[arch-commits] Commit in tcpdump/trunk (CVE-2015-3138.patch PKGBUILD)
Giovanni Scafora
giovanni at archlinux.org
Sun Apr 19 10:12:47 UTC 2015
Date: Sunday, April 19, 2015 @ 12:12:46
Author: giovanni
Revision: 237416
upgpkg: tcpdump 4.7.3-2
Fixed CVE-2015-3138
Added:
tcpdump/trunk/CVE-2015-3138.patch
Modified:
tcpdump/trunk/PKGBUILD
---------------------+
CVE-2015-3138.patch | 29 +++++++++++++++++++++++++++++
PKGBUILD | 10 +++++++---
2 files changed, 36 insertions(+), 3 deletions(-)
Added: CVE-2015-3138.patch
===================================================================
--- CVE-2015-3138.patch (rev 0)
+++ CVE-2015-3138.patch 2015-04-19 10:12:46 UTC (rev 237416)
@@ -0,0 +1,29 @@
+--- a/print-wb.c 2014-11-13 12:02:47.000000000 +0100
++++ b/print-wb.c 2015-04-19 11:57:04.127876067 +0200
+@@ -202,7 +202,7 @@
+ len -= sizeof(*io) * nid;
+ io = (struct id_off *)(id + 1);
+ cp = (char *)(io + nid);
+- if (!ND_TTEST2(cp, len)) {
++ if (ND_TTEST2(cp, len)) {
+ ND_PRINT((ndo, "\""));
+ fn_print(ndo, (u_char *)cp, (u_char *)cp + len);
+ ND_PRINT((ndo, "\""));
+@@ -267,7 +267,7 @@
+ }
+ n = EXTRACT_32BITS(&prep->pp_n);
+ ps = (const struct pgstate *)(prep + 1);
+- while (--n >= 0 && !ND_TTEST(*ps)) {
++ while (--n >= 0 && ND_TTEST(*ps)) {
+ const struct id_off *io, *ie;
+ char c = '<';
+
+@@ -276,7 +276,7 @@
+ ipaddr_string(ndo, &ps->page.p_sid),
+ EXTRACT_32BITS(&ps->page.p_uid)));
+ io = (struct id_off *)(ps + 1);
+- for (ie = io + ps->nid; io < ie && !ND_TTEST(*io); ++io) {
++ for (ie = io + ps->nid; io < ie && ND_TTEST(*io); ++io) {
+ ND_PRINT((ndo, "%c%s:%u", c, ipaddr_string(ndo, &io->id),
+ EXTRACT_32BITS(&io->off)));
+ c = ',';
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2015-04-19 04:12:34 UTC (rev 237415)
+++ PKGBUILD 2015-04-19 10:12:46 UTC (rev 237416)
@@ -4,7 +4,7 @@
pkgname=tcpdump
pkgver=4.7.3
-pkgrel=1
+pkgrel=2
pkgdesc="A tool for network monitoring and data acquisition"
arch=('i686' 'x86_64')
url="http://www.tcpdump.org"
@@ -11,9 +11,11 @@
license=('BSD')
depends=('libpcap' 'openssl')
source=("http://www.tcpdump.org/release/${pkgname}-${pkgver}.tar.gz"
- 'tcpdump_duplicate_executable.patch')
+ 'tcpdump_duplicate_executable.patch'
+ 'CVE-2015-3138.patch')
md5sums=('334a4761594b29f80793c1303f0f4acc'
- '01379e4a12a208ce951c6c2abe80300f')
+ '01379e4a12a208ce951c6c2abe80300f'
+ '4154b0811d56fb05c3839695923bf46c')
prepare() {
cd "${srcdir}/${pkgname}-${pkgver}"
@@ -20,6 +22,8 @@
# do not install tcpdump-4.1.1 executable (FS#23346)
patch -Np1 -i "${srcdir}/tcpdump_duplicate_executable.patch"
+ # CVE-2015-3138
+ patch -Np1 -i "${srcdir}/CVE-2015-3138.patch"
}
build() {
More information about the arch-commits
mailing list