Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/tcpreplay: security bump to v4.5.1

This fixes the following vulnerabilities:

- CVE-2023-4256:
    Within tcpreplay's tcprewrite, a double free vulnerability has been
    identified in the tcpedit_dlt_cleanup() function within
    plugins/dlt_plugins.c. This vulnerability can be exploited by
    supplying a specifically crafted file to the tcprewrite binary. This
    flaw enables a local attacker to initiate a Denial of Service (DoS)
    attack.
    https://www.cve.org/CVERecord?id=CVE-2023-4256

- CVE-2023-43279:
    Null Pointer Dereference in mask_cidr6 component at cidr.c in
    Tcpreplay 4.4.4 allows attackers to crash the application via crafted
    tcprewrite command.
    https://www.cve.org/CVERecord?id=CVE-2023-43279

- CVE-2024-22654:
    tcpreplay v4.4.4 was discovered to contain an infinite loop via the
    tcprewrite function at get.c.
    https://www.cve.org/CVERecord?id=CVE-2024-22654

See the release notes:
https://github.com/appneta/tcpreplay/releases/tag/v4.5.1

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 31619696b96a79972553c74450b254702d265245)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Titouan Christophe 1 month ago
parent
d90a4c9a25
commit
dc5c8acd86
2 changed files with 3 additions and 3 deletions
Split View Show Diff Stats
  1. 2 2
      package/tcpreplay/tcpreplay.hash
  2. 1 1
      package/tcpreplay/tcpreplay.mk

+ 2 - 2
package/tcpreplay/tcpreplay.hash
View File 

@@ -1,5 +1,5 @@
 
 # Locally calculated after checking pgp signature
 
-# https://github.com/appneta/tcpreplay/releases/download/v4.4.4/tcpreplay-4.4.4.tar.xz.asc
 
+# https://github.com/appneta/tcpreplay/releases/download/v4.5.1/tcpreplay-4.5.1.tar.xz.asc
 
 # using key 84E4FA215C934A7D97DC76D5E9E2149793BDE17E
 
-sha256  3ff9753cc43bb15e77832cee657e3030dbcdd957fa247e6abacc605689e24051  tcpreplay-4.4.4.tar.xz
 
+sha256  5126613f783062b43f514b05ad981376050a8fee35b03c8de4445ddeefd95049  tcpreplay-4.5.1.tar.xz
 
 sha256  07cf5e92d475287a7d1663b33097f40cae5adf03ed8920fcd4374e3dfb48c8ad  docs/LICENSE

+ 1 - 1
package/tcpreplay/tcpreplay.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-TCPREPLAY_VERSION = 4.4.4
 
+TCPREPLAY_VERSION = 4.5.1
 
 TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPREPLAY_VERSION)
 
 TCPREPLAY_SOURCE = tcpreplay-$(TCPREPLAY_VERSION).tar.xz
 
 TCPREPLAY_LICENSE = GPL-3.0