Commit Graph

24 Commits

Author SHA1 Message Date
emaste
37e2725e53 Update tcpdump to 4.9.2
It contains many fixes, including bounds checking, buffer overflows (in
SLIP and bittok2str_internal), buffer over-reads, and infinite loops.

One other notable change:
  Do not use getprotobynumber() for protocol name resolution.
  Do not do any protocol name resolution if -n is specified.

Submitted by:	gordon
Reviewed by:	delphij, emaste, glebius
MFC after:	1 week
Relnotes:	Yes
Security:	CVE-2017-11108, CVE-2017-11541, CVE-2017-11542
Security:	CVE-2017-11543, CVE-2017-12893, CVE-2017-12894
Security:	CVE-2017-12895, CVE-2017-12896, CVE-2017-12897
Security:	CVE-2017-12898, CVE-2017-12899, CVE-2017-12900
Security:	CVE-2017-12901, CVE-2017-12902, CVE-2017-12985
Security:	CVE-2017-12986, CVE-2017-12987, CVE-2017-12988
Security:	CVE-2017-12989, CVE-2017-12990, CVE-2017-12991
Security:	CVE-2017-12992, CVE-2017-12993, CVE-2017-12994
Security:	CVE-2017-12995, CVE-2017-12996, CVE-2017-12997
Security:	CVE-2017-12998, CVE-2017-12999, CVE-2017-13000
Security:	CVE-2017-13001, CVE-2017-13002, CVE-2017-13003
Security:	CVE-2017-13004, CVE-2017-13005, CVE-2017-13006
Security:	CVE-2017-13007, CVE-2017-13008, CVE-2017-13009
Security:	CVE-2017-13010, CVE-2017-13011, CVE-2017-13012
Security:	CVE-2017-13013, CVE-2017-13014, CVE-2017-13015
Security:	CVE-2017-13016, CVE-2017-13017, CVE-2017-13018
Security:	CVE-2017-13019, CVE-2017-13020, CVE-2017-13021
Security:	CVE-2017-13022, CVE-2017-13023, CVE-2017-13024
Security:	CVE-2017-13025, CVE-2017-13026, CVE-2017-13027
Security:	CVE-2017-13028, CVE-2017-13029, CVE-2017-13030
Security:	CVE-2017-13031, CVE-2017-13032, CVE-2017-13033
Security:	CVE-2017-13034, CVE-2017-13035, CVE-2017-13036
Security:	CVE-2017-13037, CVE-2017-13038, CVE-2017-13039
Security:	CVE-2017-13040, CVE-2017-13041, CVE-2017-13042
Security:	CVE-2017-13043, CVE-2017-13044, CVE-2017-13045
Security:	CVE-2017-13046, CVE-2017-13047, CVE-2017-13048
Security:	CVE-2017-13049, CVE-2017-13050, CVE-2017-13051
Security:	CVE-2017-13052, CVE-2017-13053, CVE-2017-13054
Security:	CVE-2017-13055, CVE-2017-13687, CVE-2017-13688
Security:	CVE-2017-13689, CVE-2017-13690, CVE-2017-13725
Differential Revision:	https://reviews.freebsd.org/D12404
2017-12-06 02:21:11 +00:00
glebius
640e6f3b3b Update tcpdump to 4.9.0.
It fixes many buffer overflow in different protocol parsers, but none of
them are critical, even in absense of Capsicum.

Security:	CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925
Security:	CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929
Security:	CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933
Security:	CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937
Security:	CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973
Security:	CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984
Security:	CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993
Security:	CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203
Security:	CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342
Security:	CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485
Security:	CVE-2017-5486
2017-02-01 20:26:42 +00:00
pkelsey
7e965066ed MFV r285191: tcpdump 4.7.4.
Also, the changes made in r272451 and r272653 that were lost in the
merge of 4.6.2 (r276788) have been restored.

PR: 199568
Differential Revision: https://reviews.freebsd.org/D3007
Reviewed by: brooks, hiren
Approved by: jmallett (mentor)
MFC after: 1 month
2015-07-08 16:19:32 +00:00
pfg
484a2d55e5 MFV r277782:
Merge some cherry-picked fixes originating in OpenBSD

Check whether the version field is available before looking at it.
While we're at it, use ND_TCHECK(), rather than a hand-rolled check, to
check whether we have the full fixed-length portion of the IPv4 header.

commit c67afe913011138a2504ec4d3d423b48e73b12f3

Do more length checking. From OpenBSD.

commit d7516761f9c4877bcb05bb6543be3543e165249
2015-01-27 01:45:47 +00:00
delphij
f49c5d523a MFV r276761: tcpdump 4.6.2.
MFC after:	1 month
2015-01-07 19:55:18 +00:00
delphij
661b9d9441 Merge tcpdump 4.2.1.
MFC after:	2 weeks
2012-05-17 05:11:57 +00:00
rpaulo
a7b3086920 Merge tcpdump 4.0.0 from the vendor branch. 2009-03-21 18:30:25 +00:00
rpaulo
04b1d6babe Flatten vendor/tcpdump and remove keyword expansion. 2009-03-20 13:27:51 +00:00
sam
7dacff5dd0 resolve merge conflicts and update for proper build; including:
o print-fr.c returned to code on vendor branch
o remove pmap_prot.h include from print-sunrprc.c
o remove gcc/i386-specific ntoh* write-arounds from tcpdump-stdinc.h

Reviewed by:	bms
2005-05-29 19:09:28 +00:00
sam
88a191f109 Virgin import of tcpdump v3.9.1 (alpha 096) from tcpdump.org 2005-05-29 18:17:16 +00:00
bms
55b12ee199 Merge of tcpdump 3.8.3 from tcpdump.org, with the following caveats:
print-atm.c no longer performs special handling for FORE headers; these
 can no doubt be re-added at a later date.

 print-fr.c is effectively a no-op.

 print-llc.c has had the default_print_unaligned() call removed as
 tcpdump no longer defines this function, however the prototype is still
 present. Suggest we roll in a diff to use print_unknown_data().
2004-03-31 14:57:24 +00:00
bms
281e9d7140 Import tcpdump 3.8.3, from http://www.tcpdump.org/releases/tcpdump-3.8.3.tar.gz 2004-03-31 09:17:26 +00:00
fenner
6d9538de20 Merge tcpdump 3.7.1
MFC after:	2 weeks
2002-06-21 00:49:02 +00:00
fenner
91fc581e38 Import tcpdump 3.7.1, from
http://www.tcpdump.org/release/tcpdump-3.7.1.tar.gz
2002-06-21 00:43:23 +00:00
fenner
2877f5b613 Merge tcpdump 3.6.2 2001-04-03 07:50:46 +00:00
fenner
ace14a2b50 Virgin import of tcpdump.org tcpdump v3.6.2 2001-04-03 07:45:48 +00:00
fenner
c780ea93f3 Merge tcpdump 3.5 2000-01-30 01:05:24 +00:00
fenner
54c4a9c9f2 Virgin import of tcpdump.org tcpdump v3.5 2000-01-30 00:45:58 +00:00
fenner
03014afd03 Merge tcpdump 3.4
PR:		bin/7877
1998-09-15 19:46:59 +00:00
fenner
cfc42b58f2 Virgin import of LBL tcpdump v3.4 1998-09-15 19:36:32 +00:00
fenner
a45d5a033f Merge tcpdump 3.3.
The print_nfs.c changes are pretty extensive; this is partially because
 LBL did a lot of cleanup and partially because I removed lots of
 pointless changes away from the LBL style.

PR:		3371
mostly-Submitted by:	Chris Timmons <skynyrd@opus.cts.cwu.edu>
1997-05-27 02:17:42 +00:00
fenner
a9b9c86c8a Virgin import of LBL tcpdump v3.3 1997-05-27 02:11:31 +00:00
wollman
fb79103251 Update to reflect changes in net/if.h. 1997-01-03 20:10:04 +00:00
pst
97a804ef88 Virgin import of unmodified tcpdump v3.2.1 distribution from LBL.
Obtained from: ftp://ftp.ee.lbl.gov/tcpdump.tar.Z on 19-Aug-1996.
1996-08-19 20:34:12 +00:00