Debian Bug report logs -
#623868
snapshot length corruption on live captures
Reported by: Robert Edmonds <edmonds@debian.org>
Date: Sat, 23 Apr 2011 21:24:02 UTC
Severity: grave
Tags: patch, sid, squeeze
Found in version libpcap/1.1.1-2
Fixed in versions libpcap/1.1.1-4, libpcap/1.1.1-2+squeeze1
Done: Romain Francoise <rfrancoise@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, edmonds@debian.org, Romain Francoise <rfrancoise@debian.org>
:
Bug#623868
; Package libpcap0.8
.
(Sat, 23 Apr 2011 21:24:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Robert Edmonds <edmonds@debian.org>
:
New Bug report received and forwarded. Copy sent to edmonds@debian.org, Romain Francoise <rfrancoise@debian.org>
.
(Sat, 23 Apr 2011 21:24:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: libpcap0.8
Version: 1.1.1-2
Severity: grave
Tags: squeeze sid
Justification: causes data loss
see: http://thread.gmane.org/gmane.network.tcpdump.devel/5018
this can be trivially reproduced on squeeze or sid:
edmonds@zappa{0}:~$ tcpdump --version
tcpdump version 4.1.1
libpcap version 1.1.1
Usage: tcpdump [-aAbdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ -M secret ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ]
[ -y datalinktype ] [ -z command ] [ -Z user ]
[ expression ]
edmonds@zappa{1}:~$ sudo tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap 1>/dev/null 2>&1 &
[1] 22573
edmonds@zappa{1}:~$ ping -c 1 -s 512 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 512(540) bytes of data.
520 bytes from 127.0.0.1: icmp_req=1 ttl=64 time=0.034 ms
--- 127.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.034/0.034/0.034/0.000 ms
edmonds@zappa{0}:~$
[1] + done sudo tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap > /dev/null 2>&1
edmonds@zappa{0}:~$ tshark -r /tmp/lo.pcap -V -T text -n | grep '^Frame '
Frame 1 (554 bytes on wire, 122 bytes captured)
Frame 2 (554 bytes on wire, 122 bytes captured)
edmonds@zappa{0}:~$
with the latest git tip of libpcap:
sql1rd2:~# tcpdump --version
tcpdump version 4.3.0-PRE-GIT_2011_04_23
libpcap version 1.3.0-PRE-GIT_2011_04_23
Usage: tcpdump [-aAbdDefhIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ -j tstamptype ] [ -M secret ]
[ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
[ -W filecount ] [ -y datalinktype ] [ -z command ]
[ -Z user ] [ expression ]
sql1rd2:~# tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap &
[1] 15377
sql1rd2:~# tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 128 bytes
sql1rd2:~# ping -c 1 -s 512 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 512(540) bytes of data.
2 packets captured
4 packets received by filter
0 packets dropped by kernel
520 bytes from 127.0.0.1: icmp_req=1 ttl=64 time=0.023 ms
--- 127.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.023/0.023/0.023/0.000 ms
sql1rd2:~# tshark -r /tmp/lo.pcap -V -T text -n | grep '^Frame '
Running as user "root" and group "root". This could be dangerous.
Frame 1 (554 bytes on wire, 128 bytes captured)
Frame 2 (554 bytes on wire, 128 bytes captured)
[1]+ Done tcpdump -s 128 -c 2 -pni lo -w /tmp/lo.pcap
sql1rd2:~#
note "122 bytes captured" in the first listing versus "128 bytes
captured" in the second.
this is fixed in upstream commit ea9432fabdf4b33cbc76d9437200e028f1c47c93,
"Fix the calculation of the frame size in memory-mapped captures."
there has not yet been a release on the 1.1 branch (or, well, any
release) since 1.1.1 that contains this fix. but the fix should most
likely be backported to the version in squeeze anyway.
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (900, 'unstable'), (800, 'testing'), (700, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libpcap0.8 depends on:
ii libc6 2.11.2-13 Embedded GNU C Library: Shared lib
libpcap0.8 recommends no packages.
libpcap0.8 suggests no packages.
-- no debconf information
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Romain Francoise <rfrancoise@debian.org>
:
Bug#623868
; Package libpcap0.8
.
(Sun, 24 Apr 2011 03:18:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Robert Edmonds <edmonds@debian.org>
:
Extra info received and forwarded to list. Copy sent to Romain Francoise <rfrancoise@debian.org>
.
