You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa tcpdump

Sigurnosni nedostaci programskog paketa tcpdump

==========================================================================
Ubuntu Security Notice USN-4252-2
January 27, 2020

tcpdump vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in tcpdump.

Software Description:
– tcpdump: command-line network traffic analyzer

Details:

USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Multiple security issues were discovered in tcpdump. A remote attacker
could use these issues to cause tcpdump to crash, resulting in a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
tcpdump 4.9.3-0ubuntu0.14.04.1+esm1

Ubuntu 12.04 ESM:
tcpdump 4.9.3-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/4252-2
https://usn.ubuntu.com/4252-1
CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl4vMM4ACgkQRbznW4QL
H2nh/w//aI7jpw10dUN1oDdP6TPFrtOm+DqEfIpCP/ioYTcYnp6dxasUlYWZ0rvl
IN6iAO/0Y5cjr24ERG5mJsg07CFabJlmDFk+yrcNWS2zTBAlHNgBFJ9yFwm5spZz
R8R7WB/MiVRFQrCnbvEkVPPCjhIhMfficCvXzDZ9vY/TyWFkf7vE5Kfa+oXHTugx
gFp5tTyaJSA5FCSneRU9mBcX7tKMdxyxN+9cEYLiptP6V7rUvW9jD8ubwvoQG2yC
9xisyQNFdGm9+eI8hTjYRUZCt9CL6AdR8dOAkyGULB6tZ/7GBFZe10/S+JB6y/Va
iTBVWbqvRgPC9q9ran+fm8PBQXQp1XCIe2+/yux/gaijhiVGE+oMpmiBfbThUjyW
FbHIp9XKEsvnuDi2DkCqxPnFaFRN9qVqgQECZdxDtP+e3z5KzaCdyF8SVImWruYl
U3ymnsIdmY/bZB2v1q/49KaBrDmFEu3dKDOdU4fK0bBl/Kx9sPUurqsd1pGUBzS7
Z6mQzutD0ug0e1N6Pwj0u/LfosixBSqW3nfOoi5rAV1w3H6XYH3k20PLyLD2DwWv
JkT8+DxfQLgoxtXqxvgmEGrHjtrRDloffs9P9i8rCfdTQCaYaw4wFPT6Ul5Hz5j9
sLPIg2qyfmteKmDYFqYlQpKHJIda19ig53sjHi8GGdyo2N10gRM=
=aZze
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-4252-1
January 27, 2020

tcpdump vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in tcpdump.

Software Description:
– tcpdump: command-line network traffic analyzer

Details:

Multiple security issues were discovered in tcpdump. A remote attacker
could use these issues to cause tcpdump to crash, resulting in a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
tcpdump 4.9.3-0ubuntu0.18.04.1

Ubuntu 16.04 LTS:
tcpdump 4.9.3-0ubuntu0.16.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/4252-1
CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167

Package Information:
https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.16.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl4vDjgACgkQZWnYVadE
vpOKrg/9F+SeFi2gej7KJiuYOv2WnMMXYPyugi1icvszlk+W7Utll3gBJzGnw1Ac
Q253vEyXvu5cQEz3v4UITEBco+Ddio7uU3f10azfjcdDEXC/bidG7tqKzLfy3jgk
QOOqezUvfdiRS3Hgz75/ykJJzaGuFRpV4MibtrM1nKA1MLjLHX7ImZOUC0aYH9Cz
Ncn198kmQB3n04YXBR3WRzA2Hmd8sX5AXSU8nykTu6shw1hHj9EzTh9OMr3Bz3GG
e7zBt2CGNNlvM0OyW945M0ZooL0FGXn+HBW8+1whfH+4bmlIsUVt4fHGzkBw+0BY
/j/6VmCGeyaBwcSj6/fMQHJzCslEWeReqFNfpAB9zYy9SUVr/LeGjrZOKAI0rfXN
5bhu12siQybDrVaX9JZY2nb5OO4yPh71JJZ6QMSmiK8ZR74BbhR44EPvwCiHYrd6
EQAdAe6DOKL0ACwcJMLNrNkyGufcDTaXJ12MM2VVDYVehL7XWy0WxP5V9UJ/rEez
5g0YXWO810R5PWT9oS1nvNlagW+5opo9NUNk8HrzAPq1rykZPeLm4OZRoPKLp0Ge
l79B8ZnezX44bqSPQIFOxA1RcXzonHHK1gZg30TfWAqOVaiTxc79QcSZM/o/f86U
oEloQ1qW90weNEwhanlR4IRsdB6M18cJBoefvayyc12E6L7niuU=
=2MnG
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa nss

Otkriven je sigurnosni nedostatak u programskom paketu nss za operacijski sustav RHEL. Otkriveni nedostatak potencijalnim udaljenim napadačima omogućuje izazivanje DoS...

Close