d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
250,325 Commits 4 Branches 49 Tags 2 GiB
99f48cdaff
Commit Graph

19 Commits

Author SHA1 Message Date
emaste
37e2725e53 Update tcpdump to 4.9.2 
It contains many fixes, including bounds checking, buffer overflows (in
SLIP and bittok2str_internal), buffer over-reads, and infinite loops.

One other notable change:
  Do not use getprotobynumber() for protocol name resolution.
  Do not do any protocol name resolution if -n is specified.

Submitted by:	gordon
Reviewed by:	delphij, emaste, glebius
MFC after:	1 week
Relnotes:	Yes
Security:	CVE-2017-11108, CVE-2017-11541, CVE-2017-11542
Security:	CVE-2017-11543, CVE-2017-12893, CVE-2017-12894
Security:	CVE-2017-12895, CVE-2017-12896, CVE-2017-12897
Security:	CVE-2017-12898, CVE-2017-12899, CVE-2017-12900
Security:	CVE-2017-12901, CVE-2017-12902, CVE-2017-12985
Security:	CVE-2017-12986, CVE-2017-12987, CVE-2017-12988
Security:	CVE-2017-12989, CVE-2017-12990, CVE-2017-12991
Security:	CVE-2017-12992, CVE-2017-12993, CVE-2017-12994
Security:	CVE-2017-12995, CVE-2017-12996, CVE-2017-12997
Security:	CVE-2017-12998, CVE-2017-12999, CVE-2017-13000
Security:	CVE-2017-13001, CVE-2017-13002, CVE-2017-13003
Security:	CVE-2017-13004, CVE-2017-13005, CVE-2017-13006
Security:	CVE-2017-13007, CVE-2017-13008, CVE-2017-13009
Security:	CVE-2017-13010, CVE-2017-13011, CVE-2017-13012
Security:	CVE-2017-13013, CVE-2017-13014, CVE-2017-13015
Security:	CVE-2017-13016, CVE-2017-13017, CVE-2017-13018
Security:	CVE-2017-13019, CVE-2017-13020, CVE-2017-13021
Security:	CVE-2017-13022, CVE-2017-13023, CVE-2017-13024
Security:	CVE-2017-13025, CVE-2017-13026, CVE-2017-13027
Security:	CVE-2017-13028, CVE-2017-13029, CVE-2017-13030
Security:	CVE-2017-13031, CVE-2017-13032, CVE-2017-13033
Security:	CVE-2017-13034, CVE-2017-13035, CVE-2017-13036
Security:	CVE-2017-13037, CVE-2017-13038, CVE-2017-13039
Security:	CVE-2017-13040, CVE-2017-13041, CVE-2017-13042
Security:	CVE-2017-13043, CVE-2017-13044, CVE-2017-13045
Security:	CVE-2017-13046, CVE-2017-13047, CVE-2017-13048
Security:	CVE-2017-13049, CVE-2017-13050, CVE-2017-13051
Security:	CVE-2017-13052, CVE-2017-13053, CVE-2017-13054
Security:	CVE-2017-13055, CVE-2017-13687, CVE-2017-13688
Security:	CVE-2017-13689, CVE-2017-13690, CVE-2017-13725
Differential Revision:	https://reviews.freebsd.org/D12404
 2017-12-06 02:21:11 +00:00
glebius
c18b788471 Reduce diff to upstream using HAVE_CAPSICUM instead of __FreeBSD__. It'll also 
make it easier to upstream HAVE_CASPER patch.
 2017-02-02 19:56:41 +00:00
glebius
640e6f3b3b Update tcpdump to 4.9.0. 
It fixes many buffer overflow in different protocol parsers, but none of
them are critical, even in absense of Capsicum.

Security:	CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925
Security:	CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929
Security:	CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933
Security:	CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937
Security:	CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973
Security:	CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984
Security:	CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993
Security:	CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203
Security:	CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342
Security:	CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485
Security:	CVE-2017-5486
 2017-02-01 20:26:42 +00:00
oshogbo
cd9fe8b3ab Fix spelling of the casper introduced in the r296047. 
PR:		210031
Reported by:	AllanJude, jmallett
 2016-06-08 22:30:21 +00:00
oshogbo
023f14d65b Convert casperd(8) daemon to the libcasper. 
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.

Discussed with:		pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by:	drysdale@google.com, bdrewery
Approved by:		pjd (mentor)
Differential Revision:	https://reviews.freebsd.org/D4277
 2016-02-25 18:23:40 +00:00
pkelsey
7e965066ed MFV r285191: tcpdump 4.7.4. 
Also, the changes made in r272451 and r272653 that were lost in the
merge of 4.6.2 (r276788) have been restored.

PR: 199568
Differential Revision: https://reviews.freebsd.org/D3007
Reviewed by: brooks, hiren
Approved by: jmallett (mentor)
MFC after: 1 month
 2015-07-08 16:19:32 +00:00
delphij
f49c5d523a MFV r276761: tcpdump 4.6.2. 
MFC after:	1 month
 2015-01-07 19:55:18 +00:00
delphij
661b9d9441 Merge tcpdump 4.2.1. 
MFC after:	2 weeks
 2012-05-17 05:11:57 +00:00
rpaulo
1e8ad3bd80 Merge tcpdump-4.1.1. 2010-10-28 19:06:17 +00:00
rpaulo
a7b3086920 Merge tcpdump 4.0.0 from the vendor branch. 2009-03-21 18:30:25 +00:00
rpaulo
04b1d6babe Flatten vendor/tcpdump and remove keyword expansion. 2009-03-20 13:27:51 +00:00
mlaier
3b74598d7e Import of tcpdump v3.9.8 2007-10-16 02:20:42 +00:00
sam
1166f90fe8 Virgin import of tcpdump v3.9.1 (release) from tcpdump.org 
Approved by:	re (scottl)
 2005-07-11 03:54:22 +00:00
sam
88a191f109 Virgin import of tcpdump v3.9.1 (alpha 096) from tcpdump.org 2005-05-29 18:17:16 +00:00
bms
281e9d7140 Import tcpdump 3.8.3, from http://www.tcpdump.org/releases/tcpdump-3.8.3.tar.gz 2004-03-31 09:17:26 +00:00
fenner
5f76ebca43 Import tcpdump 3.7.2 (fudging for multi-DLT support) from 
http://www.tcpdump.org/release/tcpdump-3.7.2.tar.gz
 2003-03-02 08:22:26 +00:00
fenner
91fc581e38 Import tcpdump 3.7.1, from 
http://www.tcpdump.org/release/tcpdump-3.7.1.tar.gz
 2002-06-21 00:43:23 +00:00
fenner
ace14a2b50 Virgin import of tcpdump.org tcpdump v3.6.2 2001-04-03 07:45:48 +00:00
fenner
54c4a9c9f2 Virgin import of tcpdump.org tcpdump v3.5 2000-01-30 00:45:58 +00:00