aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/tcpdump
Commit message (Collapse)AuthorAgeFilesLines
* tcpdump: Fix CVE-2017-16808thud-nextthudPeiran Hong2019-10-052-0/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | Backport selected parts of three upstream commits to fix CVE-2017-16808 where tcpdump 4.9.2 has a heap-based buffer over-read. Upstream-Status: Backport [ several ] Upstream commits fully backported: 46aead6 [CVE-2017-16808/AoE: Add a missing bounds check] Upstream commits partially backported: 7068209 [Use nd_ types in 802.x and FDDI headers.] 84ef17a [Replace ND_TTEST2()/ND_TCHECK2() macros by macros using pointers (1/n)] 46aead6 fixes the vulnerability and requires two macros defined in 7068209 and 84ef17a, which are committed after the release of 4.9.2. Only the definition of the macros are taken from the two commits as they impact a wide range of code and are difficult to integrate. CVE: CVE-2017-16808 Signed-off-by: Peiran Hong <peiran.hong@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpdump: refresh patchesMartin Jansa2018-04-092-15/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | WARNING: tcpdump-4.9.2-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch unnecessary-to-check-libpcap.patch patching file configure.in Hunk #1 succeeded at 418 with fuzz 2 (offset -149 lines). Now at patch unnecessary-to-check-libpcap.patch Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: update to 4.9.2 to fix CVEsWenzong Fan2017-09-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refer to http://www.tcpdump.org/tcpdump-changes.txt: Fix buffer overflow vulnerabilities: CVE-2017-11543 (SLIP) CVE-2017-13011 (bittok2str_internal) Fix infinite loop vulnerabilities: CVE-2017-12989 (RESP) CVE-2017-12990 (ISAKMP) CVE-2017-12995 (DNS) CVE-2017-12997 (LLDP) Fix buffer over-read vulnerabilities: CVE-2017-11541 (safeputs) CVE-2017-11542 (PIMv1) CVE-2017-12893 (SMB/CIFS) CVE-2017-12894 (lookup_bytestring) CVE-2017-12895 (ICMP) CVE-2017-12896 (ISAKMP) CVE-2017-12897 (ISO CLNS) CVE-2017-12898 (NFS) CVE-2017-12899 (DECnet) CVE-2017-12900 (tok2strbuf) CVE-2017-12901 (EIGRP) CVE-2017-12902 (Zephyr) CVE-2017-12985 (IPv6) CVE-2017-12986 (IPv6 routing headers) CVE-2017-12987 (IEEE 802.11) CVE-2017-12988 (telnet) CVE-2017-12991 (BGP) CVE-2017-12992 (RIPng) CVE-2017-12993 (Juniper) CVE-2017-11542 (PIMv1) CVE-2017-11541 (safeputs) CVE-2017-12994 (BGP) CVE-2017-12996 (PIMv2) CVE-2017-12998 (ISO IS-IS) CVE-2017-12999 (ISO IS-IS) CVE-2017-13000 (IEEE 802.15.4) CVE-2017-13001 (NFS) CVE-2017-13002 (AODV) CVE-2017-13003 (LMP) CVE-2017-13004 (Juniper) CVE-2017-13005 (NFS) CVE-2017-13006 (L2TP) CVE-2017-13007 (Apple PKTAP) CVE-2017-13008 (IEEE 802.11) CVE-2017-13009 (IPv6 mobility) CVE-2017-13010 (BEEP) CVE-2017-13012 (ICMP) CVE-2017-13013 (ARP) CVE-2017-13014 (White Board) CVE-2017-13015 (EAP) CVE-2017-11543 (SLIP) CVE-2017-13016 (ISO ES-IS) CVE-2017-13017 (DHCPv6) CVE-2017-13018 (PGM) CVE-2017-13019 (PGM) CVE-2017-13020 (VTP) CVE-2017-13021 (ICMPv6) CVE-2017-13022 (IP) CVE-2017-13023 (IPv6 mobility) CVE-2017-13024 (IPv6 mobility) CVE-2017-13025 (IPv6 mobility) CVE-2017-13026 (ISO IS-IS) CVE-2017-13027 (LLDP) CVE-2017-13028 (BOOTP) CVE-2017-13029 (PPP) CVE-2017-13030 (PIM) CVE-2017-13031 (IPv6 fragmentation header) CVE-2017-13032 (RADIUS) CVE-2017-13033 (VTP) CVE-2017-13034 (PGM) CVE-2017-13035 (ISO IS-IS) CVE-2017-13036 (OSPFv3) CVE-2017-13037 (IP) CVE-2017-13038 (PPP) CVE-2017-13039 (ISAKMP) CVE-2017-13040 (MPTCP) CVE-2017-13041 (ICMPv6) CVE-2017-13042 (HNCP) CVE-2017-13043 (BGP) CVE-2017-13044 (HNCP) CVE-2017-13045 (VQP) CVE-2017-13046 (BGP) CVE-2017-13047 (ISO ES-IS) CVE-2017-13048 (RSVP) CVE-2017-13049 (Rx) CVE-2017-13050 (RPKI-Router) CVE-2017-13051 (RSVP) CVE-2017-13052 (CFM) CVE-2017-13053 (BGP) CVE-2017-13054 (LLDP) CVE-2017-13055 (ISO IS-IS) CVE-2017-13687 (Cisco HDLC) CVE-2017-13688 (OLSR) CVE-2017-13689 (IKEv1) CVE-2017-13690 (IKEv2) CVE-2017-13725 (IPv6 routing headers) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: update to 4.9.1 to fix CVE-2017-11108Wenzong Fan2017-09-121-2/+2
| | | | | | | | | | | | | | | Summary for 4.9.1 tcpdump release CVE-2017-11108/Fix bounds checking for STP. Make assorted documentation updates and fix a few typos in tcpdump output. Fixup -C for file size >2GB (GH #488). Show AddressSanitizer presence in version output. Fix a bug in test scripts (exposed in GH #613). On FreeBSD adjust Capsicum capabilities for netmap. On Linux fix a use-after-free when the requested interface does not exist. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: remove unnecessary patchJose Alarcon2017-09-122-32/+0
