-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-eaa681d33e 2019-10-27 01:08:27.202809 --------------------------------------------------------------------------------
Name : libpcap Product : Fedora 30 Version : 1.9.1 Release : 1.fc30 URL : http://www.tcpdump.org Summary : A system-independent interface for user-level packet capture Description : Libpcap provides a portable framework for low-level network monitoring. Libpcap can provide network statistics collection, security monitoring and network debugging. Since almost every system vendor provides a different interface for packet capture, the libpcap authors created this system-independent API to ease in porting and to alleviate the need for several system-dependent packet capture modules in each application.
Install libpcap if you need to do low-level network traffic monitoring on your network.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 11 2019 Michal Ruprich mruprich@redhat.com - 14:1.9.1-1 - New version 1.9.1 - Fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1760623 - CVE-2019-15161 libpcap: Mishandled length values in reused variables https://bugzilla.redhat.com/show_bug.cgi?id=1760623 [ 2 ] Bug #1760622 - CVE-2019-15162 libpcap: Information disclosure in rpcapd/daemon.c https://bugzilla.redhat.com/show_bug.cgi?id=1760622 [ 3 ] Bug #1760621 - CVE-2019-15163 libpcap: Null pointer dereference in rpcapd/daemon.c https://bugzilla.redhat.com/show_bug.cgi?id=1760621 [ 4 ] Bug #1760619 - CVE-2019-15164 libpcap: Server side request forgery in rpcapd/daemon.c https://bugzilla.redhat.com/show_bug.cgi?id=1760619 [ 5 ] Bug #1760618 - CVE-2019-15165 libpcap: Resource exhaustion while PHB header length validation https://bugzilla.redhat.com/show_bug.cgi?id=1760618 [ 6 ] Bug #1760500 - CVE-2018-16301 libpcap: Buffer overflow in pcapng reader https://bugzilla.redhat.com/show_bug.cgi?id=1760500 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-eaa681d33e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------