commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2020-11-10 13:39:05
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new.11331 (New)
Package is "tcpdump"
Tue Nov 10 13:39:05 2020 rev:42 rq:846281 version:4.9.3
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2020-01-06
16:02:11.925726139 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new.11331/tcpdump.changes
2020-11-10 13:40:00.592407161 +0100
@@ -1,0 +2,7 @@
+Thu Nov 5 10:58:11 UTC 2020 - Pedro Monreal
+
+- Security fix: [bsc#1178466, CVE-2020-8037]
+ * PPP decapsulator: Allocate the right buffer size
+- Add tcpdump-CVE-2020-8037.patch
+
+---
@@ -15 +22 @@
-- Update to 4.9.3
+- Update to 4.9.3 [bsc#1153098]
New:
tcpdump-CVE-2020-8037.patch
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.ymb8Lq/_old 2020-11-10 13:40:01.384405587 +0100
+++ /var/tmp/diff_new_pack.ymb8Lq/_new 2020-11-10 13:40:01.388405579 +0100
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,8 @@
Source3:https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in
print-hncp.c:print_prefix
Patch0: tcpdump-CVE-2018-19519.patch
+# PATCH-FIX-UPSTREAM bsc#1178466 CVE-2020-8037 PPP decapsulator: Allocate the
right buffer size
+Patch1: tcpdump-CVE-2020-8037.patch
BuildRequires: libpcap-devel >= %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -40,7 +42,7 @@
%prep
%setup -q
-%patch0 -p1
+%autopatch -p1
%build
# guessing TSO needed in print-ip.c
++ tcpdump-CVE-2020-8037.patch ++
>From 32027e199368dad9508965aae8cd8de5b6ab5231 Mon Sep 17 00:00:00 2001
From: Guy Harris
Date: Sat, 18 Apr 2020 14:04:59 -0700
Subject: [PATCH] PPP: When un-escaping, don't allocate a too-large buffer.
The buffer should be big enough to hold the captured data, but it
doesn't need to be big enough to hold the entire on-the-network packet,
if we haven't captured all of it.
(backported from commit e4add0b010ed6f2180dcb05a13026242ed935334)
---
print-ppp.c | 18 ++
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/print-ppp.c b/print-ppp.c
index 891761728..33fb03412 100644
--- a/print-ppp.c
+++ b/print-ppp.c
@@ -1367,19 +1367,29 @@ print_bacp_config_options(netdissect_options *ndo,
return 0;
}
+/*
+ * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes.
+ * The length argument is the on-the-wire length, not the captured
+ * length; we can only un-escape the captured part.
+ */
static void
ppp_hdlc(netdissect_options *ndo,
const u_char *p, int length)
{
+ u_int caplen = ndo->ndo_snapend - p;
u_char *b, *t, c;
const u_char *s;
- int i, proto;
+ u_int i;
+ int proto;
const void *se;
+ if (caplen == 0)
+ return;
+
if (length <= 0)
return;
- b = (u_char *)malloc(length);
+ b = (u_char *)malloc(caplen);
if (b == NULL)
return;
@@ -1388,10 +1398,10 @@ ppp_hdlc(netdissect_options *ndo,
* Do this so that we dont overwrite the original packet
* contents.
*/
- for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
+ for (s = p, t = b, i = caplen; i != 0; i--) {
c = *s++;
if (c == 0x7d) {
- if (i <= 1 || !ND_TTEST(*s))
+ if (i <= 1)
break;
i--;
c = *s++ ^ 0x20;
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2020-01-06 16:02:10
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new.6675 (New)
Package is "tcpdump"
Mon Jan 6 16:02:10 2020 rev:41 rq:760624 version:4.9.3
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2019-11-03
11:26:47.457061330 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new.6675/tcpdump.changes
2020-01-06 16:02:11.925726139 +0100
@@ -1,0 +2,6 @@
+Fri Dec 13 17:21:34 UTC 2019 - Michel Normand
+
+- ignore make check failure for PowerPC as tracked upstream
+ https://github.com/the-tcpdump-group/tcpdump/issues/814
+
+---
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.AzCH8N/_old 2020-01-06 16:02:12.537726457 +0100
+++ /var/tmp/diff_new_pack.AzCH8N/_new 2020-01-06 16:02:12.541726459 +0100
@@ -57,7 +57,11 @@
rm %{buildroot}/%{_sbindir}/tcpdump.%{version}
%check
+%ifarch ppc ppc64 ppc64le
+make check %{?_smp_mflags} || { echo "ignore ikev2pI2 failure tracked by
https://github.com/the-tcpdump-group/tcpdump/issues/814;; }
+%else
make check %{?_smp_mflags}
+%endif
%files
%license LICENSE
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2019-11-03 11:26:45
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new.2990 (New)
Package is "tcpdump"
Sun Nov 3 11:26:45 2019 rev:40 rq:743961 version:4.9.3
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2019-10-11
15:11:43.221026732 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new.2990/tcpdump.changes
2019-11-03 11:26:47.457061330 +0100
@@ -1,0 +2,5 @@
+Tue Oct 15 07:53:47 UTC 2019 - Martin Pluskal
+
+- Trim CFLAGS
+
+---
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.QIHYTs/_old 2019-11-03 11:26:48.481062638 +0100
+++ /var/tmp/diff_new_pack.QIHYTs/_new 2019-11-03 11:26:48.485062643 +0100
@@ -22,8 +22,7 @@
Release:0
Summary:A Packet Sniffer
License:BSD-3-Clause
-Group: Productivity/Networking/Diagnostic
-Url:https://www.tcpdump.org/
+URL:https://www.tcpdump.org/
Source: https://www.tcpdump.org/release/%{name}-%{version}.tar.gz
Source1:tcpdump-qeth
Source2:https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
@@ -44,10 +43,11 @@
%patch0 -p1
%build
-export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing"
+# guessing TSO needed in print-ip.c
+export CFLAGS="%{optflags} -DGUESS_TSO"
%configure \
--enable-ipv6
-make %{?_smp_mflags}
+%make_build
%install
%make_install
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2019-10-11 15:11:24
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new.2352 (New)
Package is "tcpdump"
Fri Oct 11 15:11:24 2019 rev:39 rq:734985 version:4.9.3
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2019-07-28
10:18:15.800601471 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new.2352/tcpdump.changes
2019-10-11 15:11:43.221026732 +0200
@@ -1,0 +2,38 @@
+Wed Oct 2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez
+
+- Update to 4.9.3
+ * Fix buffer overflow/overread vulnerabilities:
+- CVE-2017-16808 (AoE)
+- CVE-2018-14468 (FrameRelay)
+- CVE-2018-14469 (IKEv1)
+- CVE-2018-14470 (BABEL)
+- CVE-2018-14466 (AFS/RX)
+- CVE-2018-14461 (LDP)
+- CVE-2018-14462 (ICMP)
+- CVE-2018-14465 (RSVP)
+- CVE-2018-14881 (BGP)
+- CVE-2018-14464 (LMP)
+- CVE-2018-14463 (VRRP)
+- CVE-2018-14467 (BGP)
+- CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
+- CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
+- CVE-2018-14880 (OSPF6)
+- CVE-2018-16451 (SMB)
+- CVE-2018-14882 (RPL)
+- CVE-2018-16227 (802.11)
+- CVE-2018-16229 (DCCP)
+- CVE-2018-16301 (was fixed in libpcap)
+- CVE-2018-16230 (BGP)
+- CVE-2018-16452 (SMB)
+- CVE-2018-16300 (BGP)
+- CVE-2018-16228 (HNCP)
+- CVE-2019-15166 (LMP)
+- CVE-2019-15167 (VRRP)
+ * Fix for cmdline argument/local issues:
+- CVE-2018-14879 (tcpdump -V)
+- Drop patches fixed upstream:
+ * tcpdump-CVE-2017-16808.patch
+ * tcpdump-CVE-2019-1010220.patch
+ * tcpdump-ikev2pI2.patch
+
+---
Old:
tcpdump-4.9.2.tar.gz
tcpdump-4.9.2.tar.gz.sig
tcpdump-CVE-2017-16808.patch
tcpdump-CVE-2019-1010220.patch
tcpdump-ikev2pI2.patch
New:
tcpdump-4.9.3.tar.gz
tcpdump-4.9.3.tar.gz.sig
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.se0Fgd/_old 2019-10-11 15:11:44.241023929 +0200
+++ /var/tmp/diff_new_pack.se0Fgd/_new 2019-10-11 15:11:44.245023917 +0200
@@ -16,31 +16,24 @@
#
-%define min_libpcap_version 1.8.1
+%define min_libpcap_version 1.9.1
Name: tcpdump
-Version:4.9.2
+Version:4.9.3
Release:0
Summary:A Packet Sniffer
License:BSD-3-Clause
Group: Productivity/Networking/Diagnostic
-Url:http://www.tcpdump.org/
-Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
+Url:https://www.tcpdump.org/
+Source: https://www.tcpdump.org/release/%{name}-%{version}.tar.gz
Source1:tcpdump-qeth
-Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
-Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
-# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test
-Patch0: tcpdump-ikev2pI2.patch
+Source2:https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
+Source3:https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in
print-hncp.c:print_prefix
-Patch1: tcpdump-CVE-2018-19519.patch
-# PATCH-FIX-UPSTREAM bsc#1068716 CVE-2017-16808 Heap-based buffer over-read
related to aoe_print and lookup_emem
-Patch2: tcpdump-CVE-2017-16808.patch
-# PATCH-FIX-UPSTREAM bsc#1142439 CVE-2019-1010220 Buffer Over-read in
print_prefix
-Patch3: tcpdump-CVE-2019-1010220.patch
+Patch0: tcpdump-CVE-2018-19519.patch
BuildRequires: libpcap-devel >= %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
Requires: libpcap >= %{min_libpcap_version}
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
This program can "read" all or only certain packets going over the
@@ -49,9 +42,6 @@
%prep
%setup -q
%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
%build
export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing"
@@ -70,7 +60,6 @@
make check %{?_smp_mflags}
%files
-%defattr(-,root,root)
%license LICENSE
%doc CHANGES CREDITS README* *.awk
%{_mandir}/man?/*
++ tcpdump-4.9.2.tar.gz -> tcpdump-4.9.3.tar.gz ++
11594 lines of diff (skipped)
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2019-07-28 10:18:08
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new.4126 (New)
Package is "tcpdump"
Sun Jul 28 10:18:08 2019 rev:38 rq:717922 version:4.9.2
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2018-12-11
15:46:16.578309228 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new.4126/tcpdump.changes
2019-07-28 10:18:15.800601471 +0200
@@ -1,0 +2,19 @@
+Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez
+
+- Security fix [bsc#1142439, CVE-2019-1010220]
+ * Buffer Over-read in print_prefix which may expose data
+ * Added tcpdump-CVE-2019-1010220.patch
+
+---
+Tue Jul 23 10:37:17 UTC 2019 - Pedro Monreal Gonzalez
+
+- Use %license macro for LICENSE file
+
+---
+Tue Jul 23 10:24:31 UTC 2019 - Pedro Monreal Gonzalez
+
+- Security fix [bsc#1068716, CVE-2017-16808]
+ * Heap-based buffer over-read related to aoe_print and lookup_emem
+ * Added tcpdump-CVE-2017-16808.patch
+
+---
New:
tcpdump-CVE-2017-16808.patch
tcpdump-CVE-2019-1010220.patch
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.r7tgwe/_old 2019-07-28 10:18:18.420601475 +0200
+++ /var/tmp/diff_new_pack.r7tgwe/_new 2019-07-28 10:18:18.464601475 +0200
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -32,6 +32,10 @@
Patch0: tcpdump-ikev2pI2.patch
# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in
print-hncp.c:print_prefix
Patch1: tcpdump-CVE-2018-19519.patch
+# PATCH-FIX-UPSTREAM bsc#1068716 CVE-2017-16808 Heap-based buffer over-read
related to aoe_print and lookup_emem
+Patch2: tcpdump-CVE-2017-16808.patch
+# PATCH-FIX-UPSTREAM bsc#1142439 CVE-2019-1010220 Buffer Over-read in
print_prefix
+Patch3: tcpdump-CVE-2019-1010220.patch
BuildRequires: libpcap-devel >= %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -46,6 +50,8 @@
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1
+%patch3 -p1
%build
export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing"
@@ -65,7 +71,8 @@
%files
%defattr(-,root,root)
-%doc CHANGES CREDITS LICENSE README* *.awk
+%license LICENSE
+%doc CHANGES CREDITS README* *.awk
%{_mandir}/man?/*
%{_sbindir}/tcpdump
%ifarch s390 s390x
++ tcpdump-CVE-2017-16808.patch ++
>From 28f610026d901660dd370862b62ec328727446a2 Mon Sep 17 00:00:00 2001
From: Denis Ovsienko
Date: Thu, 31 Aug 2017 21:15:37 +0100
Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
In aoev1_reserve_print() check bounds before trying to print an Ethernet
address.
This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.
---
print-aoe.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/print-aoe.c b/print-aoe.c
index 97e93df2e..2c78a55d3 100644
--- a/print-aoe.c
+++ b/print-aoe.c
@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
goto invalid;
/* addresses */
for (i = 0; i < nmacs; i++) {
+ ND_TCHECK2(*cp, ETHER_ADDR_LEN);
ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i,
etheraddr_string(ndo, cp)));
cp += ETHER_ADDR_LEN;
}
++ tcpdump-CVE-2019-1010220.patch ++
>From 511915bef7e4de2f31b8d9f581b4a44b0cfbcf53 Mon Sep 17 00:00:00 2001
From: Guy Harris
Date: Sat, 1 Jun 2019 14:42:09 -0700
Subject: [PATCH] If decode_prefix6() returns a negative number, don't print
buf.
If it returns a negative number, it hasn't necessarily filled in buf, so
just return immediately; this is similar to the IPv4 code path, wherein
we just return a negative number, and print nothing, on an error.
This should fix GitHub issue #763.
---
print-hncp.c | 2 ++
1 file changed, 2 insertions(+)
Index: tcpdump-4.9.2/print-hncp.c
===
--- tcpdump-4.9.2.orig/print-hncp.c
+++ tcpdump-4.9.2/print-hncp.c
@@ -231,6 +231,8 @@ print_prefix(netdissect_options *ndo, co
plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
} else {
plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
+if
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2018-12-11 15:45:42
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new.19453 (New)
Package is "tcpdump"
Tue Dec 11 15:45:42 2018 rev:37 rq:655857 version:4.9.2
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-09-18
19:54:09.085764601 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new.19453/tcpdump.changes
2018-12-11 15:46:16.578309228 +0100
@@ -1,0 +2,7 @@
+Thu Dec 6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez
+
+- Security fix [bsc#1117267, CVE-2018-19519]
+ * Buffer overread in print-hncp.c:print_prefix.
