aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/tcpdump
Commit message (Collapse)AuthorAgeFilesLines
* tcpdump: explicitly disable libcap-ng supportStijn Tintel2018-07-301-0/+1
| | | | | | | | When libcap-ng is detected during build, support for it is enabled. This will cause a build failure due to a missing dependency. Explicitly disable libcap-ng support to avoid this. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-171-0/+1
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* tcpdump: noop commit to refer CVEs fixed in 4.9.2Stijn Tintel2017-09-181-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When bumping tcpdump from 4.9.1 to 4.9.2, I did not include the fixed CVEs in the commit message. As the list of fixed CVEs is quite long, we should probably mention them in the changelogs of the releases to come. This commit will make sure this happens. The following CVEs were fixed in 21014d9708d586becbd62da571effadb488da9fc: CVE-2017-11541 CVE-2017-11541 CVE-2017-11542 CVE-2017-11542 CVE-2017-11543 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tcpdump: bump to 4.9.2Stijn Tintel2017-09-112-37/+41
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tcpdump: Update to 4.9.1Daniel Engberg2017-07-281-2/+2
| | | | | | | | | Update tcpdump to 4.9.1 Fixes: * CVE-2017-11108: Fix bounds checking for STP. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* utils/tcpdump: Rework URLsDaniel Engberg2017-03-221-2/+2
| | | | | | | Add actual mirror and use main site as last resport Source: http://www.tcpdump.org/mirrors.html Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* tcpdump: fix tcpdump-mini build on glibc 2.25Felix Fietkau2017-02-111-30/+7
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tcpdump: update to version 4.9.0Hauke Mehrtens2017-02-064-81/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following 41 security problems: + CVE-2016-7922: buffer overflow in print-ah.c:ah_print(). + CVE-2016-7923: buffer overflow in print-arp.c:arp_print(). + CVE-2016-7924: buffer overflow in print-atm.c:oam_print(). + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print(). + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print(). + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print(). + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print(). + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header(). + CVE-2016-7930: buffer overflow in print-llc.c:llc_print(). + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print(). + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum(). + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print(). + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print(). + CVE-2016-7936: buffer overflow in print-udp.c:udp_print(). + CVE-2016-7937: buffer overflow in print-udp.c:vat_print(). + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame(). + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions. + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions. + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions. + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions. + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print(). + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print(). + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print(). + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print(). + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions. + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print(). + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print(). + CVE-2016-8575: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print(). + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print(). + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print(). + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print(). + CVE-2017-5341: buffer overflow in print-otv.c:otv_print(). + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). + CVE-2017-5482: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse(). + CVE-2017-5484: buffer overflow in print-atm.c:sig_print(). + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap(). + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print(). The size of the package is only incread very little: new size: 306430 tcpdump_4.9.0-1_mips_24kc.ipk 130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk old size: 302782 tcpdump_4.8.1-1_mips_24kc.ipk 129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tcpdump: reduce size of -mini by removing more infrequently used protocolsFelix Fietkau2016-12-121-23/+25
| | | | | | | | | | | This removes: - BGP - CDP - SCTP MIPS binary .ipk size is reduced from ~150k to ~130k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* net/utils/tcpdump: update to 4.8.1p-wassi2016-12-124-576/+700
| | | | | | Update tcpdump to upstream release 4.8.1 Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* license info - revert r43155John Crispin2014-11-031-3/+0
| | | | | | | | turns out that r43155 adds duplicate info. Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 43167
* Add more license tags with SPDX identifiersJohn Crispin2014-11-031-0/+3
| | | | | | | | | | | | | | | | | | Note, that licensing stuff is a nightmare: many packages does not clearly state their licenses, and often multiple source files are simply copied together - each with different licensing information in the file headers. I tried hard to ensure, that the license information extracted into the OpenWRT's makefiles fit the "spirit" of the packages, e.g. such small packages which come without a dedicated source archive "inherites" the OpenWRT's own license in my opinion. However, I can not garantee that I always picked the correct information and/or did not miss license information. Signed-off-by: Michael Heimpold <mhei@heimpold.de> SVN-Revision: 43155
* Add a few SPDX tagsSteven Barth2014-11-021-0/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43151
* tcpdump: update to current upstream version 4.5.1Felix Fietkau2014-02-055-115/+164
| | | | | | | | | | -size_of(old tcpdump-mini 4.2.1) = 145245 Byte -size_of(new tcpdump-mini 4.5.1) = 149416 Byte => ~4.2 KByte increase Signed-off-by: Thomas Huehn <thomas@net.t-labs.tu-berlin.de> SVN-Revision: 39474
* tcpdump: add SLL parsing support to tcpdump-mini, use -ffunction-sections, ↵Felix Fietkau2013-01-222-52/+70
| | | | | | -fdata-sections and --gc-sections to reduce size SVN-Revision: 35288
* tcpdump: move to trunk and add myself as maintainerFelix Fietkau2012-10-105-0/+962
SVN-Revision: 33690