(Sun, 24 Apr 2011 03:18:04 GMT) (full text, mbox, link).
Message #10 received at 623868@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
tag 623868 + patch
thanks
Robert Edmonds wrote:
> this is fixed in upstream commit ea9432fabdf4b33cbc76d9437200e028f1c47c93,
> "Fix the calculation of the frame size in memory-mapped captures."
attached is a backport of this commit to 1.1.1, and a patch to the
debian package containing the fix.
--
Robert Edmonds
edmonds@debian.org
[0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch (text/x-diff, attachment)]
[0001-backport-commit-ea9432fabd-from-upstream-for-623868.patch (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]
Added tag(s) patch.
Request was from Robert Edmonds <edmonds@debian.org>
to control@bugs.debian.org
.
(Sun, 24 Apr 2011 03:18:05 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org
:
Bug#623868
; Package libpcap0.8
.
(Sun, 24 Apr 2011 09:18:13 GMT) (full text, mbox, link).
Acknowledgement sent
to Romain Francoise <rfrancoise@debian.org>
:
Extra info received and forwarded to list.
(Sun, 24 Apr 2011 09:18:20 GMT) (full text, mbox, link).
Message #17 received at 623868@bugs.debian.org (full text, mbox, reply):
Robert Edmonds <edmonds@debian.org> writes:
> attached is a backport of this commit to 1.1.1, and a patch to the
> debian package containing the fix.
Thanks, I'll merge this for the next upload.
However, I don't think this issue is really "grave". It doesn't
cause data loss, it just results in less data than requested being
captured.
--
Romain Francoise <rfrancoise@debian.org>
http://people.debian.org/~rfrancoise/
Information forwarded
to debian-bugs-dist@lists.debian.org, Romain Francoise <rfrancoise@debian.org>
:
Bug#623868
; Package libpcap0.8
.
(Sun, 24 Apr 2011 16:21:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Robert Edmonds <edmonds@debian.org>
:
Extra info received and forwarded to list. Copy sent to Romain Francoise <rfrancoise@debian.org>
.
(Sun, 24 Apr 2011 16:21:07 GMT) (full text, mbox, link).
Message #22 received at 623868@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Romain Francoise wrote:
> Robert Edmonds <edmonds@debian.org> writes:
>
> > attached is a backport of this commit to 1.1.1, and a patch to the
> > debian package containing the fix.
>
> Thanks, I'll merge this for the next upload.
>
> However, I don't think this issue is really "grave". It doesn't
> cause data loss, it just results in less data than requested being
> captured.
true, it doesn't result in loss of _existing_ data, but i think this bug
is certainly serious enough to warrant a stable or security update. for
instance, a snapshot length of 1514 actually results in only a maximum
of 1498 bytes being captured, so those who think they are doing "full
packet capture" actually are not, thus breaking TCP stream reassembly
and IP defragmentation, potentially blinding sensors that depend on
libpcap.
in fact, we could go all the way up to critical :) "makes unrelated
software on the system (or the whole system) break, or causes serious
data loss, or introduces a security hole on systems where you install
the package."
--
Robert Edmonds
edmonds@debian.org
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org
:
Bug#623868
; Package libpcap0.8
.
(Mon, 25 Apr 2011 09:21:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Romain Francoise <rfrancoise@debian.org>
:
Extra info received and forwarded to list.
(Mon, 25 Apr 2011 09:21:04 GMT) (full text, mbox, link).
Message #27 received at 623868@bugs.debian.org (full text, mbox, reply):
Robert Edmonds <edmonds@debian.org> writes:
> for instance, a snapshot length of 1514 actually results in only a
> maximum of 1498 bytes being captured, so those who think they are
> doing "full packet capture" actually are not, thus breaking TCP
> stream reassembly and IP defragmentation, potentially blinding
> sensors that depend on libpcap.
Sure it's possible, but quite unlikely. People who want to do "full
packet capture" usually set snaplen to 65535, which is the default
for tcpdump, ngrep, tcpflow, etc.
--
Romain Francoise <rfrancoise@debian.org>
http://people.debian.org/~rfrancoise/
Information forwarded
to debian-bugs-dist@lists.debian.org, Romain Francoise <rfrancoise@debian.org>
:
Bug#623868
; Package libpcap0.8
.
