[ubuntu/kinetic-proposed] tcpreplay 4.4.1-2ubuntu1 (Accepted)

Nishit Majithia nishit.majithia at canonical.com
Wed Sep 28 01:30:37 UTC 2022


tcpreplay (4.4.1-2ubuntu1) kinetic; urgency=medium

  * SECURITY UPDATE: heap-overflow in get_l2len_protocol
    - debian/patches/CVE-2022-25484_27941.patch: fix heap overflow in
      get_l2len_protocol
    - CVE-2022-25484
    - CVE-2022-27941
  * SECURITY UPDATE: reachable assertion in get_layer4_v6
    - debian/patches/CVE-2022-27939.patch: fix null pointer dereference in
      get_layer4_v6
    - CVE-2022-27939
  * SECURITY UPDATE: heap-overflow in get_ipv6_next
    - debian/patches/CVE-2022-27940_37047_37049.patch: Add end_ptr to key
      functions, which make it easier to implement overflow protections
    - CVE-2022-27940
    - CVE-2022-37047
    - CVE-2022-37049
  * SECURITY UPDATE: heap-overflow in parse_mpls
    - debian/patches/CVE-2022-27942.patch: Add better overflow protection in
      parse_mpls
    - CVE-2022-27942
  * SECURITY UPDATE: format string vulnerability in fix_ipv6_checksums
    - debian/patches/CVE-2022-28487.patch: fix format string in
      src/tcpedit/edit_packet.c file
    - CVE-2022-28487
  * SECURITY UPDATE: heap-overflow in get_l2len_protocol
    - debian/patches/CVE-2022-37048.patch: fix heap-overflow by checking data
      length correctly
    - CVE-2022-37048

Date: Tue, 27 Sep 2022 09:25:27 +0530
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/tcpreplay/4.4.1-2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 27 Sep 2022 09:25:27 +0530
Source: tcpreplay
Built-For-Profiles: noudeb
Architecture: source
Version: 4.4.1-2ubuntu1
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Changes:
 tcpreplay (4.4.1-2ubuntu1) kinetic; urgency=medium
 .
   * SECURITY UPDATE: heap-overflow in get_l2len_protocol
     - debian/patches/CVE-2022-25484_27941.patch: fix heap overflow in
       get_l2len_protocol
     - CVE-2022-25484
     - CVE-2022-27941
   * SECURITY UPDATE: reachable assertion in get_layer4_v6
     - debian/patches/CVE-2022-27939.patch: fix null pointer dereference in
       get_layer4_v6
     - CVE-2022-27939
   * SECURITY UPDATE: heap-overflow in get_ipv6_next
     - debian/patches/CVE-2022-27940_37047_37049.patch: Add end_ptr to key
       functions, which make it easier to implement overflow protections
     - CVE-2022-27940
     - CVE-2022-37047
     - CVE-2022-37049
   * SECURITY UPDATE: heap-overflow in parse_mpls
     - debian/patches/CVE-2022-27942.patch: Add better overflow protection in
       parse_mpls
     - CVE-2022-27942
   * SECURITY UPDATE: format string vulnerability in fix_ipv6_checksums
     - debian/patches/CVE-2022-28487.patch: fix format string in
       src/tcpedit/edit_packet.c file
     - CVE-2022-28487
   * SECURITY UPDATE: heap-overflow in get_l2len_protocol
     - debian/patches/CVE-2022-37048.patch: fix heap-overflow by checking data
       length correctly
     - CVE-2022-37048
Checksums-Sha1:
 000abe526953be62d74d19b6a78b74d61611c1bc 2145 tcpreplay_4.4.1-2ubuntu1.dsc
 fcb8c8d6f88ce9f8d2f52b31b548173b003f3a47 13852 tcpreplay_4.4.1-2ubuntu1.debian.tar.xz
 8898367c3830770f9d0fa1d5200bc022a51bf77b 7017 tcpreplay_4.4.1-2ubuntu1_source.buildinfo
Checksums-Sha256:
 7df45652c7c9d1e4605787f8bf9c00f5cb968653b3842e1978b6e19c2f757025 2145 tcpreplay_4.4.1-2ubuntu1.dsc
 8e1a794edf95dfaaee51f89dd7760df6d32334c33e31c621765e4feaaac796e7 13852 tcpreplay_4.4.1-2ubuntu1.debian.tar.xz
 30edfe9a39cfba0d82521b8f87b775c4dfbb36743db4d6cb00aec42578ae4da3 7017 tcpreplay_4.4.1-2ubuntu1_source.buildinfo
Files:
 7dd64a8de0accc4e418678bcbd2047c8 2145 net optional tcpreplay_4.4.1-2ubuntu1.dsc
 27a4f7f24f49c9c7053678045fecbf88 13852 net optional tcpreplay_4.4.1-2ubuntu1.debian.tar.xz
 2d958399f2f5c12ef5053f415ca2aca3 7017 net optional tcpreplay_4.4.1-2ubuntu1_source.buildinfo
Original-Maintainer: Christoph Biedl <debian.axhn at manchmal.in-ulm.de>


More information about the kinetic-changes mailing list