Hello, I would like to inquire about the status of CVE-2018-19519 [1] which was reported end of 2018 but for which no patch seems to be applied in the tcpdump repository. I also see no reference to this issue in the mailing list archives.
The issue is described by the reporter Zeng Yingpei at [2] and a proposed solution is mentioned (initializing 'buf'). Are the tcpdump developers aware of this issue? Has a patch been proposed / is someone looking at it? Thanks, Thomas [1] https://nvd.nist.gov/vuln/detail/CVE-2018-19519 [2] https://github.com/zyingp/temp/blob/master/tcpdump.md _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
