FEDORA-EPEL-2017-1871d47e50

security update in Fedora EPEL 5 for tcpreplay

Status: unpushed

Patch CVE-2017-6429.

Tcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle.

References:

http://seclists.org/bugtraq/2017/Mar/22

Upstream bug:

https://github.com/appneta/tcpreplay/issues/278

Comments 3

This update has been submitted for testing by bojan.

This update has been pushed to testing.

This update has been unpushed.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1429521 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all]
#1429522 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all]
Content Type
RPM
Status
unpushed
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago

Related Bugs 2

00 #1429521 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all]
00 #1429522 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all]

Automated Test Results