AXSA:2021-1228:01

Release date: 
Sunday, January 17, 2021 - 00:46
Subject: 
libpcap-1.9.1-4.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Low
Description: 

The libpcap packages provide a portable framework for low-level network monitoring. The libpcap library provides network statistics collection, security monitoring, and network debugging.

The following packages have been upgraded to a later upstream version: libpcap (1.9.1). (BZ#1806422)

Security Fix(es):

* libpcap: Resource exhaustion during PHB header length validation (CVE-2019-15165)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-15165
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libpcap-1.9.1-4.el8.src.rpm
    MD5: ac6f2cb65ec8072bf3f7e89a6e3190cd
    SHA-256: 83b67ddc032c22a87cea87ec2bd5a7885e9a27f41e644a88ae46ab5a4c1a648e
    Size: 861.30 kB

Asianux Server 8 for x86_64
  1. libpcap-1.9.1-4.el8.x86_64.rpm
    MD5: 15e47443911ac168c13e0a3067160575
    SHA-256: b0c87dc505bfff3e8f2e0eca4613cec21da8b72ad9fda3eeaa2a93649c9d23ba
    Size: 165.33 kB
  2. libpcap-1.9.1-4.el8.i686.rpm
    MD5: 551c180f0017112415d2ec534402e11c
    SHA-256: c5672f0b51b4fd3cb91b2e096853431c3e493e1bd0e67cd89e5515dacd3520c7
    Size: 172.79 kB
Copyright© 2007-2015 Asianux. All rights reserved.