diff options
author | Aaron Bauman <bman@gentoo.org> | 2017-09-25 07:56:12 -0400 |
---|---|---|
committer | Aaron Bauman <bman@gentoo.org> | 2017-09-25 07:56:12 -0400 |
commit | 1589f3f793f11044d0ca467ede067b49fd712ff7 (patch) | |
tree | e9e1a2fb92a1aab73422f28f4cc305b2b5fbfb91 /glsa-201709-23.xml | |
parent | Fix GLSA 2017-09-22 (diff) | |
download | glsa-1589f3f793f11044d0ca467ede067b49fd712ff7.tar.gz glsa-1589f3f793f11044d0ca467ede067b49fd712ff7.tar.bz2 glsa-1589f3f793f11044d0ca467ede067b49fd712ff7.zip |
Add GLSA 201709-23
Diffstat (limited to 'glsa-201709-23.xml')
-rw-r--r-- | glsa-201709-23.xml | 323 |
1 files changed, 323 insertions, 0 deletions
diff --git a/glsa-201709-23.xml b/glsa-201709-23.xml new file mode 100644 index 00000000..77588a84 --- /dev/null +++ b/glsa-201709-23.xml @@ -0,0 +1,323 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="201709-23"> + <title>Tcpdump: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in Tcpdump, the worst of + which may allow execution of arbitrary code. + </synopsis> + <product type="ebuild">tcpdump</product> + <announced>2017-09-25</announced> + <revised>2017-09-25: 1</revised> + <bug>624652</bug> + <bug>626462</bug> + <bug>630110</bug> + <access>remote</access> + <affected> + <package name="net-analyzer/tcpdump" auto="yes" arch="*"> + <unaffected range="ge">4.9.2</unaffected> + <vulnerable range="lt">4.9.2</vulnerable> + </package> + </affected> + <background> + <p>Tcpdump is a tool for network monitoring and data acquisition.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in Tcpdump. Please review + the referenced CVE identifiers for details. + </p> + + </description> + <impact type="normal"> + <p>A remote attacker could possibly execute arbitrary code with the + privileges of the process or cause a Denial of Service condition. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Tcpdump users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-analyzer/tcpdump-4.9.2" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11108"> + CVE-2017-11108 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11541"> + CVE-2017-11541 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11542"> + CVE-2017-11542 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11543"> + CVE-2017-11543 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11544"> + CVE-2017-11544 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12893"> + CVE-2017-12893 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12894"> + CVE-2017-12894 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12895"> + CVE-2017-12895 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12896"> + CVE-2017-12896 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12897"> + CVE-2017-12897 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12898"> + CVE-2017-12898 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12899"> + CVE-2017-12899 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12900"> + CVE-2017-12900 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12901"> + CVE-2017-12901 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12902"> + CVE-2017-12902 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12985"> + CVE-2017-12985 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12986"> + CVE-2017-12986 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12987"> + CVE-2017-12987 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12988"> + CVE-2017-12988 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12989"> + CVE-2017-12989 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12990"> + CVE-2017-12990 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12991"> + CVE-2017-12991 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12992"> + CVE-2017-12992 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12993"> + CVE-2017-12993 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12994"> + CVE-2017-12994 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12995"> + CVE-2017-12995 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12996"> + CVE-2017-12996 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12997"> + CVE-2017-12997 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12998"> + CVE-2017-12998 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12999"> + CVE-2017-12999 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13000"> + CVE-2017-13000 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13001"> + CVE-2017-13001 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13002"> + CVE-2017-13002 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13003"> + CVE-2017-13003 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13004"> + CVE-2017-13004 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13005"> + CVE-2017-13005 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13006"> + CVE-2017-13006 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13007"> + CVE-2017-13007 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13008"> + CVE-2017-13008 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13009"> + CVE-2017-13009 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13010"> + CVE-2017-13010 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13011"> + CVE-2017-13011 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13012"> + CVE-2017-13012 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13013"> + CVE-2017-13013 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13014"> + CVE-2017-13014 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13015"> + CVE-2017-13015 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13016"> + CVE-2017-13016 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13017"> + CVE-2017-13017 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13018"> + CVE-2017-13018 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13019"> + CVE-2017-13019 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13020"> + CVE-2017-13020 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13021"> + CVE-2017-13021 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13022"> + CVE-2017-13022 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13023"> + CVE-2017-13023 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13024"> + CVE-2017-13024 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13025"> + CVE-2017-13025 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13026"> + CVE-2017-13026 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13027"> + CVE-2017-13027 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13028"> + CVE-2017-13028 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13029"> + CVE-2017-13029 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13030"> + CVE-2017-13030 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13031"> + CVE-2017-13031 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13032"> + CVE-2017-13032 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13033"> + CVE-2017-13033 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13034"> + CVE-2017-13034 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13035"> + CVE-2017-13035 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13036"> + CVE-2017-13036 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13037"> + CVE-2017-13037 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13038"> + CVE-2017-13038 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13039"> + CVE-2017-13039 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13040"> + CVE-2017-13040 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13041"> + CVE-2017-13041 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13042"> + CVE-2017-13042 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13043"> + CVE-2017-13043 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13044"> + CVE-2017-13044 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13045"> + CVE-2017-13045 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13046"> + CVE-2017-13046 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13047"> + CVE-2017-13047 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13048"> + CVE-2017-13048 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13049"> + CVE-2017-13049 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13050"> + CVE-2017-13050 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13051"> + CVE-2017-13051 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13052"> + CVE-2017-13052 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13053"> + CVE-2017-13053 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13054"> + CVE-2017-13054 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13055"> + CVE-2017-13055 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13687"> + CVE-2017-13687 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13688"> + CVE-2017-13688 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13689"> + CVE-2017-13689 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13690"> + CVE-2017-13690 + </uri> + <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13725"> + CVE-2017-13725 + </uri> + </references> + <metadata tag="requester" timestamp="2017-09-25T02:53:28Z">BlueKnight</metadata> + <metadata tag="submitter" timestamp="2017-09-25T11:55:12Z">chrisadr</metadata> +</glsa> |