Fedora 26: tcpreplay Security Update
Summary
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.
Update Information:
Here is what is fixed in this release: - Fix reporting of rates < 1Mbps (#348) - Option --unique-ip not working properly (#346) ---- Features and fixes include: - MAC rewriting capabilities by Pedro Arthur (#313) - Fix several issues identified by Coverity (#305) - Packet distortion --fuzz-seed option by Gabriel Ganne (#302) - Add --unique-ip-loops option to modify IPs every few loops (#296) - Netmap startup delay increase (#290) - tcpcapinfo buffer overflow vulnerablily (#278) - Update git-clone instructions by Kyle McDonald (#277) - Allow fractions for --pps option (#270) - Print per-loop stats with --stats=0 (#269) - Add protection against packet drift by Guillaume Scott (#268) - Print flow stats periodically with --stats output (#262) - Include Travis-CI build support by Ilya Shipitsin (#264) (#285) - tcpreplay won't replay all packets in a pcap file with --netmap (#255) - First and last packet times in --stats output (#239) - Switch to wire speed after 30 minutes at 6 Gbps (#210) - tcprewrite fix checksum properly for fragmented packets (#190)
Change Log
References
[ 1 ] Bug #1429521 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1429521 [ 2 ] Bug #1429522 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1429522
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade tcpreplay' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html