Re: pkg/57586: tcpdump used in this NetBSD is vulnerable

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost,thresh416%outlook.com@localhost
Subject: Re: pkg/57586: tcpdump used in this NetBSD is vulnerable
From: Benny Siegert <bsiegert%gmail.com@localhost>
Date: Thu, 17 Aug 2023 12:20:01 +0000 (UTC)

The following reply was made to PR pkg/57586; it has been noted by GNATS.

From: Benny Siegert <bsiegert%gmail.com@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost
Subject: Re: pkg/57586: tcpdump used in this NetBSD is vulnerable
Date: Thu, 17 Aug 2023 14:19:07 +0200

 On Thu, Aug 17, 2023 at 7:08=E2=80=AFAM <thresh416%outlook.com@localhost> wrote:
 
 > As CVE-2020-8037 described, the ppp decapsulator in tcpdump 4.9.3 can be =
 convinced to allocate a large amount of memory, which is still used in this=
  project.
 
 Is this talking about tcpdump in base, or about the net/tcpdump
 package in pkgsrc? The latter is at 4.99.4.
 
 --=20
 Benny

Prev by Date: Re: pkg/57586: tcpdump used in this NetBSD is vulnerable
Next by Date: pkg/57587: python311 fails to compile on Solaris 10.
Previous by Thread: Re: pkg/57586: tcpdump used in this NetBSD is vulnerable
Next by Thread: PR/57539 CVS commit: pkgsrc/graphics/tiff
Indexes:

Home | Main Index | Thread Index | Old Index