*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Eduardo dos Santos Barretto (ebarretto):
tcpdump 4.x is currently affected by the following CVEs: CVE‑2018‑14463 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-14463> , CVE‑2018‑14881 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881> , CVE‑2018‑16452 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-16452> , CVE‑2018‑14462 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462> , CVE‑2018‑16301 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-16301> , CVE‑2018‑14466 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466> , CVE‑2018‑16451 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-16451> , CVE‑2019‑15166 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166> , CVE‑2018‑16228 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-16228> , CVE‑2018‑14461 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461> , CVE‑2018‑14467 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-14467> , CVE‑2018‑14465 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465> , CVE‑2018‑16300 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-16300> , CVE‑2018‑14464 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464> , CVE‑2018‑14470 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-14470> , CVE‑2018‑16227 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227> , CVE‑2018‑16230 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-16230> , CVE‑2018‑14469 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469> , CVE‑2018‑14880 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-14880> , CVE‑2018‑16229 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229> , CVE‑2019‑15167 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2019-15167> , CVE‑2018‑14468 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468> , CVE‑2018‑14882 <https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-14882> References: 1. https://github.com/the-tcpdump-group/tcpdump/commit/aa5c6b710dfd8020d2c908d6b3bd41f1da719b3b <https://github.com/the-tcpdump-group/tcpdump/commit/aa5c6b710dfd8020d2c908d6b3bd41f1da719b3b> 2. https://github.com/the-tcpdump-group/tcpdump/commit/1a1bce0526a77b62e41531b00f8bb5e21fd4f3a3 <https://github.com/the-tcpdump-group/tcpdump/commit/1a1bce0526a77b62e41531b00f8bb5e21fd4f3a3> 3. https://github.com/the-tcpdump-group/tcpdump/commit/3de07c772166b7e8e8bb4b9d1d078f1d901b570b <https://github.com/the-tcpdump-group/tcpdump/commit/3de07c772166b7e8e8bb4b9d1d078f1d901b570b> 4. https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220 <https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220> 5. https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739 <https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739> 6. https://github.com/the-tcpdump-group/tcpdump/commit/c24922e692a52121e853a84ead6b9337f4c08a94 <https://github.com/the-tcpdump-group/tcpdump/commit/c24922e692a52121e853a84ead6b9337f4c08a94> 7. https://github.com/the-tcpdump-group/tcpdump/commit/e3f3b445e2d20ac5d5b7fcb7559ce6beb55da0c9 <https://github.com/the-tcpdump-group/tcpdump/commit/e3f3b445e2d20ac5d5b7fcb7559ce6beb55da0c9> 8. https://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b <https://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b> 9. https://github.com/the-tcpdump-group/tcpdump/commit/396e94ff55a80d554b1fe46bf107db1e91008d6c <https://github.com/the-tcpdump-group/tcpdump/commit/396e94ff55a80d554b1fe46bf107db1e91008d6c> 10. https://github.com/the-tcpdump-group/tcpdump/commit/12f66f69f7bf1ec1266ddbee90a7616cbf33696b <https://github.com/the-tcpdump-group/tcpdump/commit/12f66f69f7bf1ec1266ddbee90a7616cbf33696b> 11. https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6 <https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6> 12. https://github.com/the-tcpdump-group/tcpdump/commit/86326e880d31b328a151d45348c35220baa9a1ff <https://github.com/the-tcpdump-group/tcpdump/commit/86326e880d31b328a151d45348c35220baa9a1ff> 13. https://github.com/the-tcpdump-group/tcpdump/commit/d7505276842e85bfd067fa21cdb32b8a2dc3c5e4 <https://github.com/the-tcpdump-group/tcpdump/commit/d7505276842e85bfd067fa21cdb32b8a2dc3c5e4> 14. https://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09 <https://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09> 15. https://github.com/the-tcpdump-group/tcpdump/commit/83a412a5275cac973c5841eca3511c766bed778d <https://github.com/the-tcpdump-group/tcpdump/commit/83a412a5275cac973c5841eca3511c766bed778d> 16. https://github.com/the-tcpdump-group/tcpdump/commit/211124b972e74f0da66bc8b16f181f78793e2f66 <https://github.com/the-tcpdump-group/tcpdump/commit/211124b972e74f0da66bc8b16f181f78793e2f66> 17. https://github.com/the-tcpdump-group/tcpdump/commit/13d52e9c0e7caf7e6325b0051bc90a49968be67f <https://github.com/the-tcpdump-group/tcpdump/commit/13d52e9c0e7caf7e6325b0051bc90a49968be67f> 18. https://github.com/the-tcpdump-group/tcpdump/commit/af2cf04a9394c1a56227c2289ae8da262828294a <https://github.com/the-tcpdump-group/tcpdump/commit/af2cf04a9394c1a56227c2289ae8da262828294a> 19. https://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6 <https://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6> 20. https://github.com/the-tcpdump-group/tcpdump/commit/24182d959f661327525a20d9a94c98a8ec016778 <https://github.com/the-tcpdump-group/tcpdump/commit/24182d959f661327525a20d9a94c98a8ec016778> 21. https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4 <https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4> 22. https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES <https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES> Solution: update to version 4.9.3. ** Affects: tcpdump (Ubuntu) Importance: Undecided Status: New -- tcpdump vulnerability https://bugs.launchpad.net/bugs/1854707 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
