Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: tcpdump | Distribution: SUSE Linux Enterprise 15 |
Version: 4.99.1 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 150600.7.3 | Build date: Thu May 9 12:26:05 2024 |
Group: Unspecified | Build host: h01-ch3a |
Size: 1366711 | Source RPM: tcpdump-4.99.1-150600.7.3.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://www.tcpdump.org/ | |
Summary: A Packet Sniffer |
This program can "read" all or only certain packets going over the ethernet. It can be used to debug specific network problems.
BSD-3-Clause
* Wed Sep 08 2021 [email protected] - Update tcpdump to version 4.99.1 in SLE-15-SP4 [jsc#SLE-21251] * Drop patches fixed upstream: tcpdump-CVE-2017-16808.patch tcpdump-CVE-2019-1010220.patch tcpdump-ikev2pI2.patch tcpdump-disable-failing-tests.patch tcpdump-CVE-2018-14468.patch tcpdump-CVE-2018-14469.patch tcpdump-CVE-2018-14470.patch tcpdump-CVE-2018-14466.patch tcpdump-CVE-2018-14461.patch tcpdump-CVE-2018-14462.patch tcpdump-CVE-2018-14465.patch tcpdump-CVE-2018-14881.patch tcpdump-CVE-2018-14464.patch tcpdump-CVE-2018-14463.patch tcpdump-CVE-2018-14467.patch tcpdump-CVE-2018-10103.patch tcpdump-CVE-2018-14880.patch tcpdump-CVE-2018-16451.patch tcpdump-CVE-2018-14882.patch tcpdump-CVE-2018-16227.patch tcpdump-CVE-2018-16229.patch tcpdump-CVE-2018-16230.patch tcpdump-CVE-2018-16452.patch tcpdump-CVE-2018-16300.patch tcpdump-CVE-2019-15166.patch tcpdump-CVE-2019-15167.patch tcpdump-CVE-2018-14879.patch tcpdump-disable-smb-related-tests.patch * Sun Jun 13 2021 [email protected] - update to 4.99.1: * Squelch some compiler warnings * ICMP: Update the snapend for some nested IP packets * MACsec: Update the snapend thus the ICV field is not payload for the caller * EIGRP: Fix packet header fields * SMB: Disable printer by default in CMake builds * OLSR: Print the protocol name even if the packet is invalid * MSDP: Print ": " before the protocol name * ESP: Remove padding, padding length and next header from the buffer * DHCPv6: Update the snapend for nested DHCPv6 packets * OpenFlow 1.0: Get snapend right for nested frames * TCP: Update the snapend before decoding a MPTCP option * Ethernet, IEEE 802.15.4, IP, L2TP, TCP, ZEP: Add bounds checks * ForCES: Refine SPARSEDATA-TLV length check * ASCII/hex: Use nd_trunc_longjmp() in truncation cases * GeoNet: Add a ND_TCHECK_LEN() call * Replace ND_TCHECK_/memcpy() pairs with GET_CPY_BYTES() * BGP: Fix overwrites of global 'astostr' temporary buffer * ARP: fix overwrites of static buffer in q922_string() * Frame Relay: have q922_string() handle errors better * Mon Apr 05 2021 [email protected] - Disable 5 regression tests that fail with libpcap > 1.8.1 * These test pcap files have been updated in later versions: arp-too-long-tha, juniper_header-heapoverflow, tftp-heapoverflow, relts-0x80000000, stp-v4-length-sigsegv. - Add tcpdump-disable-failing-tests.patch [bsc#1183800] * Fri Feb 19 2021 [email protected] - Fix excess of precission in floating point registers for i586 until resolved upstream. * Mon Jan 04 2021 [email protected] - Update to 4.99.0 IMPORTANT: Upsteam moved the default install directory to bindir. For compatibility, tcpdump is still being installed in sbindir and a symlink in bindir has been added. * Print unsupported link-layer protocol packets in hex. * Add support for new network protocols and DLTs: Arista, Autosar SOME/IP, Broadcom LI and Ethernet switches tag, IEEE 802.15.9, IP-over-InfiniBand (IPoIB), Linux SLL2, Linux vsockmon, MACsec, Marvell Distributed Switch Architecture, OpenFlow 1.3, Precision Time Protocol (PTP), SSH, WHOIS, ZigBee Encapsulation Protocol (ZEP). * Make protocol-specific updates for: AH, DHCP, DNS, ESP, FRF.16, HNCP, ICMP6, IEEE 802.15.4, IPv6, IS-IS, Linux SLL, LLDP, LSP ping, MPTCP, NFS, NSH, NTP, OSPF, OSPF6, PGM, PIM, PPTP, RADIUS, RSVP, Rx, SMB, UDLD, VXLAN-GPE. * User interface: - Make SLL2 the default for Linux "any" pseudo-device. - Add --micro and --nano shorthands. - Add --count to print a counter only instead of decoding. - Add --print, to cause packet printing even with -w. - Add support for remote capture if libpcap supports it. - Flush the output packet buffer on a SIGUSR2. - Handle very large -f files by rejecting them. * Source code: - Introduce new helper functions, including GET_*(), nd_print_protocol(), nd_print_invalid(), nd_print_trunc(), nd_trunc_longjmp() and others. - Put integer signedness right in many cases. - Introduce nd_uint*, nd_mac_addr, nd_ipv4 and nd_ipv6 types to fix alignment issues, especially on SPARC. - Use a table instead of getprotobynumber(). - Get rid of ND_UNALIGNED and ND_TCHECK(). - Make roundup2() generally available. - Resync SMI list against Wireshark. - Remove patches fixed upstream: * tcpdump-CVE-2018-19519.patch * tcpdump-CVE-2020-8037.patch * Mon Jan 04 2021 [email protected] - Remove unrecognized configure option: enable-ipv6 * Thu Nov 05 2020 [email protected] - Security fix: [bsc#1178466, CVE-2020-8037] * PPP decapsulator: Allocate the right buffer size - Add tcpdump-CVE-2020-8037.patch * Fri Dec 13 2019 [email protected] - ignore make check failure for PowerPC as tracked upstream https://github.com/the-tcpdump-group/tcpdump/issues/814 * Tue Oct 15 2019 [email protected] - Trim CFLAGS * Tue Oct 08 2019 [email protected] - Security update: [bsc#1153098, bsc#1153332] * Buffer overflow/overread vulnerabilities - CVE-2017-16808 (AoE) - CVE-2018-14468 (FrameRelay) - CVE-2018-14469 (IKEv1) - CVE-2018-14470 (BABEL) - CVE-2018-14466 (AFS/RX) - CVE-2018-14461 (LDP) - CVE-2018-14462 (ICMP) - CVE-2018-14465 (RSVP) - CVE-2018-14464 (LMP) - CVE-2019-15166 (LMP) - CVE-2018-14880 (OSPF6) - CVE-2018-14882 (RPL) - CVE-2018-16227 (802.11) - CVE-2018-16229 (DCCP) - CVE-2018-14467 (BGP) - CVE-2018-14881 (BGP) - CVE-2018-16230 (BGP) - CVE-2018-16300 (BGP) - CVE-2018-14463 (VRRP) - CVE-2019-15167 (VRRP) - CVE-2018-14879 (tcpdump -V) - CVE-2018-16228 (HNCP) is a duplicate of the already fixed CVE-2019-1010220 - CVE-2018-16301 (fixed in libpcap) - CVE-2018-16451 (SMB) - CVE-2018-16452 (SMB) - CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled) - CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled) - Add patches: * tcpdump-CVE-2018-14468.patch tcpdump-CVE-2018-14469.patch tcpdump-CVE-2018-14470.patch tcpdump-CVE-2018-14466.patch tcpdump-CVE-2018-14461.patch tcpdump-CVE-2018-14462.patch tcpdump-CVE-2018-14465.patch tcpdump-CVE-2018-14881.patch tcpdump-CVE-2018-14464.patch tcpdump-CVE-2018-14463.patch tcpdump-CVE-2018-14467.patch tcpdump-CVE-2018-10103.patch tcpdump-CVE-2018-14880.patch tcpdump-CVE-2018-16451.patch tcpdump-CVE-2018-14882.patch tcpdump-CVE-2018-16227.patch tcpdump-CVE-2018-16229.patch tcpdump-CVE-2018-16230.patch tcpdump-CVE-2018-16452.patch tcpdump-CVE-2018-16300.patch tcpdump-CVE-2019-15166.patch tcpdump-CVE-2019-15167.patch tcpdump-CVE-2018-14879.patch tcpdump-disable-smb-related-tests.patch * Tue Jul 23 2019 [email protected] - Security fix [bsc#1142439, CVE-2019-1010220] * Buffer Over-read in print_prefix which may expose data * Added tcpdump-CVE-2019-1010220.patch * Tue Jul 23 2019 [email protected] - Use %license macro for LICENSE file * Tue Jul 23 2019 [email protected] - Security fix [bsc#1068716, CVE-2017-16808] * Heap-based buffer over-read related to aoe_print and lookup_emem * Added tcpdump-CVE-2017-16808.patch * Thu Dec 06 2018 [email protected] - Security fix [bsc#1117267, CVE-2018-19519] * Buffer overread in print-hncp.c:print_prefix. * Added patch tcpdump-CVE-2018-19519.patch * Tue Sep 12 2017 [email protected] - Disabled ikev2pI2 test that fails on some architectures * Added patch tcpdump-ikev2pI2.patch * Tue Sep 12 2017 [email protected] - Update to version 4.9.2 [bsc#1057247] * Security fixes: - CVE-2017-11108 segfault in STP decoder - Segfault in ESP decoder with OpenSSL 1.1 - CVE-2017-11543 buffer overflow in SLIP decoder - CVE-2017-13011 buffer overflow in bittok2str_internal() - CVE-2017-12989 infinite loop in the RESP parser - CVE-2017-12990 infinite loop in the ISAKMP parser - CVE-2017-12995 infinite loop in the DNS parser - CVE-2017-12997 infinite loop in the LLDP parser - CVE-2017-11541 buffer over-read in safeputs() - CVE-2017-11542 buffer over-read in PIMv1 decoder - CVE-2017-12893 buffer over-read in the SMB/CIFS parser - CVE-2017-12894 buffer over-read in several protocol parsers - CVE-2017-12895 buffer over-read in the ICMP parser - CVE-2017-12896 buffer over-read in the ISAKMP parser - CVE-2017-12897 buffer over-read in the ISO CLNS parser - CVE-2017-12898 buffer over-read in the NFS parser - CVE-2017-12899 buffer over-read in the DECnet parser - CVE-2017-12900 buffer over-read in the in several protocol parsers - CVE-2017-12901 buffer over-read in the EIGRP parser - CVE-2017-12902 buffer over-read in the Zephyr parser - CVE-2017-12985 buffer over-read in the IPv6 parser - CVE-2017-12986 buffer over-read in the IPv6 routing header parser - CVE-2017-12987 buffer over-read in the 802.11 parser - CVE-2017-12988 buffer over-read in the telnet parser - CVE-2017-12991 buffer over-read in the BGP parser - CVE-2017-12992 buffer over-read in the RIPng parser - CVE-2017-12993 buffer over-read in the Juniper protocols parser - CVE-2017-12994 buffer over-read in the BGP parser - CVE-2017-12996 buffer over-read in the PIMv2 parser - CVE-2017-12998 buffer over-read in the IS-IS parser - CVE-2017-12999 buffer over-read in the IS-IS parser - CVE-2017-13000 buffer over-read in the IEEE 802.15.4 parser - CVE-2017-13001 buffer over-read in the NFS parser - CVE-2017-13002 buffer over-read in the AODV parser - CVE-2017-13003 buffer over-read in the LMP parser - CVE-2017-13004 buffer over-read in the Juniper protocols parser - CVE-2017-13005 buffer over-read in the NFS parser - CVE-2017-13006 buffer over-read in the L2TP parser - CVE-2017-13007 buffer over-read in the Apple PKTAP parser - CVE-2017-13008 buffer over-read in the IEEE 802.11 parser - CVE-2017-13009 buffer over-read in the IPv6 mobility parser - CVE-2017-13010 buffer over-read in the BEEP parser - CVE-2017-13012 buffer over-read in the ICMP parser - CVE-2017-13013 buffer over-read in the ARP parser - CVE-2017-13014 buffer over-read in the White Board protocol parser - CVE-2017-13015 buffer over-read in the EAP parser - CVE-2017-13016 buffer over-read in the ISO ES-IS parser - CVE-2017-13017 buffer over-read in the DHCPv6 parser - CVE-2017-13018 buffer over-read in the PGM parser - CVE-2017-13019 buffer over-read in the PGM parser - CVE-2017-13020 buffer over-read in the VTP parser - CVE-2017-13021 buffer over-read in the ICMPv6 parser - CVE-2017-13022 buffer over-read in the IP parser - CVE-2017-13023 buffer over-read in the IPv6 mobility parser - CVE-2017-13024 buffer over-read in the IPv6 mobility parser - CVE-2017-13025 buffer over-read in the IPv6 mobility parser - CVE-2017-13026 buffer over-read in the ISO IS-IS parser - CVE-2017-13027 buffer over-read in the LLDP parser - CVE-2017-13028 buffer over-read in the BOOTP parser - CVE-2017-13029 buffer over-read in the PPP parser - CVE-2017-13030 buffer over-read in the PIM parser - CVE-2017-13031 buffer over-read in the IPv6 fragmentation header parser - CVE-2017-13032 buffer over-read in the RADIUS parser - CVE-2017-13033 buffer over-read in the VTP parser - CVE-2017-13034 buffer over-read in the PGM parser - CVE-2017-13035 buffer over-read in the ISO IS-IS parser - CVE-2017-13036 buffer over-read in the OSPFv3 parser - CVE-2017-13037 buffer over-read in the IP parser - CVE-2017-13038 buffer over-read in the PPP parser - CVE-2017-13039 buffer over-read in the ISAKMP parser - CVE-2017-13040 buffer over-read in the MPTCP parser - CVE-2017-13041 buffer over-read in the ICMPv6 parser - CVE-2017-13042 buffer over-read in the HNCP parser - CVE-2017-13043 buffer over-read in the BGP parser - CVE-2017-13044 buffer over-read in the HNCP parser - CVE-2017-13045 buffer over-read in the VQP parser - CVE-2017-13046 buffer over-read in the BGP parser - CVE-2017-13047 buffer over-read in the ISO ES-IS parser - CVE-2017-13048 buffer over-read in the RSVP parser - CVE-2017-13049 buffer over-read in the Rx protocol parser - CVE-2017-13050 buffer over-read in the RPKI-Router parser - CVE-2017-13051 buffer over-read in the RSVP parser - CVE-2017-13052 buffer over-read in the CFM parser - CVE-2017-13053 buffer over-read in the BGP parser - CVE-2017-13054 buffer over-read in the LLDP parser - CVE-2017-13055 buffer over-read in the ISO IS-IS parser - CVE-2017-13687 buffer over-read in the Cisco HDLC parser - CVE-2017-13688 buffer over-read in the OLSR parser - CVE-2017-13689 buffer over-read in the IKEv1 parser - CVE-2017-13690 buffer over-read in the IKEv2 parser - CVE-2017-13725 buffer over-read in the IPv6 routing header parser * Dropped patch tcpdump-reverted-test-scripts-fix.patch * Wed Aug 23 2017 [email protected] - Reverted upstream commit that makes some tests to fail when compiling with openssl-1.1.0 * Upstream commit 68cc39dd64688829be2632d9cd24f7efa3da79bb * Added patch tcpdump-reverted-test-scripts-fix.patch * Removed patch tcpdump-ikev2pI2-test-fails-ppc.patch * Wed Jul 26 2017 [email protected] - Disable ikev2pI2 test that fails on ppc, ppc64 and ppc64le * Added patch tcpdump-ikev2pI2-test-fails-ppc.patch * Wed Jul 26 2017 [email protected] - Update to version 4.9.1 [bsc#1047873] * CVE-2017-11108/Fix bounds checking for STP. * Make assorted documentation updates and fix a few typos in output. * Fixup -C for file size >2GB * Show AddressSanitizer presence in version output. * Fix a bug in test scripts. * Fix a use-after-free when the requested interface does not exist. * Thu Feb 02 2017 [email protected] - version update to 4.9.0 bsc#1020940 * CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). * CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). * CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). * CVE-2016-7925 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). * CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). * CVE-2016-7927 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). * CVE-2016-7928 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). * CVE-2016-7929 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). * CVE-2016-7930 The LLC parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). * CVE-2016-7931 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). * CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). * CVE-2016-7933 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). * CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). * CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). * CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). * CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). * CVE-2016-7938 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). * CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. * CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. * CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. * CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. * CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). * CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). * CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). * CVE-2016-7985 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). * CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. * CVE-2016-7992 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). * CVE-2016-7993 A bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). * CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). * CVE-2016-8575 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). * CVE-2017-5202 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). * CVE-2017-5203 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). * CVE-2017-5204 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). * CVE-2017-5205 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). * CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). * CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). * CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). * CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). * CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). * CVE-2017-5485 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). * CVE-2017-5486 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). * Thu Apr 14 2016 [email protected] - fix filelist to fix build on s390/s390x * Wed Mar 30 2016 [email protected] - correctly reference SOURCE1 during installation for s390x * Sun Apr 26 2015 [email protected] - tcpdump 4.7.4: * PPKI to Router Protocol: Fix Segmentation Faults and other problems * RPKI to Router Protocol: print strings with fn_printn() * wb: fix some bounds checks (previously patched in, removed CVE-2015-3138.patch) * Fri Apr 17 2015 [email protected] - fix a DoS vulnerability in print-wb.c CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch * Fri Mar 13 2015 [email protected] - update to 4.7.3 - fixes four security bugs: * CVE-2015-0261 - IPv6 mobility printer (bnc#922220) * CVE-2015-2153 - tcp printer (bnc#922221) * CVE-2015-2154 - ethernet printer (bnc#922222) * CVE-2015-2155 - force printer (bnc#922223) - drop patches with security fixes (upstream): * tcpdump-CVE-2014-8767.patch * tcpdump-CVE-2014-8768.patch * tcpdump-CVE-2014-8769.patch * 0001-Clean-up-error-message-printing.patch * Fri Feb 06 2015 [email protected] - fix CVE-2014-8767 (bnc#905870) * denial of service in verbose mode using malformed OLSR payload * added tcpdump-CVE-2014-8767.patch - fix CVE-2014-8768 (bnc#905871) * denial of service in verbose mode using malformed Geonet payload * added tcpdump-CVE-2014-8768.patch - fix CVE-2014-8769 (bnc#905872) * unreliable output using malformed AOVD payload * added tcpdump-CVE-2014-8769.patch * added 0001-Clean-up-error-message-printing.patch
/usr/bin/tcpdump /usr/sbin/tcpdump /usr/share/doc/packages/tcpdump /usr/share/doc/packages/tcpdump/CHANGES /usr/share/doc/packages/tcpdump/CREDITS /usr/share/doc/packages/tcpdump/README.md /usr/share/doc/packages/tcpdump/atime.awk /usr/share/doc/packages/tcpdump/packetdat.awk /usr/share/doc/packages/tcpdump/send-ack.awk /usr/share/doc/packages/tcpdump/stime.awk /usr/share/licenses/tcpdump /usr/share/licenses/tcpdump/LICENSE /usr/share/man/man1/tcpdump.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 20:06:21 2024