carnil <notificati...@github.com> wrote:
> Information on CVE-2018-16301 seem to indicate that it first was
> thought to be an issue in tcpdump, but then it's clearly stated that it
> is fixed in libpcap.
> The CVE description submitted to MITRE is as well inline with that:
(okay, but don't use that as authoritative, since I am the one that wrote that)
>> libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer
>> overflow and/or over-read because of errors in pcapng reading.
> We have marked it now as such in Debian's records, but if
> CVE-2018-16301 is a duplicate of CVE-2019-15161 then preferably
> upstream would need to ask MITRE to reject CVE-2018-16301.
MITRE has a very poor record and very high latency for responding.
I'm happy to get our records cleared up; I will be adding a "duplicates"
column to my CSV file. I'm just still in a bit of PTSD from having worked on
this stuff for too long :-(
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
