-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2019.3814.2
                          tcpdump security update
                              22 October 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tcpdump
Publisher:         Debian
Operating System:  Debian GNU/Linux 8
                   Debian GNU/Linux 9
                   Debian GNU/Linux 10
                   UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-15166 CVE-2018-16452 CVE-2018-16451
                   CVE-2018-16300 CVE-2018-16230 CVE-2018-16229
                   CVE-2018-16228 CVE-2018-16227 CVE-2018-14882
                   CVE-2018-14881 CVE-2018-14880 CVE-2018-14879
                   CVE-2018-14470 CVE-2018-14469 CVE-2018-14468
                   CVE-2018-14467 CVE-2018-14466 CVE-2018-14465
                   CVE-2018-14464 CVE-2018-14463 CVE-2018-14462
                   CVE-2018-14461 CVE-2018-10105 CVE-2018-10103

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html
   https://lists.debian.org/debian-security-announce/2019/msg00199.html

Comment: This bulletin contains two (2) Debian security advisories.
         
         This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running tcpdump check for an updated version of the software for 
         their operating system.

Revision History:  October 22 2019: Added DSA-4547-1
                   October 14 2019: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tcpdump
Version        : 4.9.3-1~deb8u1
CVE ID         : CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
                 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
                 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
                 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470
                 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881
                 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228
                 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300
                 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166
Debian Bug     : 941698

Several vulnerabilities have been discovered in tcpdump, a
command-line network traffic analyzer. These security vulnerabilities
might result in denial of service or, potentially, execution of
arbitrary code.

For Debian 8 "Jessie", these problems have been fixed in version
4.9.3-1~deb8u1.

We recommend that you upgrade your tcpdump packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl2g5blfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeRpUhAAp8QTkImN2K6tb/2LCZvg4sitJ9PBgTWjOxg5d6KCIORX0MzU4rALEe56
cEOhOC663tf3DiLwrnX/+Tw5ufhRNs4yTxD+dZ/jqmHhFaKz9rtIqeqjUf+MBzyM
f3hfFYf8dzenc8bfZjmvhr4G/X71oz2SeuEu5Yt+Xh9qxOG0qPwWfzy4V0C/hv2s
exsz/17IK8GZvlPbbKgQJL66LalvRKFL/dksiYH1xz4chPJM0gKKg1CJ4/T57GNn
vw8XGMeQsHCIlTGscwLVVK3Nvwa/DatKrjg38ywl4kGgh5FTiYH15tmnwOMO7icV
Ar5M44Nq14uUiwUlY0ciybA8rAyOwNhrD16s0kxhz8Wb+dOSOtYBYhXjlKconZtH
9dw8k0AiG2wzi6Xv4x+uR6p/xrHU3TvGYRlPwvg0i5+MOc9w4P2gWlvEIRD0UTnv
BG/pCXHbyOWLxGg+LXB70KbmKFt8AtipLw8nDTJcLmx48modM43uD3WQ4tAqg52d
KCHNFai1Nd2LmI0Vh/XqcJcAlF5+ThFRoteBavogCxH7V7ZC9w64PpuLcXF7vTY9
nzijYX6HxzN44hETQXXftGcxsikMGxth24xk5Mb3Vgbs3+Ule5UaxnW6ar8XN+tG
p4pXYAK0hcpF8SwV2WXtNKB8CAXOE6pT7lftf67hAfbSAr8udN0=
=uBmT
- -----END PGP SIGNATURE-----

=============================================================================

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4547-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 21, 2019                      https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : tcpdump
CVE ID         : CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 
                 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 
                 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 
                 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 
                 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 
                 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166

Several vulnerabilities have been discovered in tcpdump, a command-line
network traffic analyzer. These vulnerabilities might result in denial of
service or, potentially, execution of arbitrary code.

For the oldstable distribution (stretch), these problems have been fixed
in version 4.9.3-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 4.9.3-1~deb10u1.

We recommend that you upgrade your tcpdump packages.

For the detailed security status of tcpdump please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tcpdump

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2uIaAACgkQEMKTtsN8
Tjb5ZA/9FxAE0uHVnbXapPaDdrf4JOElV9+iZho4b87YuSXZKch7y/xUtlHMx6Jy
9iYzUd2Cwg0OPRyZii3PjiGSxSrKW9xTYnyfPzI7WdPFWRbeVLw9PKUV9R18fE2u
svIuKdeHiJd/MabagWqPffn4ZxgfxlG2Px3xtQhnFchDb7yXAsRUIdWwjIyw1fXR
/lRkaehvKkwBHLYtSTnNnMrZyRYNsZBZ6WSeZ5hIFugq9wwWTYXY3vJxR2IUqhq8
veQrHg8DVt58G+GhI7EdmEKB9vJrjtNZBlz8VCiGESxSw/BZjCw2vl20gL2JmV0f
1OA4NaMH7l6Sj2DQDCqHIDN++PGhLkQWUxJHrLV2aqfZ7kn9bxXpX3djUYYjRzpS
yaHsAsFOp7zwXkebbvV0dFhjLtst39xRJAEr8dAw6DUmfZqIPazdLv+PGGDpEuuq
pcAe6QqrNettT37VCx81PtIQL4BJf1lvTW6VHIwj0MaQ6aFdNImzw/n1ld26ktoV
feHER0IM0saIgwj/STOLV1+elNzi9dGdaFArxMRvM/s3fwo8JiYv1qnzfqGtQ6xH
5QwoBwwMZEEkqBvDCTtyFxLgg+Q/iVavwinxIRIb4Ttkr9M+PBL0WldFntlQRrlN
SZDCcsvfxjM9aOwNS+tMCoX3CKB7hj94u+ti8MRJCw9I9EOzmZE=
=bACv
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXa5SKGaOgq3Tt24GAQhoHQ//d5HncwQQEh1xGfPot7l0QTkwQeJUFqPu
07whZd3CUtYBuiPvLvcQKqxwOac8IlJ/AAFjdg108coN5A6D2vFiv6KbdaZVaTxh
rTiueIT/hD4yKmni/rueewtIb0lEIS2HQRbq3QR9RvQrdHykuBjZlI59uvwSa56h
0kqFYkpFmOihWYLRHp4Bq0EsQ2fd/9poz/zHk1E9KndcXl1fQhhJ1hUEa1fYzZSO
j6mhb9Eiho2AR8fDfI7PMvj3tTHUPzwB0TDBEE05ppMlferIRM+wgCNXYUN73Z1d
YGQLkPJySVb3+SgK6xYE3yWnyGQgolfclEhG42RCbW5nlG7RVHeBM4cjpLbkUR9+
pbHegPYGIGtgxZN8mrEbE9y1T6raIeZdSWtZY4ZOmS782tAoI0fDYl8fb4LUm3uJ
Cc+MG/R+Fu9bhtFMGSt41Q7jw4U2UKeUdUofRLo5lRTEpm5CiM/Qupfmxf5ywGOi
seMAZO0AuqAK4zOgRkeMn9ajhRQkKP2pFA9GjXiw/JpLGHJXHMSOZawTUgY1Y3n6
y0ifb+P+lcTZDq7VD8j0N23nM0vpjuVQUeo6LhZ/NpTdakB5NGcM39LF3E0g/GGY
nR+37SDzvb8Dwp06ZelLU6Yz1J6pgHB9pCQ9imJ7Qfej2zMXMraPYpr7zzeEF6Up
+gyUw0lPTTo=
=W4bI
-----END PGP SIGNATURE-----