--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ecd4cc8435
2024-07-21 01:38:57.829370
--------------------------------------------------------------------------------

Name        : tcpreplay
Product     : Fedora 40
Version     : 4.5.1
Release     : 1.fc40
URL         : http://tcpreplay.appneta.com/
Summary     : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.

--------------------------------------------------------------------------------
Update Information:

Announcing v4.5.1
This release contains contributions from a record number of new contributors.
This is greatly appreciated since I am a team of one, and do Tcpreplay
maintenance in my spare time.
There are many bug fixes and new features. Most notable features:
AF_XDP socket support - if you have a newer Linux kernel, you will be able to
transmit at line rates without having to install 3rd party kernel modules (e.g.
netmap, PF_RING)
-w tcpreplay option - this overrides the -i option, and allows you to write to a
PCAP file rather than an interface
--include and --exclude tcpreplay options - allows replay of a list of specific
packet numbers to replay. This may slow things down, so consider using in
combination with -w.
--fixhdrlen tcpreplay option - added to control action on packet length changes
-W tcpreplay option - suppress warnings when replaying
SLL2( Linux "cooked" capture encapsulation v2)
Haiku support
What's Changed
Add support for LINUX_SLL2 by @btriller in #728
Feature #727 - Linux SLL v2 by @fklassen in #820
Bug #779 - honour overflow for all PPS values by @fklassen in #821
AF_XDP socket extension using libxdp api by @plangarbalint in #797
Feature #822 - AF_XDP socket extension by @fklassen in #823
Nanosec accurate packet processing by @plangarbalint in #796
Handle IPv6 fragment extension header by @ChuckCottrill in #832
Bug #837 - handle IPv6 fragment extension header by @fklassen in #838
Feature #796 - nanosecond packet processing by @fklassen in #836
configure.ac: unify search dirs for pcap and add lib32 by @shr-project in #819
Feature #839 - add pull request template by @fklassen in #840
ipv6 - add check for extension header length by @GabrielGanne in #842
Bug #827 PR #842 IPv6 extension header - staging by @fklassen in #859
add check for empty cidr by @GabrielGanne in #843
Bug #824 and PR #843: check for empty CIDR by @fklassen in #860
Add option to turn on/off fix packet header length by @ChuckCottrill in #846
Bug #703 #844 PR #846: optionally fix packet header length --fixhdrlen by
@fklassen in #861
Bug 863: fix nansecond timestamp regression by @fklassen in #865
autotools - AC_HELP_STRING is obsolete in 2.70 by @GabrielGanne in #856
some Haiku support by @infrastation in #847
configure.ac: do not run conftest in case of cross compilation by @ChenQi1989 in
#849
dlt_jnpr_ether_cleanup: check config before cleanup by @Marsman1996 in #851
Fix recursive tcpedit cleanup by @GabrielGanne in #855
Bug #813: back out PR #855 by @fklassen in #866
Bug #867 - run regfree() on close by @fklassen in #868
Bug #869 tcpprep memory leak include exclude by @fklassen in #870
Bug #811 - add check for invalid jnpr header length by @fklassen in #872
Bug #792 avoid assertion and other fixes by @fklassen in #873
Bug #844 tap: ignore TUNSETIFF EBUSY errors by @fklassen in #874
Bug #876 - add missing free_umem_and_xsk function by @fklassen in #877
Feature #878 - add -w / --suppress-warning option by @fklassen in #879
Bug #835 false unsupported dlt warnings on 802.3 (Ethernet I) and LLC by
@fklassen in #880
Feature #884 include exclude options by @fklassen in #885
Feature #853 direct traffic to pcap by @fklassen in #871
Feature #853 restore missing -P command by @fklassen in #887
Bug #888: check for map == NULL in cidr.c by @fklassen in #889
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 13 2024 Bojan Smojver  - 4.5.1-1
- Update to 4.5.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2271992 - CVE-2024-3024 tcpreplay: heap-based buffer overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2271992
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ecd4cc8435' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

-- 
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Critical Fedora 40 Security Advisory for Tcpreplay v4.5.1: Important Fixes Inside

July 21, 2024
Announcing v4.5.1 This release contains contributions from a record number of new contributors

Summary

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay

supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep

a tool to pre-process capture files to allow increased performance under

certain conditions as well as capinfo which provides basic information about

capture files.

Update Information:

Announcing v4.5.1 This release contains contributions from a record number of new contributors. This is greatly appreciated since I am a team of one, and do Tcpreplay maintenance in my spare time. There are many bug fixes and new features. Most notable features: AF_XDP socket support - if you have a newer Linux kernel, you will be able to transmit at line rates without having to install 3rd party kernel modules (e.g. netmap, PF_RING) -w tcpreplay option - this overrides the -i option, and allows you to write to a PCAP file rather than an interface --include and --exclude tcpreplay options - allows replay of a list of specific packet numbers to replay. This may slow things down, so consider using in combination with -w. --fixhdrlen tcpreplay option - added to control action on packet length changes -W tcpreplay option - suppress warnings when replaying SLL2( Linux "cooked" capture encapsulation v2) Haiku support What's Changed Add support for LINUX_SLL2 by @btriller...

Change Log

* Sat Jul 13 2024 Bojan Smojver - 4.5.1-1 - Update to 4.5.1

References

[ 1 ] Bug #2271992 - CVE-2024-3024 tcpreplay: heap-based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2271992

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ecd4cc8435' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : tcpreplay
Product : Fedora 40
Version : 4.5.1
Release : 1.fc40
URL : http://tcpreplay.appneta.com/
Summary : Replay captured network traffic

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved