tcpdump mailing list archives
Re: tcpdump 3.7.2 and libpcap 0.7.2 released
From: "Ademar de Souza Reis Jr." <ademar () conectiva com br>
Date: Mon, 10 Mar 2003 15:23:22 -0300
On Thu, Feb 27, 2003 at 12:51:51PM -0800, Bill Fenner wrote:
Hi, We've released tcpdump 3.7.2 and libpcap 0.7.2 . tcpdump 3.7.2 addresses today's iDEFENSE Advisory 02.27.03, as well as a couple of other security problems. libpcap 0.7.2 has no security updates, just some bugfixes and minor new functionality.
Hi. Do these security problems also affect tcpdump 3.6.2? If yes, do you have plans on a new release for 3.6.x? (I see there's a CVS tag named "tcpdump_3_6rel3"... are there any security fixes applied to this branch?) I'm asking that because I have to update "old" Conectiva Linux distributions that shipped with tcpdump 3.6.x. Thanks in advance.
The releases are available both from www.tcpdump.org and sourceforge.
Enjoy!
Bill
tcpdump CHANGES:
Fixed infinite loop when parsing malformed isakmp packets.
(reported by iDefense; already fixed in CVS)
Fixed infinite loop when parsing malformed BGP packets.
Fixed buffer overflow with certain malformed NFS packets.
-- Ademar de Souza Reis Jr. <ademar () conectiva com br> Never be afraid to try something new. Remember that amateurs built the Ark. Professionals built the Titanic. ^[:wq! - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- tcpdump 3.7.2 and libpcap 0.7.2 released Bill Fenner (Feb 27)
- Re: tcpdump 3.7.2 and libpcap 0.7.2 released Ademar de Souza Reis Jr. (Mar 10)
- Re: tcpdump 3.7.2 and libpcap 0.7.2 released Bill Fenner (Mar 10)
- Re: tcpdump 3.7.2 and libpcap 0.7.2 released Ademar de Souza Reis Jr. (Mar 10)
- Re: tcpdump 3.7.2 and libpcap 0.7.2 released Bill Fenner (Mar 10)
- Re: tcpdump 3.7.2 and libpcap 0.7.2 released Ademar de Souza Reis Jr. (Mar 10)