[Olsr-dev] tcpdump olsr_print CVE-2014-8767
Saverio Proto
(spam-protected)
Sun Feb 15 21:56:19 CET 2015
Yes looks like fix is already there.
Das ist richtig ! This is perfect !
We just need to update our tcpdump
Saverio
Il 15/feb/2015 21:37 "Henning Rogge" <(spam-protected)> ha scritto:
> Just found the following comment:
>
> http://xforce.iss.net/xforce/xfdb/98765
>
>
> 5. Fix
> The problem is fixed in the upcoming version tcpdump 4.7.0
>
> So the fix is already there?
>
> Henning
>
> On Sun, Feb 15, 2015 at 9:34 PM, Henning Rogge <(spam-protected)> wrote:
> > On Sun, Feb 15, 2015 at 9:19 PM, Saverio Proto <(spam-protected)>
> wrote:
> >> Hello there,
> >>
> >> http://www.gentoo.org/security/en/glsa/glsa-201502-05.xml
> >>
> >> anyone here contributed to write the olsr parser in tcpdump ?
> >>
> >> The olsr_print function function contains an integer underflow error
> >> (CVE-2014-8767)
> >>
> >> dont worry, the bug is in tcpdump, not in olsrd, but if someone here
> >> has a patch, now it is time to merge it upstream to the tcpdump people
> >
> > Is there a more specific description of the problem than "integer
> underflow" ?
> >
> > Henning Rogge
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20150215/e4cc0963/attachment.html>
More information about the Olsr-dev
mailing list