stable

tcpreplay-4.3.1-1.fc29

FEDORA-2018-5f91054677 created by bojan 5 years ago for Fedora 29

This release (4.3.1) contains bug fixes only:

  • Fix checkspell detected typos (#531)
  • Heap overflow packet2tree and get_l2len (#530)

This is Tcpreplay suite 4.3.0

This release contains several bug fixes and enhancements:

  • Fix maxOS TOS checksum failure (#524)
  • TCP sequence edits seeding (#514)
  • Fix issues identifed by Codacy (#493)
  • CVE-2018-18408 use-after-free in post_args (#489)
  • CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488)
  • CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486)
  • CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485)
  • CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484)
  • Out-of-tree build (#482)
  • CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408)
  • Closing stdin on pipe (#479)
  • Second pcap file hangs on multiplier option (#472)
  • Jumbo frame support for fragroute option (#466)
  • TCP sequence edit ACK corruption (#451)
  • TCP sequence number edit initial SYN packet should have zero ACK (#450)
  • Travis CI build fails due to new build images (#432)
  • Upgrade libopts to 5.18.12 to address version build issues (#430)
  • Add ability to change tcp SEQ/ACK numbers (#425)
  • Hang using loop and netmap options (#424)
  • tcpprep -S not working for large cache files (#423)
  • Unable to tcprewrite range of ports with --portmap (#422)
  • --maxsleep broken for values less than 1000 (#421)
  • -T flag breaks traffic replay timing (#419)
  • Respect 2nd packet timing (#418)
  • Avoid non-blocking behaviour when using STDIN (#416)
  • pcap containing >1020 packets produces invalid cache file (#415)
  • manpage typos (#413)
  • Fails to open tap0 on Zephyr (#411)
  • Heap-buffer-overflow in get_l2protocol (#410)
  • Heap-buffer-overflow in packet2tree (#409)
  • Heap-buffer-overflow in get_l2len (#408)
  • Heap-buffer-overflow in flow_decode (#407)
  • Rewrite zero IP total length field to match the actual packet length (#406)
  • Stack-buffer-overflow in tcpcapinfo (#405)
  • tcpprep --include option does not exclude (#404)
  • Negative-size-param memset in dlt_radiotap_get_80211 (#402)
  • tcpeplay --verbose option not working (#398)
  • Fix replay when using --with-testnic (#178)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-5f91054677

This update has been submitted for testing by bojan.

5 years ago

This update has been pushed to testing.

5 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for batched by bojan.

5 years ago

This update has been submitted for stable by bodhi.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
5 years ago
in testing
5 years ago
in stable
5 years ago
BZ#1635039 CVE-2018-17580 tcpreplay: heap-based buffer over-read in fast_edit_packet() in file send_packets.c [fedora-all]
0
0
BZ#1635040 CVE-2018-17580 tcpreplay: heap-based buffer over-read in fast_edit_packet() in file send_packets.c [epel-all]
0
0
BZ#1635042 CVE-2018-17582 tcpreplay: heap-based buffer over-read in the get_next_packet() in send_packets.c [fedora-all]
0
0
BZ#1635043 CVE-2018-17582 tcpreplay: heap-based buffer over-read in the get_next_packet() in send_packets.c [epel-all]
0
0
BZ#1636599 CVE-2018-17974 tcpreplay: heap-based buffer over-read in dlt_en10mb_encode in plugins/dlt_en10mb/en10mb.c [epel-all]
0
0
BZ#1636600 CVE-2018-17974 tcpreplay: heap-based buffer over-read in dlt_en10mb_encode in plugins/dlt_en10mb/en10mb.c [fedora-all]
0
0
BZ#1646404 CVE-2018-18407 tcpreplay: tcpreplay: heap-based buffer over-read in csum_replace4 function in incremental_checksum.h [fedora-all]
0
0
BZ#1646410 CVE-2018-18408 tcpreplay: use-after-free in post_args function in tcpbridge.c [fedora-all]
0
0

Automated Test Results