[ubuntu/kinetic-proposed] tcpreplay 4.4.1-2ubuntu1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Wed Sep 28 01:30:37 UTC 2022
tcpreplay (4.4.1-2ubuntu1) kinetic; urgency=medium
* SECURITY UPDATE: heap-overflow in get_l2len_protocol
- debian/patches/CVE-2022-25484_27941.patch: fix heap overflow in
get_l2len_protocol
- CVE-2022-25484
- CVE-2022-27941
* SECURITY UPDATE: reachable assertion in get_layer4_v6
- debian/patches/CVE-2022-27939.patch: fix null pointer dereference in
get_layer4_v6
- CVE-2022-27939
* SECURITY UPDATE: heap-overflow in get_ipv6_next
- debian/patches/CVE-2022-27940_37047_37049.patch: Add end_ptr to key
functions, which make it easier to implement overflow protections
- CVE-2022-27940
- CVE-2022-37047
- CVE-2022-37049
* SECURITY UPDATE: heap-overflow in parse_mpls
- debian/patches/CVE-2022-27942.patch: Add better overflow protection in
parse_mpls
- CVE-2022-27942
* SECURITY UPDATE: format string vulnerability in fix_ipv6_checksums
- debian/patches/CVE-2022-28487.patch: fix format string in
src/tcpedit/edit_packet.c file
- CVE-2022-28487
* SECURITY UPDATE: heap-overflow in get_l2len_protocol
- debian/patches/CVE-2022-37048.patch: fix heap-overflow by checking data
length correctly
- CVE-2022-37048
Date: Tue, 27 Sep 2022 09:25:27 +0530
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/tcpreplay/4.4.1-2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 27 Sep 2022 09:25:27 +0530
Source: tcpreplay
Built-For-Profiles: noudeb
Architecture: source
Version: 4.4.1-2ubuntu1
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Changes:
tcpreplay (4.4.1-2ubuntu1) kinetic; urgency=medium
.
* SECURITY UPDATE: heap-overflow in get_l2len_protocol
- debian/patches/CVE-2022-25484_27941.patch: fix heap overflow in
get_l2len_protocol
- CVE-2022-25484
- CVE-2022-27941
* SECURITY UPDATE: reachable assertion in get_layer4_v6
- debian/patches/CVE-2022-27939.patch: fix null pointer dereference in
get_layer4_v6
- CVE-2022-27939
* SECURITY UPDATE: heap-overflow in get_ipv6_next
- debian/patches/CVE-2022-27940_37047_37049.patch: Add end_ptr to key
functions, which make it easier to implement overflow protections
- CVE-2022-27940
- CVE-2022-37047
- CVE-2022-37049
* SECURITY UPDATE: heap-overflow in parse_mpls
- debian/patches/CVE-2022-27942.patch: Add better overflow protection in
parse_mpls
- CVE-2022-27942
* SECURITY UPDATE: format string vulnerability in fix_ipv6_checksums
- debian/patches/CVE-2022-28487.patch: fix format string in
src/tcpedit/edit_packet.c file
- CVE-2022-28487
* SECURITY UPDATE: heap-overflow in get_l2len_protocol
- debian/patches/CVE-2022-37048.patch: fix heap-overflow by checking data
length correctly
- CVE-2022-37048
Checksums-Sha1:
000abe526953be62d74d19b6a78b74d61611c1bc 2145 tcpreplay_4.4.1-2ubuntu1.dsc
fcb8c8d6f88ce9f8d2f52b31b548173b003f3a47 13852 tcpreplay_4.4.1-2ubuntu1.debian.tar.xz
8898367c3830770f9d0fa1d5200bc022a51bf77b 7017 tcpreplay_4.4.1-2ubuntu1_source.buildinfo
Checksums-Sha256:
7df45652c7c9d1e4605787f8bf9c00f5cb968653b3842e1978b6e19c2f757025 2145 tcpreplay_4.4.1-2ubuntu1.dsc
8e1a794edf95dfaaee51f89dd7760df6d32334c33e31c621765e4feaaac796e7 13852 tcpreplay_4.4.1-2ubuntu1.debian.tar.xz
30edfe9a39cfba0d82521b8f87b775c4dfbb36743db4d6cb00aec42578ae4da3 7017 tcpreplay_4.4.1-2ubuntu1_source.buildinfo
Files:
7dd64a8de0accc4e418678bcbd2047c8 2145 net optional tcpreplay_4.4.1-2ubuntu1.dsc
27a4f7f24f49c9c7053678045fecbf88 13852 net optional tcpreplay_4.4.1-2ubuntu1.debian.tar.xz
2d958399f2f5c12ef5053f415ca2aca3 7017 net optional tcpreplay_4.4.1-2ubuntu1_source.buildinfo
Original-Maintainer: Christoph Biedl <debian.axhn at manchmal.in-ulm.de>
More information about the kinetic-changes
mailing list