Mail archive
alpine-aports

[alpine-aports] [PATCH v3.4] main/tcpdump: security upgrade to 4.9.0 - fixes #6813

From: Sergei Lukin <sergej.lukin_at_gmail.com>
Date: Wed, 8 Feb 2017 08:06:17 +0000

CVE-2016-7922 (arbitrary code execution)
CVE-2016-7923 (arbitrary code execution)
CVE-2016-7924 (arbitrary code execution)
CVE-2016-7925 (arbitrary code execution)
CVE-2016-7926 (arbitrary code execution)
CVE-2016-7927 (arbitrary code execution)
CVE-2016-7928 (arbitrary code execution)
CVE-2016-7929 (arbitrary code execution)
CVE-2016-7930 (arbitrary code execution)
CVE-2016-7931 (arbitrary code execution)
CVE-2016-7932 (arbitrary code execution)
CVE-2016-7933 (arbitrary code execution)
CVE-2016-7934 (arbitrary code execution)
CVE-2016-7935 (arbitrary code execution)
CVE-2016-7936 (arbitrary code execution)
CVE-2016-7937 (arbitrary code execution)
CVE-2016-7938 (arbitrary code execution)
CVE-2016-7939 (arbitrary code execution)
CVE-2016-7940 (arbitrary code execution)
CVE-2016-7973 (arbitrary code execution)
CVE-2016-7974 (arbitrary code execution)
CVE-2016-7975 (arbitrary code execution)
CVE-2016-7983 (arbitrary code execution)
CVE-2016-7984 (arbitrary code execution)
CVE-2016-7985 (arbitrary code execution)
CVE-2016-7986 (arbitrary code execution)
CVE-2016-7992 (arbitrary code execution)
CVE-2016-7993 (arbitrary code execution)
CVE-2016-8574 (arbitrary code execution)
CVE-2016-8575 (arbitrary code execution)
CVE-2017-5202 (arbitrary code execution)
CVE-2017-5203 (arbitrary code execution)
CVE-2017-5204 (arbitrary code execution)
CVE-2017-5205 (arbitrary code execution)
CVE-2017-5341 (arbitrary code execution)
CVE-2017-5342 (arbitrary code execution)
CVE-2017-5482 (arbitrary code execution)
CVE-2017-5483 (arbitrary code execution)
CVE-2017-5484 (arbitrary code execution)
CVE-2017-5485 (arbitrary code execution)
CVE-2017-5486 (arbitrary code execution)
---
Changes:
http://www.tcpdump.org/tcpdump-changes.txt
 main/tcpdump/APKBUILD | 53 +++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 49 insertions(+), 4 deletions(-)
diff --git a/main/tcpdump/APKBUILD b/main/tcpdump/APKBUILD
index da7c050..b345d93 100644
--- a/main/tcpdump/APKBUILD
+++ b/main/tcpdump/APKBUILD
_at_@ -1,6 +1,7 @@
+# Contributor: Sergei Lukin <sergej.lukin_at_gmail.com>
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=tcpdump
-pkgver=4.7.4
+pkgver=4.9.0
 pkgrel=0
 pkgdesc="A tool for network monitoring and data acquisition"
 url="http://www.tcpdump.org"
_at_@ -11,6 +12,50 @@ makedepends="libpcap-dev openssl-dev perl"
 subpackages="$pkgname-doc"
 source="http://www.$pkgname.org/release/$pkgname-$pkgver.tar.gz"
 
+# secfixes:
+#   4.9.0-r0:
+#   - CVE-2016-7922
+#   - CVE-2016-7923
+#   - CVE-2016-7924
+#   - CVE-2016-7925
+#   - CVE-2016-7926
+#   - CVE-2016-7927
+#   - CVE-2016-7928
+#   - CVE-2016-7929
+#   - CVE-2016-7930
+#   - CVE-2016-7931
+#   - CVE-2016-7932
+#   - CVE-2016-7933
+#   - CVE-2016-7934
+#   - CVE-2016-7935
+#   - CVE-2016-7936
+#   - CVE-2016-7937
+#   - CVE-2016-7938
+#   - CVE-2016-7939
+#   - CVE-2016-7940
+#   - CVE-2016-7973
+#   - CVE-2016-7974
+#   - CVE-2016-7975
+#   - CVE-2016-7983
+#   - CVE-2016-7984
+#   - CVE-2016-7985
+#   - CVE-2016-7986
+#   - CVE-2016-7992
+#   - CVE-2016-7993
+#   - CVE-2016-8574
+#   - CVE-2016-8575
+#   - CVE-2017-5202
+#   - CVE-2017-5203
+#   - CVE-2017-5204
+#   - CVE-2017-5205
+#   - CVE-2017-5341
+#   - CVE-2017-5342
+#   - CVE-2017-5482
+#   - CVE-2017-5483
+#   - CVE-2017-5484
+#   - CVE-2017-5485
+#   - CVE-2017-5486
+
 _builddir="$srcdir"/$pkgname-$pkgver
 
 prepare() {
_at_@ -37,6 +82,6 @@ package() {
 	rm -f "$pkgdir"/usr/sbin/tcpdump.4*
 }
 
-md5sums="58af728de36f499341918fc4b8e827c3  tcpdump-4.7.4.tar.gz"
-sha256sums="6be520269a89036f99c0b2126713a60965953eab921002b07608ccfc0c47d9af  tcpdump-4.7.4.tar.gz"
-sha512sums="5660d82abdf7327c3e1717db519b2c98cd217fff17440019f3ccf166b3cb28ab1c1850b7c42f8c6ee38110838bb8a4a10cd394f25123783bb3d58e1f350ef326  tcpdump-4.7.4.tar.gz"
+md5sums="2b83364eef53b63ca3181b4eb56dab0c  tcpdump-4.9.0.tar.gz"
+sha256sums="eae98121cbb1c9adbedd9a777bf2eae9fa1c1c676424a54740311c8abcee5a5e  tcpdump-4.9.0.tar.gz"
+sha512sums="e98d73ae706d42e96b4069e196cf17af892eb97935664eebd08779b55b4da858bc1732d714efd16924f862aad0ba5550ceb2213c68414ed48907c46456c9fc82  tcpdump-4.9.0.tar.gz"
-- 
2.8.3
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Feb 08 2017 - 08:06:17 GMT