From 3de4427105a078a716010f85c6ff6b79cabf938a Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Fri, 12 Feb 2021 08:05:20 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/tcpdump.git#21376c7624050148cac9e697a4bfe551e4779f58 --- .gitignore | 2 + ...getnameinfo-instead-of-gethostbyaddr.patch | 60 ++-- ...edges-before-opening-first-savefile-.patch | 2 +- 0009-Change-n-flag-to-nn-in-TESTonce.patch | 37 +- ...rinting-support-for-vsockmon-devices.patch | 318 ------------------ 0013-CVE-2020-8037.patch | 63 ---- sources | 4 +- tcpdump.spec | 11 +- 8 files changed, 56 insertions(+), 441 deletions(-) delete mode 100644 0012-Add-printing-support-for-vsockmon-devices.patch delete mode 100644 0013-CVE-2020-8037.patch diff --git a/.gitignore b/.gitignore index 2cd0b7a..0be35b3 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,5 @@ tcpdump-4.1.1.tar.gz /tcpdump-4.9.2.tar.gz /tcpdump-4.9.3.tar.gz /tcpdump-4.9.3.tar.gz.sig +/tcpdump-4.99.0.tar.gz +/tcpdump-4.99.0.tar.gz.sig diff --git a/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch b/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch index 28bce58..6aebd98 100644 --- a/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch +++ b/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch @@ -1,28 +1,26 @@ -From c48fba64fbbff9c75c79e32ab33aa65742c197d9 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 20 Oct 2014 14:12:46 +0200 -Subject: [PATCH 2/8] Use getnameinfo instead of gethostbyaddr - ---- - addrtoname.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++-- - 1 file changed, 46 insertions(+), 2 deletions(-) - diff --git a/addrtoname.c b/addrtoname.c -index 6975b71..949acb7 100644 +index 33b9378..426839c 100644 --- a/addrtoname.c +++ b/addrtoname.c -@@ -220,7 +220,6 @@ static uint32_t f_localnet; +@@ -277,7 +277,6 @@ extern cap_channel_t *capdns; const char * - getname(netdissect_options *ndo, const u_char *ap) + ipaddr_string(netdissect_options *ndo, const u_char *ap) { -- register struct hostent *hp; +- struct hostent *hp; uint32_t addr; struct hnamemem *p; -@@ -242,6 +241,28 @@ getname(netdissect_options *ndo, const u_char *ap) +@@ -299,13 +298,29 @@ ipaddr_string(netdissect_options *ndo, const u_char *ap) */ if (!ndo->ndo_nflag && (addr & f_netmask) == f_localnet) { +-#ifdef HAVE_CASPER +- if (capdns != NULL) { +- hp = cap_gethostbyaddr(capdns, (char *)&addr, 4, +- AF_INET); +- } else +-#endif +- hp = gethostbyaddr((char *)&addr, 4, AF_INET); +#ifdef HAVE_GETNAMEINFO + struct sockaddr_in sa; + char hbuf[NI_MAXHOST]; @@ -44,11 +42,12 @@ index 6975b71..949acb7 100644 + return p->name; + } +#else -+ register struct hostent *hp; - hp = gethostbyaddr((char *)&addr, 4, AF_INET); ++ struct hostent *hp; ++ hp = gethostbyaddr((char *)&addr, 4, AF_INET); if (hp) { char *dotp; -@@ -258,6 +279,7 @@ getname(netdissect_options *ndo, const u_char *ap) + +@@ -321,6 +336,7 @@ ipaddr_string(netdissect_options *ndo, const u_char *ap) } return (p->name); } @@ -56,18 +55,25 @@ index 6975b71..949acb7 100644 } p->name = strdup(intoa(addr)); if (p->name == NULL) -@@ -272,7 +294,6 @@ getname(netdissect_options *ndo, const u_char *ap) +@@ -336,7 +352,6 @@ ipaddr_string(netdissect_options *ndo, const u_char *ap) const char * - getname6(netdissect_options *ndo, const u_char *ap) + ip6addr_string(netdissect_options *ndo, const u_char *ap) { -- register struct hostent *hp; +- struct hostent *hp; union { - struct in6_addr addr; + nd_ipv6 addr; struct for_hash_addr { -@@ -297,6 +318,28 @@ getname6(netdissect_options *ndo, const u_char *ap) +@@ -361,13 +376,29 @@ ip6addr_string(netdissect_options *ndo, const u_char *ap) * Do not print names if -n was given. */ if (!ndo->ndo_nflag) { +-#ifdef HAVE_CASPER +- if (capdns != NULL) { +- hp = cap_gethostbyaddr(capdns, (char *)&addr, +- sizeof(addr), AF_INET6); +- } else +-#endif +- hp = gethostbyaddr((char *)&addr, sizeof(addr), +#ifdef HAVE_GETNAMEINFO + struct sockaddr_in6 sa; + char hbuf[NI_MAXHOST]; @@ -89,11 +95,12 @@ index 6975b71..949acb7 100644 + return p->name; + } +#else -+ register struct hostent *hp; - hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6); ++ struct hostent *hp; ++ hp = gethostbyaddr((char *)&addr, sizeof(addr), + AF_INET6); if (hp) { char *dotp; -@@ -313,6 +356,7 @@ getname6(netdissect_options *ndo, const u_char *ap) +@@ -384,6 +415,7 @@ ip6addr_string(netdissect_options *ndo, const u_char *ap) } return (p->name); } @@ -101,6 +108,3 @@ index 6975b71..949acb7 100644 } cp = addrtostr6(ap, ntop_buf, sizeof(ntop_buf)); p->name = strdup(cp); --- -2.9.3 - diff --git a/0003-Drop-root-priviledges-before-opening-first-savefile-.patch b/0003-Drop-root-priviledges-before-opening-first-savefile-.patch index a5309e2..685a86d 100644 --- a/0003-Drop-root-priviledges-before-opening-first-savefile-.patch +++ b/0003-Drop-root-priviledges-before-opening-first-savefile-.patch @@ -80,7 +80,7 @@ index 73bf138..29f7f87 100644 @@ -1881,6 +1895,22 @@ main(int argc, char **argv) MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0); - p = pcap_dump_open(pd, dumpinfo.CurrentFileName); + pdd = pcap_dump_open(pd, dumpinfo.CurrentFileName); + + /* Change ownership of file and drop root privileges */ + if (chown_flag) { diff --git a/0009-Change-n-flag-to-nn-in-TESTonce.patch b/0009-Change-n-flag-to-nn-in-TESTonce.patch index d106be3..659b7d1 100644 --- a/0009-Change-n-flag-to-nn-in-TESTonce.patch +++ b/0009-Change-n-flag-to-nn-in-TESTonce.patch @@ -1,24 +1,13 @@ -From 04e23aa3f91ff137237daf68f02e7b3c0c1a9168 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 11 Apr 2017 09:19:48 +0200 -Subject: [PATCH 09/13] Change -n flag to -nn in TESTonce - -We need to change this because we have a different meaning of -n -flag than upstream does. We use -nn in those cases. ---- - tests/TESTonce | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/TESTonce b/tests/TESTonce -index 425abaa..81283d9 100755 ---- a/tests/TESTonce -+++ b/tests/TESTonce -@@ -43,7 +43,7 @@ if ($^O eq 'MSWin32') { - else { - # we used to do this as a nice pipeline, but the problem is that $r fails to - # to be set properly if the tcpdump core dumps. -- $cmd = "$TCPDUMP 2>${rawstderrlog} -t -n -r $input $options >tests/NEW/${outputbase}"; -+ $cmd = "$TCPDUMP 2>${rawstderrlog} -t -nn -r $input $options >tests/NEW/${outputbase}"; - print "CMD: $cmd\n" if $debug; - $r = system $cmd; - if($r == -1) { +diff --git a/tests/TESTrun b/tests/TESTrun +index b423627..aa3c97d 100755 +--- a/tests/TESTrun ++++ b/tests/TESTrun +@@ -102,7 +102,7 @@ sub runtest { + # + # Furthermore, on Windows, fc can't read the standard input, so we + # can't do it as a pipeline in any case. +- $r = system "$TCPDUMP -# -n -r $input $options >tests/NEW/${outputbase} 2>${rawstderrlog}"; ++ $r = system "$TCPDUMP -# -nn -r $input $options >tests/NEW/${outputbase} 2>${rawstderrlog}"; + if($r != 0) { + # + # Something other than "tcpdump opened the file, read it, and diff --git a/0012-Add-printing-support-for-vsockmon-devices.patch b/0012-Add-printing-support-for-vsockmon-devices.patch deleted file mode 100644 index 0808c3e..0000000 --- a/0012-Add-printing-support-for-vsockmon-devices.patch +++ /dev/null @@ -1,318 +0,0 @@ -From 66a5b93dee386bc2f57033a150341752923b8b41 Mon Sep 17 00:00:00 2001 -From: Gerard Garcia -Date: Tue, 14 Jun 2016 16:45:44 +0200 -Subject: [PATCH 13/13] Add printing support for vsockmon devices. - -Print Linux 4.12 vsockmon captures: - - # modprobe vsockmon - # ip link add type vsockmon - # ip link set vsockmon0 up - # tcpdump -i vsockmon0 - 16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76 - 16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76 - 16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82 - 16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76 - 16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76 - 16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76 - -For more information about vsock see: -http://wiki.qemu.org/Features/VirtioVsock ---- - Makefile.in | 1 + - netdissect.h | 1 + - print-vsock.c | 243 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - print.c | 3 + - 4 files changed, 248 insertions(+) - create mode 100644 print-vsock.c - -diff --git a/Makefile.in b/Makefile.in -index 0941f0e..a301878 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -226,6 +226,7 @@ LIBNETDISSECT_SRC=\ - print-vjc.c \ - print-vqp.c \ - print-vrrp.c \ -+ print-vsock.c \ - print-vtp.c \ - print-vxlan.c \ - print-vxlan-gpe.c \ -diff --git a/netdissect.h b/netdissect.h -index 089b040..c89fcf1 100644 ---- a/netdissect.h -+++ b/netdissect.h -@@ -444,6 +444,7 @@ extern u_int symantec_if_print IF_PRINTER_ARGS; - extern u_int token_if_print IF_PRINTER_ARGS; - extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS; - extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS; -+extern u_int vsock_print IF_PRINTER_ARGS; - - /* - * Structure passed to some printers to allow them to print -diff --git a/print-vsock.c b/print-vsock.c -new file mode 100644 -index 0000000..fc5694d ---- /dev/null -+++ b/print-vsock.c -@@ -0,0 +1,243 @@ -+/* -+ * Copyright (c) 2016 Gerard Garcia -+ * Copyright (c) 2017 Red Hat, Inc. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * 3. The names of the authors may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -+ */ -+ -+/* \summary: Linux vsock printer */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include -+ -+#include "netdissect.h" -+#include "extract.h" -+ -+static const char tstr[] = " [|vsock]"; -+ -+enum af_vsockmon_transport { -+ AF_VSOCK_TRANSPORT_UNKNOWN = 0, -+ AF_VSOCK_TRANSPORT_NO_INFO = 1, /* No transport information */ -+ AF_VSOCK_TRANSPORT_VIRTIO = 2, /* Virtio transport header */ -+}; -+ -+static const struct tok vsock_transport[] = { -+ {AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"}, -+ {AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"}, -+ {AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"}, -+ { 0, NULL } -+}; -+ -+enum af_vsockmon_op { -+ AF_VSOCK_OP_UNKNOWN = 0, -+ AF_VSOCK_OP_CONNECT = 1, -+ AF_VSOCK_OP_DISCONNECT = 2, -+ AF_VSOCK_OP_CONTROL = 3, -+ AF_VSOCK_OP_PAYLOAD = 4, -+}; -+ -+static const struct tok vsock_op[] = { -+ {AF_VSOCK_OP_UNKNOWN, "UNKNOWN"}, -+ {AF_VSOCK_OP_CONNECT, "CONNECT"}, -+ {AF_VSOCK_OP_DISCONNECT, "DISCONNECT"}, -+ {AF_VSOCK_OP_CONTROL, "CONTROL"}, -+ {AF_VSOCK_OP_PAYLOAD, "PAYLOAD"}, -+ { 0, NULL } -+}; -+ -+enum virtio_vsock_type { -+ VIRTIO_VSOCK_TYPE_STREAM = 1, -+}; -+ -+static const struct tok virtio_type[] = { -+ {VIRTIO_VSOCK_TYPE_STREAM, "STREAM"}, -+ { 0, NULL } -+}; -+ -+enum virtio_vsock_op { -+ VIRTIO_VSOCK_OP_INVALID = 0, -+ VIRTIO_VSOCK_OP_REQUEST = 1, -+ VIRTIO_VSOCK_OP_RESPONSE = 2, -+ VIRTIO_VSOCK_OP_RST = 3, -+ VIRTIO_VSOCK_OP_SHUTDOWN = 4, -+ VIRTIO_VSOCK_OP_RW = 5, -+ VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6, -+ VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7, -+}; -+ -+static const struct tok virtio_op[] = { -+ {VIRTIO_VSOCK_OP_INVALID, "INVALID"}, -+ {VIRTIO_VSOCK_OP_REQUEST, "REQUEST"}, -+ {VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"}, -+ {VIRTIO_VSOCK_OP_RST, "RST"}, -+ {VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"}, -+ {VIRTIO_VSOCK_OP_RW, "RW"}, -+ {VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"}, -+ {VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"}, -+ { 0, NULL } -+}; -+ -+/* All fields are little-endian */ -+ -+struct virtio_vsock_hdr { -+ uint64_t src_cid; -+ uint64_t dst_cid; -+ uint32_t src_port; -+ uint32_t dst_port; -+ uint32_t len; -+ uint16_t type; /* enum virtio_vsock_type */ -+ uint16_t op; /* enum virtio_vsock_op */ -+ uint32_t flags; -+ uint32_t buf_alloc; -+ uint32_t fwd_cnt; -+} UNALIGNED; -+ -+struct af_vsockmon_hdr { -+ uint64_t src_cid; -+ uint64_t dst_cid; -+ uint32_t src_port; -+ uint32_t dst_port; -+ uint16_t op; /* enum af_vsockmon_op */ -+ uint16_t transport; /* enum af_vosckmon_transport */ -+ uint16_t len; /* size of transport header */ -+ uint8_t reserved[2]; -+}; -+ -+static void -+vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr) -+{ -+ uint16_t u16_v; -+ uint32_t u32_v; -+ -+ u32_v = EXTRACT_LE_32BITS(&hdr->len); -+ ND_PRINT((ndo, "len %u", u32_v)); -+ -+ u16_v = EXTRACT_LE_16BITS(&hdr->type); -+ ND_PRINT((ndo, ", type %s", -+ tok2str(virtio_type, "Invalid type (%hu)", u16_v))); -+ -+ u16_v = EXTRACT_LE_16BITS(&hdr->op); -+ ND_PRINT((ndo, ", op %s", -+ tok2str(virtio_op, "Invalid op (%hu)", u16_v))); -+ -+ u32_v = EXTRACT_LE_32BITS(&hdr->flags); -+ ND_PRINT((ndo, ", flags %x", u32_v)); -+ -+ u32_v = EXTRACT_LE_32BITS(&hdr->buf_alloc); -+ ND_PRINT((ndo, ", buf_alloc %u", u32_v)); -+ -+ u32_v = EXTRACT_LE_32BITS(&hdr->fwd_cnt); -+ ND_PRINT((ndo, ", fwd_cnt %u", u32_v)); -+} -+ -+static size_t -+vsock_transport_hdr_size(uint16_t transport) -+{ -+ switch (transport) { -+ case AF_VSOCK_TRANSPORT_VIRTIO: -+ return sizeof(struct virtio_vsock_hdr); -+ default: -+ return 0; -+ } -+} -+ -+static void -+vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport, -+ const u_char *p, const u_int len) -+{ -+ size_t transport_size = vsock_transport_hdr_size(transport); -+ const void *hdr; -+ -+ if (len < sizeof(struct af_vsockmon_hdr) + transport_size) -+ return; -+ -+ hdr = p + sizeof(struct af_vsockmon_hdr); -+ switch (transport) { -+ case AF_VSOCK_TRANSPORT_VIRTIO: -+ ND_PRINT((ndo, " (")); -+ vsock_virtio_hdr_print(ndo, hdr); -+ ND_PRINT((ndo, ")")); -+ break; -+ default: -+ break; -+ } -+} -+ -+static void -+vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int len) -+{ -+ uint16_t hdr_transport, hdr_op; -+ uint32_t hdr_src_port, hdr_dst_port; -+ uint64_t hdr_src_cid, hdr_dst_cid; -+ size_t total_hdr_size; -+ -+ const struct af_vsockmon_hdr *hdr = (struct af_vsockmon_hdr *)p; -+ -+ hdr_transport = EXTRACT_LE_16BITS(&hdr->transport); -+ ND_PRINT((ndo, "%s", -+ tok2str(vsock_transport, "Invalid transport (%u)", -+ hdr_transport))); -+ -+ /* If verbose level is more than 0 print transport details */ -+ if (ndo->ndo_vflag) { -+ vsock_transport_hdr_print(ndo, hdr_transport, p, len); -+ ND_PRINT((ndo, "\n\t")); -+ } else -+ ND_PRINT((ndo, " ")); -+ -+ hdr_src_cid = EXTRACT_LE_64BITS(&hdr->src_cid); -+ hdr_dst_cid = EXTRACT_LE_64BITS(&hdr->dst_cid); -+ hdr_src_port = EXTRACT_LE_32BITS(&hdr->src_port); -+ hdr_dst_port = EXTRACT_LE_32BITS(&hdr->dst_port); -+ hdr_op = EXTRACT_LE_16BITS(&hdr->op); -+ ND_PRINT((ndo, "%lu.%hu > %lu.%hu %s, length %u", -+ hdr_src_cid, hdr_src_port, -+ hdr_dst_cid, hdr_dst_port, -+ tok2str(vsock_op, " invalid op (%u)", hdr_op), -+ len)); -+ -+ /* If debug level is more than 1 print payload contents */ -+ total_hdr_size = sizeof(struct af_vsockmon_hdr) + -+ vsock_transport_hdr_size(hdr_transport); -+ if (ndo->ndo_vflag > 1 && -+ hdr_op == AF_VSOCK_OP_PAYLOAD && -+ len > total_hdr_size) { -+ const u_char *payload = p + total_hdr_size; -+ -+ ND_PRINT((ndo, "\n")); -+ print_unknown_data(ndo, payload, "\t", len - total_hdr_size); -+ } -+} -+ -+u_int -+vsock_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *cp) -+{ -+ u_int len = h->len; -+ -+ if (len < sizeof(struct af_vsockmon_hdr)) -+ ND_PRINT((ndo, "%s", tstr)); -+ else -+ vsock_hdr_print(ndo, cp, len); -+ -+ return len; -+} -diff --git a/print.c b/print.c -index c76f344..1945cfd 100644 ---- a/print.c -+++ b/print.c -@@ -220,6 +220,9 @@ static const struct printer printers[] = { - #ifdef DLT_PPP_SERIAL - { ppp_hdlc_if_print, DLT_PPP_SERIAL }, - #endif -+#ifdef DLT_VSOCK -+ { vsock_print, DLT_VSOCK }, -+#endif - { NULL, 0 }, - }; - --- -2.13.5 - diff --git a/0013-CVE-2020-8037.patch b/0013-CVE-2020-8037.patch deleted file mode 100644 index 2852845..0000000 --- a/0013-CVE-2020-8037.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 32027e199368dad9508965aae8cd8de5b6ab5231 Mon Sep 17 00:00:00 2001 -From: Guy Harris -Date: Sat, 18 Apr 2020 14:04:59 -0700 -Subject: [PATCH] PPP: When un-escaping, don't allocate a too-large buffer. - -The buffer should be big enough to hold the captured data, but it -doesn't need to be big enough to hold the entire on-the-network packet, -if we haven't captured all of it. - -(backported from commit e4add0b010ed6f2180dcb05a13026242ed935334) ---- - print-ppp.c | 18 ++++++++++++++---- - 1 file changed, 14 insertions(+), 4 deletions(-) - -diff --git a/print-ppp.c b/print-ppp.c -index 891761728..33fb03412 100644 ---- a/print-ppp.c -+++ b/print-ppp.c -@@ -1367,19 +1367,29 @@ print_bacp_config_options(netdissect_options *ndo, - return 0; - } - -+/* -+ * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes. -+ * The length argument is the on-the-wire length, not the captured -+ * length; we can only un-escape the captured part. -+ */ - static void - ppp_hdlc(netdissect_options *ndo, - const u_char *p, int length) - { -+ u_int caplen = ndo->ndo_snapend - p; - u_char *b, *t, c; - const u_char *s; -- int i, proto; -+ u_int i; -+ int proto; - const void *se; - -+ if (caplen == 0) -+ return; -+ - if (length <= 0) - return; - -- b = (u_char *)malloc(length); -+ b = (u_char *)malloc(caplen); - if (b == NULL) - return; - -@@ -1388,10 +1398,10 @@ ppp_hdlc(netdissect_options *ndo, - * Do this so that we dont overwrite the original packet - * contents. - */ -- for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) { -+ for (s = p, t = b, i = caplen; i != 0; i--) { - c = *s++; - if (c == 0x7d) { -- if (i <= 1 || !ND_TTEST(*s)) -+ if (i <= 1) - break; - i--; - c = *s++ ^ 0x20; diff --git a/sources b/sources index ac3cf6f..e266f65 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ +SHA512 (tcpdump-4.99.0.tar.gz) = 03a434ec41c0026f237bc1e7a928b7ce67dbc342a8d982caded93d987bd356faf706a9d884231bd94f5e2a8580499fe95a28728e37a6672e371a1501ec5d6f79 +SHA512 (tcpdump-4.99.0.tar.gz.sig) = 545770f09bec2f4ab3e723ab8582f1256eb0cb774ac2f329de17a45ee8256faea49469b796e17250d10c0455b305d39283c9b1d8b3c5a06c47a0d8088c874803 SHA512 (tcpslice-1.2a3.tar.gz) = 04e12d592807022c78eb4941580ed103995680c69af885bb8f13828a12ec570f7fe93c34c1b20a01d3d99f445d5da17a1fcfbe25b2e3b41abe28304c034654c5 -SHA512 (tcpdump-4.9.3.tar.gz) = 22354dbbf6ab3f7519035b41702a8dc93472dc808e88e76414a06dd69eca822e3d6b94ec608cfeffe25572125757824e97e6a4a7ec81d45e990429e8faf774cb -SHA512 (tcpdump-4.9.3.tar.gz.sig) = b8b189a522b924c717c30f09a9d60ede76cfbb0ffc6cd185fec1887230d06117663b6f55e7489c0e34b744a89e05e78509ca8a1551a94f6e091cbafc643b0c8c diff --git a/tcpdump.spec b/tcpdump.spec index 4bf0b95..586bcdc 100644 --- a/tcpdump.spec +++ b/tcpdump.spec @@ -1,8 +1,8 @@ Summary: A network traffic monitoring tool Name: tcpdump Epoch: 14 -Version: 4.9.3 -Release: 7%{?dist} +Version: 4.99.0 +Release: 1%{?dist} License: BSD with advertising URL: http://www.tcpdump.org Requires(pre): shadow-utils @@ -20,9 +20,7 @@ Patch0005: 0005-tcpslice-remove-unneeded-include.patch Patch0006: 0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch Patch0007: 0007-Introduce-nn-option.patch Patch0009: 0009-Change-n-flag-to-nn-in-TESTonce.patch -Patch0011: 0011-Evp-cipher-buffers.patch -Patch0012: 0012-Add-printing-support-for-vsockmon-devices.patch -Patch0013: 0013-CVE-2020-8037.patch +#Patch0011: 0011-Evp-cipher-buffers.patch %define tcpslice_dir tcpslice-1.2a3 @@ -87,6 +85,9 @@ exit 0 %{_mandir}/man8/tcpdump.8* %changelog +* Fri Feb 12 2021 Michal Ruprich - 14:4.99.0-1 +- New version 4.99.0 + * Wed Jan 27 2021 Fedora Release Engineering - 14:4.9.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild