Accepted tcpdump 3.6.2-2.8 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 6 Apr 2004 19:39:24 +0200
Source: tcpdump
Binary: tcpdump
Architecture: source i386
Version: 3.6.2-2.8
Distribution: stable-security
Urgency: high
Maintainer: Torsten Landschoff <torsten@debian.org>
Changed-By: Romain Francoise <rfrancoise@debian.org>
Description:
tcpdump - A powerful tool for network monitoring and data acquisition
Changes:
tcpdump (3.6.2-2.8) stable-security; urgency=high
.
* Backport changes from upstream CVS to fix ISAKMP payload handling
denial-of-service vulnerabilities (CAN-2004-0183, CAN-2004-0184).
Detailed changes (with corresponding upstream revisions):
+ Add length checks in isakmp_id_print() (print-isakmp.c, rev. 1.47)
+ Add data checks all over the place, change rawprint() prototype and
add corresponding return value checks (print-isakmp.c, rev. 1.46)
+ Add missing ntohs() and change length initialization in
isakmp_id_print(), not porting prototype changes (print-isakmp.c,
rev. 1.45)
Files:
3ea0f5275b154c914cdc9dea888e8a06 587 net optional tcpdump_3.6.2-2.8.dsc
7627c0d531403f0b0bdc7eaec51fb467 14097 net optional tcpdump_3.6.2-2.8.diff.gz
96f4b92404a0c7b70b1cb37d03d16b70 170210 net optional tcpdump_3.6.2-2.8_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAcv9VArxCt0PiXR4RAnvfAJ43hZWN7SLgql0U7S0xbZkg7XmAngCgxF6J
aPkVKZnQHY1gKg2PaecAXho=
=ER+a
-----END PGP SIGNATURE-----
Accepted:
tcpdump_3.6.2-2.8.diff.gz
to pool/main/t/tcpdump/tcpdump_3.6.2-2.8.diff.gz
tcpdump_3.6.2-2.8.dsc
to pool/main/t/tcpdump/tcpdump_3.6.2-2.8.dsc
tcpdump_3.6.2-2.8_i386.deb
to pool/main/t/tcpdump/tcpdump_3.6.2-2.8_i386.deb
Reply to: