Your message dated Fri, 19 Aug 2011 13:52:32 +0000
with message-id <e1qupuu-0005ih...@franck.debian.org>
and subject line Bug#623868: fixed in libpcap 1.1.1-2+squeeze1
has caused the Debian Bug report #623868,
regarding snapshot length corruption on live captures
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
623868: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libpcap0.8
Version: 1.1.1-2
Severity: grave
Tags: squeeze sid
Justification: causes data loss
see: http://thread.gmane.org/gmane.network.tcpdump.devel/5018
this can be trivially reproduced on squeeze or sid:
edmonds@zappa{0}:~$ tcpdump --version
tcpdump version 4.1.1
libpcap version 1.1.1
Usage: tcpdump [-aAbdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ -M secret ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ]
[ -y datalinktype ] [ -z command ] [ -Z user ]
[ expression ]
edmonds@zappa{1}:~$ sudo tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap
1>/dev/null 2>&1 &
[1] 22573
edmonds@zappa{1}:~$ ping -c 1 -s 512 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 512(540) bytes of data.
520 bytes from 127.0.0.1: icmp_req=1 ttl=64 time=0.034 ms
--- 127.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.034/0.034/0.034/0.000 ms
edmonds@zappa{0}:~$
[1] + done sudo tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap >
/dev/null 2>&1
edmonds@zappa{0}:~$ tshark -r /tmp/lo.pcap -V -T text -n | grep '^Frame '
Frame 1 (554 bytes on wire, 122 bytes captured)
Frame 2 (554 bytes on wire, 122 bytes captured)
edmonds@zappa{0}:~$
with the latest git tip of libpcap:
sql1rd2:~# tcpdump --version
tcpdump version 4.3.0-PRE-GIT_2011_04_23
libpcap version 1.3.0-PRE-GIT_2011_04_23
Usage: tcpdump [-aAbdDefhIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ -j tstamptype ] [ -M secret ]
[ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
[ -W filecount ] [ -y datalinktype ] [ -z command ]
[ -Z user ] [ expression ]
sql1rd2:~# tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap &
[1] 15377
sql1rd2:~# tcpdump: listening on lo, link-type EN10MB (Ethernet), capture
size 128 bytes
sql1rd2:~# ping -c 1 -s 512 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 512(540) bytes of data.
2 packets captured
4 packets received by filter
0 packets dropped by kernel
520 bytes from 127.0.0.1: icmp_req=1 ttl=64 time=0.023 ms
--- 127.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.023/0.023/0.023/0.000 ms
sql1rd2:~# tshark -r /tmp/lo.pcap -V -T text -n | grep '^Frame '
Running as user "root" and group "root". This could be dangerous.
Frame 1 (554 bytes on wire, 128 bytes captured)
Frame 2 (554 bytes on wire, 128 bytes captured)
[1]+ Done tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap
sql1rd2:~#
note "122 bytes captured" in the first listing versus "128 bytes
captured" in the second.
this is fixed in upstream commit ea9432fabdf4b33cbc76d9437200e028f1c47c93,
"Fix the calculation of the frame size in memory-mapped captures."
there has not yet been a release on the 1.1 branch (or, well, any
release) since 1.1.1 that contains this fix. but the fix should most
likely be backported to the version in squeeze anyway.
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (900, 'unstable'), (800, 'testing'), (700, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libpcap0.8 depends on:
ii libc6 2.11.2-13 Embedded GNU C Library: Shared lib
libpcap0.8 recommends no packages.
libpcap0.8 suggests no packages.
-- no debconf information
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: libpcap
Source-Version: 1.1.1-2+squeeze1
We believe that the bug you reported is fixed in the latest version of
libpcap, which is due to be installed in the Debian FTP archive:
libpcap-dev_1.1.1-2+squeeze1_all.deb
to main/libp/libpcap/libpcap-dev_1.1.1-2+squeeze1_all.deb
libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
to main/libp/libpcap/libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
to main/libp/libpcap/libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
to main/libp/libpcap/libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
to main/libp/libpcap/libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
libpcap0.8_1.1.1-2+squeeze1_amd64.deb
to main/libp/libpcap/libpcap0.8_1.1.1-2+squeeze1_amd64.deb
libpcap0.8_1.1.1-2+squeeze1_i386.deb
to main/libp/libpcap/libpcap0.8_1.1.1-2+squeeze1_i386.deb
libpcap_1.1.1-2+squeeze1.debian.tar.gz
to main/libp/libpcap/libpcap_1.1.1-2+squeeze1.debian.tar.gz
libpcap_1.1.1-2+squeeze1.dsc
to main/libp/libpcap/libpcap_1.1.1-2+squeeze1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 623...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Romain Francoise <rfranco...@debian.org> (supplier of updated libpcap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 10 Jul 2011 19:26:04 +0200
Source: libpcap
Binary: libpcap-dev libpcap0.8-dev libpcap0.8 libpcap0.8-dbg
Architecture: all amd64 i386 source
Version: 1.1.1-2+squeeze1
Distribution: stable
Urgency: low
Maintainer: Romain Francoise <rfranco...@debian.org>
Changed-By: Romain Francoise <rfranco...@debian.org>
Closes: 612803 623868
Description:
libpcap0.8-dbg - debugging symbols for libpcap0.8
libpcap0.8-dev - development library and header files for libpcap0.8
libpcap0.8 - system interface for user-level packet capture
libpcap-dev - development library for libpcap (transitional package)
Changes:
libpcap (1.1.1-2+squeeze1) stable; urgency=low
.
* Backport changes from upstream to fix corruption of snapshot length on
live captures (CVE-2011-1935) (closes: #623868).
* Backport fix from upstream to fix device detection when the bonding
module is loaded (closes: #612803).
Checksums-Sha1:
e183a3e013e5bbc3b5e4de855562e8daa44928f4 19168
libpcap-dev_1.1.1-2+squeeze1_all.deb
52cff064f2657a1a6f019cbb73ae1869f795cc6d 238834
libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
10155408ed2ba2ceb68150bac83a5c6fd4b0ca06 130948
libpcap0.8_1.1.1-2+squeeze1_amd64.deb
8f4d5e536b6b1e5b5dee8cdfbc05d6caf9e24963 139264
libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
bdbbd3e48c3cf97391bad32e6b6ac2681d9e5cd7 225494
libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
7d001dc12ea2d0352246115fb8f03c102b99de5c 125258
libpcap0.8_1.1.1-2+squeeze1_i386.deb
74ec06e14380eb51cc5d07cc920af3b3826d841b 142694
libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
78319ee0f1c344acf34f78783f3358a273bd3b76 1293 libpcap_1.1.1-2+squeeze1.dsc
98aa7cf55ccc7d14a51650cf90f899e7f5e690af 16834
libpcap_1.1.1-2+squeeze1.debian.tar.gz
Checksums-Sha256:
be544629af3f0c15e43a95a5e676093d61b6e614a9d5e6c76c52247e23b5a6fe 19168
libpcap-dev_1.1.1-2+squeeze1_all.deb
de54e018b1aee3c620c76e59581db7b3769e1bb29417fea2b7d07e971e3d9cbb 238834
libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
223663614338f9886b493b725ae4ed991f0ef874dcebfcf90fc2ca339afda607 130948
libpcap0.8_1.1.1-2+squeeze1_amd64.deb
67057afd093c425066765be6a37b7491af75edb011c2d6281f3664f7538a4ce5 139264
libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
4a51adf733ff57ea861a27cd5a8149e3173fdb525622d4d7b579663e23267c96 225494
libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
098026e09aeee4acc4c69844ee6a397f9b0ddbb5efa377c87d8be5c9b111cd8f 125258
libpcap0.8_1.1.1-2+squeeze1_i386.deb
f5506f1482c874052267f6740acc11612a549778e58d16eba5e7d388a64cbbea 142694
libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
1f7a30d23b6b6b4b38baa9fbc4fe6cdd7852a6c73563fde7a2d7b64f891e782b 1293
libpcap_1.1.1-2+squeeze1.dsc
be006c2d86ff3a18b55c11d6f6d9043d549ed3dbe4efe9a701101f5fc91bf51b 16834
libpcap_1.1.1-2+squeeze1.debian.tar.gz
Files:
d5a9c8c5c6d8e02704229eb4842356bf 19168 libdevel optional
libpcap-dev_1.1.1-2+squeeze1_all.deb
d36d495d8c0c7af3cf4924f12ed71bfc 238834 libdevel optional
libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
7d06683fae2d8b7ac5b170110bd30ef1 130948 libs optional
libpcap0.8_1.1.1-2+squeeze1_amd64.deb
4ba51dd2ec268921447af9a280f82150 139264 debug extra
libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
f9bde569bd658b66816dab84e121b90f 225494 libdevel optional
libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
935f78f9c731c682f324571a038c2121 125258 libs optional
libpcap0.8_1.1.1-2+squeeze1_i386.deb
17f862532fcd77ff0308bc47be35e2bd 142694 debug extra
libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
0384beeab77ffa914c4bff0a4a702488 1293 devel optional
libpcap_1.1.1-2+squeeze1.dsc
e0eccf117143a6f8f4004fc684a56966 16834 devel optional
libpcap_1.1.1-2+squeeze1.debian.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOTUpzogN2vsA8Vt8RAhrMAKDMa2Sjj/EMzpAflyrgIs6+XtCXiACfelpX
fYBw0bO2y2fVxWrmqXTHtRM=
=vLBQ
-----END PGP SIGNATURE-----
--- End Message ---
