rpms/tcpick/devel tcpick-0.2.1-CVE-2006-0048.patch, NONE, 1.1 tcpick.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Robert Scheck (robert)
fedora-extras-commits at redhat.com
Tue Jun 20 14:55:18 UTC 2006
- Previous message (by thread): rpms/tcpick import.log,1.1,1.2
- Next message (by thread): rpms/ghdl/devel ghdl-svn57.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 ghdl.spec, 1.16, 1.17 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: robert
Update of /cvs/extras/rpms/tcpick/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21369/devel
Modified Files:
.cvsignore sources
Added Files:
tcpick-0.2.1-CVE-2006-0048.patch tcpick.spec
Log Message:
auto-import tcpick-0.2.1-8 on branch devel from tcpick-0.2.1-8.src.rpm
tcpick-0.2.1-CVE-2006-0048.patch:
--- NEW FILE tcpick-0.2.1-CVE-2006-0048.patch ---
Re-merged patch by Robert Scheck <robert at fedoraproject.org> for tcpick <= 0.2.1,
which works around the segmentation fault by aborting tcpick.
The patch is originally from Cédric Delfosse <cedric at debian.org> after the report
by Andrea Barisani <andrea at inversepath.com> about the possibility maybe to trigger
remotely the segfault condition in tcpick.
Further information:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0048
- http://sourceforge.net/mailarchive/forum.php?thread_id=9989610&forum_id=37151
- http://www.securityfocus.com/bid/17665
--- tcpick-0.2.1/src/loop.c 2005-01-16 16:26:56.000000000 +0100
+++ tcpick-0.2.1/src/loop.c.CVE-2006-0048 2006-05-31 16:56:26.000000000 +0200
@@ -69,7 +69,6 @@
payload = (u_char *)(packet + datalink_size + IP_SIZE + tcp_size);
payload_len = iplen - IP_SIZE - tcp_size;
-#ifdef TCPICK_DEBUG
if( payload_len != (hdr->len - (int)( payload - packet ) ) ) {
suicide( "got_packet",
"payload lenght calculated with iplen and hdr->len\n"
@@ -92,7 +91,6 @@
);
}
-#endif /* TCPICK_DEBUG */
if( flags.header > 0 )
display_header( stdout, ippacket, tcppacket,
--- NEW FILE tcpick.spec ---
Name: tcpick
Version: 0.2.1
Release: 8%{?dist}
Summary: A tcp stream sniffer, tracker and capturer
License: GPL
Group: Applications/Internet
URL: http://tcpick.sourceforge.net/
Source: http://dl.sourceforge.net/sourceforge/%{name}/%{name}-%{version}.tar.gz
Patch: tcpick-0.2.1-CVE-2006-0048.patch
%if "%{?fedora}" <= "5"
BuildRequires: libpcap
%else
BuildRequires: libpcap-devel
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%description
tcpick is a textmode sniffer that can track tcp streams and saves
the data captured in files or displays them in the terminal. Useful
for picking files in a passive way.
It can store all connections in different files, or it can display
all the stream on the terminal. It is useful to keep track of what
users of a network are doing, and is usable with textmode tools
like grep, sed and awk. It can handle eth and ppp interfaces.