+ * Added patch tcpdump-CVE-2018-19519.patch
+
+---
New:
tcpdump-CVE-2018-19519.patch
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.7l7N34/_old 2018-12-11 15:46:17.186308559 +0100
+++ /var/tmp/diff_new_pack.7l7N34/_new 2018-12-11 15:46:17.190308555 +0100
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -30,6 +30,8 @@
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test
Patch0: tcpdump-ikev2pI2.patch
+# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in
print-hncp.c:print_prefix
+Patch1: tcpdump-CVE-2018-19519.patch
BuildRequires: libpcap-devel >= %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -43,6 +45,7 @@
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
%build
export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing"
++ tcpdump-CVE-2018-19519.patch ++
>From 32af00b05a6ef573d0b340f97b54c13eb9509dc7 Mon Sep 17 00:00:00 2001
From: Pedro Monreal
Date: Thu, 6 Dec 2018 12:18:38 +0100
Subject: [PATCH] CVE-2018-19519 buffer overread. Initialize buf in
print-hncp.c:print_prefix.
---
print-hncp.c | 2 ++
1 file changed, 2 insertions(+)
Index: tcpdump-4.9.2/print-hncp.c
===
--- tcpdump-4.9.2.orig/print-hncp.c
+++ tcpdump-4.9.2/print-hncp.c
@@ -206,6 +206,8 @@ print_prefix(netdissect_options *ndo, co
int plenbytes;
char buf[sizeof(":::::::::/128")];
+buf[0] = '\0';
+
if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 &&
is_ipv4_mapped_address([1])) {
struct in_addr addr;
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2017-09-18 19:54:05 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Mon Sep 18 19:54:05 2017 rev:36 rq:525837 version:4.9.2 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-07-28 09:44:51.763758211 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2017-09-18 19:54:09.085764601 +0200 @@ -1,0 +2,113 @@ +Tue Sep 12 15:23:04 UTC 2017 - pmonrealgonza...@suse.com + +- Disabled ikev2pI2 test that fails on some architectures + * Added patch tcpdump-ikev2pI2.patch + +--- +Tue Sep 12 14:51:00 UTC 2017 - pmonrealgonza...@suse.com + +- Update to version 4.9.2 [bsc#1057247] + * Security fixes: +- CVE-2017-11108 segfault in STP decoder +- Segfault in ESP decoder with OpenSSL 1.1 +- CVE-2017-11543 buffer overflow in SLIP decoder +- CVE-2017-13011 buffer overflow in bittok2str_internal() +- CVE-2017-12989 infinite loop in the RESP parser +- CVE-2017-12990 infinite loop in the ISAKMP parser +- CVE-2017-12995 infinite loop in the DNS parser +- CVE-2017-12997 infinite loop in the LLDP parser +- CVE-2017-11541 buffer over-read in safeputs() +- CVE-2017-11542 buffer over-read in PIMv1 decoder +- CVE-2017-12893 buffer over-read in the SMB/CIFS parser +- CVE-2017-12894 buffer over-read in several protocol parsers +- CVE-2017-12895 buffer over-read in the ICMP parser +- CVE-2017-12896 buffer over-read in the ISAKMP parser +- CVE-2017-12897 buffer over-read in the ISO CLNS parser +- CVE-2017-12898 buffer over-read in the NFS parser +- CVE-2017-12899 buffer over-read in the DECnet parser +- CVE-2017-12900 buffer over-read in the in several protocol parsers +- CVE-2017-12901 buffer over-read in the EIGRP parser +- CVE-2017-12902 buffer over-read in the Zephyr parser +- CVE-2017-12985 buffer over-read in the IPv6 parser +- CVE-2017-12986 buffer over-read in the IPv6 routing header parser +- CVE-2017-12987 buffer over-read in the 802.11 parser +- CVE-2017-12988 buffer over-read in the telnet parser +- CVE-2017-12991 buffer over-read in the BGP parser +- CVE-2017-12992 buffer over-read in the RIPng parser +- CVE-2017-12993 buffer over-read in the Juniper protocols parser +- CVE-2017-12994 buffer over-read in the BGP parser +- CVE-2017-12996 buffer over-read in the PIMv2 parser +- CVE-2017-12998 buffer over-read in the IS-IS parser +- CVE-2017-12999 buffer over-read in the IS-IS parser +- CVE-2017-13000 buffer over-read in the IEEE 802.15.4 parser +- CVE-2017-13001 buffer over-read in the NFS parser +- CVE-2017-13002 buffer over-read in the AODV parser +- CVE-2017-13003 buffer over-read in the LMP parser +- CVE-2017-13004 buffer over-read in the Juniper protocols parser +- CVE-2017-13005 buffer over-read in the NFS parser +- CVE-2017-13006 buffer over-read in the L2TP parser +- CVE-2017-13007 buffer over-read in the Apple PKTAP parser +- CVE-2017-13008 buffer over-read in the IEEE 802.11 parser +- CVE-2017-13009 buffer over-read in the IPv6 mobility parser +- CVE-2017-13010 buffer over-read in the BEEP parser +- CVE-2017-13012 buffer over-read in the ICMP parser +- CVE-2017-13013 buffer over-read in the ARP parser +- CVE-2017-13014 buffer over-read in the White Board protocol parser +- CVE-2017-13015 buffer over-read in the EAP parser +- CVE-2017-13016 buffer over-read in the ISO ES-IS parser +- CVE-2017-13017 buffer over-read in the DHCPv6 parser +- CVE-2017-13018 buffer over-read in the PGM parser +- CVE-2017-13019 buffer over-read in the PGM parser +- CVE-2017-13020 buffer over-read in the VTP parser +- CVE-2017-13021 buffer over-read in the ICMPv6 parser +- CVE-2017-13022 buffer over-read in the IP parser +- CVE-2017-13023 buffer over-read in the IPv6 mobility parser +- CVE-2017-13024 buffer over-read in the IPv6 mobility parser +- CVE-2017-13025 buffer over-read in the IPv6 mobility parser +- CVE-2017-13026 buffer over-read in the ISO IS-IS parser +- CVE-2017-13027 buffer over-read in the LLDP parser +- CVE-2017-13028 buffer over-read in the BOOTP parser +- CVE-2017-13029 buffer over-read in the PPP parser +- CVE-2017-13030 buffer over-read in the PIM parser +- CVE-2017-13031 buffer over-read in the IPv6 fragmentation header parser +- CVE-2017-13032 buffer over-read in the RADIUS parser +- CVE-2017-13033 buffer over-read in the VTP parser +- CVE-2017-13034 buffer over-read in the PGM parser +- CVE-2017-13035 buffer over-read in
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2017-07-28 09:44:45
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is "tcpdump"
Fri Jul 28 09:44:45 2017 rev:35 rq:512663 version:4.9.1
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-03-05
17:53:33.340548329 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2017-07-28
09:44:51.763758211 +0200
@@ -1,0 +2,17 @@
+Wed Jul 26 12:33:53 UTC 2017 - pmonrealgonza...@suse.com
+
+- Disable ikev2pI2 test that fails on ppc, ppc64 and ppc64le
+ * Added patch tcpdump-ikev2pI2-test-fails-ppc.patch
+
+---
+Wed Jul 26 09:16:56 UTC 2017 - pmonrealgonza...@suse.com
+
+- Update to version 4.9.1 [bsc#1047873]
+ * CVE-2017-11108/Fix bounds checking for STP.
+ * Make assorted documentation updates and fix a few typos in output.
+ * Fixup -C for file size >2GB
+ * Show AddressSanitizer presence in version output.
+ * Fix a bug in test scripts.
+ * Fix a use-after-free when the requested interface does not exist.
+
+---
Old:
tcpdump-4.9.0.tar.gz
tcpdump-4.9.0.tar.gz.sig
New:
tcpdump-4.9.1.tar.gz
tcpdump-4.9.1.tar.gz.sig
tcpdump-ikev2pI2-test-fails-ppc.patch
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.1RqYgp/_old 2017-07-28 09:44:52.599640478 +0200
+++ /var/tmp/diff_new_pack.1RqYgp/_new 2017-07-28 09:44:52.599640478 +0200
@@ -18,7 +18,7 @@
%define min_libpcap_version 1.8.1
Name: tcpdump
-Version:4.9.0
+Version:4.9.1
Release:0
Summary:A Packet Sniffer
License:BSD-3-Clause
@@ -28,6 +28,8 @@
Source1:tcpdump-qeth
Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
+# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2-test-fails-ppc.patch -- Disable ikev2pI2
test on ppc, ppc64 and ppc64le
+Patch0: tcpdump-ikev2pI2-test-fails-ppc.patch
BuildRequires: libpcap-devel >= %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -40,6 +42,7 @@
%prep
%setup -q
+%patch0 -p1
%build
export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing"
++ tcpdump-4.9.0.tar.gz -> tcpdump-4.9.1.tar.gz ++
1637 lines of diff (skipped)
++ tcpdump-ikev2pI2-test-fails-ppc.patch ++
Index: tcpdump-4.9.1/tests/crypto.sh
===
--- tcpdump-4.9.1.orig/tests/crypto.sh
+++ tcpdump-4.9.1/tests/crypto.sh
@@ -28,8 +28,13 @@ then
[ $? -eq 0 ] || exitcode=1
./TESTonce espudp1 espudp1.pcap espudp1.out '- -E "file
esp-secrets.txt"'
[ $? -eq 0 ] || exitcode=1
- ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file
ikev2pI2-secrets.txt" -v -v -v -v'
- [ $? -eq 0 ] || exitcode=1
+ case $(uname -m) in
+ "ppc" | "ppc64" | "ppc64le" ) echo "skipping test ikev2pI2"
+ ;;
+ * ) ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E
"file ikev2pI2-secrets.txt" -v -v -v -v'
+ [ $? -eq 0 ] || exitcode=1
+ ;;
+ esac
./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-E "file
esp-secrets.txt"'
[ $? -eq 0 ] || exitcode=1
fi
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2017-03-05 17:53:32 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Sun Mar 5 17:53:32 2017 rev:34 rq:454247 version:4.9.0 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2016-04-30 23:25:33.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2017-03-05 17:53:33.340548329 +0100 @@ -1,0 +2,46 @@ +Thu Feb 2 14:47:56 UTC 2017 - pmonrealgonza...@suse.com + +- version update to 4.9.0 bsc#1020940 + * CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). + * CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). + * CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). + * CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). + * CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). + * CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). + * CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). + * CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). + * CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). + * CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). + * CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). + * CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + * CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). + * CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). + * CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). + * CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). + * CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). + * CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. + * CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. + * CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. + * CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. + * CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). + * CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). + * CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). + * CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). + * CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. + * CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). + * CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + * CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). + * CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). + * CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). + * CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). + * CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). + * CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). + * CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). + * CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2016-04-30 23:25:32
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is "tcpdump"
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2016-04-03
23:04:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2016-04-30
23:25:33.0 +0200
@@ -1,0 +2,5 @@
+Fri Apr 15 01:28:38 CEST 2016 - r...@suse.de
+
+- fix filelist to fix build on s390/s390x
+
+---
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.fONJMY/_old 2016-04-30 23:25:34.0 +0200
+++ /var/tmp/diff_new_pack.fONJMY/_new 2016-04-30 23:25:34.0 +0200
@@ -64,5 +64,8 @@
%doc CHANGES CREDITS LICENSE README* *.awk
%doc %{_mandir}/man?/*
%{_sbindir}/tcpdump
+%ifarch s390 s390x
+%{_sbindir}/tcpdump-qeth
+%endif
%changelog
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2016-04-03 23:04:33
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is "tcpdump"
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-04-30
11:49:29.0 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2016-04-03
23:04:48.0 +0200
@@ -1,0 +2,5 @@
+Wed Mar 30 07:43:04 UTC 2016 - b...@suse.com
+
+- correctly reference SOURCE1 during installation for s390x
+
+---
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.Jexre0/_old 2016-04-03 23:04:49.0 +0200
+++ /var/tmp/diff_new_pack.Jexre0/_new 2016-04-03 23:04:49.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -52,7 +52,7 @@
%install
make DESTDIR=%{buildroot} install %{?_smp_mflags}
%ifarch s390 s390x
- install -D -m 755 ${SOURCE1} %{buildroot}%{_sbindir}
+ install -D -m 755 %{SOURCE1} %{buildroot}%{_sbindir}
%endif
rm %{buildroot}/%{_sbindir}/tcpdump.%{version}
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2015-04-30 11:49:28
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-04-22
01:14:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-04-30
11:49:29.0 +0200
@@ -1,0 +2,9 @@
+Sun Apr 26 18:51:40 UTC 2015 - astie...@suse.com
+
+- tcpdump 4.7.4:
+ * PPKI to Router Protocol: Fix Segmentation Faults and other problems
+ * RPKI to Router Protocol: print strings with fn_printn()
+ * wb: fix some bounds checks
+(previously patched in, removed CVE-2015-3138.patch)
+
+---
Old:
CVE-2015-3138.patch
tcpdump-4.7.3.tar.gz
tcpdump-4.7.3.tar.gz.sig
New:
tcpdump-4.7.4.tar.gz
tcpdump-4.7.4.tar.gz.sig
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.weaWI1/_old 2015-04-30 11:49:30.0 +0200
+++ /var/tmp/diff_new_pack.weaWI1/_new 2015-04-30 11:49:30.0 +0200
@@ -20,7 +20,7 @@
# for pcap_set_tstamp_precision()
%define min_libpcap_version 1.7.2
Name: tcpdump
-Version:4.7.3
+Version:4.7.4
Release:0
Summary:A Packet Sniffer
License:BSD-3-Clause
@@ -30,7 +30,6 @@
Source1:tcpdump-qeth
Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
-Patch0: CVE-2015-3138.patch
BuildRequires: libpcap-devel = %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -43,7 +42,6 @@
%prep
%setup -q
-%patch0 -p1
%build
export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
++ tcpdump-4.7.3.tar.gz - tcpdump-4.7.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tcpdump-4.7.3/CHANGES new/tcpdump-4.7.4/CHANGES
--- old/tcpdump-4.7.3/CHANGES 2015-03-11 01:47:37.0 +0100
+++ new/tcpdump-4.7.4/CHANGES 2015-04-22 22:33:01.0 +0200
@@ -1,8 +1,14 @@
-Monday March. 11, 2015 g...@alum.mit.edu
+Friday April 10, 2015 g...@alum.mit.edu
+ Summary for 4.7.4 tcpdump release
+ RPKI to Router Protocol: Fix Segmentation Faults and other problems
+ RPKI to Router Protocol: print strings with fn_printn()
+ wb: fix some bounds checks
+
+Wednesday March 11, 2015 m...@sandelman.ca
Summary for 4.7.3 tcpdump release
Capsicum fixes for FreeBSD 10
-Monday March. 10, 2015 g...@alum.mit.edu
+Tuesday March 10, 2015 m...@sandelman.ca
Summary for 4.7.2 tcpdump release
DCCP: update Packet Types with RFC4340/IANA names
fixes for CVE-2015-0261: IPv6 mobility header check issue
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tcpdump-4.7.3/VERSION new/tcpdump-4.7.4/VERSION
--- old/tcpdump-4.7.3/VERSION 2015-03-11 01:44:05.0 +0100
+++ new/tcpdump-4.7.4/VERSION 2015-04-22 22:32:26.0 +0200
@@ -1 +1 @@
-4.7.3
+4.7.4
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tcpdump-4.7.3/netdissect.h
new/tcpdump-4.7.4/netdissect.h
--- old/tcpdump-4.7.3/netdissect.h 2015-03-11 01:40:50.0 +0100
+++ new/tcpdump-4.7.4/netdissect.h 2015-04-22 22:32:16.0 +0200
@@ -81,9 +81,9 @@
char *buf, size_t bufsize);
/* tok2str is deprecated */
-extern const char *tok2str(const struct tok *, const char *, int);
-extern char *bittok2str(const struct tok *, const char *, int);
-extern char *bittok2str_nosep(const struct tok *, const char *, int);
+extern const char *tok2str(const struct tok *, const char *, u_int);
+extern char *bittok2str(const struct tok *, const char *, u_int);
+extern char *bittok2str_nosep(const struct tok *, const char *, u_int);
typedef struct netdissect_options netdissect_options;
@@ -293,7 +293,6 @@
extern int fn_print(netdissect_options *, const u_char *, const u_char *);
extern int fn_printn(netdissect_options *, const u_char *, u_int, const u_char
*);
extern int fn_printzp(netdissect_options *, const u_char *, u_int, const
u_char *);
-extern const char *tok2str(const struct tok *, const char *, int);
/*
* Flags for txtproto_print().
