From f5961ff56a8db95d0f34c640e0b7d7e7b07e540e Mon Sep 17 00:00:00 2001 From: Baruch Siach Date: Tue, 8 Jan 2019 18:13:58 +0200 Subject: [PATCH] tcpreplay: security bump to version 4.3.1 Upstream CHANGELOG entry for 4.3.0 lists these fixes: - CVE-2018-18408 use-after-free in post_args (#489) - CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488) - CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486) - CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485) - CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484) - CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408) Drop tr_cv_libpcap_version and ac_cv_have_bpf; unused in current configure script. Make configure script use pcap-config to list library dependencies. Unfortunately, pcap-config is not entirely correct, so we still need to set the LIBS variable for static linking. Use the smaller tar.xz archive. Add license file hash. Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard --- package/tcpreplay/tcpreplay.hash | 5 ++++- package/tcpreplay/tcpreplay.mk | 16 ++++++---------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/package/tcpreplay/tcpreplay.hash b/package/tcpreplay/tcpreplay.hash index b033d3c3f1..31b3d3eb28 100644 --- a/package/tcpreplay/tcpreplay.hash +++ b/package/tcpreplay/tcpreplay.hash @@ -1,2 +1,5 @@ # Locally calculated after checking pgp signature -sha256 043756c532dab93e2be33a517ef46b1341f7239278a1045ae670041dd8a4531d tcpreplay-4.2.6.tar.gz +# https://github.com/appneta/tcpreplay/releases/download/v4.3.1/tcpreplay-4.3.1.tar.xz.asc +# using key 84E4FA215C934A7D97DC76D5E9E2149793BDE17E +sha256 108924a25e616e3465139410c49cae629c338df73443dfc8fc155ea9f099c659 tcpreplay-4.3.1.tar.xz +sha256 5971b0c544622f4b210a9cc56436a970685d3b0666e373c09e3cf9304db15d05 docs/LICENSE diff --git a/package/tcpreplay/tcpreplay.mk b/package/tcpreplay/tcpreplay.mk index adccde0eb0..71e57d5bd9 100644 --- a/package/tcpreplay/tcpreplay.mk +++ b/package/tcpreplay/tcpreplay.mk @@ -4,24 +4,20 @@ # ################################################################################ -TCPREPLAY_VERSION = 4.2.6 +TCPREPLAY_VERSION = 4.3.1 TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPREPLAY_VERSION) +TCPREPLAY_SOURCE = tcpreplay-4.3.1.tar.xz TCPREPLAY_LICENSE = GPL-3.0 TCPREPLAY_LICENSE_FILES = docs/LICENSE TCPREPLAY_CONF_ENV = \ - tr_cv_libpcap_version=">= 0.7.0" \ - ac_cv_have_bpf=no \ - $(call AUTOCONF_AC_CHECK_FILE_VAL,$(STAGING_DIR)/usr/include/pcap-netmap.c)=no -TCPREPLAY_CONF_OPTS = --with-libpcap=$(STAGING_DIR)/usr + ac_cv_path_ac_pt_PCAP_CONFIG="$(STAGING_DIR)/usr/bin/pcap-config" +TCPREPLAY_CONF_OPTS = --with-libpcap=$(STAGING_DIR)/usr \ + --enable-pcapconfig TCPREPLAY_DEPENDENCIES = libpcap -# libpcap may depend on symbols in other libs -TCPREPLAY_LIBS = $(STAGING_DIR)/usr/bin/pcap-config --static --libs -TCPREPLAY_CONF_ENV += ac_cv_search_pcap_close="`$(TCPREPLAY_LIBS)`" \ - LIBS="`$(TCPREPLAY_LIBS)`" - ifeq ($(BR2_STATIC_LIBS),y) TCPREPLAY_CONF_OPTS += --enable-dynamic-link=no +TCPREPLAY_CONF_ENV += LIBS="`$(STAGING_DIR)/usr/bin/pcap-config --static --libs`" endif ifeq ($(BR2_PACKAGE_TCPDUMP),y)