| | | | | | | | | | | | The removed patch added an unncessary (and incorrect) test for cross compiling: if there is no libdlpi on the target, the test will fail (as it should) and not add libdlpi to the list of libraries. If we would be cross compiling for Solaris (e.g., compiling for SPARC on Solaris x86 or for x86 on Solaris SPARC), we should check for libdlpi. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: update to 4.9.0 for security fixesArmin Kuster2017-02-222-16/+15
| | | | | | | | | | | | | | | | | | | | | CVE included in this release: CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 updated add-ptest patch to apply to Makefile.in Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: upgrade to 4.8.1Oleksandr Kravchuk2017-02-221-4/+3
| | | | | | | | | Upgraded tcpdump to version 4.8.1 and removed deprecated ipv6 configure flag. Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* meta-oe: fix indentationMartin Jansa2016-08-222-8/+8
| | | | | | | | * remove tabs which sneaked in since last cleanup * meta-oe layers are using consistent indentation with 4 spaces, see http://www.openembedded.org/wiki/Styleguide Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* tcpdump: add PACKAGECONFIG for libcap-ngRoy Li2016-01-201-0/+1
| | | | | | Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: add PACKAGECONFIG for smiMartin Jansa2015-08-311-0/+1
| | | | | | | | | | | | | | | | | | * libsmi is autodetected in configure, but in most cases disabled because of cross-compilation so keep it explicitly disabled * resolves following difference in builds with and without libsmi built before tcpdump: 4.7.4-r0-with/temp/log.do_configure:checking smi.h usability... yes 4.7.4-r0-with/temp/log.do_configure:checking smi.h presence... yes 4.7.4-r0-with/temp/log.do_configure:checking for smi.h... yes 4.7.4-r0-with/temp/log.do_configure:checking for smiInit in -lsmi... yes 4.7.4-r0-with/temp/log.do_configure:checking whether to enable libsmi... not when cross-compiling 4.7.4-r0-without/temp/log.do_configure:checking smi.h usability... no 4.7.4-r0-without/temp/log.do_configure:checking smi.h presence... no 4.7.4-r0-without/temp/log.do_configure:checking for smi.h... no Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* tcpslice: fix do_installRoy Li2015-08-061-1/+2
| | | | | | | | | | replace to run "make install" with directly calling install command, since "make install" asks "bin" user and group, and maybe fail when system has not; Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* meta-networking: standardize SECTION valuesJoe MacDonald2015-06-052-2/+2
| | | | | | | SECTION has been used inconsistently throughout the recipes in this layer. Convert them to all use the same convention. Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: upgrade to 4.7.4Roy Li2015-05-137-56/+2
| | | | | | | Remove two unneeded patches, configure.patch and tcpdump-cross-getaddrinfo.patch Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: Add ptestHongjun.Yang2014-10-303-1/+50
| | | | | | | Add ptest supports for tcpdump Signed-off-by: Hongjun.Yang <hongjun.yang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* tcpslice: add recipe under tcpdumpRoy Li2014-09-093-0/+125
| | | | | | | | | tcpslice is a tool for extracting parts of a tcpdump packet trace, so put it under tcpdump dir Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: uprev it to 4.6.1Roy Li2014-08-218-98/+6
| | | | | | | | | 1. uprev to 4.6.1 2. remove three obsolete patches 3. use PACKAGECONFIG, and the default value is ipv6 openssl Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Uprev tcpdump to 4.5.1Roy Li2014-07-209-44/+120
| | | | | | | | | | | | 1. update the patch tcpdump_configure_no_-O2.patch 2. do not check libdlpi dependence on cross-compile, or else it will cause do_qa_configure to fail. 3. do not check libpcap dependence, since the libpcap has been added into DEPENDS, or else it will cause do_qa_configure to fail 4. make the check of getaddrinfo work on cross-compile Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: inherit brokensepJack Mitchell2014-05-031-1/+1
| | | | | Signed-off-by: Jack Mitchell <jmitchell@cbnl.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issuesMatthieu CRAPET2014-02-231-1/+1
| | | | | | | | | | | | | Changes: - rename SUMMARY with length > 80 to DESCRIPTION - rename DESCRIPTION with length < 80 to (non present tag) SUMMARY - drop final point character at the end of SUMMARY string - remove trailing whitespace of SUMMARY line Note: don't bump PR Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* tcpdump: correct QA issue (unrecognized configure option)Joe MacDonald2013-11-281-1/+1
| | | | | | WARNING: QA Issue: tcpdump: configure was passed unrecognised options: --disable-rpath Signed-off-by: Joe MacDonald <joe@deserted.net>
* tcpdump: move from meta-oe to meta-networkingZongchun Yu2013-11-285-0/+177
Signed-off-by: Zongchun Yu <Zongchun.Yu@freescale.com> Signed-off-by: Joe MacDonald <joe@deserted.net>