http://hlug.fscker.com/ lists tcpdump-3.6.2.tar.gz as one of the trojaned versions, SuSE 7.3 comes with that version of tcpdump
The tcpdump-3.6.2.tar.gz on some FTP sites was trojaned, yes. This does not mean that everything labelled tcpdump-3.6.2 contains a trojan. If I catch a flu, this does not mean all Olafs in the world will catch it, too. Second, as mentioned previously, the trojan becomes active when you _build_ the package, not when you run the compiled binary.
So, are the older versions that shipped with older distributions like 7.3 also infected or free ? I heard the infection took place just days ago, so older distributions should *not* be tojaned although using tcpdump 3.6.2 ?
Right. And even if the virus had been present back then (which it wasn't), you wouldn't be affected unless you were rebuilding the package. Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann