FEDORA-EPEL-2017-1871d47e50

security update in Fedora EPEL 5 for tcpreplay

Status: unpushed

Patch CVE-2017-6429.

Tcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle.

References:

http://seclists.org/bugtraq/2017/Mar/22

Upstream bug:

https://github.com/appneta/tcpreplay/issues/278

Comments 3

This update has been submitted for testing by bojan.

This update has been pushed to testing.

This update has been unpushed.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown.

-1 0 +1 Feedback Guidelines
#1429521 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all]
#1429522 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all]
Is the update generally functional?
Content Type
RPM
Status
unpushed
Submitted by
Update Type
security
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 8 months ago
in testing 8 months ago

Related Bugs 2

00 #1429521 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all]
00 #1429522 CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all]

Automated Test Results