---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x
Advisory ID: RHSA-2001:089-08
Issue date: 2001-06-28
Updated on: 2002-02-12
Product: Red Hat Linux
Keywords: tcpdump buffer overflow
Cross references:
Obsoletes:
---------------------------------------------------------------------
1. Topic:
Updated tcpdump, libpcap, and arpwatch packages are available for Red
Hat Linux 6.2 and 7.x. These updates close vulnerabilities
present in versions of tcpdump up to 3.5.1 and various other bugs.
2. Relevant releases/architectures:
Red Hat Linux 6.2 - alpha, i386, sparc
Red Hat Linux 7.0 - alpha, i386
Red Hat Linux 7.1 - alpha, i386, ia64
Red Hat Linux 7.2 - i386, ia64
3. Problem description:
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
45520 - Remote root exploit
49294 - security problem in tcpdump-3.6.2 AFS printing
47174 - libpcap-0.4-39.i386.rpm does not contain shared library libpcap.so.0
52654 - Tcpdump get spurious packets before kernel filter kicks in
57711 - arpwatch depends on csh for no good reason
54593 - Doco change in specfile (minor)
49635 - PATCH: tcpdump to drop root by default
58346 - tcpdump.spec creates pcap user with nonexistant shell
6. RPMs required:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/tcpdump-3.6.2-10.6x.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/tcpdump-3.6.2-10.6x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/libpcap-0.6.2-10.6x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/arpwatch-2.1a11-10.6x.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/tcpdump-3.6.2-10.6x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/libpcap-0.6.2-10.6x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/arpwatch-2.1a11-10.6x.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/tcpdump-3.6.2-10.6x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/libpcap-0.6.2-10.6x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/arpwatch-2.1a11-10.6x.sparc.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/libpcap-0.6.2-10.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/libpcap-0.6.2-10.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/tcpdump-3.6.2-10.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/libpcap-0.6.2-10.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/arpwatch-2.1a11-10.7.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/tcpdump-3.6.2-10.7x.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/tcpdump-3.6.2-10.7x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/libpcap-0.6.2-10.7x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/arpwatch-2.1a11-10.7x.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/tcpdump-3.6.2-10.7x.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/libpcap-0.6.2-10.7x.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/arpwatch-2.1a11-10.7x.ia64.rpm
7. Verification:
MD5 sum Package Name
--------------------------------------------------------------------------
56393468b3c93882189220111407f3f7 6.2/en/os/SRPMS/tcpdump-3.6.2-10.6x.src.rpm
2a7bc8c33bc44112cd653deffa276ddb 6.2/en/os/alpha/arpwatch-2.1a11-10.6x.alpha.rpm
8438626e79402194be1f7e102e7aed4f 6.2/en/os/alpha/libpcap-0.6.2-10.6x.alpha.rpm
bc74cb7a9f90cf65e97a9b10cc279cc3 6.2/en/os/alpha/tcpdump-3.6.2-10.6x.alpha.rpm
9b11a1b1a4a73a2478d4b8717c860bcc 6.2/en/os/i386/arpwatch-2.1a11-10.6x.i386.rpm
a75d8ac51bff83006d89955cef92b9d5 6.2/en/os/i386/libpcap-0.6.2-10.6x.i386.rpm
fdf5f72d4fa307aafd3f79eff3924485 6.2/en/os/i386/tcpdump-3.6.2-10.6x.i386.rpm
03eca258656b8c0397588ddb7f081915 6.2/en/os/sparc/arpwatch-2.1a11-10.6x.sparc.rpm
6689626f08db5f9b437f408634057287 6.2/en/os/sparc/libpcap-0.6.2-10.6x.sparc.rpm
598314a8f72083c53ee6cea87df767f4 6.2/en/os/sparc/tcpdump-3.6.2-10.6x.sparc.rpm
f662da7a2d04059682e5e91369c27bdd 7.0/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm
1584a32f5454af549fa3894a8d9af857 7.0/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm
c5922dbfc1c0e6a4fd39b4566563c01e 7.0/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm
75a38254b6fd158af44f6864469158ba 7.0/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm
fb1f88cae5595afcd8da3f436045e8c4 7.0/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm
a718a12b3e9432b682fd56929c381100 7.0/en/os/i386/libpcap-0.6.2-10.7.i386.rpm
8330e5e715cad14f482fae2eff48c18c 7.0/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm
f662da7a2d04059682e5e91369c27bdd 7.1/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm
1584a32f5454af549fa3894a8d9af857 7.1/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm
c5922dbfc1c0e6a4fd39b4566563c01e 7.1/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm
75a38254b6fd158af44f6864469158ba 7.1/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm
fb1f88cae5595afcd8da3f436045e8c4 7.1/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm
a718a12b3e9432b682fd56929c381100 7.1/en/os/i386/libpcap-0.6.2-10.7.i386.rpm
8330e5e715cad14f482fae2eff48c18c 7.1/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm
115633171d83eb88b8e03b2289b18bb9 7.1/en/os/ia64/arpwatch-2.1a11-10.7.ia64.rpm
97a81098ffefd18a1a0d4c5b47531f30 7.1/en/os/ia64/libpcap-0.6.2-10.7.ia64.rpm
0876627b7435b5bc948e61b75e4d859c 7.1/en/os/ia64/tcpdump-3.6.2-10.7.ia64.rpm
8cc590d38b104a31da86c482702f8c52 7.2/en/os/SRPMS/tcpdump-3.6.2-10.7x.src.rpm
064982643eaa2f6a19a318e0c50f2b84 7.2/en/os/i386/arpwatch-2.1a11-10.7x.i386.rpm
a00187999381db2a22dadc1a1f1ebca9 7.2/en/os/i386/libpcap-0.6.2-10.7x.i386.rpm
b456a14d95d7fdf36f00ef0f41ebc1f4 7.2/en/os/i386/tcpdump-3.6.2-10.7x.i386.rpm
65d133820ef5bdb32baed29284c0101e 7.2/en/os/ia64/arpwatch-2.1a11-10.7x.ia64.rpm
0ac7da164d6b78e8fa62e6a43eb8cd80 7.2/en/os/ia64/libpcap-0.6.2-10.7x.ia64.rpm
a8ae32328eb4230b105e6ad5e7c01c58 7.2/en/os/ia64/tcpdump-3.6.2-10.7x.ia64.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/about/contact/pgpkey.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nogpg <filename>
8. References:
http://www.ciac.org/ciac/bulletins/l-015.shtml
Copyright(c) 2000, 2001, 2002 Red Hat, Inc.
This archive was generated by hypermail 2b30 : Tue Apr 09 2002 - 13:24:35 PDT