Hello,
On Fri, May 06, 2016 at 05:22:24PM +0200, ikuzar RABE wrote:
> is normal that soname of libpcap.so.1.6.2 is libpcap.so.0.8 ?
This is specific to Debian and its derivatives, for more details see:
https://people.debian.org/~rfrancoise/libpcap-faq.html
--
Romain Francoise
h
> list or ask MITRE directly.
Ok, thanks.
So unless someone has a better idea, I will ask MITRE.
--
Romain Francoise
http://people.debian.org/~rfrancoise/
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca
hal can get one via
internal Red Hat channels?
--
Romain Francoise
http://people.debian.org/~rfrancoise/
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
ing with GitHub.
Yes, please.
--
Romain Francoise
http://people.debian.org/~rfrancoise/
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
e "official" backports, even better.
The branch also has fixes for print-udp.c and print-ppp.c. Are these
security-sensitive? Should I pick them up as well? If so, do they have
CVE identifiers?
Thanks,
--
Romain Francoise
http://people.d
On Fri, Nov 21, 2014 at 11:01:15PM +0100, Romain Francoise wrote:
> But did you notify the distros? Because I didn't get advance notice, and
> the others haven't released security updates yet either.
Oh, actually I'm wrong: Fedora has updated packages.
--
R
release
> until the distros had a chance to patch.
But did you notify the distros? Because I didn't get advance notice, and
the others haven't released security updates yet either.
Thanks,
--
Romain Francoise
http://people.debian.org/~rfrancoise/
__
014/Nov/88
http://seclists.org/bugtraq/2014/Nov/89
http://seclists.org/bugtraq/2014/Nov/90
Thanks,
--
Romain Francoise
http://people.debian.org/~rfrancoise/
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/l
On Sun, Jul 06, 2014 at 03:19:19AM -0700, Guy Harris wrote:
> is a kernel header; does USB sniffing require
> libusb-dev at all?
Nope. libusb is only required for canusb support.
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https:/
Michael Richardson writes:
> Yeah, my bad; was sick that weekend, and stuff... happened.
No problem.
> How about July 1?
So -rc1 on July 1, then release a week later? Or -rc1 in the meantime,
and release on July 1? (Works for me either way.)
___
tcpd
Michael Richardson writes:
> I was way too at this ietf89 to build changelog and push release button.
> I propose to release at Easter. (April 21)
So it looks like this never happened?
___
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
Michael Richardson writes:
> True... I'm not sure that we have, up until now, considered this a
> problem.
I don't think we've ever had this problem; at least I always update
tcpdump first in Debian (just in case) and this is the first time this
happens.
_
Hi,
FYI, the tcpdump 4.5.1 testsuite has new two testcases which we may want
to disable by default:
- the pppoes_id testcase requires a pcap version which supports PPPoE
session ID filtering (>= 1.5)
- the nflog-e testcase requires a little-endian host, the NFLOG TLV
length is in host byte ord
onths ago.
On the other hand, introducing a completely separate set of packages just
for some extra features would be wasteful.
So I don't know. Maybe I could add an extra 'libpcap0.8-sumo' binary
package with all third-party libraries ena
The LLDP printer doesn't show the packet protocol unless -v is used,
which results in pretty useless output lines where only the timestamp is
present. Make sure we include the default protocol+length output even in
default mode.
---
print-lldp.c |4 +---
1 file changed, 1 insertion(+), 3 delet
Michael Richardson writes:
> I'll push it out late Monday (2012-06-11).
Thanks, both releases are now in Debian.
Did you mean to sign them with your personal key rather than the
tcpdump.org signing key?
Thanks,
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the
Michael Richardson writes:
> (Is there a debian, ubuntu, fedora, *BSD code freeze that would care?)
Debian wheezy freezes in about two weeks; it would be cutting it a little
short but it's probably doable.
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the
nvironment:
helper scripts, dependencies, toolchain, etc. The lifecyle is just too
different from upstream's generally to make it worthwhile for Debian
developers to maintain their packaging with the upstream code.
You can still do that though--just clone from git.debian.org ;-)
--
est is not really upstreamable.
Thanks!
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
d version of the library).
Yes, that's right.
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Hi,
What's the status of the 4.3/1.3 releases? I see that CHANGES has been
updated, there are apparently corresponding branches in Git (although they
are not present on GitHub and the bpf server appears to be down) but the
tarballs are not on the website.
Thanks,
--
Romain Francoise
vedcppflags"
@@ -1067,7 +1067,7 @@ if test "$want_libcrypto" != "no"; then
fi
AC_CHECK_LIB(crypto, DES_cbc_encrypt)
- savedppflags="$CPPFLAGS"
+ savedcppflags="$CPPFLAGS"
CPP
+savedcppflags="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS $V_INCLS"
AC_CHECK_TYPES(pcap_if_t, , , [#include ])
CPPFLAGS="$savedcppflags"
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
is running on the system to determine
> whether TPACKET_V2 is supported or not (I don't know which kernel
> version first introduced it).
