[Buildroot] [PATCH] tcpreplay: security bump to version 4.3.1
Peter Korsgaard
peter at korsgaard.com
Thu Jan 24 11:30:38 UTC 2019
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Upstream CHANGELOG entry for 4.3.0 lists these fixes:
> - CVE-2018-18408 use-after-free in post_args (#489)
> - CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488)
> - CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486)
> - CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485)
> - CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484)
> - CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408)
> Drop tr_cv_libpcap_version and ac_cv_have_bpf; unused in current
> configure script.
> Make configure script use pcap-config to list library dependencies.
> Unfortunately, pcap-config is not entirely correct, so we still need to
> set the LIBS variable for static linking.
> Use the smaller tar.xz archive.
> Add license file hash.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed to 2018.02.x and 2018.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list