[tcpdump-workers] Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?
Michael Richardson
mcr at sandelman.ca
Fri Nov 21 15:47:06 EST 2014
Guy Harris <guy at alum.mit.edu> wrote:
>> I'm looking for the official patches for CVE-2014-8767, CVE-2014-8768
>> and CVE-2014-8769 but they don't seem to be in the Github repository.
> Michael, are changes made to the bpf.tcpdump.org repository still
> getting pushed to the Github repository? There was a time when they
> were.
It's supposed to happen, but I'm checking.
Should be there now. Is cron failing to do it's thing?
>> The advisories also mention a 4.7.0 version with the fixes, but it's not
>> there either.
> I don't think it's out yet - Michael?
It's in the tcpdump.org/beta/ directory, but I didn't want to release until
the distros had a chance to patch.
More information about the tcpdump-workers
mailing list