commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2020-11-10 13:39:05 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.11331 (New) Package is "tcpdump" Tue Nov 10 13:39:05 2020 rev:42 rq:846281 version:4.9.3 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2020-01-06 16:02:11.925726139 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.11331/tcpdump.changes 2020-11-10 13:40:00.592407161 +0100 @@ -1,0 +2,7 @@ +Thu Nov 5 10:58:11 UTC 2020 - Pedro Monreal + +- Security fix: [bsc#1178466, CVE-2020-8037] + * PPP decapsulator: Allocate the right buffer size +- Add tcpdump-CVE-2020-8037.patch + +--- @@ -15 +22 @@ -- Update to 4.9.3 +- Update to 4.9.3 [bsc#1153098] New: tcpdump-CVE-2020-8037.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.ymb8Lq/_old 2020-11-10 13:40:01.384405587 +0100 +++ /var/tmp/diff_new_pack.ymb8Lq/_new 2020-11-10 13:40:01.388405579 +0100 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,6 +29,8 @@ Source3:https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring # PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix Patch0: tcpdump-CVE-2018-19519.patch +# PATCH-FIX-UPSTREAM bsc#1178466 CVE-2020-8037 PPP decapsulator: Allocate the right buffer size +Patch1: tcpdump-CVE-2020-8037.patch BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -40,7 +42,7 @@ %prep %setup -q -%patch0 -p1 +%autopatch -p1 %build # guessing TSO needed in print-ip.c ++ tcpdump-CVE-2020-8037.patch ++ >From 32027e199368dad9508965aae8cd8de5b6ab5231 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Sat, 18 Apr 2020 14:04:59 -0700 Subject: [PATCH] PPP: When un-escaping, don't allocate a too-large buffer. The buffer should be big enough to hold the captured data, but it doesn't need to be big enough to hold the entire on-the-network packet, if we haven't captured all of it. (backported from commit e4add0b010ed6f2180dcb05a13026242ed935334) --- print-ppp.c | 18 ++ 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/print-ppp.c b/print-ppp.c index 891761728..33fb03412 100644 --- a/print-ppp.c +++ b/print-ppp.c @@ -1367,19 +1367,29 @@ print_bacp_config_options(netdissect_options *ndo, return 0; } +/* + * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes. + * The length argument is the on-the-wire length, not the captured + * length; we can only un-escape the captured part. + */ static void ppp_hdlc(netdissect_options *ndo, const u_char *p, int length) { + u_int caplen = ndo->ndo_snapend - p; u_char *b, *t, c; const u_char *s; - int i, proto; + u_int i; + int proto; const void *se; + if (caplen == 0) + return; + if (length <= 0) return; - b = (u_char *)malloc(length); + b = (u_char *)malloc(caplen); if (b == NULL) return; @@ -1388,10 +1398,10 @@ ppp_hdlc(netdissect_options *ndo, * Do this so that we dont overwrite the original packet * contents. */ - for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) { + for (s = p, t = b, i = caplen; i != 0; i--) { c = *s++; if (c == 0x7d) { - if (i <= 1 || !ND_TTEST(*s)) + if (i <= 1) break; i--; c = *s++ ^ 0x20;
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2020-01-06 16:02:10 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.6675 (New) Package is "tcpdump" Mon Jan 6 16:02:10 2020 rev:41 rq:760624 version:4.9.3 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2019-11-03 11:26:47.457061330 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.6675/tcpdump.changes 2020-01-06 16:02:11.925726139 +0100 @@ -1,0 +2,6 @@ +Fri Dec 13 17:21:34 UTC 2019 - Michel Normand + +- ignore make check failure for PowerPC as tracked upstream + https://github.com/the-tcpdump-group/tcpdump/issues/814 + +--- Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.AzCH8N/_old 2020-01-06 16:02:12.537726457 +0100 +++ /var/tmp/diff_new_pack.AzCH8N/_new 2020-01-06 16:02:12.541726459 +0100 @@ -57,7 +57,11 @@ rm %{buildroot}/%{_sbindir}/tcpdump.%{version} %check +%ifarch ppc ppc64 ppc64le +make check %{?_smp_mflags} || { echo "ignore ikev2pI2 failure tracked by https://github.com/the-tcpdump-group/tcpdump/issues/814;; } +%else make check %{?_smp_mflags} +%endif %files %license LICENSE
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2019-11-03 11:26:45 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.2990 (New) Package is "tcpdump" Sun Nov 3 11:26:45 2019 rev:40 rq:743961 version:4.9.3 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2019-10-11 15:11:43.221026732 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.2990/tcpdump.changes 2019-11-03 11:26:47.457061330 +0100 @@ -1,0 +2,5 @@ +Tue Oct 15 07:53:47 UTC 2019 - Martin Pluskal + +- Trim CFLAGS + +--- Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.QIHYTs/_old 2019-11-03 11:26:48.481062638 +0100 +++ /var/tmp/diff_new_pack.QIHYTs/_new 2019-11-03 11:26:48.485062643 +0100 @@ -22,8 +22,7 @@ Release:0 Summary:A Packet Sniffer License:BSD-3-Clause -Group: Productivity/Networking/Diagnostic -Url:https://www.tcpdump.org/ +URL:https://www.tcpdump.org/ Source: https://www.tcpdump.org/release/%{name}-%{version}.tar.gz Source1:tcpdump-qeth Source2:https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig @@ -44,10 +43,11 @@ %patch0 -p1 %build -export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" +# guessing TSO needed in print-ip.c +export CFLAGS="%{optflags} -DGUESS_TSO" %configure \ --enable-ipv6 -make %{?_smp_mflags} +%make_build %install %make_install
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2019-10-11 15:11:24 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.2352 (New) Package is "tcpdump" Fri Oct 11 15:11:24 2019 rev:39 rq:734985 version:4.9.3 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2019-07-28 10:18:15.800601471 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.2352/tcpdump.changes 2019-10-11 15:11:43.221026732 +0200 @@ -1,0 +2,38 @@ +Wed Oct 2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez + +- Update to 4.9.3 + * Fix buffer overflow/overread vulnerabilities: +- CVE-2017-16808 (AoE) +- CVE-2018-14468 (FrameRelay) +- CVE-2018-14469 (IKEv1) +- CVE-2018-14470 (BABEL) +- CVE-2018-14466 (AFS/RX) +- CVE-2018-14461 (LDP) +- CVE-2018-14462 (ICMP) +- CVE-2018-14465 (RSVP) +- CVE-2018-14881 (BGP) +- CVE-2018-14464 (LMP) +- CVE-2018-14463 (VRRP) +- CVE-2018-14467 (BGP) +- CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled) +- CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled) +- CVE-2018-14880 (OSPF6) +- CVE-2018-16451 (SMB) +- CVE-2018-14882 (RPL) +- CVE-2018-16227 (802.11) +- CVE-2018-16229 (DCCP) +- CVE-2018-16301 (was fixed in libpcap) +- CVE-2018-16230 (BGP) +- CVE-2018-16452 (SMB) +- CVE-2018-16300 (BGP) +- CVE-2018-16228 (HNCP) +- CVE-2019-15166 (LMP) +- CVE-2019-15167 (VRRP) + * Fix for cmdline argument/local issues: +- CVE-2018-14879 (tcpdump -V) +- Drop patches fixed upstream: + * tcpdump-CVE-2017-16808.patch + * tcpdump-CVE-2019-1010220.patch + * tcpdump-ikev2pI2.patch + +--- Old: tcpdump-4.9.2.tar.gz tcpdump-4.9.2.tar.gz.sig tcpdump-CVE-2017-16808.patch tcpdump-CVE-2019-1010220.patch tcpdump-ikev2pI2.patch New: tcpdump-4.9.3.tar.gz tcpdump-4.9.3.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.se0Fgd/_old 2019-10-11 15:11:44.241023929 +0200 +++ /var/tmp/diff_new_pack.se0Fgd/_new 2019-10-11 15:11:44.245023917 +0200 @@ -16,31 +16,24 @@ # -%define min_libpcap_version 1.8.1 +%define min_libpcap_version 1.9.1 Name: tcpdump -Version:4.9.2 +Version:4.9.3 Release:0 Summary:A Packet Sniffer License:BSD-3-Clause Group: Productivity/Networking/Diagnostic -Url:http://www.tcpdump.org/ -Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz +Url:https://www.tcpdump.org/ +Source: https://www.tcpdump.org/release/%{name}-%{version}.tar.gz Source1:tcpdump-qeth -Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig -Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring -# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test -Patch0: tcpdump-ikev2pI2.patch +Source2:https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig +Source3:https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring # PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix -Patch1: tcpdump-CVE-2018-19519.patch -# PATCH-FIX-UPSTREAM bsc#1068716 CVE-2017-16808 Heap-based buffer over-read related to aoe_print and lookup_emem -Patch2: tcpdump-CVE-2017-16808.patch -# PATCH-FIX-UPSTREAM bsc#1142439 CVE-2019-1010220 Buffer Over-read in print_prefix -Patch3: tcpdump-CVE-2019-1010220.patch +Patch0: tcpdump-CVE-2018-19519.patch BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel Requires: libpcap >= %{min_libpcap_version} -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This program can "read" all or only certain packets going over the @@ -49,9 +42,6 @@ %prep %setup -q %patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 %build export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" @@ -70,7 +60,6 @@ make check %{?_smp_mflags} %files -%defattr(-,root,root) %license LICENSE %doc CHANGES CREDITS README* *.awk %{_mandir}/man?/* ++ tcpdump-4.9.2.tar.gz -> tcpdump-4.9.3.tar.gz ++ 11594 lines of diff (skipped)
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2019-07-28 10:18:08 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.4126 (New) Package is "tcpdump" Sun Jul 28 10:18:08 2019 rev:38 rq:717922 version:4.9.2 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2018-12-11 15:46:16.578309228 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.4126/tcpdump.changes 2019-07-28 10:18:15.800601471 +0200 @@ -1,0 +2,19 @@ +Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez + +- Security fix [bsc#1142439, CVE-2019-1010220] + * Buffer Over-read in print_prefix which may expose data + * Added tcpdump-CVE-2019-1010220.patch + +--- +Tue Jul 23 10:37:17 UTC 2019 - Pedro Monreal Gonzalez + +- Use %license macro for LICENSE file + +--- +Tue Jul 23 10:24:31 UTC 2019 - Pedro Monreal Gonzalez + +- Security fix [bsc#1068716, CVE-2017-16808] + * Heap-based buffer over-read related to aoe_print and lookup_emem + * Added tcpdump-CVE-2017-16808.patch + +--- New: tcpdump-CVE-2017-16808.patch tcpdump-CVE-2019-1010220.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.r7tgwe/_old 2019-07-28 10:18:18.420601475 +0200 +++ /var/tmp/diff_new_pack.r7tgwe/_new 2019-07-28 10:18:18.464601475 +0200 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -32,6 +32,10 @@ Patch0: tcpdump-ikev2pI2.patch # PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix Patch1: tcpdump-CVE-2018-19519.patch +# PATCH-FIX-UPSTREAM bsc#1068716 CVE-2017-16808 Heap-based buffer over-read related to aoe_print and lookup_emem +Patch2: tcpdump-CVE-2017-16808.patch +# PATCH-FIX-UPSTREAM bsc#1142439 CVE-2019-1010220 Buffer Over-read in print_prefix +Patch3: tcpdump-CVE-2019-1010220.patch BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -46,6 +50,8 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 %build export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" @@ -65,7 +71,8 @@ %files %defattr(-,root,root) -%doc CHANGES CREDITS LICENSE README* *.awk +%license LICENSE +%doc CHANGES CREDITS README* *.awk %{_mandir}/man?/* %{_sbindir}/tcpdump %ifarch s390 s390x ++ tcpdump-CVE-2017-16808.patch ++ >From 28f610026d901660dd370862b62ec328727446a2 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Thu, 31 Aug 2017 21:15:37 +0100 Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check. In aoev1_reserve_print() check bounds before trying to print an Ethernet address. This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. --- print-aoe.c | 1 + 1 file changed, 1 insertion(+) diff --git a/print-aoe.c b/print-aoe.c index 97e93df2e..2c78a55d3 100644 --- a/print-aoe.c +++ b/print-aoe.c @@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo, goto invalid; /* addresses */ for (i = 0; i < nmacs; i++) { + ND_TCHECK2(*cp, ETHER_ADDR_LEN); ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp))); cp += ETHER_ADDR_LEN; } ++ tcpdump-CVE-2019-1010220.patch ++ >From 511915bef7e4de2f31b8d9f581b4a44b0cfbcf53 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Sat, 1 Jun 2019 14:42:09 -0700 Subject: [PATCH] If decode_prefix6() returns a negative number, don't print buf. If it returns a negative number, it hasn't necessarily filled in buf, so just return immediately; this is similar to the IPv4 code path, wherein we just return a negative number, and print nothing, on an error. This should fix GitHub issue #763. --- print-hncp.c | 2 ++ 1 file changed, 2 insertions(+) Index: tcpdump-4.9.2/print-hncp.c === --- tcpdump-4.9.2.orig/print-hncp.c +++ tcpdump-4.9.2/print-hncp.c @@ -231,6 +231,8 @@ print_prefix(netdissect_options *ndo, co plenbytes += 1 + IPV4_MAPPED_HEADING_LEN; } else { plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf)); +if
