Bug#794407: jessie-pu: package tcpdump/4.6.2-5+deb8u1

Romain Francoise Sun, 02 Aug 2015 11:15:34 -0700

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian....@packages.debian.org
Usertags: pu


Hello,

I am seeking permission to upload a new version of tcpdump to
stable-proposed-updates to fix bug #793479, which makes tcpdump unusable
for people who use -Z to drop privileges and stream the output of
tcpdump to another program.

Full debdiff attached.

Thanks,

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (550, 'experimental'), (550, 
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.3 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

diffstat for tcpdump-4.6.2 tcpdump-4.6.2

 changelog                       |    8 ++++++++
 patches/50_droproot_stderr.diff |   28 ++++++++++++++++++++++++++++
 patches/series                  |    1 +
 3 files changed, 37 insertions(+)

diff -Nru tcpdump-4.6.2/debian/changelog tcpdump-4.6.2/debian/changelog
--- tcpdump-4.6.2/debian/changelog	2015-04-04 19:20:52.000000000 +0200
+++ tcpdump-4.6.2/debian/changelog	2015-08-02 20:01:20.000000000 +0200
@@ -1,3 +1,11 @@
+tcpdump (4.6.2-5+deb8u1) stable; urgency=low
+
+  * Cherry-pick commit 3f15ae25c2 from upstream Git to fix -Z confirmation
+    log being sent to stdout, where it can get mixed with pcap stream
+    data if '-w -' is used (closes: #793479).
+
+ -- Romain Francoise <rfranco...@debian.org>  Sun, 02 Aug 2015 19:57:22 +0200
+
 tcpdump (4.6.2-5) unstable; urgency=high
 
   * Cherry-pick commit fb6e5377f3 from upstream Git to fix regressions in the
diff -Nru tcpdump-4.6.2/debian/patches/50_droproot_stderr.diff tcpdump-4.6.2/debian/patches/50_droproot_stderr.diff
--- tcpdump-4.6.2/debian/patches/50_droproot_stderr.diff	1970-01-01 01:00:00.000000000 +0100
+++ tcpdump-4.6.2/debian/patches/50_droproot_stderr.diff	2015-08-02 20:01:08.000000000 +0200
@@ -0,0 +1,28 @@
+commit 3f15ae25c25046b9ebdf8ab0283f2e6382a4df0e
+Author: Denis Ovsienko <de...@ovsienko.info>
+Date:   Mon Feb 9 01:21:51 2015 +0000
+
+    droproot(): always print to stderr (GH #425)
+    
+    Otherwise it interferes with the output of "tcpdump -w -".
+
+--- a/tcpdump.c
++++ b/tcpdump.c
+@@ -727,7 +727,7 @@
+ 			fprintf(stderr, "error : ret %d\n", ret);
+ 		}
+ 		else {
+-			printf("dropped privs to %s\n", username);
++			fprintf(stderr, "dropped privs to %s\n", username);
+ 		}
+ 		/* We don't need CAP_SETUID and CAP_SETGID */
+ 		capng_update(CAPNG_DROP, CAPNG_EFFECTIVE, CAP_SETUID);
+@@ -747,7 +747,7 @@
+ 			exit(1);
+ 		}
+ 		else {
+-			printf("dropped privs to %s\n", username);
++			fprintf(stderr, "dropped privs to %s\n", username);
+ 		}
+ #endif /* HAVE_CAP_NG_H */
+ 	}
diff -Nru tcpdump-4.6.2/debian/patches/series tcpdump-4.6.2/debian/patches/series
--- tcpdump-4.6.2/debian/patches/series	2015-04-04 19:08:59.000000000 +0200
+++ tcpdump-4.6.2/debian/patches/series	2015-08-02 19:53:02.000000000 +0200
@@ -3,6 +3,7 @@
 20_man_fixes.diff
 50_hurd.diff
 50_kfreebsd.diff
+50_droproot_stderr.diff
 50_autotools-dev.diff
 60_cve-2014-8767.diff
 60_cve-2014-8768.diff

Bug#794407: jessie-pu: package tcpdump/4.6.2-5+deb8u1

Reply via email to