(Mon, 25 Apr 2011 17:36:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Robert Edmonds <edmonds@debian.org>
:
Extra info received and forwarded to list. Copy sent to Romain Francoise <rfrancoise@debian.org>
.
(Mon, 25 Apr 2011 17:36:06 GMT) (full text, mbox, link).
Message #32 received at 623868@bugs.debian.org (full text, mbox, reply):
Romain Francoise wrote:
> Robert Edmonds <edmonds@debian.org> writes:
>
> > for instance, a snapshot length of 1514 actually results in only a
> > maximum of 1498 bytes being captured, so those who think they are
> > doing "full packet capture" actually are not, thus breaking TCP
> > stream reassembly and IP defragmentation, potentially blinding
> > sensors that depend on libpcap.
>
> Sure it's possible, but quite unlikely. People who want to do "full
> packet capture" usually set snaplen to 65535, which is the default
> for tcpdump, ngrep, tcpflow, etc.
no, we don't. setting the snaplen to ~64K means the MMAP'd packet
capture ring needs to allocate ~64K of unswappable kernel memory for
each frame in the ring buffer. the default ring buffer size used in
libpcap is 2 megabytes, which means only a tiny number of frames can be
buffered with a 64K snaplen. generally 2 MB is a quite small buffer to
use on a busy network even with a correctly tuned snapshot length, so
one needs to increase the ring buffer size as well.
snort sets the default snapshot length to 1514, so it is quite broken by
this bug.
--
Robert Edmonds
edmonds@debian.org
Added tag(s) pending.
Request was from Romain Francoise <rfrancoise@debian.org>
to control@bugs.debian.org
.
(Mon, 25 Apr 2011 19:33:05 GMT) (full text, mbox, link).
Reply sent
to Romain Francoise <rfrancoise@debian.org>
:
You have taken responsibility.
(Sat, 30 Apr 2011 10:51:29 GMT) (full text, mbox, link).
Notification sent
to Robert Edmonds <edmonds@debian.org>
:
Bug acknowledged by developer.
(Sat, 30 Apr 2011 10:51:37 GMT) (full text, mbox, link).
Message #39 received at 623868-close@bugs.debian.org (full text, mbox, reply):
Source: libpcap
Source-Version: 1.1.1-4
We believe that the bug you reported is fixed in the latest version of
libpcap, which is due to be installed in the Debian FTP archive:
libpcap-dev_1.1.1-4_all.deb
to main/libp/libpcap/libpcap-dev_1.1.1-4_all.deb
libpcap0.8-dbg_1.1.1-4_amd64.deb
to main/libp/libpcap/libpcap0.8-dbg_1.1.1-4_amd64.deb
libpcap0.8-dev_1.1.1-4_amd64.deb
to main/libp/libpcap/libpcap0.8-dev_1.1.1-4_amd64.deb
libpcap0.8_1.1.1-4_amd64.deb
to main/libp/libpcap/libpcap0.8_1.1.1-4_amd64.deb
libpcap_1.1.1-4.debian.tar.gz
to main/libp/libpcap/libpcap_1.1.1-4.debian.tar.gz
libpcap_1.1.1-4.dsc
to main/libp/libpcap/libpcap_1.1.1-4.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 623868@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Romain Francoise <rfrancoise@debian.org> (supplier of updated libpcap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 30 Apr 2011 12:30:27 +0200
Source: libpcap
Binary: libpcap-dev libpcap0.8-dev libpcap0.8 libpcap0.8-dbg
Architecture: source all amd64
Version: 1.1.1-4
Distribution: unstable
Urgency: low
Maintainer: Romain Francoise <rfrancoise@debian.org>
Changed-By: Romain Francoise <rfrancoise@debian.org>
Description:
libpcap-dev - development library for libpcap (transitional package)
libpcap0.8 - system interface for user-level packet capture
libpcap0.8-dbg - debugging symbols for libpcap0.8
libpcap0.8-dev - development library and header files for libpcap0.8
Closes: 612803 623868
Changes:
libpcap (1.1.1-4) unstable; urgency=low
.
[ Romain Francoise ]
* Cherry-pick commit 073a8b37f9 from upstream to fix device detection
when the bonding module is loaded (closes: #612803).
* debian/patches/50_kfreebsd.diff: Enable zerocopy BPF again.
.
[ Robert S. Edmonds ]
* Backport commit ea9432fabd from upstream to fix corruption of snapshot
length on live captures (closes: #623868).
