From 6f313d7ccaa1da11600c757093922c5c0bd806b2 Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Sat, 8 Dec 2018 17:22:08 +0000
Subject: user/tcpdump: fix CVE-2018-19519

---
 user/tcpdump/APKBUILD             | 13 ++++++++++---
 user/tcpdump/CVE-2018-19519.patch | 10 ++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)
 create mode 100644 user/tcpdump/CVE-2018-19519.patch

(limited to 'user/tcpdump')

diff --git a/user/tcpdump/APKBUILD b/user/tcpdump/APKBUILD
index c5f4203e7..7adeefa35 100644
--- a/user/tcpdump/APKBUILD
+++ b/user/tcpdump/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Dan Theisen <djt@hxx.in>
 pkgname=tcpdump
 pkgver=4.9.2
-pkgrel=0
+pkgrel=1
 pkgdesc="A tool for network monitoring and data acquisition"
 url="http://www.tcpdump.org"
 arch="all"
@@ -10,7 +10,13 @@ license="BSD-3-Clause"
 depends=""
 makedepends="libpcap-dev openssl-dev perl"
 subpackages="$pkgname-doc"
-source="http://www.tcpdump.org/release/$pkgname-$pkgver.tar.gz"
+source="http://www.tcpdump.org/release/$pkgname-$pkgver.tar.gz
+	CVE-2018-19519.patch
+	"
+
+# secfixes:
+#   4.9.2-r1:
+#     - CVE-2018-19519
 
 build () {
 	cd "$builddir"
@@ -35,4 +41,5 @@ package() {
 	rm -f "$pkgdir"/usr/sbin/tcpdump.4*
 }
 
-sha512sums="e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b  tcpdump-4.9.2.tar.gz"
+sha512sums="e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b  tcpdump-4.9.2.tar.gz
+eb4232e434064ec59b07840aa394cfcc05c89e817f2d4ebeb4da1dbb1c910fe1805857356d6304ebdb16e32aa6476ce90f164aabc60501b493fd5601b380af7e  CVE-2018-19519.patch"
diff --git a/user/tcpdump/CVE-2018-19519.patch b/user/tcpdump/CVE-2018-19519.patch
new file mode 100644
index 000000000..ac3293927
--- /dev/null
+++ b/user/tcpdump/CVE-2018-19519.patch
@@ -0,0 +1,10 @@
+--- tcpdump-4.9.2/print-hncp.c.old	2017-09-03 23:17:14.000000000 +0000
++++ tcpdump-4.9.2/print-hncp.c	2018-12-07 19:31:24.360000000 +0000
+@@ -228,6 +228,7 @@
+ 	snprintf(buf, sizeof(buf), "%s/%d", ipaddr_string(ndo, &addr), plen);
+         plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
+     } else {
++        buf[0] = '\0';
+         plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
+     }
+ 
-- 
cgit v1.2.3-60-g2f50