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tcpdump-4.7.3/print-isoclns.c
new/tcpdump-4.7.4/print-isoclns.c
--- old/tcpdump-4.7.3/print-isoclns.c 2015-03-11 01:36:52.0 +0100
+++
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2015-04-22 01:14:03
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-03-16
06:54:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-04-22
01:14:04.0 +0200
@@ -1,0 +2,6 @@
+Fri Apr 17 20:00:24 UTC 2015 - astie...@suse.com
+
+- fix a DoS vulnerability in print-wb.c
+ CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch
+
+---
New:
CVE-2015-3138.patch
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.qklnUD/_old 2015-04-22 01:14:05.0 +0200
+++ /var/tmp/diff_new_pack.qklnUD/_new 2015-04-22 01:14:05.0 +0200
@@ -30,6 +30,7 @@
Source1:tcpdump-qeth
Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
+Patch0: CVE-2015-3138.patch
BuildRequires: libpcap-devel = %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -42,6 +43,7 @@
%prep
%setup -q
+%patch0 -p1
%build
export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
++ CVE-2015-3138.patch ++
From 3ed82f4ed0095768529afc22b923c8f7171fff70 Mon Sep 17 00:00:00 2001
From: Denis Ovsienko de...@ovsienko.info
Date: Wed, 25 Mar 2015 22:35:12 +
Subject: [PATCH] whiteboard: fixup a few reversed tests (GH #446)
This is a follow-up to commit 3a3ec26.
---
print-wb.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/print-wb.c b/print-wb.c
index 3e3b064..4fa5e38 100644
--- a/print-wb.c
+++ b/print-wb.c
@@ -201,7 +201,7 @@ wb_id(netdissect_options *ndo,
len -= sizeof(*io) * nid;
io = (struct id_off *)(id + 1);
cp = (char *)(io + nid);
- if (!ND_TTEST2(cp, len)) {
+ if (ND_TTEST2(cp, len)) {
ND_PRINT((ndo, \));
fn_print(ndo, (u_char *)cp, (u_char *)cp + len);
ND_PRINT((ndo, \));
@@ -266,7 +266,7 @@ wb_prep(netdissect_options *ndo,
}
n = EXTRACT_32BITS(prep-pp_n);
ps = (const struct pgstate *)(prep + 1);
- while (--n = 0 !ND_TTEST(*ps)) {
+ while (--n = 0 ND_TTEST(*ps)) {
const struct id_off *io, *ie;
char c = '';
@@ -275,7 +275,7 @@ wb_prep(netdissect_options *ndo,
ipaddr_string(ndo, ps-page.p_sid),
EXTRACT_32BITS(ps-page.p_uid)));
io = (struct id_off *)(ps + 1);
- for (ie = io + ps-nid; io ie !ND_TTEST(*io); ++io) {
+ for (ie = io + ps-nid; io ie ND_TTEST(*io); ++io) {
ND_PRINT((ndo, %c%s:%u, c, ipaddr_string(ndo,
io-id),
EXTRACT_32BITS(io-off)));
c = ',';
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2015-03-16 06:54:41
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-02-12
10:20:39.0 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-03-16
06:54:42.0 +0100
@@ -1,0 +2,15 @@
+Fri Mar 13 09:54:11 UTC 2015 - vci...@suse.com
+
+- update to 4.7.3
+- fixes four security bugs:
+ * CVE-2015-0261 - IPv6 mobility printer (bnc#90)
+ * CVE-2015-2153 - tcp printer (bnc#91)
+ * CVE-2015-2154 - ethernet printer (bnc#92)
+ * CVE-2015-2155 - force printer (bnc#93)
+- drop patches with security fixes (upstream):
+ * tcpdump-CVE-2014-8767.patch
+ * tcpdump-CVE-2014-8768.patch
+ * tcpdump-CVE-2014-8769.patch
+ * 0001-Clean-up-error-message-printing.patch
+
+---
Old:
0001-Clean-up-error-message-printing.patch
tcpdump-4.6.2.tar.gz
tcpdump-4.6.2.tar.gz.sig
tcpdump-CVE-2014-8767.patch
tcpdump-CVE-2014-8768.patch
tcpdump-CVE-2014-8769.patch
New:
tcpdump-4.7.3.tar.gz
tcpdump-4.7.3.tar.gz.sig
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.X7nWqD/_old 2015-03-16 06:54:43.0 +0100
+++ /var/tmp/diff_new_pack.X7nWqD/_new 2015-03-16 06:54:43.0 +0100
@@ -18,9 +18,9 @@
# from http://upstream-tracker.org/versions/libpcap.html
# for pcap_set_tstamp_precision()
-%define min_libpcap_version 1.5.1
+%define min_libpcap_version 1.7.2
Name: tcpdump
-Version:4.6.2
+Version:4.7.3
Release:0
Summary:A Packet Sniffer
License:BSD-3-Clause
@@ -30,10 +30,6 @@
Source1:tcpdump-qeth
Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
-Patch3: tcpdump-CVE-2014-8767.patch
-Patch4: tcpdump-CVE-2014-8768.patch
-Patch5: tcpdump-CVE-2014-8769.patch
-Patch6: 0001-Clean-up-error-message-printing.patch
BuildRequires: libpcap-devel = %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -46,10 +42,6 @@
%prep
%setup -q
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
%build
export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
++ tcpdump-4.6.2.tar.gz - tcpdump-4.7.3.tar.gz ++
13399 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2015-02-12 10:20:37
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2014-09-09
18:59:43.0 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-02-12
10:20:39.0 +0100
@@ -1,0 +2,14 @@
+Fri Feb 6 12:31:23 UTC 2015 - vci...@suse.com
+
+- fix CVE-2014-8767 (bnc#905870)
+ * denial of service in verbose mode using malformed OLSR payload
+ * added tcpdump-CVE-2014-8767.patch
+- fix CVE-2014-8768 (bnc#905871)
+ * denial of service in verbose mode using malformed Geonet payload
+ * added tcpdump-CVE-2014-8768.patch
+- fix CVE-2014-8769 (bnc#905872)
+ * unreliable output using malformed AOVD payload
+ * added tcpdump-CVE-2014-8769.patch
+ * added 0001-Clean-up-error-message-printing.patch
+
+---
New:
0001-Clean-up-error-message-printing.patch
tcpdump-CVE-2014-8767.patch
tcpdump-CVE-2014-8768.patch
tcpdump-CVE-2014-8769.patch
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.8WDoUx/_old 2015-02-12 10:20:40.0 +0100
+++ /var/tmp/diff_new_pack.8WDoUx/_new 2015-02-12 10:20:40.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -30,6 +30,10 @@
Source1:tcpdump-qeth
Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
+Patch3: tcpdump-CVE-2014-8767.patch
+Patch4: tcpdump-CVE-2014-8768.patch
+Patch5: tcpdump-CVE-2014-8769.patch
+Patch6: 0001-Clean-up-error-message-printing.patch
BuildRequires: libpcap-devel = %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -42,6 +46,10 @@
%prep
%setup -q
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
%build
export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
++ 0001-Clean-up-error-message-printing.patch ++
From 3e8a443c3671baa37ae7870f08fb9b4bf386fd24 Mon Sep 17 00:00:00 2001
From: Guy Harris g...@alum.mit.edu
Date: Tue, 11 Nov 2014 18:37:35 -0800
Subject: [PATCH] Clean up error message printing.
