Fedora alert FEDORA-2019-b92ce3144a (libpcap)

From:
             
 
updates@fedoraproject.org 
To:
             
 
package-announce@lists.fedoraproject.org 
Subject:
             
 
[SECURITY] Fedora 29 Update: libpcap-1.9.1-1.fc29 
Date:
             
 
Sun, 27 Oct 2019 02:05:32 +0000 (UTC)
Message-ID:
             
 
<20191027020532.4E88960D8FBA@bastion01.phx2.fedoraproject.org>
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-b92ce3144a
2019-10-27 02:05:07.760949
--------------------------------------------------------------------------------

Name        : libpcap
Product     : Fedora 29
Version     : 1.9.1
Release     : 1.fc29
URL         : http://www.tcpdump.org
Summary     : A system-independent interface for user-level packet capture
Description :
Libpcap provides a portable framework for low-level network
monitoring.  Libpcap can provide network statistics collection,
security monitoring and network debugging.  Since almost every system
vendor provides a different interface for packet capture, the libpcap
authors created this system-independent API to ease in porting and to
alleviate the need for several system-dependent packet capture modules
in each application.

Install libpcap if you need to do low-level network traffic monitoring
on your network.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163,
CVE-2019-15164, CVE-2019-15165
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 11 2019 Michal Ruprich <mruprich@redhat.com> - 14:1.9.1-1
- New version 1.9.1
- Fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164,
CVE-2019-15165
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1760623 - CVE-2019-15161 libpcap: Mishandled length values in reused variables
        https://bugzilla.redhat.com/show_bug.cgi?id=1760623
  [ 2 ] Bug #1760622 - CVE-2019-15162 libpcap: Information disclosure in rpcapd/daemon.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760622
  [ 3 ] Bug #1760621 - CVE-2019-15163 libpcap: Null pointer dereference in rpcapd/daemon.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760621
  [ 4 ] Bug #1760619 - CVE-2019-15164 libpcap: Server side request forgery in rpcapd/daemon.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760619
  [ 5 ] Bug #1760618 - CVE-2019-15165 libpcap: Resource exhaustion while PHB header length
validation
        https://bugzilla.redhat.com/show_bug.cgi?id=1760618
  [ 6 ] Bug #1760500 - CVE-2018-16301 libpcap: Buffer overflow in pcapng reader
        https://bugzilla.redhat.com/show_bug.cgi?id=1760500
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-b92ce3144a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond...
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/package-ann...