Описание
Security update for tcpdump
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2018-19519: Fixed a stack-based buffer over-read in the print_prefix function (bsc#1117267)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Desktop 12 SP4
tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Server 12 SP3
tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Server 12 SP4
tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
tcpdump-4.9.2-14.8.1
Ссылки
- Link for SUSE-SU-2018:4149-1
- E-Mail link for SUSE-SU-2018:4149-1
- SUSE Security Ratings
- SUSE Bug 1117267
- SUSE CVE CVE-2018-19519 page
Описание
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.8.1
SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.8.1
Ссылки
- CVE-2018-19519
- SUSE Bug 1117267