Have struct aodv_rerr just be the header, not including the actual
destinations.
Simplify the logic somewhat, and make it similar in the print routines
for the three types of error messages.
---
print-aodv.c | 88 +++-
1 file changed, 46 insertions(+), 42 deletions(-)
diff --git a/print-aodv.c b/print-aodv.c
index da5b169..da26473 100644
--- a/print-aodv.c
+++ b/print-aodv.c
@@ -146,13 +146,6 @@ struct aodv_rerr {
uint8_t rerr_flags; /* various flags */
uint8_t rerr_zero0; /* reserved, set to zero */
uint8_t rerr_dc;/* destination count */
- union {
- struct rerr_unreach dest[1];
-#ifdef INET6
- struct rerr_unreach6 dest6[1];
- struct rerr_unreach6_draft_01 dest6_draft_01[1];
-#endif
- } r;
};
#define RERR_NODELETE 0x80/* don't delete the link */
@@ -284,32 +277,29 @@ static void
aodv_rerr(netdissect_options *ndo,
const struct aodv_rerr *ap, const u_char *dat, u_int length)
{
- u_int i;
- const struct rerr_unreach *dp = NULL;
- int n, trunc;
+ u_int i, dc;
+ const struct rerr_unreach *dp;
if (ndo-ndo_snapend dat) {
ND_PRINT((ndo, [|aodv]));
return;
}
i = min(length, (u_int)(ndo-ndo_snapend - dat));
- if (i offsetof(struct aodv_rerr, r)) {
+ if (i sizeof(*ap)) {
ND_PRINT((ndo, [|rerr]));
return;
}
- i -= offsetof(struct aodv_rerr, r);
- dp = ap-r.dest[0];
- n = ap-rerr_dc * sizeof(ap-r.dest[0]);
+ i -= sizeof(*ap);
ND_PRINT((ndo, rerr %s [items %u] [%u]:,
ap-rerr_flags RERR_NODELETE ? [D] : ,
ap-rerr_dc, length));
- trunc = n - (i/sizeof(ap-r.dest[0]));
- for (; i = sizeof(ap-r.dest[0]);
- ++dp, i -= sizeof(ap-r.dest[0])) {
+ dp = (struct rerr_unreach *)(void *)(ap + 1);
+ for (dc =
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2014-09-09 18:59:38 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2014-08-20 17:52:56.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2014-09-09 18:59:43.0 +0200 @@ -1,0 +2,7 @@ +Wed Sep 3 18:44:03 UTC 2014 - andreas.stie...@gmx.de + +- tcpdump 4.6.2: + * fix out-of-source-tree builds: find libpcap that is out of source + * better configure check for libsmi + +--- Old: tcpdump-4.6.1.tar.gz tcpdump-4.6.1.tar.gz.sig New: tcpdump-4.6.2.tar.gz tcpdump-4.6.2.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.KrW4Ld/_old 2014-09-09 18:59:46.0 +0200 +++ /var/tmp/diff_new_pack.KrW4Ld/_new 2014-09-09 18:59:46.0 +0200 @@ -20,7 +20,7 @@ # for pcap_set_tstamp_precision() %define min_libpcap_version 1.5.1 Name: tcpdump -Version:4.6.1 +Version:4.6.2 Release:0 Summary:A Packet Sniffer License:BSD-3-Clause ++ tcpdump-4.6.1.tar.gz - tcpdump-4.6.2.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/CHANGES new/tcpdump-4.6.2/CHANGES --- old/tcpdump-4.6.1/CHANGES 2014-07-19 15:28:39.0 +0200 +++ new/tcpdump-4.6.2/CHANGES 2014-09-03 03:25:09.0 +0200 @@ -1,3 +1,7 @@ +Tuesday Sep. 2, 2014 m...@sandelman.ca + fix out-of-source-tree builds: find libpcap that is out of source + better configure check for libsmi + Saturday Jul. 19, 2014 m...@sandelman.ca Summary for 4.6.1 tcpdump release added FreeBSD capsicum diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/VERSION new/tcpdump-4.6.2/VERSION --- old/tcpdump-4.6.1/VERSION 2014-07-19 15:10:13.0 +0200 +++ new/tcpdump-4.6.2/VERSION 2014-09-03 03:25:16.0 +0200 @@ -1 +1 @@ -4.6.1 +4.6.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/aclocal.m4 new/tcpdump-4.6.2/aclocal.m4 --- old/tcpdump-4.6.1/aclocal.m42014-07-03 00:12:01.0 +0200 +++ new/tcpdump-4.6.2/aclocal.m42014-09-03 03:23:48.0 +0200 @@ -443,7 +443,9 @@ lastdir=FAIL places=`ls $srcdir/.. | sed -e 's,/$,,' -e s,^,$srcdir/../, | \ egrep '/libpcap-[[0-9]]+\.[[0-9]]+(\.[[0-9]]*)?([[ab]][[0-9]]*|-PRE-GIT)?$'` -for dir in $places $srcdir/../libpcap $srcdir/libpcap ; do +places2=`ls .. | sed -e 's,/$,,' -e s,^,../, | \ + egrep '/libpcap-[[0-9]]+\.[[0-9]]+(\.[[0-9]]*)?([[ab]][[0-9]]*|-PRE-GIT)?$'` +for dir in $places $srcdir/../libpcap ../libpcap $srcdir/libpcap $places2 ; do basedir=`echo $dir | sed -e 's/[[ab]][[0-9]]*$//' | \ sed -e 's/-PRE-GIT$//' ` if test $lastdir = $basedir ; then @@ -526,13 +528,23 @@ $1=$libpcap places=`ls $srcdir/.. | sed -e 's,/$,,' -e s,^,$srcdir/../, | \ egrep '/libpcap-[[0-9]]*.[[0-9]]*(.[[0-9]]*)?([[ab]][[0-9]]*)?$'` + places2=`ls .. | sed -e 's,/$,,' -e s,^,../, | \ + egrep '/libpcap-[[0-9]]*.[[0-9]]*(.[[0-9]]*)?([[ab]][[0-9]]*)?$'` +pcapH=FAIL if test -r $d/pcap.h; then - $2=-I$d $$2 - elif test -r $places/pcap.h; then - $2=-I$places $$2 +pcapH=$d else -AC_MSG_ERROR(cannot find pcap.h, see INSTALL) +for dir in $places $srcdir/../libpcap ../libpcap $srcdir/libpcap $places2 ; do + if test -r $dir/pcap.h ; then + pcapH=$dir + fi +done +fi + +if test $pcapH = FAIL ; then +AC_MSG_ERROR(cannot find pcap.h: see INSTALL) fi +$2=-I$pcapH $$2 AC_MSG_RESULT($libpcap) AC_PATH_PROG(PCAP_CONFIG, pcap-config,, $d) if test -n $PCAP_CONFIG; then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/config.h.in new/tcpdump-4.6.2/config.h.in --- old/tcpdump-4.6.1/config.h.in 2014-07-19 15:09:39.0 +0200 +++ new/tcpdump-4.6.2/config.h.in 2014-09-03 02:10:42.0 +0200 @@ -61,9 +61,6 @@ /* Define to 1 if you have the `rpc' library (-lrpc). */ #undef HAVE_LIBRPC -/*
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2014-08-20 17:52:51
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2013-12-16
07:14:53.0 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2014-08-20
17:52:56.0 +0200
@@ -1,0 +2,29 @@
+Fri Aug 15 19:45:52 UTC 2014 - andreas.stie...@gmx.de
+
+- tcpdump 4.6.1:
+ * add a short option '#', same as long option '--number'
+- includes changes from 4.6.0:
+ * all of tcpdump is now using the new NDO code base
+ * nflog, mobile, forces, pptp, AODV, AHCP, IPv6, OSPFv4, RPL,
+DHCPv6 enhancements/fixes
+ * M3UA decode added.