Checksums-Sha1:
cf0414efa52a10fb4b8155509f410469f652044d 1257 libpcap_1.1.1-4.dsc
2803a24594e28e9d212c997cd50b2447bd6997d7 16948 libpcap_1.1.1-4.debian.tar.gz
7b9dd8c109f0451017e88d2078d985b8f237333e 19710 libpcap-dev_1.1.1-4_all.deb
916f401fdf36e5d538a51b6402acf50307bade4a 234884 libpcap0.8-dev_1.1.1-4_amd64.deb
473c95a8706f20fa53fb10ec635529b37999846f 131230 libpcap0.8_1.1.1-4_amd64.deb
fa6011b8307b0454d9bbdc6c358d01e9e8cb57f5 155640 libpcap0.8-dbg_1.1.1-4_amd64.deb
Checksums-Sha256:
98c46337022b88b5dd502742810c6120bd6a4ea541be9017719296c615943388 1257 libpcap_1.1.1-4.dsc
168c62f7f6d96df70e49676ffd1b5162196fcad9f64b8c2a308e2d1866298454 16948 libpcap_1.1.1-4.debian.tar.gz
1d14b879199829a8bdb3956ecd1fa00d42101fcb18542653a2c99534e024109a 19710 libpcap-dev_1.1.1-4_all.deb
b0efa6abe0f3fbbf1a5309f8ef64ca0b6a17c1094bc07675d8a4ea86609b3b3b 234884 libpcap0.8-dev_1.1.1-4_amd64.deb
65c28b4b0701b640804f841cb446bfc4cb0dc31bf10143b30c8093b5ebb288d9 131230 libpcap0.8_1.1.1-4_amd64.deb
ecd646baa9d9a5041238023f931836408743b3aef41d2acd4e361ffc214f36e8 155640 libpcap0.8-dbg_1.1.1-4_amd64.deb
Files:
d43fc81a0bc5c56df50b6d4a9a3b005c 1257 devel optional libpcap_1.1.1-4.dsc
d973b914529ea90f2b7eac1d5095ed86 16948 devel optional libpcap_1.1.1-4.debian.tar.gz
606f300d4491849302f5fc1bbea55a25 19710 libdevel optional libpcap-dev_1.1.1-4_all.deb
0ad4bd27620f3163670c993ed8eb4995 234884 libdevel optional libpcap0.8-dev_1.1.1-4_amd64.deb
95ddcf46ddcd029920a6ebf1feb10c0d 131230 libs optional libpcap0.8_1.1.1-4_amd64.deb
5a9921d5eccc9360cbef05916df45061 155640 debug extra libpcap0.8-dbg_1.1.1-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFNu+byogN2vsA8Vt8RAvfVAJ9gA06+39zrvxPYHe1kIhC90JF77QCgubeh
IAGUwuM2ZbiwNb3VNfBEm2I=
=8nQp
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, Romain Francoise <rfrancoise@debian.org>
:
Bug#623868
; Package libpcap0.8
.
(Wed, 06 Jul 2011 19:39:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Jonathan Wiltshire <jmw@debian.org>
:
Extra info received and forwarded to list. Copy sent to Romain Francoise <rfrancoise@debian.org>
.
(Wed, 06 Jul 2011 19:39:07 GMT) (full text, mbox, link).
Message #44 received at 623868@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:
lenny (5.0.9)
squeeze (6.0.2)
Please prepare a minimal-changes upload targetting each of these suites,
and submit a debdiff to the Release Team [0] for consideration. They will
offer additional guidance or instruct you to upload your package.
I will happily assist you at any stage if the patch is straightforward and
you need help or lack time. Please keep me in CC at all times so I can
track the progress of this request.
For details of this process and the rationale, please see the original
announcement [1] and my blog post [2].
0: debian-release@lists.debian.org
1: <201101232332.11736.thijs@debian.org>
2: http://deb.li/prsc
Thanks,
with his security hat on:
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org
:
Bug#623868
; Package libpcap0.8
.
(Wed, 06 Jul 2011 21:03:12 GMT) (full text, mbox, link).
Acknowledgement sent
to Romain Francoise <rfrancoise@debian.org>
:
Extra info received and forwarded to list.
(Wed, 06 Jul 2011 21:03:12 GMT) (full text, mbox, link).