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2018-12-11 15:45:42 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new.19453 (New) Package is "tcpdump" Tue Dec 11 15:45:42 2018 rev:37 rq:655857 version:4.9.2 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-09-18 19:54:09.085764601 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new.19453/tcpdump.changes 2018-12-11 15:46:16.578309228 +0100 @@ -1,0 +2,7 @@ +Thu Dec 6 11:49:16 UTC 2018 - Pedro Monreal Gonzalez + +- Security fix [bsc#1117267, CVE-2018-19519] + * Buffer overread in print-hncp.c:print_prefix. + * Added patch tcpdump-CVE-2018-19519.patch + +--- New: tcpdump-CVE-2018-19519.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.7l7N34/_old 2018-12-11 15:46:17.186308559 +0100 +++ /var/tmp/diff_new_pack.7l7N34/_new 2018-12-11 15:46:17.190308555 +0100 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -30,6 +30,8 @@ Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring # PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test Patch0: tcpdump-ikev2pI2.patch +# PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix +Patch1: tcpdump-CVE-2018-19519.patch BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -43,6 +45,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" ++ tcpdump-CVE-2018-19519.patch ++ >From 32af00b05a6ef573d0b340f97b54c13eb9509dc7 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Date: Thu, 6 Dec 2018 12:18:38 +0100 Subject: [PATCH] CVE-2018-19519 buffer overread. Initialize buf in print-hncp.c:print_prefix. --- print-hncp.c | 2 ++ 1 file changed, 2 insertions(+) Index: tcpdump-4.9.2/print-hncp.c === --- tcpdump-4.9.2.orig/print-hncp.c +++ tcpdump-4.9.2/print-hncp.c @@ -206,6 +206,8 @@ print_prefix(netdissect_options *ndo, co int plenbytes; char buf[sizeof(":::::::::/128")]; +buf[0] = '\0'; + if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && is_ipv4_mapped_address([1])) { struct in_addr addr;
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2017-09-18 19:54:05 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Mon Sep 18 19:54:05 2017 rev:36 rq:525837 version:4.9.2 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-07-28 09:44:51.763758211 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2017-09-18 19:54:09.085764601 +0200 @@ -1,0 +2,113 @@ +Tue Sep 12 15:23:04 UTC 2017 - pmonrealgonza...@suse.com + +- Disabled ikev2pI2 test that fails on some architectures + * Added patch tcpdump-ikev2pI2.patch + +--- +Tue Sep 12 14:51:00 UTC 2017 - pmonrealgonza...@suse.com + +- Update to version 4.9.2 [bsc#1057247] + * Security fixes: +- CVE-2017-11108 segfault in STP decoder +- Segfault in ESP decoder with OpenSSL 1.1 +- CVE-2017-11543 buffer overflow in SLIP decoder +- CVE-2017-13011 buffer overflow in bittok2str_internal() +- CVE-2017-12989 infinite loop in the RESP parser +- CVE-2017-12990 infinite loop in the ISAKMP parser +- CVE-2017-12995 infinite loop in the DNS parser +- CVE-2017-12997 infinite loop in the LLDP parser +- CVE-2017-11541 buffer over-read in safeputs() +- CVE-2017-11542 buffer over-read in PIMv1 decoder +- CVE-2017-12893 buffer over-read in the SMB/CIFS parser +- CVE-2017-12894 buffer over-read in several protocol parsers +- CVE-2017-12895 buffer over-read in the ICMP parser +- CVE-2017-12896 buffer over-read in the ISAKMP parser +- CVE-2017-12897 buffer over-read in the ISO CLNS parser +- CVE-2017-12898 buffer over-read in the NFS parser +- CVE-2017-12899 buffer over-read in the DECnet parser +- CVE-2017-12900 buffer over-read in the in several protocol parsers +- CVE-2017-12901 buffer over-read in the EIGRP parser +- CVE-2017-12902 buffer over-read in the Zephyr parser +- CVE-2017-12985 buffer over-read in the IPv6 parser +- CVE-2017-12986 buffer over-read in the IPv6 routing header parser +- CVE-2017-12987 buffer over-read in the 802.11 parser +- CVE-2017-12988 buffer over-read in the telnet parser +- CVE-2017-12991 buffer over-read in the BGP parser +- CVE-2017-12992 buffer over-read in the RIPng parser +- CVE-2017-12993 buffer over-read in the Juniper protocols parser +- CVE-2017-12994 buffer over-read in the BGP parser +- CVE-2017-12996 buffer over-read in the PIMv2 parser +- CVE-2017-12998 buffer over-read in the IS-IS parser +- CVE-2017-12999 buffer over-read in the IS-IS parser +- CVE-2017-13000 buffer over-read in the IEEE 802.15.4 parser +- CVE-2017-13001 buffer over-read in the NFS parser +- CVE-2017-13002 buffer over-read in the AODV parser +- CVE-2017-13003 buffer over-read in the LMP parser +- CVE-2017-13004 buffer over-read in the Juniper protocols parser +- CVE-2017-13005 buffer over-read in the NFS parser +- CVE-2017-13006 buffer over-read in the L2TP parser +- CVE-2017-13007 buffer over-read in the Apple PKTAP parser +- CVE-2017-13008 buffer over-read in the IEEE 802.11 parser +- CVE-2017-13009 buffer over-read in the IPv6 mobility parser +- CVE-2017-13010 buffer over-read in the BEEP parser +- CVE-2017-13012 buffer over-read in the ICMP parser +- CVE-2017-13013 buffer over-read in the ARP parser +- CVE-2017-13014 buffer over-read in the White Board protocol parser +- CVE-2017-13015 buffer over-read in the EAP parser +- CVE-2017-13016 buffer over-read in the ISO ES-IS parser +- CVE-2017-13017 buffer over-read in the DHCPv6 parser +- CVE-2017-13018 buffer over-read in the PGM parser +- CVE-2017-13019 buffer over-read in the PGM parser +- CVE-2017-13020 buffer over-read in the VTP parser +- CVE-2017-13021 buffer over-read in the ICMPv6 parser +- CVE-2017-13022 buffer over-read in the IP parser +- CVE-2017-13023 buffer over-read in the IPv6 mobility parser +- CVE-2017-13024 buffer over-read in the IPv6 mobility parser +- CVE-2017-13025 buffer over-read in the IPv6 mobility parser +- CVE-2017-13026 buffer over-read in the ISO IS-IS parser +- CVE-2017-13027 buffer over-read in the LLDP parser +- CVE-2017-13028 buffer over-read in the BOOTP parser +- CVE-2017-13029 buffer over-read in the PPP parser +- CVE-2017-13030 buffer over-read in the PIM parser +- CVE-2017-13031 buffer over-read in the IPv6 fragmentation header parser +- CVE-2017-13032 buffer over-read in the RADIUS parser +- CVE-2017-13033 buffer over-read in the VTP parser +- CVE-2017-13034 buffer over-read in the PGM parser +- CVE-2017-13035 buffer over-read in
