Browse code
Add patch CVE-2018-19519 for tcpdump
Change-Id: I7bc14a8503e14c7bba8e4420bdeafc2ef0e44673
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6875
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
michellew-vmware authored on 2019/03/15 07:12:22Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,23 @@ |
| 0 |
+From 32af00b05a6ef573d0b340f97b54c13eb9509dc7 Mon Sep 17 00:00:00 2001 |
|
| 1 |
+From: Pedro Monreal <pmgdeb@gmail.com> |
|
| 2 |
+Date: Thu, 6 Dec 2018 12:18:38 +0100 |
|
| 3 |
+Subject: [PATCH] CVE-2018-19519 buffer overread. Initialize buf in |
|
| 4 |
+ print-hncp.c:print_prefix. |
|
| 5 |
+ |
|
| 6 |
+--- |
|
| 7 |
+ print-hncp.c | 2 ++ |
|
| 8 |
+ 1 file changed, 2 insertions(+) |
|
| 9 |
+ |
|
| 10 |
+Index: tcpdump-4.9.2/print-hncp.c |
|
| 11 |
+=================================================================== |
|
| 12 |
+--- tcpdump-4.9.2.orig/print-hncp.c |
|
| 13 |
+@@ -206,6 +206,8 @@ print_prefix(netdissect_options *ndo, co |
|
| 14 |
+ int plenbytes; |
|
| 15 |
+ char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")];
|
|
| 16 |
+ |
|
| 17 |
++ buf[0] = '\0'; |
|
| 18 |
++ |
|
| 19 |
+ if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && |
|
| 20 |
+ is_ipv4_mapped_address(&prefix[1])) {
|
|
| 21 |
+ struct in_addr addr; |
| ... | ... |
@@ -1,37 +1,45 @@ |
| 1 |
-Summary: Packet Analyzer |
|
| 2 |
-Name: tcpdump |
|
| 3 |
-Version: 4.9.2 |
|
| 4 |
-Release: 1%{?dist}
|
|
| 5 |
-License: BSD |
|
| 6 |
-URL: http://www.tcpdump.org |
|
| 7 |
-Source0: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
|
|
| 1 |
+Summary: Packet Analyzer |
|
| 2 |
+Name: tcpdump |
|
| 3 |
+Version: 4.9.2 |
|
| 4 |
+Release: 2%{?dist}
|
|
| 5 |
+License: BSD |
|
| 6 |
+URL: http://www.tcpdump.org |
|
| 7 |
+Source0: http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
|
|
| 8 | 8 |
%define sha1 tcpdump=e2db246a9dd19278bac1a5ff875106c75e0a16d4 |
| 9 |
-Group: Networking |
|
| 10 |
-Vendor: VMware, Inc. |
|
| 11 |
-Distribution: Photon |
|
| 12 |
-BuildRequires: libpcap |
|
| 13 |
-Requires: libpcap |
|
| 9 |
+Patch0: CVE-2018-19519.patch |
|
| 10 |
+Group: Networking |
|
| 11 |
+Vendor: VMware, Inc. |
|
| 12 |
+Distribution: Photon |
|
| 13 |
+BuildRequires: libpcap |
|
| 14 |
+Requires: libpcap |
|
| 15 |
+ |
|
| 14 | 16 |
%description |
| 15 | 17 |
Tcpdump is a common packet analyzer that runs under the command line. |
| 16 | 18 |
It allows the user to display TCP/IP and other packets being |
| 17 | 19 |
transmitted or received over a network to which the computer is attached. |
| 20 |
+ |
|
| 18 | 21 |
%prep |
| 19 | 22 |
%setup -qn tcpdump-tcpdump-%{version}
|
| 23 |
+%patch0 -p1 |
|
| 20 | 24 |
%build |
| 21 |
-./configure \ |
|
| 22 |
- --prefix=%{_prefix}
|
|
| 25 |
+%configure |
|
| 23 | 26 |
make %{?_smp_mflags}
|
| 27 |
+ |
|
| 24 | 28 |
%install |
| 25 | 29 |
make DESTDIR=%{buildroot} install
|
| 26 | 30 |
find %{buildroot} -name '*.la' -delete
|
| 27 | 31 |
|
| 28 | 32 |
%check |
| 29 | 33 |
make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}
|
| 34 |
+ |
|
| 30 | 35 |
%files |
| 31 | 36 |
%defattr(-,root,root) |
| 32 | 37 |
%{_sbindir}/*
|
| 33 | 38 |
%{_mandir}/man1/*
|
| 39 |
+ |
|
| 34 | 40 |
%changelog |
| 41 |
+* Thu Mar 14 2019 Michelle Wang <michellew@vmware.com> 4.9.2-2 |
|
| 42 |
+- Add patch CVE-2018-19519 |
|
| 35 | 43 |
* Fri Sep 15 2017 Dheeraj Shetty <dheerajs@vmware.com> 4.9.2-1 |
| 36 | 44 |
- Updating version to 4.9.2 |
| 37 | 45 |
* Thu Sep 07 2017 Dheeraj Shetty <dheerajs@vmware.com> 4.9.1-2 |