Commit Graph

4 Commits

Author SHA1 Message Date
Gleb Smirnoff
3340d77368 Update tcpdump to 4.9.0.
It fixes many buffer overflow in different protocol parsers, but none of
them are critical, even in absense of Capsicum.

Security:	CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925
Security:	CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929
Security:	CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933
Security:	CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937
Security:	CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973
Security:	CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984
Security:	CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993
Security:	CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203
Security:	CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342
Security:	CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485
Security:	CVE-2017-5486
2017-02-01 20:26:42 +00:00
Brooks Davis
04c5335197 Merge from CheriBSD: 1065cf515a7c2062598009c1318055aacbb39e80
Convert the pfsync dissector to use the netdissect framework.

Differential Revision:	https://reviews.freebsd.org/D2359
Reviewed by:	glebius
Sponsored by:	DARPA, AFRL
2015-04-24 16:11:22 +00:00
Xin LI
3c602fabf9 MFV r276761: tcpdump 4.6.2.
MFC after:	1 month
2015-01-07 19:55:18 +00:00
Gleb Smirnoff
ffe9c13e2a Provide ability for printing and decoding pfsync(4) traffic. This
doesn't mean supporting IFT_PFSYNC (which I hope will eventually
die). This means decoding packets with IP protocol of 240 caught
on any normal interface like Ethernet.

  The code is based on couple of files from OpenBSD, significantly
modified by myself.

  Parser differentiates for four levels of verbosity: no -v, -v,
-vv and -vvv.

  We don't yet forward this code upstream, because currently it
strongly relies on if_pfsync.h and even on pfvar.h. I hope that
this can be fixed in future.

Reviewed by:	gnn, delphij
2012-10-05 07:51:21 +00:00