Message #49 received at 623868@bugs.debian.org (full text, mbox, reply):
Hi,
Yes, I was planning a s-p-u upload to address this (and also #612803), but
the fix needs further changes to address #625443. Upstream made the
required changes in Git, I just have to backport them to our version.
Regarding an update in lenny: as far as I can tell the combination of
lenny's kernel (2.6.26) and pcap version (0.9.8) is not affected by this
bug so no upload is necessary.
Thanks,
--
Romain Francoise <rfrancoise@debian.org>
http://people.debian.org/~rfrancoise/
Information forwarded
to debian-bugs-dist@lists.debian.org, Romain Francoise <rfrancoise@debian.org>
:
Bug#623868
; Package libpcap0.8
.
(Wed, 06 Jul 2011 21:24:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Jonathan Wiltshire <jmw@debian.org>
:
Extra info received and forwarded to list. Copy sent to Romain Francoise <rfrancoise@debian.org>
.
(Wed, 06 Jul 2011 21:24:03 GMT) (full text, mbox, link).
Message #54 received at 623868@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Wed, Jul 06, 2011 at 11:00:25PM +0200, Romain Francoise wrote:
> Yes, I was planning a s-p-u upload to address this (and also #612803), but
> the fix needs further changes to address #625443. Upstream made the
> required changes in Git, I just have to backport them to our version.
Great, thanks for taking care of it.
> Regarding an update in lenny: as far as I can tell the combination of
> lenny's kernel (2.6.26) and pcap version (0.9.8) is not affected by this
> bug so no upload is necessary.
Ok, I've updated the security tracker with this information.
>
> Thanks,
> --
> Romain Francoise <rfrancoise@debian.org>
> http://people.debian.org/~rfrancoise/
Cheers,
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
[signature.asc (application/pgp-signature, inline)]
Reply sent
to Romain Francoise <rfrancoise@debian.org>
:
You have taken responsibility.
(Fri, 19 Aug 2011 13:57:07 GMT) (full text, mbox, link).
Notification sent
to Robert Edmonds <edmonds@debian.org>
:
Bug acknowledged by developer.
(Fri, 19 Aug 2011 13:57:08 GMT) (full text, mbox, link).
Message #59 received at 623868-close@bugs.debian.org (full text, mbox, reply):
Source: libpcap
Source-Version: 1.1.1-2+squeeze1
We believe that the bug you reported is fixed in the latest version of
libpcap, which is due to be installed in the Debian FTP archive:
libpcap-dev_1.1.1-2+squeeze1_all.deb
to main/libp/libpcap/libpcap-dev_1.1.1-2+squeeze1_all.deb
libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
to main/libp/libpcap/libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
to main/libp/libpcap/libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
to main/libp/libpcap/libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
to main/libp/libpcap/libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
libpcap0.8_1.1.1-2+squeeze1_amd64.deb
to main/libp/libpcap/libpcap0.8_1.1.1-2+squeeze1_amd64.deb
libpcap0.8_1.1.1-2+squeeze1_i386.deb
to main/libp/libpcap/libpcap0.8_1.1.1-2+squeeze1_i386.deb
libpcap_1.1.1-2+squeeze1.debian.tar.gz
to main/libp/libpcap/libpcap_1.1.1-2+squeeze1.debian.tar.gz
libpcap_1.1.1-2+squeeze1.dsc
to main/libp/libpcap/libpcap_1.1.1-2+squeeze1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 623868@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Romain Francoise <rfrancoise@debian.org> (supplier of updated libpcap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 10 Jul 2011 19:26:04 +0200
Source: libpcap
Binary: libpcap-dev libpcap0.8-dev libpcap0.8 libpcap0.8-dbg
Architecture: all amd64 i386 source
Version: 1.1.1-2+squeeze1
Distribution: stable
Urgency: low
Maintainer: Romain Francoise <rfrancoise@debian.org>
Changed-By: Romain Francoise <rfrancoise@debian.org>
Closes: 612803 623868
Description:
libpcap0.8-dbg - debugging symbols for libpcap0.8
libpcap0.8-dev - development library and header files for libpcap0.8
libpcap0.8 - system interface for user-level packet capture
libpcap-dev - development library for libpcap (transitional package)
Changes:
libpcap (1.1.1-2+squeeze1) stable; urgency=low
.
