From cd5191efd97e814099d211288a9956e88677ff75 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Thu, 30 Dec 2021 23:36:06 +0100 Subject: [PATCH] package/tcpreplay: security bump to version 4.3.4 - heap buffer overflow in tcpreplay fast_edit_packet - heap buffer overflow in tcpreplay get_next_packet - CVE-2020-24266 heap buffer overflow in tcpprep get_l2len - CVE-2020-24265 heap buffer overflow in tcpprep - Drop patch (already in version) and so autoreconf - Update hash of license file (http -> https with https://github.com/appneta/tcpreplay/commit/ad8a18005347b3cef84a9b478d56de96d1ad254f) https://github.com/appneta/tcpreplay/releases/tag/v4.3.4 Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni --- ...001-configure-ac-fix-without-libdnet.patch | 76 ------------------- package/tcpreplay/tcpreplay.hash | 6 +- package/tcpreplay/tcpreplay.mk | 4 +- 3 files changed, 4 insertions(+), 82 deletions(-) delete mode 100644 package/tcpreplay/0001-configure-ac-fix-without-libdnet.patch diff --git a/package/tcpreplay/0001-configure-ac-fix-without-libdnet.patch b/package/tcpreplay/0001-configure-ac-fix-without-libdnet.patch deleted file mode 100644 index 75ed4f94de..0000000000 --- a/package/tcpreplay/0001-configure-ac-fix-without-libdnet.patch +++ /dev/null @@ -1,76 +0,0 @@ -From acee9c0c46f71f1f4c33c2dadf69d19e24b90f27 Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine -Date: Tue, 13 Aug 2019 20:19:23 +0200 -Subject: [PATCH] configure.ac: fix --without-libdnet - -Allow the user to disable libdnet check through --without-libdnet. -This option is useful to cross-compile tcpreplay to avoid build failures -if libdnet is installed on host but not on target, see -https://bugs.buildroot.org/show_bug.cgi?id=12096 - -Signed-off-by: Fabrice Fontaine -[Upstream status: https://github.com/appneta/tcpreplay/pull/567] ---- - configure.ac | 48 +++++++++++++++++++++++++----------------------- - 1 file changed, 25 insertions(+), 23 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 39ba58b7..5de3dcb5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1464,30 +1464,32 @@ if test $have_cygwin = no ; then - AC_HELP_STRING([--with-libdnet=DIR], [Use libdnet in DIR]), - [trydnetdir=$withval]) - -- case "$build_os" in -- linux*) -- dnl # Debian/Ubuntu already have a package called libdnet -- dnl # so you the package you want to install libdumbnet-dev -- for testdir in $trydnetdir /usr/local /opt/local /usr ; do -- if test -x ${testdir}/bin/dumbnet-config -a $founddnet = no ; then -- LDNETINC="$($testdir/bin/dumbnet-config --cflags)" -- LDNETLIB="$($testdir/bin/dumbnet-config --libs)" -- libdnet_version="$($testdir/bin/dumbnet-config --version) (libdumbnet)" -- founddnet=$testdir -- fi -- done -- ;; -- esac -+ if test $trydnetdir != no; then -+ case "$build_os" in -+ linux*) -+ dnl # Debian/Ubuntu already have a package called libdnet -+ dnl # so you the package you want to install libdumbnet-dev -+ for testdir in $trydnetdir /usr/local /opt/local /usr ; do -+ if test -x ${testdir}/bin/dumbnet-config -a $founddnet = no ; then -+ LDNETINC="$($testdir/bin/dumbnet-config --cflags)" -+ LDNETLIB="$($testdir/bin/dumbnet-config --libs)" -+ libdnet_version="$($testdir/bin/dumbnet-config --version) (libdumbnet)" -+ founddnet=$testdir -+ fi -+ done -+ ;; -+ esac - -- if test $founddnet = no ; then -- for testdir in $trydnetdir /usr/local /opt/local $MACOSX_SDK_PATH/usr /usr ; do -- if test -x ${testdir}/bin/dnet-config -a $founddnet = no ; then -- LDNETINC="$($testdir/bin/dnet-config --cflags)" -- LDNETLIB="$($testdir/bin/dnet-config --libs)" -- libdnet_version="$($testdir/bin/dnet-config --version)" -- founddnet=$testdir -- fi -- done -+ if test $founddnet = no ; then -+ for testdir in $trydnetdir /usr/local /opt/local $MACOSX_SDK_PATH/usr /usr ; do -+ if test -x ${testdir}/bin/dnet-config -a $founddnet = no ; then -+ LDNETINC="$($testdir/bin/dnet-config --cflags)" -+ LDNETLIB="$($testdir/bin/dnet-config --libs)" -+ libdnet_version="$($testdir/bin/dnet-config --version)" -+ founddnet=$testdir -+ fi -+ done -+ fi - fi - - if test $founddnet = no ; then diff --git a/package/tcpreplay/tcpreplay.hash b/package/tcpreplay/tcpreplay.hash index e83efd78b1..8bcdae958c 100644 --- a/package/tcpreplay/tcpreplay.hash +++ b/package/tcpreplay/tcpreplay.hash @@ -1,5 +1,5 @@ # Locally calculated after checking pgp signature -# https://github.com/appneta/tcpreplay/releases/download/v4.3.3/tcpreplay-4.3.3.tar.xz.asc +# https://github.com/appneta/tcpreplay/releases/download/v4.3.4/tcpreplay-4.3.4.tar.xz.asc # using key 84E4FA215C934A7D97DC76D5E9E2149793BDE17E -sha256 5e960e2a4432f583adbd11fa0855d17b73d9e0f2d6453b749f27aacaee53bab5 tcpreplay-4.3.3.tar.xz -sha256 5971b0c544622f4b210a9cc56436a970685d3b0666e373c09e3cf9304db15d05 docs/LICENSE +sha256 42c055106e55852c29d94bb6e1b9e001a0723349f2985eb893a47d384c85002b tcpreplay-4.3.4.tar.xz +sha256 07cf5e92d475287a7d1663b33097f40cae5adf03ed8920fcd4374e3dfb48c8ad docs/LICENSE diff --git a/package/tcpreplay/tcpreplay.mk b/package/tcpreplay/tcpreplay.mk index 9208cb8176..ef65403974 100644 --- a/package/tcpreplay/tcpreplay.mk +++ b/package/tcpreplay/tcpreplay.mk @@ -4,7 +4,7 @@ # ################################################################################ -TCPREPLAY_VERSION = 4.3.3 +TCPREPLAY_VERSION = 4.3.4 TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPREPLAY_VERSION) TCPREPLAY_SOURCE = tcpreplay-$(TCPREPLAY_VERSION).tar.xz TCPREPLAY_LICENSE = GPL-3.0 @@ -15,8 +15,6 @@ TCPREPLAY_CONF_ENV = \ TCPREPLAY_CONF_OPTS = --with-libpcap=$(STAGING_DIR)/usr \ --enable-pcapconfig TCPREPLAY_DEPENDENCIES = libpcap -# We're patching configure.ac -TCPREPLAY_AUTORECONF = YES ifeq ($(BR2_STATIC_LIBS),y) TCPREPLAY_CONF_OPTS += --enable-dynamic-link=no