[Olsr-dev] tcpdump olsr_print CVE-2014-8767
Sun Feb 15 21:56:19 CET 2015
Yes looks like fix is already there.
Das ist richtig ! This is perfect !
We just need to update our tcpdump
Il 15/feb/2015 21:37 "Henning Rogge" <(spam-protected)> ha scritto:
> Just found the following comment:
> 5. Fix
> The problem is fixed in the upcoming version tcpdump 4.7.0
> So the fix is already there?
> On Sun, Feb 15, 2015 at 9:34 PM, Henning Rogge <(spam-protected)> wrote:
> > On Sun, Feb 15, 2015 at 9:19 PM, Saverio Proto <(spam-protected)>
> >> Hello there,
> >> http://www.gentoo.org/security/en/glsa/glsa-201502-05.xml
> >> anyone here contributed to write the olsr parser in tcpdump ?
> >> The olsr_print function function contains an integer underflow error
> >> (CVE-2014-8767)
> >> dont worry, the bug is in tcpdump, not in olsrd, but if someone here
> >> has a patch, now it is time to merge it upstream to the tcpdump people
> > Is there a more specific description of the problem than "integer
> underflow" ?
> > Henning Rogge
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Olsr-dev