* [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR
@ 2022-06-19 16:32 Fabrice Fontaine
2022-06-19 16:32 ` [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1 Fabrice Fontaine
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Fabrice Fontaine @ 2022-06-19 16:32 UTC (permalink / raw)
To: buildroot; +Cc: Fabrice Fontaine
tcpreplay has been replaced by broadcom since April 2022:
<cpe-item name="cpe:/a:tcpreplay:tcpreplay:4.3.1" deprecated="true" deprecation_date="2022-04-02T03:29:17.303Z">
<title xml:lang="en-US">tcpreplay 4.3.1</title>
<reference href="http://tcpreplay.synfin.net/wiki/Download">Vendor</reference>
<reference href="https://sourceforge.net/projects/tcpreplay/">Product</reference>
<cpe-23:cpe23-item name="cpe:2.3:a:tcpreplay:tcpreplay:4.3.1:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3:a:broadcom:tcpreplay:4.3.1:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abroadcom%3Atcpreplay
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/tcpreplay/tcpreplay.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/tcpreplay/tcpreplay.mk b/package/tcpreplay/tcpreplay.mk
index ef65403974..9f2da6439b 100644
--- a/package/tcpreplay/tcpreplay.mk
+++ b/package/tcpreplay/tcpreplay.mk
@@ -9,7 +9,7 @@ TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPRE
TCPREPLAY_SOURCE = tcpreplay-$(TCPREPLAY_VERSION).tar.xz
TCPREPLAY_LICENSE = GPL-3.0
TCPREPLAY_LICENSE_FILES = docs/LICENSE
-TCPREPLAY_CPE_ID_VENDOR = tcpreplay
+TCPREPLAY_CPE_ID_VENDOR = broadcom
TCPREPLAY_CONF_ENV = \
ac_cv_path_ac_pt_PCAP_CONFIG="$(STAGING_DIR)/usr/bin/pcap-config"
TCPREPLAY_CONF_OPTS = --with-libpcap=$(STAGING_DIR)/usr \
--
2.35.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1
2022-06-19 16:32 [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Fabrice Fontaine
@ 2022-06-19 16:32 ` Fabrice Fontaine
2022-07-22 7:07 ` Peter Korsgaard
2022-06-27 22:34 ` [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Peter Korsgaard
2022-07-22 7:07 ` Peter Korsgaard
2 siblings, 1 reply; 5+ messages in thread
From: Fabrice Fontaine @ 2022-06-19 16:32 UTC (permalink / raw)
To: buildroot; +Cc: Fabrice Fontaine
- Fix CVE-2021-45386: tcpreplay 4.3.4 has a Reachable Assertion in
add_tree_ipv6() at tree.c
- Fix CVE-2021-45387: tcpreplay 4.3.4 has a Reachable Assertion in
add_tree_ipv4() at tree.c.
https://github.com/appneta/tcpreplay/blob/v4.4.1/docs/CHANGELOG
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/tcpreplay/tcpreplay.hash | 4 ++--
package/tcpreplay/tcpreplay.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/tcpreplay/tcpreplay.hash b/package/tcpreplay/tcpreplay.hash
index 8bcdae958c..32bfd219d4 100644
--- a/package/tcpreplay/tcpreplay.hash
+++ b/package/tcpreplay/tcpreplay.hash
@@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
-# https://github.com/appneta/tcpreplay/releases/download/v4.3.4/tcpreplay-4.3.4.tar.xz.asc
+# https://github.com/appneta/tcpreplay/releases/download/v4.4.1/tcpreplay-4.4.1.tar.xz.asc
# using key 84E4FA215C934A7D97DC76D5E9E2149793BDE17E
-sha256 42c055106e55852c29d94bb6e1b9e001a0723349f2985eb893a47d384c85002b tcpreplay-4.3.4.tar.xz
+sha256 51f70ed14be5913f19c25cdfa530e98c14cedab1c76fbdd26eca7b61b57344f2 tcpreplay-4.4.1.tar.xz
sha256 07cf5e92d475287a7d1663b33097f40cae5adf03ed8920fcd4374e3dfb48c8ad docs/LICENSE
diff --git a/package/tcpreplay/tcpreplay.mk b/package/tcpreplay/tcpreplay.mk
index 9f2da6439b..86894e468e 100644
--- a/package/tcpreplay/tcpreplay.mk
+++ b/package/tcpreplay/tcpreplay.mk
@@ -4,7 +4,7 @@
#
################################################################################
-TCPREPLAY_VERSION = 4.3.4
+TCPREPLAY_VERSION = 4.4.1
TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPREPLAY_VERSION)
TCPREPLAY_SOURCE = tcpreplay-$(TCPREPLAY_VERSION).tar.xz
TCPREPLAY_LICENSE = GPL-3.0
--
2.35.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR
2022-06-19 16:32 [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Fabrice Fontaine
