Hello,
just a heads-up, since I had prepared a wheezy update for the recent
tcpreplay issue (CVE-2016-6160, #829350) beforehand, I will also do an
upload for wheezy-lts. The maintainer has agreed to this approach. If
you have objections, please reply very soon-ish.
debdiff attached.
Cheers,
Christoph
diff -u tcpreplay-3.4.3/debian/changelog tcpreplay-3.4.3/debian/changelog
--- tcpreplay-3.4.3/debian/changelog
+++ tcpreplay-3.4.3/debian/changelog
@@ -1,3 +1,10 @@
+tcpreplay (3.4.3-2+wheezy2) wheezy-security; urgency=low
+
+ * tcprewrite: Handle frames of 65535 octets size, add a
+ size check [CVE-2016-6160]. Closes: #829350
+
+ -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de> Thu, 07 Jul 2016 10:02:25 +0200
+
tcpreplay (3.4.3-2+wheezy1) testing-proposed-updates; urgency=low
* corrected configure to find libpcac again. closes: Bug#634538
only in patch2:
unchanged:
--- tcpreplay-3.4.3.orig/src/tcprewrite.c
+++ tcpreplay-3.4.3/src/tcprewrite.c
@@ -253,6 +253,8 @@
packetnum++;
dbgx(2, "packet " COUNTER_SPEC " caplen %d", packetnum, pkthdr.caplen);
+ if (pkthdr.caplen > MAXPACKET)
+ errx(-1, "Frame too big, caplen %d exceeds %d", pkthdr.caplen, MAXPACKET);
/*
* copy over the packet so we can pad it out if necessary and
* because pcap_next() returns a const ptr
only in patch2:
unchanged:
--- tcpreplay-3.4.3.orig/src/defines.h.in
+++ tcpreplay-3.4.3/src/defines.h.in
@@ -104,7 +104,7 @@
#define DEFAULT_MTU 1500 /* Max Transmission Unit of standard ethernet
* don't forget *frames* are MTU + L2 header! */
-#define MAXPACKET 65535 /* was 16436 linux loopback, but maybe something is bigger then
+#define MAXPACKET 65549 /* was 16436 linux loopback, but maybe something is bigger then
linux loopback */
#define MAX_SNAPLEN 65535 /* tell libpcap to capture the entire packet */
Attachment:
signature.asc
Description: Digital signature