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2017-07-28 09:44:45 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Fri Jul 28 09:44:45 2017 rev:35 rq:512663 version:4.9.1 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2017-03-05 17:53:33.340548329 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2017-07-28 09:44:51.763758211 +0200 @@ -1,0 +2,17 @@ +Wed Jul 26 12:33:53 UTC 2017 - pmonrealgonza...@suse.com + +- Disable ikev2pI2 test that fails on ppc, ppc64 and ppc64le + * Added patch tcpdump-ikev2pI2-test-fails-ppc.patch + +--- +Wed Jul 26 09:16:56 UTC 2017 - pmonrealgonza...@suse.com + +- Update to version 4.9.1 [bsc#1047873] + * CVE-2017-11108/Fix bounds checking for STP. + * Make assorted documentation updates and fix a few typos in output. + * Fixup -C for file size >2GB + * Show AddressSanitizer presence in version output. + * Fix a bug in test scripts. + * Fix a use-after-free when the requested interface does not exist. + +--- Old: tcpdump-4.9.0.tar.gz tcpdump-4.9.0.tar.gz.sig New: tcpdump-4.9.1.tar.gz tcpdump-4.9.1.tar.gz.sig tcpdump-ikev2pI2-test-fails-ppc.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.1RqYgp/_old 2017-07-28 09:44:52.599640478 +0200 +++ /var/tmp/diff_new_pack.1RqYgp/_new 2017-07-28 09:44:52.599640478 +0200 @@ -18,7 +18,7 @@ %define min_libpcap_version 1.8.1 Name: tcpdump -Version:4.9.0 +Version:4.9.1 Release:0 Summary:A Packet Sniffer License:BSD-3-Clause @@ -28,6 +28,8 @@ Source1:tcpdump-qeth Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring +# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2-test-fails-ppc.patch -- Disable ikev2pI2 test on ppc, ppc64 and ppc64le +Patch0: tcpdump-ikev2pI2-test-fails-ppc.patch BuildRequires: libpcap-devel >= %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -40,6 +42,7 @@ %prep %setup -q +%patch0 -p1 %build export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing" ++ tcpdump-4.9.0.tar.gz -> tcpdump-4.9.1.tar.gz ++ 1637 lines of diff (skipped) ++ tcpdump-ikev2pI2-test-fails-ppc.patch ++ Index: tcpdump-4.9.1/tests/crypto.sh === --- tcpdump-4.9.1.orig/tests/crypto.sh +++ tcpdump-4.9.1/tests/crypto.sh @@ -28,8 +28,13 @@ then [ $? -eq 0 ] || exitcode=1 ./TESTonce espudp1 espudp1.pcap espudp1.out '- -E "file esp-secrets.txt"' [ $? -eq 0 ] || exitcode=1 - ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file ikev2pI2-secrets.txt" -v -v -v -v' - [ $? -eq 0 ] || exitcode=1 + case $(uname -m) in + "ppc" | "ppc64" | "ppc64le" ) echo "skipping test ikev2pI2" + ;; + * ) ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file ikev2pI2-secrets.txt" -v -v -v -v' + [ $? -eq 0 ] || exitcode=1 + ;; + esac ./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-E "file esp-secrets.txt"' [ $? -eq 0 ] || exitcode=1 fi
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2017-03-05 17:53:32 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Sun Mar 5 17:53:32 2017 rev:34 rq:454247 version:4.9.0 Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2016-04-30 23:25:33.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2017-03-05 17:53:33.340548329 +0100 @@ -1,0 +2,46 @@ +Thu Feb 2 14:47:56 UTC 2017 - pmonrealgonza...@suse.com + +- version update to 4.9.0 bsc#1020940 + * CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). + * CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). + * CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). + * CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). + * CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). + * CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). + * CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). + * CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). + * CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). + * CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). + * CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). + * CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + * CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). + * CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). + * CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). + * CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). + * CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). + * CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. + * CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. + * CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. + * CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. + * CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). + * CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). + * CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). + * CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). + * CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. + * CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). + * CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + * CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). + * CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). + * CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). + * CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). + * CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). + * CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). + * CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). + * CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2016-04-30 23:25:32 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2016-04-03 23:04:48.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2016-04-30 23:25:33.0 +0200 @@ -1,0 +2,5 @@ +Fri Apr 15 01:28:38 CEST 2016 - r...@suse.de + +- fix filelist to fix build on s390/s390x + +--- Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.fONJMY/_old 2016-04-30 23:25:34.0 +0200 +++ /var/tmp/diff_new_pack.fONJMY/_new 2016-04-30 23:25:34.0 +0200 @@ -64,5 +64,8 @@ %doc CHANGES CREDITS LICENSE README* *.awk %doc %{_mandir}/man?/* %{_sbindir}/tcpdump +%ifarch s390 s390x +%{_sbindir}/tcpdump-qeth +%endif %changelog
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2016-04-03 23:04:33 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is "tcpdump" Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-04-30 11:49:29.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2016-04-03 23:04:48.0 +0200 @@ -1,0 +2,5 @@ +Wed Mar 30 07:43:04 UTC 2016 - b...@suse.com + +- correctly reference SOURCE1 during installation for s390x + +--- Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.Jexre0/_old 2016-04-03 23:04:49.0 +0200 +++ /var/tmp/diff_new_pack.Jexre0/_new 2016-04-03 23:04:49.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -52,7 +52,7 @@ %install make DESTDIR=%{buildroot} install %{?_smp_mflags} %ifarch s390 s390x - install -D -m 755 ${SOURCE1} %{buildroot}%{_sbindir} + install -D -m 755 %{SOURCE1} %{buildroot}%{_sbindir} %endif rm %{buildroot}/%{_sbindir}/tcpdump.%{version}
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2015-04-30 11:49:28 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-04-22 01:14:04.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-04-30 11:49:29.0 +0200 @@ -1,0 +2,9 @@ +Sun Apr 26 18:51:40 UTC 2015 - astie...@suse.com + +- tcpdump 4.7.4: + * PPKI to Router Protocol: Fix Segmentation Faults and other problems + * RPKI to Router Protocol: print strings with fn_printn() + * wb: fix some bounds checks +(previously patched in, removed CVE-2015-3138.patch) + +--- Old: CVE-2015-3138.patch tcpdump-4.7.3.tar.gz tcpdump-4.7.3.tar.gz.sig New: tcpdump-4.7.4.tar.gz tcpdump-4.7.4.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.weaWI1/_old 2015-04-30 11:49:30.0 +0200 +++ /var/tmp/diff_new_pack.weaWI1/_new 2015-04-30 11:49:30.0 +0200 @@ -20,7 +20,7 @@ # for pcap_set_tstamp_precision() %define min_libpcap_version 1.7.2 Name: tcpdump -Version:4.7.3 +Version:4.7.4 Release:0 Summary:A Packet Sniffer License:BSD-3-Clause @@ -30,7 +30,6 @@ Source1:tcpdump-qeth Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring -Patch0: CVE-2015-3138.patch BuildRequires: libpcap-devel = %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -43,7 +42,6 @@ %prep %setup -q -%patch0 -p1 %build export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing ++ tcpdump-4.7.3.tar.gz - tcpdump-4.7.4.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.7.3/CHANGES new/tcpdump-4.7.4/CHANGES --- old/tcpdump-4.7.3/CHANGES 2015-03-11 01:47:37.0 +0100 +++ new/tcpdump-4.7.4/CHANGES 2015-04-22 22:33:01.0 +0200 @@ -1,8 +1,14 @@ -Monday March. 11, 2015 g...@alum.mit.edu +Friday April 10, 2015 g...@alum.mit.edu + Summary for 4.7.4 tcpdump release + RPKI to Router Protocol: Fix Segmentation Faults and other problems + RPKI to Router Protocol: print strings with fn_printn() + wb: fix some bounds checks + +Wednesday March 11, 2015 m...@sandelman.ca Summary for 4.7.3 tcpdump release Capsicum fixes for FreeBSD 10 -Monday March. 10, 2015 g...@alum.mit.edu +Tuesday March 10, 2015 m...@sandelman.ca Summary for 4.7.2 tcpdump release DCCP: update Packet Types with RFC4340/IANA names fixes for CVE-2015-0261: IPv6 mobility header check issue diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.7.3/VERSION new/tcpdump-4.7.4/VERSION --- old/tcpdump-4.7.3/VERSION 2015-03-11 01:44:05.0 +0100 +++ new/tcpdump-4.7.4/VERSION 2015-04-22 22:32:26.0 +0200 @@ -1 +1 @@ -4.7.3 +4.7.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.7.3/netdissect.h new/tcpdump-4.7.4/netdissect.h --- old/tcpdump-4.7.3/netdissect.h 2015-03-11 01:40:50.0 +0100 +++ new/tcpdump-4.7.4/netdissect.h 2015-04-22 22:32:16.0 +0200 @@ -81,9 +81,9 @@ char *buf, size_t bufsize); /* tok2str is deprecated */ -extern const char *tok2str(const struct tok *, const char *, int); -extern char *bittok2str(const struct tok *, const char *, int); -extern char *bittok2str_nosep(const struct tok *, const char *, int); +extern const char *tok2str(const struct tok *, const char *, u_int); +extern char *bittok2str(const struct tok *, const char *, u_int); +extern char *bittok2str_nosep(const struct tok *, const char *, u_int); typedef struct netdissect_options netdissect_options; @@ -293,7 +293,6 @@ extern int fn_print(netdissect_options *, const u_char *, const u_char *); extern int fn_printn(netdissect_options *, const u_char *, u_int, const u_char *); extern int fn_printzp(netdissect_options *, const u_char *, u_int, const u_char *); -extern const char *tok2str(const struct tok *, const char *, int); /* * Flags for txtproto_print(). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.7.3/print-isoclns.c new/tcpdump-4.7.4/print-isoclns.c --- old/tcpdump-4.7.3/print-isoclns.c 2015-03-11 01:36:52.0 +0100 +++
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2015-04-22 01:14:03 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-03-16 06:54:42.0 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-04-22 01:14:04.0 +0200 @@ -1,0 +2,6 @@ +Fri Apr 17 20:00:24 UTC 2015 - astie...@suse.com + +- fix a DoS vulnerability in print-wb.c + CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch + +--- New: CVE-2015-3138.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.qklnUD/_old 2015-04-22 01:14:05.0 +0200 +++ /var/tmp/diff_new_pack.qklnUD/_new 2015-04-22 01:14:05.0 +0200 @@ -30,6 +30,7 @@ Source1:tcpdump-qeth Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring +Patch0: CVE-2015-3138.patch BuildRequires: libpcap-devel = %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -42,6 +43,7 @@ %prep %setup -q +%patch0 -p1 %build export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing ++ CVE-2015-3138.patch ++ From 3ed82f4ed0095768529afc22b923c8f7171fff70 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko de...@ovsienko.info Date: Wed, 25 Mar 2015 22:35:12 + Subject: [PATCH] whiteboard: fixup a few reversed tests (GH #446) This is a follow-up to commit 3a3ec26. --- print-wb.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/print-wb.c b/print-wb.c index 3e3b064..4fa5e38 100644 --- a/print-wb.c +++ b/print-wb.c @@ -201,7 +201,7 @@ wb_id(netdissect_options *ndo, len -= sizeof(*io) * nid; io = (struct id_off *)(id + 1); cp = (char *)(io + nid); - if (!ND_TTEST2(cp, len)) { + if (ND_TTEST2(cp, len)) { ND_PRINT((ndo, \)); fn_print(ndo, (u_char *)cp, (u_char *)cp + len); ND_PRINT((ndo, \)); @@ -266,7 +266,7 @@ wb_prep(netdissect_options *ndo, } n = EXTRACT_32BITS(prep-pp_n); ps = (const struct pgstate *)(prep + 1); - while (--n = 0 !ND_TTEST(*ps)) { + while (--n = 0 ND_TTEST(*ps)) { const struct id_off *io, *ie; char c = ''; @@ -275,7 +275,7 @@ wb_prep(netdissect_options *ndo, ipaddr_string(ndo, ps-page.p_sid), EXTRACT_32BITS(ps-page.p_uid))); io = (struct id_off *)(ps + 1); - for (ie = io + ps-nid; io ie !ND_TTEST(*io); ++io) { + for (ie = io + ps-nid; io ie ND_TTEST(*io); ++io) { ND_PRINT((ndo, %c%s:%u, c, ipaddr_string(ndo, io-id), EXTRACT_32BITS(io-off))); c = ',';
