Vulnerability : isehlt

2017 m. vasario 15 d., trečiadienis

[slackware-security] tcpdump (SSA:2017-041-04)

[slackware-security] tcpdump (SSA:2017-041-04)

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2,
and -current to fix security issues.

NOTE: These updates also require the updated libpcap package.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/tcpdump-4.9.0-i586-1_slack14.2.txz: Upgraded.
Fixed bugs which allow an attacker to crash tcpdump (denial of service).
For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------
+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/tcpdump-4.9.0-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/tcpdump-4.9.0-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/tcpdump-4.9.0-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/tcpdump-4.9.0-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/tcpdump-4.9.0-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/tcpdump-4.9.0-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/tcpdump-4.9.0-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/tcpdump-4.9.0-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpdump-4.9.0-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tcpdump-4.9.0-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 13.37 package:
9511f62c56fca52c1a5e7e3c019d13f1 tcpdump-4.9.0-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
363eedb14f568d59285421ab73854543 tcpdump-4.9.0-x86_64-1_slack13.37.txz

Slackware 14.0 package:
e4a3e6529f2d183e64abec02b6336fc1 tcpdump-4.9.0-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
4025510be6f69f299f2d2775a4eed86e tcpdump-4.9.0-x86_64-1_slack14.0.txz

Slackware 14.1 package:
b693f072d9ce8e1e2f542e05c049ac8b tcpdump-4.9.0-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
76109f2cf611d5a040db9d5d04628cae tcpdump-4.9.0-x86_64-1_slack14.1.txz

Slackware 14.2 package:
a7c745161f5c4e96bc149941893b1a94 tcpdump-4.9.0-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
e36f1d88a2cd63e2aa1771d589fc53de tcpdump-4.9.0-x86_64-1_slack14.2.txz

Slackware -current package:
c60c97421c742cf02b64535593162f0f n/tcpdump-4.9.0-i586-1.txz

Slackware x86_64 -current package:
22ec2ccd2a28f965d8ce53788d0dfdd4 n/tcpdump-4.9.0-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg tcpdump-4.9.0-i586-1_slack14.2.txz

NOTE: These updates also require the updated libpcap package:

# upgradepkg libpcap-1.8.1-i586-1_slack14.2.txz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

Pranešimą parašė Unknown ties 14:37

Siųsti el. paštu BlogThis!Bendrinti sistemoje X Bendrinti sistemoje „Facebook“Bendrinti sistemoje „Pinterest“

Komentarų nėra:

Rašyti komentarą

Naujesnis pranešimas Senesnis pranešimas Pradinis puslapis

Užsisakykite: Rašyti komentarus (Atom)

Puslapiai

Pradinis puslapis
Nuorodos

Tinklaraščio archyvas

► 2018 (12)
- ► sausio (12)

▼ 2017 (672)
- ► gruodžio (26)
- ► lapkričio (23)
- ► spalio (39)
- ► rugsėjo (23)
- ► rugpjūčio (47)
- ► liepos (52)
- ► birželio (67)
- ► gegužės (77)
- ► balandžio (79)
- ► kovo (109)
- ▼ vasario (64)
- ► sausio (66)

► 2016 (872)
- ► gruodžio (57)
- ► lapkričio (37)
- ► rugpjūčio (4)
- ► gegužės (15)
- ► balandžio (172)
- ► kovo (238)
- ► vasario (212)
- ► sausio (137)

► 2015 (1918)
- ► gruodžio (130)
- ► lapkričio (87)
- ► spalio (163)
- ► rugsėjo (106)
- ► rugpjūčio (132)
- ► liepos (139)
- ► birželio (172)
- ► gegužės (153)
- ► balandžio (285)
- ► kovo (261)
- ► vasario (140)
- ► sausio (150)

► 2014 (1246)
- ► gruodžio (182)
- ► lapkričio (157)
- ► spalio (195)
- ► rugsėjo (237)
- ► rugpjūčio (57)
- ► liepos (150)
- ► birželio (154)
- ► gegužės (114)

Translate

Ieškoti šiame dienoraštyje

Populiarūs įrašai

[ MDVSA-2015:086 ] libssh

Mandriva Linux Security Advisory MDVSA-2015:086 http://www.mandriva.com/en/ support/security/ ___________________...
(nėra pavadinimo)

ISEHLT
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability

Document Title: =============== Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability References (Source): ==================...
Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability

Document Title: =============== Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability References (Source): ================...
IP.Board 3.4 cross-site scripting in Referer header

+----------------------------- ------------------------------ --------- + + IP.Board 3.4 cross-site scripting in Referer header + +--------...
Backdoor access to Techboard/Syac devices

[ADVISORY INFORMATION] Title: Backdoor access to Techboard/Syac devices Discovery date: 02/04/2014 Release date: 07/07/2014 Advis...
Lithium Forum - (previewImages) Persistent Vulnerability

Document Title: =============== Lithium Forum - (previewImages) Persistent Vulnerability References (Source): ==================== http://ww...
Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities

Document Title: =============== Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities References (Source): ==================== http://www....
Joomla com_easyblog Component - 'id' Parameter Sql Injection Vulnerability

Joomla com_easyblog component version 1.4 suffers from a remote SQL injection vulnerability. tested on 1.* and all version tnks. Amir - Iedb...
SEC Consult SA-20170804-1 :: Ubiquiti Networks UniFi Cloud Key authenticated command injection

SEC Consult Vulnerability Lab Security Advisory < 20170804-1 > ============================== ============================== =========...

Tema „Paprastas“. Teikia „Blogger“.