2022-06-19 16:32 ` [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1 Fabrice Fontaine
@ 2022-06-27 22:34 ` Peter Korsgaard
2022-07-22 7:07 ` Peter Korsgaard
2 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2022-06-27 22:34 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> tcpreplay has been replaced by broadcom since April 2022:
> <cpe-item name="cpe:/a:tcpreplay:tcpreplay:4.3.1" deprecated="true" deprecation_date="2022-04-02T03:29:17.303Z">
> <title xml:lang="en-US">tcpreplay 4.3.1</title>
> <reference href="http://tcpreplay.synfin.net/wiki/Download">Vendor</reference>
> <reference href="https://sourceforge.net/projects/tcpreplay/">Product</reference>
> <cpe-23:cpe23-item name="cpe:2.3:a:tcpreplay:tcpreplay:4.3.1:*:*:*:*:*:*:*">
> <cpe-23:deprecated-by name="cpe:2.3:a:broadcom:tcpreplay:4.3.1:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
> https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abroadcom%3Atcpreplay
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
> package/tcpreplay/tcpreplay.mk | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> diff --git a/package/tcpreplay/tcpreplay.mk b/package/tcpreplay/tcpreplay.mk
> index ef65403974..9f2da6439b 100644
> --- a/package/tcpreplay/tcpreplay.mk
> +++ b/package/tcpreplay/tcpreplay.mk
> @@ -9,7 +9,7 @@ TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPRE
> TCPREPLAY_SOURCE = tcpreplay-$(TCPREPLAY_VERSION).tar.xz
> TCPREPLAY_LICENSE = GPL-3.0
> TCPREPLAY_LICENSE_FILES = docs/LICENSE
> -TCPREPLAY_CPE_ID_VENDOR = tcpreplay
> +TCPREPLAY_CPE_ID_VENDOR = broadcom
Odd, but OK - Committed, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR
2022-06-19 16:32 [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Fabrice Fontaine
2022-06-19 16:32 ` [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1 Fabrice Fontaine
2022-06-27 22:34 ` [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Peter Korsgaard
@ 2022-07-22 7:07 ` Peter Korsgaard
2 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2022-07-22 7:07 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> tcpreplay has been replaced by broadcom since April 2022:
> <cpe-item name="cpe:/a:tcpreplay:tcpreplay:4.3.1" deprecated="true" deprecation_date="2022-04-02T03:29:17.303Z">
> <title xml:lang="en-US">tcpreplay 4.3.1</title>
> <reference href="http://tcpreplay.synfin.net/wiki/Download">Vendor</reference>
> <reference href="https://sourceforge.net/projects/tcpreplay/">Product</reference>
> <cpe-23:cpe23-item name="cpe:2.3:a:tcpreplay:tcpreplay:4.3.1:*:*:*:*:*:*:*">
> <cpe-23:deprecated-by name="cpe:2.3:a:broadcom:tcpreplay:4.3.1:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
> https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abroadcom%3Atcpreplay
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2022.05.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1
2022-06-19 16:32 ` [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1 Fabrice Fontaine
@ 2022-07-22 7:07 ` Peter Korsgaard
0 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2022-07-22 7:07 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> - Fix CVE-2021-45386: tcpreplay 4.3.4 has a Reachable Assertion in
> add_tree_ipv6() at tree.c
> - Fix CVE-2021-45387: tcpreplay 4.3.4 has a Reachable Assertion in
> add_tree_ipv4() at tree.c.
> https://github.com/appneta/tcpreplay/blob/v4.4.1/docs/CHANGELOG
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2022.05.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-07-22 7:08 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-19 16:32 [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Fabrice Fontaine
2022-06-19 16:32 ` [Buildroot] [PATCH 2/2] package/tcpreplay: security bump to version 4.4.1 Fabrice Fontaine
2022-07-22 7:07 ` Peter Korsgaard
2022-06-27 22:34 ` [Buildroot] [PATCH 1/2] package/tcpreplay: replace TCPREPLAY_CPE_ID_VENDOR Peter Korsgaard
2022-07-22 7:07 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.