--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2019-9013b5e75d
2019-08-24 01:59:19.885007
--------------------------------------------------------------------------------Name        : nfdump
Product     : Fedora 29
Version     : 1.6.18
Release     : 1.fc29
URL         : https://github.com/phaag/nfdump
Summary     : NetFlow collecting and processing tools
Description :
Nfdump is a set of tools to collect and process NetFlow data. It's fast and has
a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9
and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA
(NSEL) and CISCO NAT (NEL) devices which export event logging records as v9
flows. Nfdump is fully IPv6 compatible.

--------------------------------------------------------------------------------Update Information:

2019-08-14  - Fix compile issues - Fix output buffer size for
lzo1x_decompress_safe()  2019-08-07  - Fix VerifyExtensionMap #179  2019-08-06
- Fix compile errors  2019-08-05  - Fix nfdump.1 man page. #175 - Fix off by 1
array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in
AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound
checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove
COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge
pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in
nfpcapd  2019-07-31  - Add early record size sanity check also for nfprofile,
nfanon and nfreplay  2019-07-26  - nfpcapd cleanup, add some more monitoring -Fix hbo_exporter.c:249_1 segfault  - Fix hbo_nffile_inline.c:85_1 segfault - Fix
hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo
decompress function  2019-07-25  - Rework nfpcapd and add it officially to the
nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer
underflow #171  2019-07-16  - Add latency extension if dumping flowcache
2019-07-15  - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM
otherwise.  2019-07-02  - Add ipfix element #150, #151 unix time start/end - Fix
display bug raw record  2019-06-01  - Add ipfix dyn element handling. - Add
empty m4 directory - keep autoconf happy  2019-06-01  - Fix issue #162 - ipfix
mpls sequece. - Fix issue #156 - print flowtable index error  2019-03-17  - Fix
spec file - Remove non thread safe logging in nfpcapd  2018-11-24  - Fix
protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix
some error messages to be printed to the correct stream #135 - Add missing -M
command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug
to accept -y compression flag in nfcapd. - #145  2018-06-24  - Fix bookkeeper
type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8
repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list -Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge
#120 pull request for -z parameter to nfreplay - Update man page nfreplay
--------------------------------------------------------------------------------ChangeLog:

* Wed Aug 14 2019 Denis Fateyev  - 1.6.18-1
- Update to version 1.6.18
* Thu Jul 25 2019 Fedora Release Engineering  - 1.6.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb  1 2019 Fedora Release Engineering  - 1.6.17-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1735649 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735649
  [ 2 ] Bug #1735555 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735555
  [ 3 ] Bug #1735648 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735648
  [ 4 ] Bug #1735554 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1735554
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-9013b5e75d' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 29: nfdump FEDORA-2019-9013b5e75d

August 23, 2019
2019-08-14 - Fix compile issues - Fix output buffer size for lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdum...

Summary

Nfdump is a set of tools to collect and process NetFlow data. It's fast and has

a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9

and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA

(NSEL) and CISCO NAT (NEL) devices which export event logging records as v9

flows. Nfdump is fully IPv6 compatible.

2019-08-14 - Fix compile issues - Fix output buffer size for

lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06

- Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1

array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in

AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound

checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove

COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge

pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in

nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile,

nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some more monitoring -Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix

hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo

decompress function 2019-07-25 - Rework nfpcapd and add it officially to the

nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer

underflow #171 2019-07-16 - Add latency extension if dumping flowcache

2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM

otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix

display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add

empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix

mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix

spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix

protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix

some error messages to be printed to the correct stream #135 - Add missing -M

command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug

to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper

type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8

repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list -Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge

#120 pull request for -z parameter to nfreplay - Update man page nfreplay

* Wed Aug 14 2019 Denis Fateyev - 1.6.18-1

- Update to version 1.6.18

* Thu Jul 25 2019 Fedora Release Engineering - 1.6.17-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Fri Feb 1 2019 Fedora Release Engineering - 1.6.17-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

[ 1 ] Bug #1735649 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735649

[ 2 ] Bug #1735555 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735555

[ 3 ] Bug #1735648 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735648

[ 4 ] Bug #1735554 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1735554

su -c 'dnf upgrade --advisory FEDORA-2019-9013b5e75d' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2019-9013b5e75d 2019-08-24 01:59:19.885007 Product : Fedora 29 Version : 1.6.18 Release : 1.fc29 URL : https://github.com/phaag/nfdump Summary : NetFlow collecting and processing tools Description : Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA (NSEL) and CISCO NAT (NEL) devices which export event logging records as v9 flows. Nfdump is fully IPv6 compatible. 2019-08-14 - Fix compile issues - Fix output buffer size for lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1 array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile, nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some more monitoring -Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo decompress function 2019-07-25 - Rework nfpcapd and add it officially to the nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer underflow #171 2019-07-16 - Add latency extension if dumping flowcache 2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix some error messages to be printed to the correct stream #135 - Add missing -M command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8 repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list -Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge #120 pull request for -z parameter to nfreplay - Update man page nfreplay * Wed Aug 14 2019 Denis Fateyev - 1.6.18-1 - Update to version 1.6.18 * Thu Jul 25 2019 Fedora Release Engineering - 1.6.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Fri Feb 1 2019 Fedora Release Engineering - 1.6.17-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild [ 1 ] Bug #1735649 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735649 [ 2 ] Bug #1735555 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735555 [ 3 ] Bug #1735648 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735648 [ 4 ] Bug #1735554 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735554 su -c 'dnf upgrade --advisory FEDORA-2019-9013b5e75d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 29
Version : 1.6.18
Release : 1.fc29
URL : https://github.com/phaag/nfdump
Summary : NetFlow collecting and processing tools

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved