Skip to content
This repository was archived by the owner on Mar 16, 2022. It is now read-only.

1.155.0

Choose a tag to compare

View all tags
@cf-buildpacks-eng cf-buildpacks-eng released this 14 Sep 14:53
· 137 commits to master since this release
1.155.0
c747679

Notably, this release addresses:

USN-3415-1 Ubuntu Security Notice USN-3415-1:

  • CVE-2017-11108: tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
  • CVE-2017-11541: tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
  • CVE-2017-11542: tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
  • CVE-2017-11543: tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
  • CVE-2017-12893: The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
  • CVE-2017-12894: Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
  • CVE-2017-12895: The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
  • CVE-2017-12896: The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
  • CVE-2017-12897: The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
  • CVE-2017-12898: The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
  • CVE-2017-12899: The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
  • CVE-2017-12900: Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
  • CVE-2017-12901: The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
  • CVE-2017-12902: The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
  • CVE-2017-12985: The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
  • CVE-2017-12986: The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
  • CVE-2017-12987: The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
  • CVE-2017-12988: The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
  • CVE-2017-12989: The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
  • CVE-2017-12990: The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
  • CVE-2017-12991: The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
  • CVE-2017-12992: The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
  • CVE-2017-12993: The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
  • CVE-2017-12994: The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
  • CVE-2017-12995: The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
  • CVE-2017-12996: The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
  • CVE-2017-12997: The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
  • CVE-2017-12998: The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
  • CVE-2017-12999: The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
  • CVE-2017-13000: The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
  • CVE-2017-13001: The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
  • CVE-2017-13002: The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
  • CVE-2017-13003: The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().
  • CVE-2017-13004: The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
  • CVE-2017-13005: The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
  • CVE-2017-13006: The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
  • CVE-2017-13007: The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
  • CVE-2017-13008: The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
  • CVE-2017-13009: The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().
  • CVE-2017-13010: The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
  • CVE-2017-13011: Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().
  • CVE-2017-13012: The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
  • CVE-2017-13013: The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
  • CVE-2017-13014: The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.
  • CVE-2017-13015: The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
  • CVE-2017-13016: The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
  • CVE-2017-13017: The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
  • CVE-2017-13018: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
  • CVE-2017-13019: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
  • CVE-2017-13020: The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
  • CVE-2017-13021: The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
  • CVE-2017-13022: The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
  • CVE-2017-13023: The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
  • CVE-2017-13024: The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
  • CVE-2017-13025: The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
  • CVE-2017-13026: The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
  • CVE-2017-13027: The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
  • CVE-2017-13028: The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
  • CVE-2017-13029: The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
  • CVE-2017-13030: The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
  • CVE-2017-13031: The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
  • CVE-2017-13032: The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
  • CVE-2017-13033: The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
  • CVE-2017-13034: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
  • CVE-2017-13035: The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
  • CVE-2017-13036: The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
  • CVE-2017-13037: The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
  • CVE-2017-13038: The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
  • CVE-2017-13039: The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
  • CVE-2017-13040: The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
  • CVE-2017-13041: The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). security update
  • CVE-2017-13042: The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
  • CVE-2017-13043: The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
  • CVE-2017-13044: The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
  • CVE-2017-13045: The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
  • CVE-2017-13046: The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
  • CVE-2017-13047: The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
  • CVE-2017-13048: The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
  • CVE-2017-13049: [buffer over-read in print-rx.c:ubik_print()]
  • CVE-2017-13050: The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
  • CVE-2017-13051: The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
  • CVE-2017-13052: The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
  • CVE-2017-13053: The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
  • CVE-2017-13054: The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
  • CVE-2017-13055: The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
  • CVE-2017-13687: The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
  • CVE-2017-13688: The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
  • CVE-2017-13689: The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
  • CVE-2017-13690: The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
  • CVE-2017-13725: The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
-ii  tcpdump  4.9.0-1ubuntu1~ubuntu14.04.1 amd64  command-line network traffic analyzer
+ii  tcpdump  4.9.2-0ubuntu0.14.04.1       amd64  command-line network traffic analyzer
Assets 3
Loading