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2015-03-16 06:54:41 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2015-02-12 10:20:39.0 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-03-16 06:54:42.0 +0100 @@ -1,0 +2,15 @@ +Fri Mar 13 09:54:11 UTC 2015 - vci...@suse.com + +- update to 4.7.3 +- fixes four security bugs: + * CVE-2015-0261 - IPv6 mobility printer (bnc#90) + * CVE-2015-2153 - tcp printer (bnc#91) + * CVE-2015-2154 - ethernet printer (bnc#92) + * CVE-2015-2155 - force printer (bnc#93) +- drop patches with security fixes (upstream): + * tcpdump-CVE-2014-8767.patch + * tcpdump-CVE-2014-8768.patch + * tcpdump-CVE-2014-8769.patch + * 0001-Clean-up-error-message-printing.patch + +--- Old: 0001-Clean-up-error-message-printing.patch tcpdump-4.6.2.tar.gz tcpdump-4.6.2.tar.gz.sig tcpdump-CVE-2014-8767.patch tcpdump-CVE-2014-8768.patch tcpdump-CVE-2014-8769.patch New: tcpdump-4.7.3.tar.gz tcpdump-4.7.3.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.X7nWqD/_old 2015-03-16 06:54:43.0 +0100 +++ /var/tmp/diff_new_pack.X7nWqD/_new 2015-03-16 06:54:43.0 +0100 @@ -18,9 +18,9 @@ # from http://upstream-tracker.org/versions/libpcap.html # for pcap_set_tstamp_precision() -%define min_libpcap_version 1.5.1 +%define min_libpcap_version 1.7.2 Name: tcpdump -Version:4.6.2 +Version:4.7.3 Release:0 Summary:A Packet Sniffer License:BSD-3-Clause @@ -30,10 +30,6 @@ Source1:tcpdump-qeth Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring -Patch3: tcpdump-CVE-2014-8767.patch -Patch4: tcpdump-CVE-2014-8768.patch -Patch5: tcpdump-CVE-2014-8769.patch -Patch6: 0001-Clean-up-error-message-printing.patch BuildRequires: libpcap-devel = %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -46,10 +42,6 @@ %prep %setup -q -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 %build export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing ++ tcpdump-4.6.2.tar.gz - tcpdump-4.7.3.tar.gz ++ 13399 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2015-02-12 10:20:37 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2014-09-09 18:59:43.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2015-02-12 10:20:39.0 +0100 @@ -1,0 +2,14 @@ +Fri Feb 6 12:31:23 UTC 2015 - vci...@suse.com + +- fix CVE-2014-8767 (bnc#905870) + * denial of service in verbose mode using malformed OLSR payload + * added tcpdump-CVE-2014-8767.patch +- fix CVE-2014-8768 (bnc#905871) + * denial of service in verbose mode using malformed Geonet payload + * added tcpdump-CVE-2014-8768.patch +- fix CVE-2014-8769 (bnc#905872) + * unreliable output using malformed AOVD payload + * added tcpdump-CVE-2014-8769.patch + * added 0001-Clean-up-error-message-printing.patch + +--- New: 0001-Clean-up-error-message-printing.patch tcpdump-CVE-2014-8767.patch tcpdump-CVE-2014-8768.patch tcpdump-CVE-2014-8769.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.8WDoUx/_old 2015-02-12 10:20:40.0 +0100 +++ /var/tmp/diff_new_pack.8WDoUx/_new 2015-02-12 10:20:40.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,6 +30,10 @@ Source1:tcpdump-qeth Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring +Patch3: tcpdump-CVE-2014-8767.patch +Patch4: tcpdump-CVE-2014-8768.patch +Patch5: tcpdump-CVE-2014-8769.patch +Patch6: 0001-Clean-up-error-message-printing.patch BuildRequires: libpcap-devel = %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -42,6 +46,10 @@ %prep %setup -q +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 %build export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing ++ 0001-Clean-up-error-message-printing.patch ++ From 3e8a443c3671baa37ae7870f08fb9b4bf386fd24 Mon Sep 17 00:00:00 2001 From: Guy Harris g...@alum.mit.edu Date: Tue, 11 Nov 2014 18:37:35 -0800 Subject: [PATCH] Clean up error message printing. Have struct aodv_rerr just be the header, not including the actual destinations. Simplify the logic somewhat, and make it similar in the print routines for the three types of error messages. --- print-aodv.c | 88 +++- 1 file changed, 46 insertions(+), 42 deletions(-) diff --git a/print-aodv.c b/print-aodv.c index da5b169..da26473 100644 --- a/print-aodv.c +++ b/print-aodv.c @@ -146,13 +146,6 @@ struct aodv_rerr { uint8_t rerr_flags; /* various flags */ uint8_t rerr_zero0; /* reserved, set to zero */ uint8_t rerr_dc;/* destination count */ - union { - struct rerr_unreach dest[1]; -#ifdef INET6 - struct rerr_unreach6 dest6[1]; - struct rerr_unreach6_draft_01 dest6_draft_01[1]; -#endif - } r; }; #define RERR_NODELETE 0x80/* don't delete the link */ @@ -284,32 +277,29 @@ static void aodv_rerr(netdissect_options *ndo, const struct aodv_rerr *ap, const u_char *dat, u_int length) { - u_int i; - const struct rerr_unreach *dp = NULL; - int n, trunc; + u_int i, dc; + const struct rerr_unreach *dp; if (ndo-ndo_snapend dat) { ND_PRINT((ndo, [|aodv])); return; } i = min(length, (u_int)(ndo-ndo_snapend - dat)); - if (i offsetof(struct aodv_rerr, r)) { + if (i sizeof(*ap)) { ND_PRINT((ndo, [|rerr])); return; } - i -= offsetof(struct aodv_rerr, r); - dp = ap-r.dest[0]; - n = ap-rerr_dc * sizeof(ap-r.dest[0]); + i -= sizeof(*ap); ND_PRINT((ndo, rerr %s [items %u] [%u]:, ap-rerr_flags RERR_NODELETE ? [D] : , ap-rerr_dc, length)); - trunc = n - (i/sizeof(ap-r.dest[0])); - for (; i = sizeof(ap-r.dest[0]); - ++dp, i -= sizeof(ap-r.dest[0])) { + dp = (struct rerr_unreach *)(void *)(ap + 1); + for (dc =
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2014-09-09 18:59:38 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2014-08-20 17:52:56.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2014-09-09 18:59:43.0 +0200 @@ -1,0 +2,7 @@ +Wed Sep 3 18:44:03 UTC 2014 - andreas.stie...@gmx.de + +- tcpdump 4.6.2: + * fix out-of-source-tree builds: find libpcap that is out of source + * better configure check for libsmi + +--- Old: tcpdump-4.6.1.tar.gz tcpdump-4.6.1.tar.gz.sig New: tcpdump-4.6.2.tar.gz tcpdump-4.6.2.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.KrW4Ld/_old 2014-09-09 18:59:46.0 +0200 +++ /var/tmp/diff_new_pack.KrW4Ld/_new 2014-09-09 18:59:46.0 +0200 @@ -20,7 +20,7 @@ # for pcap_set_tstamp_precision() %define min_libpcap_version 1.5.1 Name: tcpdump -Version:4.6.1 +Version:4.6.2 Release:0 Summary:A Packet Sniffer License:BSD-3-Clause ++ tcpdump-4.6.1.tar.gz - tcpdump-4.6.2.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/CHANGES new/tcpdump-4.6.2/CHANGES --- old/tcpdump-4.6.1/CHANGES 2014-07-19 15:28:39.0 +0200 +++ new/tcpdump-4.6.2/CHANGES 2014-09-03 03:25:09.0 +0200 @@ -1,3 +1,7 @@ +Tuesday Sep. 2, 2014 m...@sandelman.ca + fix out-of-source-tree builds: find libpcap that is out of source + better configure check for libsmi + Saturday Jul. 19, 2014 m...@sandelman.ca Summary for 4.6.1 tcpdump release added FreeBSD capsicum diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/VERSION new/tcpdump-4.6.2/VERSION --- old/tcpdump-4.6.1/VERSION 2014-07-19 15:10:13.0 +0200 +++ new/tcpdump-4.6.2/VERSION 2014-09-03 03:25:16.0 +0200 @@ -1 +1 @@ -4.6.1 +4.6.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/aclocal.m4 new/tcpdump-4.6.2/aclocal.m4 --- old/tcpdump-4.6.1/aclocal.m42014-07-03 00:12:01.0 +0200 +++ new/tcpdump-4.6.2/aclocal.m42014-09-03 03:23:48.0 +0200 @@ -443,7 +443,9 @@ lastdir=FAIL places=`ls $srcdir/.. | sed -e 's,/$,,' -e s,^,$srcdir/../, | \ egrep '/libpcap-[[0-9]]+\.[[0-9]]+(\.[[0-9]]*)?([[ab]][[0-9]]*|-PRE-GIT)?$'` -for dir in $places $srcdir/../libpcap $srcdir/libpcap ; do +places2=`ls .. | sed -e 's,/$,,' -e s,^,../, | \ + egrep '/libpcap-[[0-9]]+\.[[0-9]]+(\.[[0-9]]*)?([[ab]][[0-9]]*|-PRE-GIT)?