+ * many new test cases: 82 in 4.5.1 to 133 in 4.6.0
+ * cleaned up some unnecessary header files
+ * Added bittok2str().
+ * a number of unaligned access faults fixed
+ * -A flag does not consider CR to be printable anymore
+ * fx.lebail took over coverity baby sitting
+ * default snapshot size increased to 256K for accomodate USB
+captures
+- includes changes from 4.5.2:
+ * man page fix
+- add build and runtime libpcap minimum version
+- remove old patches, thus making package patchless:
+tcpdump-4.0.0-prototypes.patch
+tcpdump-4.0.0-aliasing.patch
+- run spec cleaner on spec file
+- remove gpg-offline, now part of source validator
+- remove versioned binary
+- run regression tests
+
+---
Old:
tcpdump-4.0.0-aliasing.patch
tcpdump-4.0.0-prototypes.patch
tcpdump-4.5.1.tar.gz
tcpdump-4.5.1.tar.gz.sig
New:
tcpdump-4.6.1.tar.gz
tcpdump-4.6.1.tar.gz.sig
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.0okboP/_old 2014-08-20 17:52:58.0 +0200
+++ /var/tmp/diff_new_pack.0okboP/_new 2014-08-20 17:52:58.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,57 +16,53 @@
#
+# from http://upstream-tracker.org/versions/libpcap.html
+# for pcap_set_tstamp_precision()
+%define min_libpcap_version 1.5.1
Name: tcpdump
-Version:4.5.1
+Version:4.6.1
Release:0
-Url:http://www.tcpdump.org/
Summary:A Packet Sniffer
License:BSD-3-Clause
Group: Productivity/Networking/Diagnostic
+Url:http://www.tcpdump.org/
Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
Source1:tcpdump-qeth
Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
-Patch0: tcpdump-4.0.0-prototypes.patch
-Patch2: tcpdump-4.0.0-aliasing.patch
-BuildRequires: libpcap-devel
+BuildRequires: libpcap-devel = %{min_libpcap_version}
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
-%if 0%{?suse_version} = 1230
-BuildRequires: gpg-offline
-%endif
+Requires: libpcap = %{min_libpcap_version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
This program can read all or only certain packets going over the
ethernet. It can be used to debug specific network problems.
-
%prep
-%{?gpg_verify: %gpg_verify %{S:2}}
%setup -q
-%patch0
-%patch2
%build
-export CFLAGS=$RPM_OPT_FLAGS -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
+export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
%configure \
--enable-ipv6
-make
+make %{?_smp_mflags}
%install
-make DESTDIR=$RPM_BUILD_ROOT install
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
%ifarch s390 s390x
- install -D -m 755 $RPM_SOURCE_DIR/tcpdump-qeth $RPM_BUILD_ROOT%{_sbindir}
+ install -D -m 755 ${SOURCE1} %{buildroot}%{_sbindir}
%endif
+rm %{buildroot}/%{_sbindir}/tcpdump.%{version}
-%clean
-rm -rf $RPM_BUILD_ROOT
+%check
+make check %{?_smp_mflags}
%files
%defattr(-,root,root)
%doc CHANGES CREDITS LICENSE README* *.awk
%doc %{_mandir}/man?/*
-%{_sbindir}/*
+%{_sbindir}/tcpdump
%changelog
++ tcpdump-4.5.1.tar.gz - tcpdump-4.6.1.tar.gz ++
101013 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2013-12-16 07:14:53
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2013-09-16
10:15:59.0 +0200
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2013-12-16
07:14:53.0 +0100
@@ -1,0 +2,26 @@
+Sat Dec 14 11:19:45 UTC 2013 - andreas.stie...@gmx.de
+
+- update to 4.5.1
+ Version 4.5.0 revised for non-code related edits
+ - some NFSv4 fixes for printing
+ - fix printing of unknown TCP options, and tcp fast-open
+ - fixes for syslog parser
+ - some gcc-version-specific flag tuning
+ - improvements to babel printing
+ - add OpenFlow 1.0 (no SSL) and test cases
+ - GeoNet printer.
+ - added STBC Rx support
+ - improvements to DHCPv6 decoder
+ - clarify which autoconf is needed
+ - Point users to the the-tcpdump-group repository on GitHub rather
+than the mcr repository
+ - Add MSDP printer.
+ - Fixed IPv6 check on Solaris and other OSes requiring extra
+networking libraries.
+ - Add support for VXLAN (draft-mahalingam-dutt-dcops-vxlan-03),
+and add vxlan as an option for -T.
+ - Add support for OTV (draft-hasmit-otv-04).
+fixes for DLT_IEEE802_11_RADIO datalink types
+ - added MPTCP decoder
+
+---
Old:
tcpdump-4.4.0.tar.gz
tcpdump-4.4.0.tar.gz.sig
New:
tcpdump-4.5.1.tar.gz
tcpdump-4.5.1.tar.gz.sig
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.UpeCmc/_old 2013-12-16 07:14:54.0 +0100
+++ /var/tmp/diff_new_pack.UpeCmc/_new 2013-12-16 07:14:54.0 +0100
@@ -17,7 +17,7 @@
Name: tcpdump
-Version:4.4.0
+Version:4.5.1
Release:0
Url:http://www.tcpdump.org/
Summary:A Packet Sniffer
@@ -65,7 +65,7 @@
%files
%defattr(-,root,root)
-%doc CHANGES CREDITS LICENSE README *.awk
+%doc CHANGES CREDITS LICENSE README* *.awk
%doc %{_mandir}/man?/*
%{_sbindir}/*
++ tcpdump-4.4.0.tar.gz - tcpdump-4.5.1.tar.gz ++
22957 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2012-09-14 12:39:40 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2012-06-15 14:06:25.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2012-09-14 12:39:41.0 +0200 @@ -1,0 +2,5 @@ +Fri Jun 15 15:37:15 CEST 2012 - jsl...@suse.de + +- remove tcpdump-4.0.0-uninitialized.patch, it's solved differently + +--- Old: tcpdump-4.0.0-uninitialized.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.yuLVen/_old 2012-09-14 12:39:42.0 +0200 +++ /var/tmp/diff_new_pack.yuLVen/_new 2012-09-14 12:39:42.0 +0200 @@ -27,7 +27,6 @@ Source1:tcpdump-qeth Patch0: tcpdump-4.0.0-prototypes.patch Patch2: tcpdump-4.0.0-aliasing.patch -Patch3: tcpdump-4.0.0-uninitialized.patch BuildRequires: libpcap-devel BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -42,7 +41,6 @@ %setup -q %patch0 %patch2 -%patch3 %build export CFLAGS=$RPM_OPT_FLAGS -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2012-06-15 14:06:23 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2012-01-04 07:32:20.0 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2012-06-15 14:06:25.0 +0200 @@ -1,0 +2,17 @@ +Thu Jun 14 23:48:25 CEST 2012 - jsl...@suse.de + +- update to 4.3.0 + - fixes for forces: SPARSE data (per RFC 5810) + - some more test cases added + - updates to documentation on -l, -U and -w flags. + - Fix printing of BGP optional headers. + - Tried to include DLT_PFSYNC support, failed due to headers required. + - added TIPC support. + - Fix LLDP Network Policy bit definitions. + - fixes for IGMPv3's Max Response Time: it is in units of 0.1 second. + - SIGUSR1 can be used rather than SIGINFO for stats + - permit -n flag to affect print-ip for protocol numbers + - ND_OPT_ADVINTERVAL is in milliseconds, not seconds + - Teach PPPoE parser about RFC 4638 + +--- Old: tcpdump-4.2.1.tar.gz New: tcpdump-4.3.0.tar.gz Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.r440Cf/_old 2012-06-15 14:06:28.0 +0200 +++ /var/tmp/diff_new_pack.r440Cf/_new 2012-06-15 14:06:28.0 +0200 @@ -17,7 +17,7 @@ Name: tcpdump -Version:4.2.1 +Version:4.3.0 Release:0 Url:http://www.tcpdump.org/ Summary:A Packet Sniffer ++ tcpdump-4.2.1.tar.gz - tcpdump-4.3.0.tar.gz ++ 6486 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community,
here is the log from the commit of package tcpdump for openSUSE:Factory checked
in at 2012-01-04 07:32:18
Comparing /work/SRC/openSUSE:Factory/tcpdump (Old)
and /work/SRC/openSUSE:Factory/.tcpdump.new (New)
Package is tcpdump, Maintainer is vci...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2011-11-29
12:52:38.0 +0100
+++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2012-01-04
07:32:20.0 +0100
@@ -1,0 +2,26 @@
+Tue Jan 3 14:48:56 UTC 2012 - pu...@suse.com
+
+- update to 4.2.1
+ - Only build the Babel printer if IPv6 is enabled.
+ - Support Babel on port 6696 as well as 6697.
+ - Include ppi.h in release tarball.
+ - Include all the test files in the release tarball, and don't
+include test files that no longer exist.
+ - Don't assume we have rpc/rpc.h - check for it.
+ - Support -T carp as a way of dissecting IP protocol 112 as CARP
+rather than VRRP.
+ - Support Hilscher NetAnalyzer link-layer header format.
+ - Constify some pointers and fix compiler warnings.
+ - Get rid of never-true test.
+ - Fix an unintended fall-through in a case statement in the ARP
+printer.
+ - Fix several cases where sizeof(sizeof(XXX)) was used when just
+sizeof(XXX) was intended.
+ - Make stricter sanity checks in the ES-IS printer.
+ - Get rid of some GCCisms that caused builds to fail with compilers
+that don't support them.
+ - Fix typo in man page.
+ - Added length checks to Babel printer.
+- drop tcpdump-4.2.0-ppi.patch (upstream)
+
+---
Old:
tcpdump-4.2.0-ppi.patch
tcpdump-4.2.0.tar.gz
New:
tcpdump-4.2.1.tar.gz
Other differences:
--
++ tcpdump.spec ++
--- /var/tmp/diff_new_pack.UmVE1O/_old 2012-01-04 07:32:21.0 +0100
+++ /var/tmp/diff_new_pack.UmVE1O/_new 2012-01-04 07:32:21.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package tcpdump
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,24 +15,19 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-# norootforbuild
-
Name: tcpdump
-Version:4.2.0
-Release:1
-AutoReqProv:on
-License:BSD-3-Clause
-Group: Productivity/Networking/Diagnostic
+Version:4.2.1
+Release:0
Url:http://www.tcpdump.org/
Summary:A Packet Sniffer
-Source: tcpdump-%{version}.tar.gz
+License:BSD-3-Clause
+Group: Productivity/Networking/Diagnostic
+Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
Source1:tcpdump-qeth
Patch0: tcpdump-4.0.0-prototypes.patch
Patch2: tcpdump-4.0.0-aliasing.patch
Patch3: tcpdump-4.0.0-uninitialized.patch
-# PATCH-FIX-SUSE add missing ppi.h
-Patch4: tcpdump-4.2.0-ppi.patch
BuildRequires: libpcap-devel
BuildRequires: libsmi-devel
BuildRequires: openssl-devel
@@ -48,7 +43,6 @@
%patch0
%patch2
%patch3
-%patch4 -p1
%build
export CFLAGS=$RPM_OPT_FLAGS -Wall -DGUESS_TSO -fstack-protector
-fno-strict-aliasing
++ tcpdump-4.0.0-aliasing.patch ++
--- /var/tmp/diff_new_pack.UmVE1O/_old 2012-01-04 07:32:21.0 +0100
+++ /var/tmp/diff_new_pack.UmVE1O/_new 2012-01-04 07:32:21.0 +0100
@@ -1,21 +1,24 @@
icmp6.h
+Index: icmp6.h
+===
+--- icmp6.h.orig
+++ icmp6.h
-@@ -396,7 +396,11 @@
+@@ -404,7 +404,11 @@ struct icmp6_router_renum { /* router re
u_int8_trr_segnum;
u_int8_trr_flags;
u_int16_t rr_maxdelay;
-- u_int32_t rr_reserved;
+ union {
+ u_int8_trr_reserved8[4];
+ u_int16_t rr_reserved16[2];
-+ u_int32_t rr_reserved;
+ u_int32_t rr_reserved;
+ };
};
#define ICMP6_RR_FLAGS_TEST 0x80
#define ICMP6_RR_FLAGS_REQRESULT 0x40
print-icmp.c
+Index: print-icmp.c
+===
+--- print-icmp.c.orig
+++ print-icmp.c
-@@ -47,6 +47,12 @@
+@@ -47,6 +47,12 @@ static const char rcsid[] _U_ =
* Per RFC 792, September 1981.
*/
@@ -28,13 +31,12 @@
/*
* Structure of an icmp header.
*/
-@@ -61,8 +67,12 @@
+@@ -61,8 +67,12 @@ struct icmp {
u_int16_t icd_id;
u_int16_t icd_seq;
} ih_idseq;
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2011-12-06 19:07:43 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.PEk3X5/_old 2011-12-06 19:41:57.0 +0100 +++ /var/tmp/diff_new_pack.PEk3X5/_new 2011-12-06 19:41:57.0 +0100 @@ -22,7 +22,7 @@ Version:4.2.0 Release:1 AutoReqProv:on -License:BSD3c +License:BSD-3-Clause Group: Productivity/Networking/Diagnostic Url:http://www.tcpdump.org/ Summary:A Packet Sniffer -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
