——————————————————————————–
Fedora Update Notification
FEDORA-2020-c50d8b980b
2020-10-29 01:04:57.850390
——————————————————————————–
Name : tcpreplay
Product : Fedora 33
Version : 4.3.3
Release : 3.fc33
URL : https://protect2.fireeye.com/v1/url?k=95cbdb9a-c9d96f9e-95cc4656-000babd90757-09f1b92cce4ee847&q=1&e=94d93bee-224c-492b-8865-590d4d16382b&u=http%3A%2F%2Ftcpreplay.appneta.com%2F
Summary : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.
——————————————————————————–
Update Information:
Patch CVE-2020-24265 and CVE-2020-24266.
——————————————————————————–
ChangeLog:
* Wed Oct 21 2020 Bojan Smojver <bojan@rexursive com> – 4.3.3-2
– CVE-2020-24265
——————————————————————————–
References:
[ 1 ] Bug #1889806 – CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889806
[ 2 ] Bug #1889807 – CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889807
[ 3 ] Bug #1889809 – CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889809
[ 4 ] Bug #1889810 – CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889810
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-c50d8b980b’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=3de7752c-61f5c128-3de0e8e0-000babd90757-c3919b0fdbb96f18&q=1&e=94d93bee-224c-492b-8865-590d4d16382b&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-e45cf8ea43
2020-10-29 01:12:35.506057
——————————————————————————–
Name : tcpreplay
Product : Fedora 31
Version : 4.3.3
Release : 3.fc31
URL : https://protect2.fireeye.com/v1/url?k=bb143ce7-e70688e3-bb13a12b-000babd90757-dd451634c7c7df43&q=1&e=c3840030-4c1d-412c-a83d-9a71aaa0a2eb&u=http%3A%2F%2Ftcpreplay.appneta.com%2F
Summary : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.
——————————————————————————–
Update Information:
Patch CVE-2020-24265 and CVE-2020-24266.
——————————————————————————–
ChangeLog:
* Wed Oct 21 2020 Bojan Smojver <bojan@rexursive com> – 4.3.3-2
– CVE-2020-24265
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> – 4.3.3-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1889806 – CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889806
[ 2 ] Bug #1889807 – CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889807
[ 3 ] Bug #1889809 – CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889809
[ 4 ] Bug #1889810 – CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889810
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-e45cf8ea43’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=26a92ea9-7abb9aad-26aeb365-000babd90757-bc634ae7d89faa01&q=1&e=c3840030-4c1d-412c-a83d-9a71aaa0a2eb&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-0e036c907e
2020-10-29 01:12:28.276093
——————————————————————————–
Name : tcpreplay
Product : Fedora 32
Version : 4.3.3
Release : 3.fc32
URL : https://protect2.fireeye.com/v1/url?k=4d3a69a6-1128dda2-4d3df46a-000babd90757-fad6602286c99de5&q=1&e=10fe2f4e-f63a-4d9b-ade0-1b7ae9f8b8ed&u=http%3A%2F%2Ftcpreplay.appneta.com%2F
Summary : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.
——————————————————————————–
Update Information:
Patch CVE-2020-24265 and CVE-2020-24266.
——————————————————————————–
ChangeLog:
* Wed Oct 21 2020 Bojan Smojver <bojan@rexursive com> – 4.3.3-2
– CVE-2020-24265
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> – 4.3.3-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1889806 – CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889806
[ 2 ] Bug #1889807 – CVE-2020-24265 tcpreplay: heap buffer overflow could result in a crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889807
[ 3 ] Bug #1889809 – CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889809
[ 4 ] Bug #1889810 – CVE-2020-24266 tcpreplay: heap buffer overflow in get_l2len() could result in a crash [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1889810
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-0e036c907e’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=d0f2db22-8ce06f26-d0f546ee-000babd90757-158a78089261bc3d&q=1&e=10fe2f4e-f63a-4d9b-ade0-1b7ae9f8b8ed&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org