* Backport changes from upstream to fix corruption of snapshot length on
live captures (CVE-2011-1935) (closes: #623868).
* Backport fix from upstream to fix device detection when the bonding
module is loaded (closes: #612803).
Checksums-Sha1:
e183a3e013e5bbc3b5e4de855562e8daa44928f4 19168 libpcap-dev_1.1.1-2+squeeze1_all.deb
52cff064f2657a1a6f019cbb73ae1869f795cc6d 238834 libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
10155408ed2ba2ceb68150bac83a5c6fd4b0ca06 130948 libpcap0.8_1.1.1-2+squeeze1_amd64.deb
8f4d5e536b6b1e5b5dee8cdfbc05d6caf9e24963 139264 libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
bdbbd3e48c3cf97391bad32e6b6ac2681d9e5cd7 225494 libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
7d001dc12ea2d0352246115fb8f03c102b99de5c 125258 libpcap0.8_1.1.1-2+squeeze1_i386.deb
74ec06e14380eb51cc5d07cc920af3b3826d841b 142694 libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
78319ee0f1c344acf34f78783f3358a273bd3b76 1293 libpcap_1.1.1-2+squeeze1.dsc
98aa7cf55ccc7d14a51650cf90f899e7f5e690af 16834 libpcap_1.1.1-2+squeeze1.debian.tar.gz
Checksums-Sha256:
be544629af3f0c15e43a95a5e676093d61b6e614a9d5e6c76c52247e23b5a6fe 19168 libpcap-dev_1.1.1-2+squeeze1_all.deb
de54e018b1aee3c620c76e59581db7b3769e1bb29417fea2b7d07e971e3d9cbb 238834 libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
223663614338f9886b493b725ae4ed991f0ef874dcebfcf90fc2ca339afda607 130948 libpcap0.8_1.1.1-2+squeeze1_amd64.deb
67057afd093c425066765be6a37b7491af75edb011c2d6281f3664f7538a4ce5 139264 libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
4a51adf733ff57ea861a27cd5a8149e3173fdb525622d4d7b579663e23267c96 225494 libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
098026e09aeee4acc4c69844ee6a397f9b0ddbb5efa377c87d8be5c9b111cd8f 125258 libpcap0.8_1.1.1-2+squeeze1_i386.deb
f5506f1482c874052267f6740acc11612a549778e58d16eba5e7d388a64cbbea 142694 libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
1f7a30d23b6b6b4b38baa9fbc4fe6cdd7852a6c73563fde7a2d7b64f891e782b 1293 libpcap_1.1.1-2+squeeze1.dsc
be006c2d86ff3a18b55c11d6f6d9043d549ed3dbe4efe9a701101f5fc91bf51b 16834 libpcap_1.1.1-2+squeeze1.debian.tar.gz
Files:
d5a9c8c5c6d8e02704229eb4842356bf 19168 libdevel optional libpcap-dev_1.1.1-2+squeeze1_all.deb
d36d495d8c0c7af3cf4924f12ed71bfc 238834 libdevel optional libpcap0.8-dev_1.1.1-2+squeeze1_amd64.deb
7d06683fae2d8b7ac5b170110bd30ef1 130948 libs optional libpcap0.8_1.1.1-2+squeeze1_amd64.deb
4ba51dd2ec268921447af9a280f82150 139264 debug extra libpcap0.8-dbg_1.1.1-2+squeeze1_amd64.deb
f9bde569bd658b66816dab84e121b90f 225494 libdevel optional libpcap0.8-dev_1.1.1-2+squeeze1_i386.deb
935f78f9c731c682f324571a038c2121 125258 libs optional libpcap0.8_1.1.1-2+squeeze1_i386.deb
17f862532fcd77ff0308bc47be35e2bd 142694 debug extra libpcap0.8-dbg_1.1.1-2+squeeze1_i386.deb
0384beeab77ffa914c4bff0a4a702488 1293 devel optional libpcap_1.1.1-2+squeeze1.dsc
e0eccf117143a6f8f4004fc684a56966 16834 devel optional libpcap_1.1.1-2+squeeze1.debian.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOTUpzogN2vsA8Vt8RAhrMAKDMa2Sjj/EMzpAflyrgIs6+XtCXiACfelpX
fYBw0bO2y2fVxWrmqXTHtRM=
=vLBQ
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sun, 09 Oct 2011 07:35:55 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:23:59 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.