Denial of Service in nfdump
ID: | FEDORA-2016-54dfd21f15 |
Distribution: | Fedora |
Plattformen: | Fedora 23 |
Datum: | Di, 21. Juni 2016, 07:13 |
Referenzen: | https://bugzilla.redhat.com/show_bug.cgi?id=1335204 |
Applikationen: | nfdump |
Originalnachricht |
|
Name : nfdump Product : Fedora 23 Version : 1.6.15 Release : 1.fc23 URL : https://github.com/phaag/nfdump Summary : NetFlow collecting and processing tools Description : Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA (NSEL) and CISCO NAT (NEL) devices which export event logging records as v9 flows. Nfdump is fully IPv6 compatible. -------------------------------------------------------------------------------- Update Information: nfdump 1.6.15 released. --- - Fix Security issue http://www.security-assessmen t.com/files/documents/advisory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulnera bilities.pdf - Fix obyte, opps and obps output records - Fix wrong bps type case in cvs output. Fix opbs ipbs typos nfdump 1.6.14 released. --- - Create libnfdump for dynamic linking - Add -R to ModifyCompression - Add std sampler ID 4 Bytes and allow random sampler (tag 50) - Add BZ2 compression along existing LZ0 - Add direct write to flowtools converter ft2nfdump - Fix CentOS compile issues with flow-tools converter - Fix FreeBSD,OpenBSD build problems - Fix timestamp overflow in sflow.c - Fix IP Fragmentation in sflow collector - Fix compile errors on other platforms - Fix zero alignment bug, if only half of an extension is sent - Fix nfanon time window bug in subsequent files in -R list - Fix CommonRecordV0Type conversion bug - Fix nfexport bug, if only one single map exists -------------------------------------------------------------------------------- References: [ 1 ] Bug #1335204 - nfdump: multiple remote denial of service vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1335204 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nfdump' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org |