diff options
author | Peiran Hong <peiran.hong@windriver.com> | 2019-10-07 09:43:40 -0400 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2019-10-19 08:23:16 -0700 |
commit | fea53271d1fcd482ed1003e40f2cf5573cdb37a3 (patch) | |
tree | 86522abfaf62d1904ffdc222badbc05be7a08415 /meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch | |
parent | b71e3bb1db813bf4bfdf45492ed5f69b643d9587 (diff) | |
download | meta-openembedded-fea53271d1fcd482ed1003e40f2cf5573cdb37a3.tar.gz |
tcpdump: upgrade 4.9.2 -> 4.9.3
This upgrade adds some new features and fixes numerous bugs including
the following CVEs:
CVE: CVE-2017-16808 (AoE)
CVE: CVE-2018-14468 (FrameRelay)
CVE: CVE-2018-14469 (IKEv1)
CVE: CVE-2018-14470 (BABEL)
CVE: CVE-2018-14466 (AFS/RX)
CVE: CVE-2018-14461 (LDP)
CVE: CVE-2018-14462 (ICMP)
CVE: CVE-2018-14465 (RSVP)
CVE: CVE-2018-14881 (BGP)
CVE: CVE-2018-14464 (LMP)
CVE: CVE-2018-14463 (VRRP)
CVE: CVE-2018-14467 (BGP)
CVE: CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE: CVE-2018-10105 (SMB - too unreliably reproduced,
SMB printing disabled)
CVE: CVE-2018-14880 (OSPF6)
CVE: CVE-2018-16451 (SMB)
CVE: CVE-2018-14882 (RPL)
CVE: CVE-2018-16227 (802.11)
CVE: CVE-2018-16229 (DCCP)
CVE: CVE-2018-16301 (was fixed in libpcap)
CVE: CVE-2018-16230 (BGP)
CVE: CVE-2018-16452 (SMB)
CVE: CVE-2018-16300 (BGP)
CVE: CVE-2018-16228 (HNCP)
CVE: CVE-2019-15166 (LMP)
CVE: CVE-2019-15167 (VRRP)
CVE: CVE-2018-14879 (tcpdump -V)
Deleted patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch"
since the fix is included in the upgrade.
Modified patches "avoid-absolute-path-when-searching-for-libdlpi.patch",
"unnecessary-to-check-libpcap.patch", and "add-ptest.path" since
the upgrade renamed configure.in to configure.ac and made changes
to the file.
Added PACKAGECONFIG for smb. It is disabled by default in
the upgraded version in both the package's configure script and this
bitbake recipe since it is insecure.
Modified the parsing of ptest result to align with the new output
format.
With core-image-minimal on qemux86-64/kvm:
Recipe | Passed | Failed | Skipped | Time(s)
Before | 408 | 0 | 2 | 4
After | 431 | 11 | 2 | 10
11 test failed after the upgrade since libpcap is not upgraded
alongside with tcpdump.
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 71535e2f0ea76d39d2911e022905ec8ee9843872)
[Upgrade is a resonable path do to the # of patches needed to address
all this issues]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch')
-rw-r--r-- | meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch b/meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch index 69d68baac..8793bf7a3 100644 --- a/meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch +++ b/meta-networking/recipes-support/tcpdump/tcpdump/unnecessary-to-check-libpcap.patch | |||
@@ -15,15 +15,16 @@ Upstream-Status: Inappropriate [OE specific] | |||
15 | 15 | ||
16 | Signed-off-by: Roy Li <rongqing.li@windriver.com> | 16 | Signed-off-by: Roy Li <rongqing.li@windriver.com> |
17 | Signed-off-by: Andre McCurdy <armccurdy@gmail.com> | 17 | Signed-off-by: Andre McCurdy <armccurdy@gmail.com> |
18 | Signed-off-by: Peiran Hong <peiran.hong@windriver.com> | ||
18 | --- | 19 | --- |
19 | configure.in | 4 +++- | 20 | configure.ac | 4 +++- |
20 | 1 file changed, 3 insertions(+), 1 deletion(-) | 21 | 1 file changed, 3 insertions(+), 1 deletion(-) |
21 | 22 | ||
22 | diff --git a/configure.in b/configure.in | 23 | diff --git a/configure.ac b/configure.ac |
23 | index b2305a5..c882909 100644 | 24 | index 56e2a624..3401a7a3 100644 |
24 | --- a/configure.in | 25 | --- a/configure.ac |
25 | +++ b/configure.in | 26 | +++ b/configure.ac |
26 | @@ -418,7 +418,9 @@ dnl Some platforms may need -lnsl for getrpcbynumber. | 27 | @@ -404,7 +404,9 @@ dnl Some platforms may need -lnsl for getrpcbynumber. |
27 | AC_SEARCH_LIBS(getrpcbynumber, nsl, | 28 | AC_SEARCH_LIBS(getrpcbynumber, nsl, |
28 | AC_DEFINE(HAVE_GETRPCBYNUMBER, 1, [define if you have getrpcbynumber()])) | 29 | AC_DEFINE(HAVE_GETRPCBYNUMBER, 1, [define if you have getrpcbynumber()])) |
29 | 30 | ||
@@ -35,5 +36,5 @@ index b2305a5..c882909 100644 | |||
35 | # | 36 | # |
36 | # Check for these after AC_LBL_LIBPCAP, so we link with the appropriate | 37 | # Check for these after AC_LBL_LIBPCAP, so we link with the appropriate |
37 | -- | 38 | -- |
38 | 1.9.1 | 39 | 2.17.1 |
39 | 40 | ||