[Bug 1397558] Re: please merge tcpdump from debian
Launchpad Bug Tracker
1397558 at bugs.launchpad.net
Wed Dec 3 17:33:54 UTC 2014
This bug was fixed in the package tcpdump - 4.6.2-3ubuntu1
---------------
tcpdump (4.6.2-3ubuntu1) vivid; urgency=low
* Merge from Debian unstable (LP: #1397558). Remaining changes:
* debian/control:
- Build-Depends on dh-apparmor.
- Suggests apparmor
* debian/README.Debian, debian/tcpdump.dirs, debian/usr.sbin.tcpdump,
debian/patches/patches/90_man_apparmor.diff,
debian/install, debian/rules:
- Install enforcing AppArmor profile.
* debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch
thanks to Graeme Hewson. (LP: #1229664)
tcpdump (4.6.2-3) unstable; urgency=high
* Cherry-pick commit 0f95d441e4 from upstream Git to fix a buffer overflow
in the PPP dissector (CVE-2014-9140).
tcpdump (4.6.2-2) unstable; urgency=high
* Urgency high due to security fixes.
* Add three patches extracted from various upstream commits fixing
vulnerabilities in three dissectors:
+ CVE-2014-8767: missing bounds checks in OLSR dissector (closes: #770434).
+ CVE-2014-8768: missing bounds checks in Geonet dissector
(closes: #770415).
+ CVE-2014-8769: missing bounds checks in AOVD dissector (closes: #770424).
-- Gianfranco Costamagna <costamagnagianfranco at yahoo.it> Sat, 29 Nov 2014 17:52:14 +0100
** Changed in: tcpdump (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9140
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1397558
Title:
please merge tcpdump from debian
Status in tcpdump package in Ubuntu:
Fix Released
Bug description:
debdiff attached
note: 4 CVEs fixed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1397558/+subscriptions
More information about the Ubuntu-sponsors
mailing list