--------------------------------------------------------------------- Fedora Legacy Update Advisory Synopsis: Updated tcpdump packages fix security issues Advisory ID: FLSA:156139 Issue date: 2006-04-04 Product: Red Hat Linux, Fedora Core Keywords: Bugfix, Security CVE Names: CVE-2005-1267, CVE-2005-1278, CVE-2005-1279, CVE-2005-1280 --------------------------------------------------------------------- --------------------------------------------------------------------- 1. Topic: Updated tcpdump packages that fix several security issues are now available. Tcpdump is a command-line tool for monitoring network traffic. 2. Relevant releases/architectures: Red Hat Linux 9 - i386 Fedora Core 1 - i386 Fedora Core 2 - i386 3. Problem description: Several denial of service bugs were found in the way tcpdump processes certain network packets. It is possible for an attacker to inject a carefully crafted packet onto the network, crashing a running tcpdump session. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1267, CVE-2005-1278, CVE-2005-1279, and CVE-2005-1280 to these issues. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue: yum update or to use apt: apt-get update; apt-get upgrade This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs for directions on how to configure yum and apt-get. 5. Bug IDs fixed: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=156139 6. RPMs required: Red Hat Linux 9: SRPM: http://download.fedoralegacy.org/redhat/9/updates/SRPMS/tcpdump-3.7.2-7.9.4.legacy.src.rpm i386: http://download.fedoralegacy.org/redhat/9/updates/i386/tcpdump-3.7.2-7.9.4.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/libpcap-0.7.2-7.9.4.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/arpwatch-2.1a11-7.9.4.legacy.i386.rpm Fedora Core 1: SRPM: http://download.fedoralegacy.org/fedora/1/updates/SRPMS/tcpdump-3.7.2-8.fc1.3.legacy.src.rpm i386: http://download.fedoralegacy.org/fedora/1/updates/i386/tcpdump-3.7.2-8.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/libpcap-0.7.2-8.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/arpwatch-2.1a11-8.fc1.3.legacy.i386.rpm Fedora Core 2: SRPM: http://download.fedoralegacy.org/fedora/2/updates/SRPMS/tcpdump-3.8.2-6.FC2.3.legacy.src.rpm i386: http://download.fedoralegacy.org/fedora/2/updates/i386/tcpdump-3.8.2-6.FC2.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/libpcap-0.8.3-6.FC2.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/arpwatch-2.1a13-6.FC2.3.legacy.i386.rpm 7. Verification: SHA1 sum Package Name --------------------------------------------------------------------- 0beccb4a6dd929174bc2d70d680a2e3c4a094391 redhat/9/updates/i386/tcpdump-3.7.2-7.9.4.legacy.i386.rpm 71e1ffc2c4dbf2a5c754630e198f17af94000e66 redhat/9/updates/i386/libpcap-0.7.2-7.9.4.legacy.i386.rpm 843a832974f531413a8e406491f6c91d09bda24d redhat/9/updates/i386/arpwatch-2.1a11-7.9.4.legacy.i386.rpm 192fa5bbebe8039f3c23b8aa26804d1c4b788412 redhat/9/updates/SRPMS/tcpdump-3.7.2-7.9.4.legacy.src.rpm 1a426b6225718dbd325fbe0c6d54f8904b710103 fedora/1/updates/i386/tcpdump-3.7.2-8.fc1.3.legacy.i386.rpm 45cffdb7d98c2eb03da004d89b776a7050ff5c40 fedora/1/updates/i386/libpcap-0.7.2-8.fc1.3.legacy.i386.rpm 75e263aa296969c873d0475cc1c0785c30ea24d6 fedora/1/updates/i386/arpwatch-2.1a11-8.fc1.3.legacy.i386.rpm 6e86c20a8af1fc607809c713d7ac00ab5e2f717c fedora/1/updates/SRPMS/tcpdump-3.7.2-8.fc1.3.legacy.src.rpm 32d0dcf31fbe12225954cc32dad45dbcb6c5f5e4 fedora/2/updates/i386/tcpdump-3.8.2-6.FC2.3.legacy.i386.rpm c84625e92600faa8566129c8229daa6c328dcee9 fedora/2/updates/i386/libpcap-0.8.3-6.FC2.3.legacy.i386.rpm dbdcbed104a6d3985a0735aab55031a3be0e1a74 fedora/2/updates/i386/arpwatch-2.1a13-6.FC2.3.legacy.i386.rpm bb98c4cd71507e4dec94da2c1c9f95ee9bbacde1 fedora/2/updates/SRPMS/tcpdump-3.8.2-6.FC2.3.legacy.src.rpm These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy.org/about/security.php You can verify each package with the following command: rpm --checksig -v <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command: sha1sum <filename> 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1280 9. Contact: The Fedora Legacy security contact is <secnotice@xxxxxxxxxxxxxxxx>. More project details at http://www.fedoralegacy.org ---------------------------------------------------------------------
Attachment:
signature.asc
Description: OpenPGP digital signature