About the vulnerabilities in tcpdump and gzip.
From: Jesper Wallin (jesper_at_hackunite.net)
Date: 05/15/05
- Previous message: Drew B. [Security Researcher and Analyst].: "Re: Need some help"
- Next in thread: Simon L. Nielsen: "Re: About the vulnerabilities in tcpdump and gzip."
- Reply: Simon L. Nielsen: "Re: About the vulnerabilities in tcpdump and gzip."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 15 May 2005 22:55:44 +0200 To: freebsd-security@freebsd.org
Dear list,
About a week ago, right after 5.4-RELEASE was released, I received a
mail from Gentoo Linux's security announcement list about a flaw in
tcpdump and gzip. Since none of them are operating system related, I
assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for
the HTT security issue so I wonder, is the FreeBSD version of tcpdump
and/or gzip are secured or simply forgotten/ignored?
tcpdump references:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1279
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1280
gzip references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228
Best regards,
Jesper Wallin
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Drew B. [Security Researcher and Analyst].: "Re: Need some help"
- Next in thread: Simon L. Nielsen: "Re: About the vulnerabilities in tcpdump and gzip."
- Reply: Simon L. Nielsen: "Re: About the vulnerabilities in tcpdump and gzip."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