$'` +for dir in $places $srcdir/../libpcap ../libpcap $srcdir/libpcap $places2 ; do basedir=`echo $dir | sed -e 's/[[ab]][[0-9]]*$//' | \ sed -e 's/-PRE-GIT$//' ` if test $lastdir = $basedir ; then @@ -526,13 +528,23 @@ $1=$libpcap places=`ls $srcdir/.. | sed -e 's,/$,,' -e s,^,$srcdir/../, | \ egrep '/libpcap-[[0-9]]*.[[0-9]]*(.[[0-9]]*)?([[ab]][[0-9]]*)?$'` + places2=`ls .. | sed -e 's,/$,,' -e s,^,../, | \ + egrep '/libpcap-[[0-9]]*.[[0-9]]*(.[[0-9]]*)?([[ab]][[0-9]]*)?$'` +pcapH=FAIL if test -r $d/pcap.h; then - $2=-I$d $$2 - elif test -r $places/pcap.h; then - $2=-I$places $$2 +pcapH=$d else -AC_MSG_ERROR(cannot find pcap.h, see INSTALL) +for dir in $places $srcdir/../libpcap ../libpcap $srcdir/libpcap $places2 ; do + if test -r $dir/pcap.h ; then + pcapH=$dir + fi +done +fi + +if test $pcapH = FAIL ; then +AC_MSG_ERROR(cannot find pcap.h: see INSTALL) fi +$2=-I$pcapH $$2 AC_MSG_RESULT($libpcap) AC_PATH_PROG(PCAP_CONFIG, pcap-config,, $d) if test -n $PCAP_CONFIG; then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tcpdump-4.6.1/config.h.in new/tcpdump-4.6.2/config.h.in --- old/tcpdump-4.6.1/config.h.in 2014-07-19 15:09:39.0 +0200 +++ new/tcpdump-4.6.2/config.h.in 2014-09-03 02:10:42.0 +0200 @@ -61,9 +61,6 @@ /* Define to 1 if you have the `rpc' library (-lrpc). */ #undef HAVE_LIBRPC -/*
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2014-08-20 17:52:51 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2013-12-16 07:14:53.0 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2014-08-20 17:52:56.0 +0200 @@ -1,0 +2,29 @@ +Fri Aug 15 19:45:52 UTC 2014 - andreas.stie...@gmx.de + +- tcpdump 4.6.1: + * add a short option '#', same as long option '--number' +- includes changes from 4.6.0: + * all of tcpdump is now using the new NDO code base + * nflog, mobile, forces, pptp, AODV, AHCP, IPv6, OSPFv4, RPL, +DHCPv6 enhancements/fixes + * M3UA decode added. + * many new test cases: 82 in 4.5.1 to 133 in 4.6.0 + * cleaned up some unnecessary header files + * Added bittok2str(). + * a number of unaligned access faults fixed + * -A flag does not consider CR to be printable anymore + * fx.lebail took over coverity baby sitting + * default snapshot size increased to 256K for accomodate USB +captures +- includes changes from 4.5.2: + * man page fix +- add build and runtime libpcap minimum version +- remove old patches, thus making package patchless: +tcpdump-4.0.0-prototypes.patch +tcpdump-4.0.0-aliasing.patch +- run spec cleaner on spec file +- remove gpg-offline, now part of source validator +- remove versioned binary +- run regression tests + +--- Old: tcpdump-4.0.0-aliasing.patch tcpdump-4.0.0-prototypes.patch tcpdump-4.5.1.tar.gz tcpdump-4.5.1.tar.gz.sig New: tcpdump-4.6.1.tar.gz tcpdump-4.6.1.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.0okboP/_old 2014-08-20 17:52:58.0 +0200 +++ /var/tmp/diff_new_pack.0okboP/_new 2014-08-20 17:52:58.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,57 +16,53 @@ # +# from http://upstream-tracker.org/versions/libpcap.html +# for pcap_set_tstamp_precision() +%define min_libpcap_version 1.5.1 Name: tcpdump -Version:4.5.1 +Version:4.6.1 Release:0 -Url:http://www.tcpdump.org/ Summary:A Packet Sniffer License:BSD-3-Clause Group: Productivity/Networking/Diagnostic +Url:http://www.tcpdump.org/ Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz Source1:tcpdump-qeth Source2:http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig Source3:http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring -Patch0: tcpdump-4.0.0-prototypes.patch -Patch2: tcpdump-4.0.0-aliasing.patch -BuildRequires: libpcap-devel +BuildRequires: libpcap-devel = %{min_libpcap_version} BuildRequires: libsmi-devel BuildRequires: openssl-devel -%if 0%{?suse_version} = 1230 -BuildRequires: gpg-offline -%endif +Requires: libpcap = %{min_libpcap_version} BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This program can read all or only certain packets going over the ethernet. It can be used to debug specific network problems. - %prep -%{?gpg_verify: %gpg_verify %{S:2}} %setup -q -%patch0 -%patch2 %build -export CFLAGS=$RPM_OPT_FLAGS -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing +export CFLAGS=%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing %configure \ --enable-ipv6 -make +make %{?_smp_mflags} %install -make DESTDIR=$RPM_BUILD_ROOT install +make DESTDIR=%{buildroot} install %{?_smp_mflags} %ifarch s390 s390x - install -D -m 755 $RPM_SOURCE_DIR/tcpdump-qeth $RPM_BUILD_ROOT%{_sbindir} + install -D -m 755 ${SOURCE1} %{buildroot}%{_sbindir} %endif +rm %{buildroot}/%{_sbindir}/tcpdump.%{version} -%clean -rm -rf $RPM_BUILD_ROOT +%check +make check %{?_smp_mflags} %files %defattr(-,root,root) %doc CHANGES CREDITS LICENSE README* *.awk %doc %{_mandir}/man?/* -%{_sbindir}/* +%{_sbindir}/tcpdump %changelog ++ tcpdump-4.5.1.tar.gz - tcpdump-4.6.1.tar.gz ++ 101013 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2013-12-16 07:14:53 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2013-09-16 10:15:59.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2013-12-16 07:14:53.0 +0100 @@ -1,0 +2,26 @@ +Sat Dec 14 11:19:45 UTC 2013 - andreas.stie...@gmx.de + +- update to 4.5.1 + Version 4.5.0 revised for non-code related edits + - some NFSv4 fixes for printing + - fix printing of unknown TCP options, and tcp fast-open + - fixes for syslog parser + - some gcc-version-specific flag tuning + - improvements to babel printing + - add OpenFlow 1.0 (no SSL) and test cases + - GeoNet printer. + - added STBC Rx support + - improvements to DHCPv6 decoder + - clarify which autoconf is needed + - Point users to the the-tcpdump-group repository on GitHub rather +than the mcr repository + - Add MSDP printer. + - Fixed IPv6 check on Solaris and other OSes requiring extra +networking libraries. + - Add support for VXLAN (draft-mahalingam-dutt-dcops-vxlan-03), +and add vxlan as an option for -T. + - Add support for OTV (draft-hasmit-otv-04). +fixes for DLT_IEEE802_11_RADIO datalink types + - added MPTCP decoder + +--- Old: tcpdump-4.4.0.tar.gz tcpdump-4.4.0.tar.gz.sig New: tcpdump-4.5.1.tar.gz tcpdump-4.5.1.tar.gz.sig Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.UpeCmc/_old 2013-12-16 07:14:54.0 +0100 +++ /var/tmp/diff_new_pack.UpeCmc/_new 2013-12-16 07:14:54.0 +0100 @@ -17,7 +17,7 @@ Name: tcpdump -Version:4.4.0 +Version:4.5.1 Release:0 Url:http://www.tcpdump.org/ Summary:A Packet Sniffer @@ -65,7 +65,7 @@ %files %defattr(-,root,root) -%doc CHANGES CREDITS LICENSE README *.awk +%doc CHANGES CREDITS LICENSE README* *.awk %doc %{_mandir}/man?/* %{_sbindir}/* ++ tcpdump-4.4.0.tar.gz - tcpdump-4.5.1.tar.gz ++ 22957 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2012-09-14 12:39:40 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2012-06-15 14:06:25.0 +0200 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2012-09-14 12:39:41.0 +0200 @@ -1,0 +2,5 @@ +Fri Jun 15 15:37:15 CEST 2012 - jsl...@suse.de + +- remove tcpdump-4.0.0-uninitialized.patch, it's solved differently + +--- Old: tcpdump-4.0.0-uninitialized.patch Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.yuLVen/_old 2012-09-14 12:39:42.0 +0200 +++ /var/tmp/diff_new_pack.yuLVen/_new 2012-09-14 12:39:42.0 +0200 @@ -27,7 +27,6 @@ Source1:tcpdump-qeth Patch0: tcpdump-4.0.0-prototypes.patch Patch2: tcpdump-4.0.0-aliasing.patch -Patch3: tcpdump-4.0.0-uninitialized.patch BuildRequires: libpcap-devel BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -42,7 +41,6 @@ %setup -q %patch0 %patch2 -%patch3 %build export CFLAGS=$RPM_OPT_FLAGS -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2012-06-15 14:06:23 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2012-01-04 07:32:20.0 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2012-06-15 14:06:25.0 +0200 @@ -1,0 +2,17 @@ +Thu Jun 14 23:48:25 CEST 2012 - jsl...@suse.de + +- update to 4.3.0 + - fixes for forces: SPARSE data (per RFC 5810) + - some more test cases added + - updates to documentation on -l, -U and -w flags. + - Fix printing of BGP optional headers. + - Tried to include DLT_PFSYNC support, failed due to headers required. + - added TIPC support. + - Fix LLDP Network Policy bit definitions. + - fixes for IGMPv3's Max Response Time: it is in units of 0.1 second. + - SIGUSR1 can be used rather than SIGINFO for stats + - permit -n flag to affect print-ip for protocol numbers + - ND_OPT_ADVINTERVAL is in milliseconds, not seconds + - Teach PPPoE parser about RFC 4638 + +--- Old: tcpdump-4.2.1.tar.gz New: tcpdump-4.3.0.tar.gz Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.r440Cf/_old 2012-06-15 14:06:28.0 +0200 +++ /var/tmp/diff_new_pack.r440Cf/_new 2012-06-15 14:06:28.0 +0200 @@ -17,7 +17,7 @@ Name: tcpdump -Version:4.2.1 +Version:4.3.0 Release:0 Url:http://www.tcpdump.org/ Summary:A Packet Sniffer ++ tcpdump-4.2.1.tar.gz - tcpdump-4.3.0.tar.gz ++ 6486 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2012-01-04 07:32:18 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tcpdump/tcpdump.changes 2011-11-29 12:52:38.0 +0100 +++ /work/SRC/openSUSE:Factory/.tcpdump.new/tcpdump.changes 2012-01-04 07:32:20.0 +0100 @@ -1,0 +2,26 @@ +Tue Jan 3 14:48:56 UTC 2012 - pu...@suse.com + +- update to 4.2.1 + - Only build the Babel printer if IPv6 is enabled. + - Support Babel on port 6696 as well as 6697. + - Include ppi.h in release tarball. + - Include all the test files in the release tarball, and don't +include test files that no longer exist. + - Don't assume we have rpc/rpc.h - check for it. + - Support -T carp as a way of dissecting IP protocol 112 as CARP +rather than VRRP. + - Support Hilscher NetAnalyzer link-layer header format. + - Constify some pointers and fix compiler warnings. + - Get rid of never-true test. + - Fix an unintended fall-through in a case statement in the ARP +printer. + - Fix several cases where sizeof(sizeof(XXX)) was used when just +sizeof(XXX) was intended. + - Make stricter sanity checks in the ES-IS printer. + - Get rid of some GCCisms that caused builds to fail with compilers +that don't support them. + - Fix typo in man page. + - Added length checks to Babel printer. +- drop tcpdump-4.2.0-ppi.patch (upstream) + +--- Old: tcpdump-4.2.0-ppi.patch tcpdump-4.2.0.tar.gz New: tcpdump-4.2.1.tar.gz Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.UmVE1O/_old 2012-01-04 07:32:21.0 +0100 +++ /var/tmp/diff_new_pack.UmVE1O/_new 2012-01-04 07:32:21.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tcpdump # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,24 +15,19 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild - Name: tcpdump -Version:4.2.0 -Release:1 -AutoReqProv:on -License:BSD-3-Clause -Group: Productivity/Networking/Diagnostic +Version:4.2.1 +Release:0 Url:http://www.tcpdump.org/ Summary:A Packet Sniffer -Source: tcpdump-%{version}.tar.gz +License:BSD-3-Clause +Group: Productivity/Networking/Diagnostic +Source: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz Source1:tcpdump-qeth Patch0: tcpdump-4.0.0-prototypes.patch Patch2: tcpdump-4.0.0-aliasing.patch Patch3: tcpdump-4.0.0-uninitialized.patch -# PATCH-FIX-SUSE add missing ppi.h -Patch4: tcpdump-4.2.0-ppi.patch BuildRequires: libpcap-devel BuildRequires: libsmi-devel BuildRequires: openssl-devel @@ -48,7 +43,6 @@ %patch0 %patch2 %patch3 -%patch4 -p1 %build export CFLAGS=$RPM_OPT_FLAGS -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing ++ tcpdump-4.0.0-aliasing.patch ++ --- /var/tmp/diff_new_pack.UmVE1O/_old 2012-01-04 07:32:21.0 +0100 +++ /var/tmp/diff_new_pack.UmVE1O/_new 2012-01-04 07:32:21.0 +0100 @@ -1,21 +1,24 @@ icmp6.h +Index: icmp6.h +=== +--- icmp6.h.orig +++ icmp6.h -@@ -396,7 +396,11 @@ +@@ -404,7 +404,11 @@ struct icmp6_router_renum { /* router re u_int8_trr_segnum; u_int8_trr_flags; u_int16_t rr_maxdelay; -- u_int32_t rr_reserved; + union { + u_int8_trr_reserved8[4]; + u_int16_t rr_reserved16[2]; -+ u_int32_t rr_reserved; + u_int32_t rr_reserved; + }; }; #define ICMP6_RR_FLAGS_TEST 0x80 #define ICMP6_RR_FLAGS_REQRESULT 0x40 print-icmp.c +Index: print-icmp.c +=== +--- print-icmp.c.orig +++ print-icmp.c -@@ -47,6 +47,12 @@ +@@ -47,6 +47,12 @@ static const char rcsid[] _U_ = * Per RFC 792, September 1981. */ @@ -28,13 +31,12 @@ /* * Structure of an icmp header. */ -@@ -61,8 +67,12 @@ +@@ -61,8 +67,12 @@ struct icmp { u_int16_t icd_id; u_int16_t icd_seq; } ih_idseq;
commit tcpdump for openSUSE:Factory
Hello community, here is the log from the commit of package tcpdump for openSUSE:Factory checked in at 2011-12-06 19:07:43 Comparing /work/SRC/openSUSE:Factory/tcpdump (Old) and /work/SRC/openSUSE:Factory/.tcpdump.new (New) Package is tcpdump, Maintainer is vci...@suse.com Changes: Other differences: -- ++ tcpdump.spec ++ --- /var/tmp/diff_new_pack.PEk3X5/_old 2011-12-06 19:41:57.0 +0100 +++ /var/tmp/diff_new_pack.PEk3X5/_new 2011-12-06 19:41:57.0 +0100 @@ -22,7 +22,7 @@ Version:4.2.0 Release:1 AutoReqProv:on -License:BSD3c +License:BSD-3-Clause Group: Productivity/Networking/Diagnostic Url:http://www.tcpdump.org/ Summary:A Packet Sniffer -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org