rpms/tcpdump/FC-6 tcpdump-3.9.4-80211.patch, NONE, 1.1 tcpdump.spec, 1.56, 1.57
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Mar 15 12:03:37 UTC 2007
Author: mlichvar
Update of /cvs/dist/rpms/tcpdump/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv20104
Modified Files:
tcpdump.spec
Added Files:
tcpdump-3.9.4-80211.patch
Log Message:
- fix buffer overflow in 802.11 printer (#232349, CVE-2007-1218)
- require /usr/sbin/sendmail (#232363)
Resolves: #232349 #232363
tcpdump-3.9.4-80211.patch:
print-802_11.c | 2 ++
1 files changed, 2 insertions(+)
--- NEW FILE tcpdump-3.9.4-80211.patch ---
--- tcpdump-3.9.4/print-802_11.c.foo 2005-07-30 23:37:50.000000000 +0200
+++ tcpdump-3.9.4/print-802_11.c 2007-03-15 12:12:58.000000000 +0100
@@ -190,6 +190,8 @@
if (pbody->tim.length <= 3)
break;
+ if (pbody->tim.length - 3 > sizeof pbody->tim.bitmap)
+ return;
if (!TTEST2(*(p + offset), pbody->tim.length - 3))
return 0;
memcpy(pbody->tim.bitmap, p + (pbody->tim.length - 3),
Index: tcpdump.spec
===================================================================
RCS file: /cvs/dist/rpms/tcpdump/FC-6/tcpdump.spec,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -r1.56 -r1.57
--- tcpdump.spec 17 Nov 2006 09:24:31 -0000 1.56
+++ tcpdump.spec 15 Mar 2007 12:03:35 -0000 1.57
@@ -2,8 +2,8 @@
%define PCAP_UID 77
%define PCAP_GID 77
-%define releaseno 9%{?dist}
-%define arpwatch_release 16%{?dist}
+%define releaseno 10%{?dist}
+%define arpwatch_release 17%{?dist}
%define pcap_release %{releaseno}
%define tcpdump_release %{releaseno}
@@ -45,6 +45,7 @@
Patch19: tcpdump-3.8.2-rsvp-dos.patch
Patch21: tcpdump-3.8.2-isis-dos.patch
Patch22: tcpdump-3.9.4-ring-buffers.patch
+Patch23: tcpdump-3.9.4-80211.patch
Patch34: arpwatch-2.1a4-fhs.patch
Patch35: arpwatch-2.1a10-man.patch
@@ -64,6 +65,7 @@
Prefix: %{_prefix}
BuildRequires: glibc-kernheaders >= 2.2.0 openssl-devel flex bison
+BuildRequires: /usr/sbin/sendmail
BuildRoot: %{_tmppath}/%{name}-root
Prereq: shadow-utils
@@ -127,6 +129,7 @@
Group: Applications/System
License: BSD
URL: http://www.tcpdump.org
+Requires: /usr/sbin/sendmail
Prereq: /sbin/chkconfig /sbin/service
Prereq: shadow-utils
@@ -161,6 +164,7 @@
%patch19 -p1 -b .rsvp-dos
%patch21 -p1 -b .isis-dos
%patch22 -p1 -b .ring
+%patch23 -p1 -b .80211
tar xzf %{SOURCE6}
popd
@@ -346,6 +350,10 @@
%{_vararpwatch}/massagevendor-old
%changelog
+* Thu Mar 15 2007 Miroslav Lichvar <mlichvar at redhat.com> - 14:3.9.4-10.fc6
+- fix buffer overflow in 802.11 printer (#232349, CVE-2007-1218)
+- require /usr/sbin/sendmail (#232363)
+
* Fri Nov 17 2006 Miroslav Lichvar <mlichvar at redhat.com> - 14:3.9.4-9
- fix processing of Prism and AVS headers (#206686)
- fix arp2ethers script
More information about the fedora-cvs-commits
mailing list