UbuntuUpdates.org

Package "tcpdump"

Name: tcpdump

Description:

command-line network traffic analyzer
Latest version: 4.9.3-4ubuntu0.3
Release: focal (20.04)
Level: updates
Repository: main
Homepage: https://www.tcpdump.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "tcpdump"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "tcpdump" in Focal

Repository Area Version
base main 4.9.3-4
security main 4.9.3-4ubuntu0.1

Changelog

Version: 4.9.3-4ubuntu0.3 2024-02-22 23:06:57 UTC

  tcpdump (4.9.3-4ubuntu0.3) focal; urgency=medium

  * debian/usr.sbin.tcpdump: allow read/write to .cap and .pcapng files
    along with a permission to the .pcap, .pcapng, .cap files followed by
    a numeric suffix required by the -W parameter (LP: #2052493)

 -- Georgia Garcia <email address hidden> Thu, 08 Feb 2024 10:08:41 -0300
Source diff to previous version
2052493 apparmor profile does not allow for rotating savefiles using the -C and -W options

Version: 4.9.3-4ubuntu0.2 2023-03-03 00:07:00 UTC

  tcpdump (4.9.3-4ubuntu0.2) focal; urgency=medium

  * debian/usr.sbin.tcpdump: allow tcpdump printing to stdout/stderr when
    running from a container (LP: #1667016)

 -- Georgia Garcia <email address hidden> Fri, 10 Feb 2023 08:34:14 -0300
Source diff to previous version
1667016 tcpdump in lxd container: apparmor blocks writing to stdout/stderr

Version: 4.9.3-4ubuntu0.1 2022-04-11 09:06:19 UTC

  tcpdump (4.9.3-4ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in read_infile
    - debian/patches/CVE-2018-16301.patch: Add check of
      file size before allocating and reading content in
      tcpdump.c and netdissect-stdinc.h.
    - CVE-2018-16301
  * SECURITY UPDATE: resource exhaustion with big packets
    - debian/patches/CVE-2020-8037.patch: Add a limit to the
      amount of space that can be allocated when reading the
      packet.
    - CVE-2020-8037

 -- David Fernandez Gonzalez <email address hidden> Thu, 07 Apr 2022 13:15:51 +0200
CVE-2018-16301 The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacke
CVE-2020-8037 The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.


About   -   Send Feedback to @ubuntu_updates