You need 2.6.27 to make it work (TPACKET_v2 + PACKET_RESERVE).
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdu
oui.h \
pcap-missing.h \
pmap_prot.h \
+ ppi.h \
ppp.h \
route6d.h \
rpc_auth.h \
Thanks,
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Guy Harris writes:
> Checked into the main and 4.1 branches and pushed.
Thanks,
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Merge back changes from the Debian package:
- fix TCP flags output description, by Christophe Rhodes
Original patch submitted in http://bugs.debian.org/575724
- two remaining typo fixes, by A Costa
Original patch submitted in http://bugs.debian.org/342310
---
tcpdump.1.in | 11 +--
Reading from a capture file that has not yet received any packets fails
with "truncated dump file"; to avoid this, flush the file (forcing the
pcap header out) immediately after opening it.
Suggested by Ferenc Wagner in Debian bug #533625.
---
tcpdump.c |4
1 files changed, 4 insertions
Michael Richardson writes:
> http://www.ca.tcpdump.org/beta/ contains 4.1/1.1 tar.gz, signed
> with my regular key.
> If there are no complaints about these tar balls, I will resign it
> with the tcpdump release key on Saturday.
Both seem fine to me.
--
Romain Fra
cap-usb-linux.c
@@ -64,7 +64,7 @@ static const char rcsid[] _U_ =
#include
#endif
-#define USB_IFACE "usb"
+#define USB_IFACE "usbmon"
#define USB_TEXT_DIR "/sys/kernel/debug/usbmon"
#define SYS_USB_BUS_DIR "/sys/bus/usb/devices"
#define PROC_USB_BUS_DIR "/proc/bus/usb"
--
Romain Francoise
http://people.debian.org/~rfrancoise/
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
r *bp, register u_int length,
#endif
length -= hlen;
-if (vflag > 1 || flags & (TH_SYN | TH_FIN | TH_RST)) {
+if (vflag > 1 || length > 0 || flags & (TH_SYN | TH_FIN | TH_RST)) {
(void)printf(", seq %u", seq);
Guy Harris <[EMAIL PROTECTED]> writes:
> Checked into the main and x.9 branches.
Thanks.
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
V
"redirected header"},
{ ND_OPT_MTU, "mtu"},
- { ND_OPT_ADVINTERVAL, "advertisment interval"},
+ { ND_OPT_ADVINTERVAL, "advertisement interval"},
{ ND_OPT_HOMEAGENT_INFO, "homeagent information"},
{ ND_OPT_ROUTE_INFO, "route info"},
{ 0,
Michael Richardson <[EMAIL PROTECTED]> writes:
> Sigh. Sorry.
> I'm not going to fix this. Let's wait for a bug report.
No worries. I'll patch them in the Debian diff.
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`.
Michael Richardson <[EMAIL PROTECTED]> writes:
> I will do a new 3.9.3, and sign it.
The VERSION files are still at x.9.2...
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is th
cpdump"
where it should say "Summary for 0.9.x release", or something.
Looks great otherwise!
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
.
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
ourage
people not to use 0.9.1...
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
ion: identifier pcap_setdirection is new
| is now defined at /usr/include/pcap.h:227:
| extern int pcap_setdirection(pcap_t *, direction_t);
|
| ABI is not backward-compatible
| API is not backward-compatible
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `
t version in Debian stable) and it's
not vulnerable to the isis, ldp or rsvp infloops. It is vulnerable to
the bgp one and the fix you committed to the 3.8 branch can be trivially
translated in 3.6 so I did just that.
Thanks again,
--
,''`.
: :' :Ro
tic, they're said to be fixed in 3.9/CVS but the versions have
diverged so much since 3.8 that I don't really know what's relevant...
Do you plan to merge fixes in the 3.8 branch or should I hack things
myself?
Thanks,
--
,''`.
: :' :Romain
Hannes Gredler <[EMAIL PROTECTED]> writes:
> for software [3.9,cvs] that has not even been released yet ?
All the exploits mention tcpdump 3.8.x as being affected. I didn't run
them to check that it's really the case, though... did you?
--
,''`.
: :'
Can someone request CAN numbers for these? Michael?
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
hose.
That's very possible; I might apply your patch to the Debian package if
3.8.4 doesn't happen sometime soon.
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
E_IPV6:/*XXX*/
case PPP_IPV6:
+ case PPP_IPV6CP:
ip6_print(p, length);
break;
#endif
--
,''`.
: :' :Romain Francoise <[EMAIL PROTECTED]>
`. `' http://people.debian.org/~rfrancoise/
`-
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
45 matches
Mail list logo