From: Michael Richardson <mcr@sandelman.ca>
Date: Fri, 20 Sep 2019 16:36:44 +0000 (-0400)
Subject: updated CHANGELOG and VERSION
X-Git-Tag: tcpdump-4.9.3~6
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/e8b34045d89dd937ce36525047148665ee21a46e

updated CHANGELOG and VERSION
---

diff --git a/CHANGES b/CHANGES
index 09acbb26..2e0fb922 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,37 @@
+Friday, September 20, 2019, by mcr@sandelman.ca
+  A huge thank you to Denis, Francois-Xavier and Guy who did much of the heavy lifting.
+  Summary for 4.9.3 tcpdump release
+    Fix buffer overflow/overread vulnerabilities:
+      CVE-2017-16808 (AoE)
+      CVE-2018-14468 (FrameRelay)
+      CVE-2018-14469 (IKEv1)
+      CVE-2018-14470 (BABEL)
+      CVE-2018-14466 (AFS/RX)
+      CVE-2018-14461 (LDP)
+      CVE-2018-14462 (ICMP)
+      CVE-2018-14465 (RSVP)
+      CVE-2018-14881 (BGP)
+      CVE-2018-14464 (LMP)
+      CVE-2018-14463 (VRRP)
+      CVE-2018-14467 (BGP)
+      CVE-2018-14463 (VRRP)
+      CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
+      CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
+      CVE-2018-14880 (OSPF6)
+      CVE-2018-16451 (SMB)
+      CVE-2018-14882 (RPL)
+      CVE-2018-16227 (802.11)
+      CVE-2018-16229 (DCCP)
+      CVE-2018-16301 (was fixed in libpcap)
+      CVE-2018-16230 (BGP)
+      CVE-2018-16452 (SMB)
+      CVE-2018-16300 (BGP)
+      CVE-2018-16228 (HNCP)
+      CVE-2019-15166 (LMP)
+      CVE-2019-15167 (VRRP)
+    Fix for cmdline argument/local issues:
+      CVE-2018-14879 (tcpdump -V)
+
 Sunday September 3, 2017 denis@ovsienko.info
   Summary for 4.9.2 tcpdump release
     Do not use getprotobynumber() for protocol name resolution.  Do not do
diff --git a/VERSION b/VERSION
index 978ddc8a..167a70e3 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-4.9.3-PRE-GIT
+4.9.3rc1