet
capture support (which is not the default).
[...]
1: https://www.tcpdump.org/release/
https://www.tcpdump.org/index.html#latest-releases further says:
This libpcap release makes various improvements and bug fixes
available whilst the work on libpcap 1.11 is still in progress.
Among other things this includes the fixes to two vulnerabilities
(CVE-2023-7256 discovered by Dora Sweet and CVE-2024-8006 discovered
by Flavio Toffalini and reported by Nicolas Badoux) in the remote
packet capture code, which is disabled by default.
--
-Alan Coopersmith- alan.coopersm...@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/solaris
