Hi,
I'm looking for the official patches for CVE-2014-8767, CVE-2014-8768
and CVE-2014-8769 but they don't seem to be in the Github repository.
The advisories also mention a 4.7.0 version with the fixes, but it's not
there either.
More info:
http://seclists.org/bugtraq/2014/Nov/88
http://seclists
On Nov 21, 2014, at 1:00 AM, Romain Francoise wrote:
> I'm looking for the official patches for CVE-2014-8767, CVE-2014-8768
> and CVE-2014-8769 but they don't seem to be in the Github repository.
Michael, are changes made to the bpf.tcpdump.org repository still getting
pushed to the Github re
Guy Harris wrote:
>> I'm looking for the official patches for CVE-2014-8767, CVE-2014-8768
>> and CVE-2014-8769 but they don't seem to be in the Github repository.
> Michael, are changes made to the bpf.tcpdump.org repository still
> getting pushed to the Github repository? Ther
On Fri, Nov 21, 2014 at 03:47:06PM -0500, Michael Richardson wrote:
> It's supposed to happen, but I'm checking.
> Should be there now. Is cron failing to do it's thing?
Ok, the fixes still aren't on master, but now there's a tcpdump-4.7
branch with the commits I need.
So I apparently need all o
On Fri, Nov 21, 2014 at 11:01:15PM +0100, Romain Francoise wrote:
> But did you notify the distros? Because I didn't get advance notice, and
> the others haven't released security updates yet either.
Oh, actually I'm wrong: Fedora has updated packages.
--
Romain Francoise
http://people.debian.o
