Skip to content
Permalink
Browse files Browse the repository at this point in the history
Add CVE-2018-16301 to CHANGES. [skip ci]
One of the effects of commit faf8fb7 was fixing a buffer overflow that
was discovered and reported by Include Security (case reference "F2").
Their work was sponsored by Mozilla under the Secure Open Source
program.  The vulnerability was assigned CVE-2018-16301 on 2018-09-01
(MITRE request reference "scr562827"), but was not properly documented
afterwards.  Add a line to the change log section for 4.99.0, which at
the time of this writing is the first release to incorporate the fix.

See also the-tcpdump-group/libpcap#855
  • Loading branch information
infrastation committed Feb 7, 2022
1 parent 5140300 commit ad7c25b
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions CHANGES
Expand Up @@ -70,6 +70,7 @@ Wednesday, June 9, 2021 by gharris

Wednesday, December 30, 2020, by mcr@sandelman.ca, denis and fxl.
Summary for 4.99.0 tcpdump release
CVE-2018-16301: For the -F option handle large input files safely.
Improve the contents, wording and formatting of the man page.
Print unsupported link-layer protocol packets in hex.
Add support for new network protocols and DLTs: Arista, Autosar SOME/IP,
Expand Down

0 comments on commit ad7c25b

Please sign in to comment.