Bug 21329

Summary: tcpdump new security issue CVE-2017-11108
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: herman.viaene, mageia, marja11, sysadmin-bugs
Version: 6Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: advisory MGA5TOO MGA5-64-OK MGA6-32-OK
Source RPM: tcpdump-4.9.0-1.mga6.src.rpm CVE:
Status comment:

Description David Walser 2017-07-23 20:33:03 CEST 
Tcpdump 4.9.1 has been released today (July 23), fixing a security issue:
http://www.tcpdump.org/tcpdump-changes.txt

We should update it for Mageia 5, Mageia 6, and Cauldron.
David Walser 2017-07-23 20:33:11 CEST

Whiteboard: (none) => MGA6TOO, MGA5TOO

Comment 1 Marja Van Waes 2017-07-27 18:16:49 CEST 
Assigning to all packagers collectively, since there is no registered maintainer for this package.

Assignee: bugsquad => pkg-bugs
CC: (none) => marja11

Comment 2 David Walser 2017-07-29 23:38:53 CEST 
Updated packages uploaded for Mageia 5, Mageia 6, and Cauldron.

Advisory:
========================

Updated tcpdump package fixes security vulnerability:

Security issue due to insufficient bounds checking for STP (CVE-2017-11108).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11108
http://www.tcpdump.org/tcpdump-changes.txt
========================

Updated packages in core/updates_testing:
========================
tcpdump-4.9.1-1.mga5
tcpdump-4.9.1-1.mga6

from SRPMS:
tcpdump-4.9.1-1.mga5.src.rpm
tcpdump-4.9.1-1.mga6.src.rpm

Assignee: pkg-bugs => qa-bugs
Whiteboard: MGA6TOO, MGA5TOO => MGA5TOO
Version: Cauldron => 6

Comment 3 PC LX 2017-08-01 00:54:46 CEST 
Installed and tested without issues.

$ rpm -q tcpdump
tcpdump-4.9.1-1.mga5

CC: (none) => mageia

Comment 4 PC LX 2017-08-01 00:55:50 CEST 
Forgot the system info.

System: x86_64, Plasma, Intel CPU, nVidia GPU using proprietary driver.

Whiteboard: MGA5TOO => MGA5TOO MGA5-64-OK

Comment 5 Herman Viaene 2017-08-02 11:34:28 CEST 
MGA6-32 on Asus A6000VM MATE
No installation issues
At CLI
# tcpdump 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlp0s29f7u4, link-type EN10MB (Ethernet), capture size 262144 bytes
11:31:27.261896 IP mach6.hviaene.thuis.57148 > 13.32.1.223.https: Flags [.], ack 3446242799, win 254, options [nop,nop,TS val 5786112 ecr 1750986398], length 0
and more .....
Looks good.

Whiteboard: MGA5TOO MGA5-64-OK => MGA5TOO MGA5-64-OK MGA6-32-OK
CC: (none) => herman.viaene

Rémi Verschelde 2017-08-03 09:45:40 CEST

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Rémi Verschelde 2017-08-03 18:56:17 CEST

Whiteboard: MGA5TOO MGA5-64-OK MGA6-32-OK => advisory MGA5TOO MGA5-64-OK MGA6-32-OK

Comment 6 Mageia Robot 2017-08-03 21:06:42 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0241.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED