Category Archives: Advisories

tcpreplay-4.4.2-1.fc35

Read Time:41 Second

FEDORA-2022-680ea95f71

Packages in this update:

tcpreplay-4.4.2-1.fc35

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

tcpreplay-4.4.2-1.el9

Read Time:42 Second

FEDORA-EPEL-2022-e8156314ff

Packages in this update:

tcpreplay-4.4.2-1.el9

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

tcpreplay-4.4.2-1.fc37

Read Time:41 Second

FEDORA-2022-d31a521866

Packages in this update:

tcpreplay-4.4.2-1.fc37

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

tcpreplay-4.4.2-1.el7

Read Time:42 Second

FEDORA-EPEL-2022-cf9b662b60

Packages in this update:

tcpreplay-4.4.2-1.el7

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

CVE-2021-20260

Read Time:13 Second

A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Read More

CVE-2021-3414

Read Time:12 Second

A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality.

Read More

CVE-2021-3427

Read Time:16 Second

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it’s interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user’s browser session.

Read More