aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
diff options
context:
space:
mode:
authorWenzong Fan <wenzong.fan@windriver.com>2017-09-12 20:10:57 -0700
committerJoe MacDonald <joe_macdonald@mentor.com>2017-09-22 10:30:22 -0400
commit4d48b6dfd7ad22f512ca6270ff8f12d4f89a503a (patch)
treee16d13814c7d19a0e68736d987ace1917cad119f /meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
parentb04b5519c137c733a03e4275831ace118929de96 (diff)
downloadmeta-openembedded-4d48b6dfd7ad22f512ca6270ff8f12d4f89a503a.tar.gz
meta-openembedded-4d48b6dfd7ad22f512ca6270ff8f12d4f89a503a.tar.bz2
meta-openembedded-4d48b6dfd7ad22f512ca6270ff8f12d4f89a503a.zip
tcpdump: update to 4.9.2 to fix CVEs
Refer to http://www.tcpdump.org/tcpdump-changes.txt: Fix buffer overflow vulnerabilities: CVE-2017-11543 (SLIP) CVE-2017-13011 (bittok2str_internal) Fix infinite loop vulnerabilities: CVE-2017-12989 (RESP) CVE-2017-12990 (ISAKMP) CVE-2017-12995 (DNS) CVE-2017-12997 (LLDP) Fix buffer over-read vulnerabilities: CVE-2017-11541 (safeputs) CVE-2017-11542 (PIMv1) CVE-2017-12893 (SMB/CIFS) CVE-2017-12894 (lookup_bytestring) CVE-2017-12895 (ICMP) CVE-2017-12896 (ISAKMP) CVE-2017-12897 (ISO CLNS) CVE-2017-12898 (NFS) CVE-2017-12899 (DECnet) CVE-2017-12900 (tok2strbuf) CVE-2017-12901 (EIGRP) CVE-2017-12902 (Zephyr) CVE-2017-12985 (IPv6) CVE-2017-12986 (IPv6 routing headers) CVE-2017-12987 (IEEE 802.11) CVE-2017-12988 (telnet) CVE-2017-12991 (BGP) CVE-2017-12992 (RIPng) CVE-2017-12993 (Juniper) CVE-2017-11542 (PIMv1) CVE-2017-11541 (safeputs) CVE-2017-12994 (BGP) CVE-2017-12996 (PIMv2) CVE-2017-12998 (ISO IS-IS) CVE-2017-12999 (ISO IS-IS) CVE-2017-13000 (IEEE 802.15.4) CVE-2017-13001 (NFS) CVE-2017-13002 (AODV) CVE-2017-13003 (LMP) CVE-2017-13004 (Juniper) CVE-2017-13005 (NFS) CVE-2017-13006 (L2TP) CVE-2017-13007 (Apple PKTAP) CVE-2017-13008 (IEEE 802.11) CVE-2017-13009 (IPv6 mobility) CVE-2017-13010 (BEEP) CVE-2017-13012 (ICMP) CVE-2017-13013 (ARP) CVE-2017-13014 (White Board) CVE-2017-13015 (EAP) CVE-2017-11543 (SLIP) CVE-2017-13016 (ISO ES-IS) CVE-2017-13017 (DHCPv6) CVE-2017-13018 (PGM) CVE-2017-13019 (PGM) CVE-2017-13020 (VTP) CVE-2017-13021 (ICMPv6) CVE-2017-13022 (IP) CVE-2017-13023 (IPv6 mobility) CVE-2017-13024 (IPv6 mobility) CVE-2017-13025 (IPv6 mobility) CVE-2017-13026 (ISO IS-IS) CVE-2017-13027 (LLDP) CVE-2017-13028 (BOOTP) CVE-2017-13029 (PPP) CVE-2017-13030 (PIM) CVE-2017-13031 (IPv6 fragmentation header) CVE-2017-13032 (RADIUS) CVE-2017-13033 (VTP) CVE-2017-13034 (PGM) CVE-2017-13035 (ISO IS-IS) CVE-2017-13036 (OSPFv3) CVE-2017-13037 (IP) CVE-2017-13038 (PPP) CVE-2017-13039 (ISAKMP) CVE-2017-13040 (MPTCP) CVE-2017-13041 (ICMPv6) CVE-2017-13042 (HNCP) CVE-2017-13043 (BGP) CVE-2017-13044 (HNCP) CVE-2017-13045 (VQP) CVE-2017-13046 (BGP) CVE-2017-13047 (ISO ES-IS) CVE-2017-13048 (RSVP) CVE-2017-13049 (Rx) CVE-2017-13050 (RPKI-Router) CVE-2017-13051 (RSVP) CVE-2017-13052 (CFM) CVE-2017-13053 (BGP) CVE-2017-13054 (LLDP) CVE-2017-13055 (ISO IS-IS) CVE-2017-13687 (Cisco HDLC) CVE-2017-13688 (OLSR) CVE-2017-13689 (IKEv1) CVE-2017-13690 (IKEv2) CVE-2017-13725 (IPv6 routing headers) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Diffstat (limited to 'meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb')
-rw-r--r--meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb51
1 files changed, 51 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
new file mode 100644
index 000000000..d38540e34
--- /dev/null
+++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
@@ -0,0 +1,51 @@
+SUMMARY = "A sophisticated network protocol analyzer"
+HOMEPAGE = "http://www.tcpdump.org/"
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=1d4b0366557951c84a94fabe3529f867"
+SECTION = "net"
+DEPENDS = "libpcap"
+
+SRC_URI = " \
+ http://www.tcpdump.org/release/${BP}.tar.gz \
+ file://unnecessary-to-check-libpcap.patch \
+ file://add-ptest.patch \
+ file://run-ptest \
+"
+
+SRC_URI[md5sum] = "9bbc1ee33dab61302411b02dd0515576"
+SRC_URI[sha256sum] = "798b3536a29832ce0cbb07fafb1ce5097c95e308a6f592d14052e1ef1505fe79"
+
+export LIBS=" -lpcap"
+
+inherit autotools-brokensep ptest
+CACHED_CONFIGUREVARS = "ac_cv_linux_vers=${ac_cv_linux_vers=2}"
+
+PACKAGECONFIG ??= "openssl"
+PACKAGECONFIG[openssl] = "--with-crypto=yes, --without-openssl --without-crypto, openssl"
+PACKAGECONFIG[smi] = "--with-smi, --without-smi,libsmi"
+PACKAGECONFIG[libcap-ng] = "--with-cap-ng=yes,--with-cap-ng=no,libcap-ng"
+
+EXTRA_AUTORECONF += " -I m4"
+
+do_configure_prepend() {
+ mkdir -p ${S}/m4
+ if [ -f aclocal.m4 ]; then
+ mv aclocal.m4 ${S}/m4
+ fi
+ # AC_CHECK_LIB(dlpi.. was looking to host /lib
+ sed -i 's:-L/lib::g' ./configure.in
+}
+do_configure_append() {
+ sed -i 's:-L/usr/lib::' ./Makefile
+ sed -i 's:-Wl,-rpath,${STAGING_LIBDIR}::' ./Makefile
+ sed -i 's:-I/usr/include::' ./Makefile
+}
+
+do_install_append() {
+ # tcpdump 4.0.0 installs a copy to /usr/sbin/tcpdump.4.0.0
+ rm -f ${D}${sbindir}/tcpdump.${PV}
+}
+
+do_compile_ptest() {
+ oe_runmake buildtest-TESTS
+}