[Olsr-dev] tcpdump olsr_print CVE-2014-8767

Henning Rogge (spam-protected)
Sun Feb 15 21:37:15 CET 2015

Just found the following comment:


5. Fix
The problem is fixed in the upcoming version tcpdump 4.7.0

So the fix is already there?


On Sun, Feb 15, 2015 at 9:34 PM, Henning Rogge <(spam-protected)> wrote:
> On Sun, Feb 15, 2015 at 9:19 PM, Saverio Proto <(spam-protected)> wrote:
>> Hello there,
>> http://www.gentoo.org/security/en/glsa/glsa-201502-05.xml
>> anyone here contributed to write the olsr parser in tcpdump ?
>> The olsr_print function function contains an integer underflow error
>> (CVE-2014-8767)
>> dont worry, the bug is in tcpdump, not in olsrd, but if someone here
>> has a patch, now it is time to merge it upstream to the tcpdump people
> Is there a more specific description of the problem than "integer underflow" ?
> Henning Rogge

More information about the Olsr-dev mailing list