[Git][security-tracker-team/security-tracker][master] Add (temporary) note for CVE-2018-16301
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 21 19:17:31 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5c9c9d97 by Salvatore Bonaccorso at 2020-01-21T20:16:46+01:00
Add (temporary) note for CVE-2018-16301
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -81798,6 +81798,8 @@ CVE-2018-16301 (libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buf
[jessie] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
NOTE: https://github.com/the-tcpdump-group/libpcap/issues/855 (asked upstream for info)
NOTE: rpcapd not built in Debian.
+ NOTE: The CVE is likely to be rejected, cf.
+ NOTE: https://github.com/the-tcpdump-group/libpcap/issues/855#issuecomment-576358104
CVE-2018-16300 (The BGP parser in tcpdump before 4.9.3 allows stack consumption in pri ...)
{DSA-4547-1 DLA-1955-1}
- tcpdump 4.9.3-1 (bug #941698)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c9c9d973b3e229feb1619b0f285c26a9add6b26
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c9c9d973b3e229feb1619b0f285c26a9add6b26
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200121/40d758ec/attachment.html>
More information about the debian-security-tracker-commits
mailing list