%prep
%setup -q
%patch -p1 -b .CVE-2006-0048
%build
%configure --bindir=%{_sbindir}
make %{_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make DESTDIR=$RPM_BUILD_ROOT install
# Move the Italian man page to its correct place
mkdir -p $RPM_BUILD_ROOT%{_mandir}/it/man8
mv -f $RPM_BUILD_ROOT%{_mandir}/man8/tcpick_italian.8 $RPM_BUILD_ROOT%{_mandir}/it/man8/tcpick.8
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%doc AUTHORS ChangeLog COPYING EXAMPLES KNOWN-BUGS README THANKS TODO
%{_sbindir}/%{name}
%{_mandir}/man8/%{name}.8.gz
%{_mandir}/it/man8/%{name}.8.gz
%changelog
* Tue Jun 20 2006 Robert Scheck <robert at fedoraproject.org> 0.2.1-8
- Changes to match with Fedora Packaging Guidelines (#195764)
* Wed May 31 2006 Robert Scheck <robert at fedoraproject.org> 0.2.1-7
- Fixed CVE-2006-0048 (denial of service via fragmented packets)
- Added libpcap-devel as build requirement (#193189)
* Tue Mar 07 2006 Robert Scheck <robert at fedoraproject.org> 0.2.1-6
- Rebuilt against gcc 4.1 and glibc 2.4
* Fri Nov 11 2005 Robert Scheck <robert at fedoraproject.org> 0.2.1-5
- Rebuilt against libpcap 0.9.4
* Thu Jul 28 2005 Robert Scheck <robert at fedoraproject.org> 0.2.1-4
- Rebuilt against libpcap 0.9.3
* Fri Jul 15 2005 Robert Scheck <robert at fedoraproject.org> 0.2.1-3
- Rebuilt against libpcap 0.9.1
* Sun Mar 13 2005 Robert Scheck <robert at fedoraproject.org> 0.2.1-2
- Rebuilt against gcc 4.0
* Sun Jan 30 2005 Robert Scheck <robert at fedoraproject.org> 0.2.1-1
- Upgrade to 0.2.1
* Sun Jan 16 2005 Robert Scheck <robert at fedoraproject.org> 0.2.0-1
- Upgrade to 0.2.0
* Sat Aug 28 2004 Robert Scheck <robert at fedoraproject.org> 0.1.24-1
- Fixed a typo caused by the man page change
- Upgrade to 0.1.24
* Sat Jun 05 2004 Robert Scheck <robert at fedoraproject.org> 0.1.23-1
- Upgrade to 0.1.23
* Thu May 06 2004 Robert Scheck <robert at fedoraproject.org> 0.1.22-1
- Upgrade to 0.1.22
* Tue Mar 02 2004 Robert Scheck <robert at fedoraproject.org> 0.1.21-1
- Upgrade to 0.1.21
* Fri Feb 27 2004 Robert Scheck <robert at fedoraproject.org> 0.1.20-1
- Upgrade to 0.1.20
- Moved tcpick binary from /usr/bin to /usr/sbin
- Added more description about tcpick
* Fri Jan 30 2004 Robert Scheck <robert at fedoraproject.org> 0.1.19-1
- Upgrade to 0.1.19
* Tue Jan 13 2004 Robert Scheck <robert at fedoraproject.org> 0.1.18-1
- Upgrade to 0.1.18
- Added patch to solve problems with libpcap
* Wed Jan 07 2004 Robert Scheck <robert at fedoraproject.org> 0.1.17-1
- Upgrade to 0.1.17
* Fri Dec 12 2003 Robert Scheck <robert at fedoraproject.org> 0.1.13-1
- Upgrade to 0.1.13
* Thu Dec 04 2003 Robert Scheck <robert at fedoraproject.org> 0.1.10-1
- Upgrade to 0.1.10
- Initial spec file for Red Hat Linux and Fedora Core
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/tcpick/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 20 Jun 2006 14:54:46 -0000 1.1
+++ .cvsignore 20 Jun 2006 14:55:18 -0000 1.2
@@ -0,0 +1 @@
+tcpick-0.2.1.tar.gz
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/tcpick/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 20 Jun 2006 14:54:46 -0000 1.1
+++ sources 20 Jun 2006 14:55:18 -0000 1.2
@@ -0,0 +1 @@
+bb94f2f9ea81aeb645619fbe9b3b9a29 tcpick-0.2.1.tar.gz
- Previous message (by thread): rpms/tcpick import.log,1.1,1.2
- Next message (by thread): rpms/ghdl/devel ghdl-svn57.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 ghdl.spec, 1.16, 1.17 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list