You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa tcpreplay

Sigurnosni nedostaci programskog paketa tcpreplay

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2020-06-24 00:59:05.970381

Name : tcpreplay
Product : Fedora 32
Version : 4.3.3
Release : 1.fc32
Summary : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.

Update Information:

This release contains bug fixes only (which includes security fixes): –
Increase cache buffers size to accomodate VLAN edits (#594) – Correct L2 header
length to correct IP header offset (#583) – Fix warnings from gcc version 10
(#580) – Heap Buffer Overflow in randomize_iparp (#579) – Use after free in
get_ipv6_next (#578) – Heap Buffer Overflow in git_ipv6_next (#576) – Call
pcap_freecode() on pcap_compile() (#572) – Increase max snaplen to 262144 (#571)
– Fix divide by zero in fuzzing (#570) – Unique IP repeats at very high
iteration counts (#566) – Fails to compile on FreeBSD amd64 13.0 (#558) – Heap
Buffer Overflow in do_checksum (#556) (#577) – Attempt to correct corrupt pcap
files, if possible (#557) – Fix GCC v10 warnings (#555) – Remove some duplicated
SOURCES entries (#551) – Expand /dev/bpfX hard limit to fix macOS Mojave (#550)
– Implement –loopdelay-ms when using –loop=0 (#546) – Heap overflow
packet2tree and get_l2len (#530)

* Mon Jun 15 2020 Bojan Smojver <bojan@rexursive com> – 4.3.3-1
– bump up to 4.3.3
– CVE-2020-12740

[ 1 ] Bug #1678246 – CVE-2019-8377 tcpreplay: null pointer dereference in function get_ipv6_l4proto() in get.c [epel-all]
[ 2 ] Bug #1835343 – CVE-2020-12740 tcpreplay: Heap-based buffer over-read in function get_ipv6_next() at common/get.c [fedora-all]

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-f47830961a’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorGoran Culibrk
Cert idNCERT-REF-2020-06-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa microcode_ctl

Otkriveni su sigurnosni nedostaci u programskom paketu microcode_ctl za operacijski sustav Redhat. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija....