Bug 33432 - tcpreplay new security issue CVE-2024-3024
Summary: tcpreplay new security issue CVE-2024-3024
Status: NEW
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: David GEIGER
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-07-25 09:17 CEST by Nicolas Salguero
Modified: 2024-07-25 21:37 CEST (History)
0 users

See Also:
Source RPM: tcpreplay-4.4.3-2.1.mga9.src.rpm
CVE: CVE-2024-3024
Status comment: Fixed in v4.5.1

Attachments
Add an attachment (proposed patch, testcase, etc.)

Nicolas Salguero 2024-07-25 09:17:37 CEST

CVE: (none) => CVE-2024-3024
Source RPM: (none) => tcpreplay-4.4.3-2.1.mga9.src.rpm

Comment 1 Lewis Smith 2024-07-25 21:37:01 CEST 
The given URL announces a new version of tcpreplay:
Announcing v4.5.1
This release contains contributions from a record number of new contributors.
This is greatly appreciated since I am a team of one, and do Tcpreplay
maintenance in my spare time.
There are many bug fixes and new features.

The project site download page:
 http://tcpreplay.appneta.com/wiki/installation.html#download-releases
Download Releases for Users
Latest release:
tcpreplay-4.5.1.tar.xz
https://github.com/appneta/tcpreplay/releases/download/v4.4.2/tcpreplay-4.5.1.tar.xz

* Sat Jul 13 2024 Bojan Smojver <bojan@rexursive com> - 4.5.1-1
- Update to 4.5.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2271992 - CVE-2024-3024 tcpreplay: heap-based buffer overflow

This is already in Cauldron (DavidG); it looks OK to update M9.

Status comment: (none) => Fixed in v4.5.1
Assignee: bugsquad => geiger.david68210
Note You need to log in before you can comment on or make changes to this bug.