lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 03 Dec 2014 19:16:29 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3086-1] tcpdump security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3086-1                   security@...ian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
December 03, 2014                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : tcpdump
CVE ID         : CVE-2014-8767 CVE-2014-8769 CVE-2014-9140
Debian Bug     : 770424 770434

Several vulnerabilities have been discovered in tcpdump, a command-line
network traffic analyzer. These vulnerabilities might result in denial
of service, leaking sensitive information from memory or, potentially,
execution of arbitrary code.

For the stable distribution (wheezy), these problems have been fixed in
version 4.3.0-1+deb7u1.

For the upcoming stable distribution (jessie), these problems have been
fixed in version 4.6.2-3.

For the unstable distribution (sid), these problems have been fixed in
version 4.6.2-3.

We recommend that you upgrade your tcpdump packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUf1yOAAoJEAVMuPMTQ89EnmsP/3WESLIPqyv0RVx0IPPRrvLP
q1qri8ROuIMryu88ybOOCwo96OsnnO3lGeiJUzOUp6B+bgyJQKgQg6+oCq8MpJ3z
YhKROPKNeW9j+fdtLqua6RPp2nFQNf4FemCOaIs1oM2aL4wye/iuXwXXF/i6eWve
qQ2Ugjj/ahtxAPNRIte4XQK4q0OipopqZYNe3sdWP0jmQwYoFnpgrQHBlalx0GMm
STlykW8HhLVCyxlY16ENLyzCqjD8GT3osjhx6/k0997kkO/M0eEwKwvx44VhOmDl
p5m5tOPZJ+yUVQPNujDUJRLTsbMLSlZhzpWVJ9SOFyyY97zQ1y6lFFM3aXdXPOUV
NJ51bXXexZb5OrTShsYFEM9GT9EOqLJl/PDbhrEb+1QETovDUR4JVK6VIy7yEZPO
DEaFEH7t1GXE9jrX9U9tn9iIywndfz3vzvK1eTy9JMc/2qNz4/M+Ppvasu6Xmqg1
JU3w+jiq1KleXaLHG2EKnlEuhM8rz3Eh6cTb8vwcXmJgwzcc8CW8KJWQghVfGO+d
9wjxrToRWpieV66RhIdp4ZZ2K+S0U1AvNy+a8plKAfiiyLQC5eflZyNg5ckTDL4d
HvgOSuqYEoY9F20mV++/IQVW0ML2gGpQmhmnm53qNJ460miqyfrc0rWItMRT4OU3
IG5Q3GWMrw7bjLm2WGLD
=71H0
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