Univention Corporate Server 4.2 erratum 405 (security)

This update addresses the following issues:
* The NFS parser has a buffer over-read in print-nfs.c:nfs_printfh().
  (CVE-2017-13001)
CVE_2017-16808 is open
* The ICMPv6 parser has a buffer over-read in print-icmp6.c:icmp6_print().
  (CVE-2017-13021)
* The LLDP parser could enter an infinite loop due to a bug in
  print-lldp.c:lldp_private_8021_print(). (CVE-2017-12997)
* The PIMv2 parser has a buffer over-read in print-pim.c:pimv2_print().
  (CVE-2017-12996)
* The DNS parser could enter an infinite loop due to a bug in
  print-domain.c:ns_print(). (CVE-2017-12995)
* The BGP parser has a buffer over-read in print-bgp.c:bgp_attr_print().
  (CVE-2017-12994)
* The Juniper protocols parser has a buffer over-read in print-juniper.c,
  several functions. (CVE-2017-12993)
* The RIPng parser has a buffer over-read in print-ripng.c:ripng_print().
  (CVE-2017-12992)
* The BGP parser has a buffer over-read in print-bgp.c:bgp_attr_print().
  (CVE-2017-12991)
* The ISAKMP parser could enter an infinite loop due to bugs in
  print-isakmp.c, several functions. (CVE-2017-12990)
* The BOOTP parser has a buffer over-read in print-bootp.c:bootp_print().
  (CVE-2017-13028)
* The PPP parser has a buffer over-read in
  print-ppp.c:print_ccp_config_options(). (CVE-2017-13029)
* The IS-IS parser has a buffer over-read in print-isoclns.c:isis_print().
  (CVE-2017-12999)
* The IS-IS parser has a buffer over-read in
  print-isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)
* The IP parser has a buffer over-read in print-ip.c:ip_printroute().
  (CVE-2017-13022)
* The VTP parser has a buffer over-read in print-vtp.c:vtp_print().
  (CVE-2017-13033)
* The RADIUS parser has a buffer over-read in
  print-radius.c:print_attr_string(). (CVE-2017-13032)
* The IPv6 fragmentation header parser has a buffer over-read in
  print-frag6.c:frag6_print(). (CVE-2017-13031)
* The PIM parser has a buffer over-read in print-pim.c, several functions.
  (CVE-2017-13030)
* The IP parser has a buffer over-read in print-ip.c:ip_printts().
  (CVE-2017-13037)
* The OSPFv3 parser has a buffer over-read in
  print-ospf6.c:ospf6_decode_v3(). (CVE-2017-13036)
* The ISO IS-IS parser has a buffer over-read in
  print-isoclns.c:isis_print_id(). (CVE-2017-13035)
* The PGM parser has a buffer over-read in print-pgm.c:pgm_print().
  (CVE-2017-13034)
* The ISAKMP parser has a buffer over-read in print-isakmp.c, several
  functions. (CVE-2017-13039)
* The PPP parser has a buffer over-read in print-ppp.c:handle_mlppp().
  (CVE-2017-13038)
* tcpdump has a buffer overflow in the sliplink_print function in print-sl.c.
  (CVE-2017-11543)
* tcpdump has a heap-based buffer over-read in the pimv1_print function in
  print-pim.c. (CVE-2017-11542)
* The Cisco HDLC parser has a buffer over-read in
  print-chdlc.c:chdlc_print(). (CVE-2017-13687)
* The IPv6 routing header parser has a buffer over-read in
  print-rt6.c:rt6_print(). (CVE-2017-13725)
* The OLSR parser has a buffer over-read in print-olsr.c:olsr_print().
  (CVE-2017-13688)
* The IKEv1 parser has a buffer over-read in print-isakmp.c:ikev1_id_print().
  (CVE-2017-13689)
* The BGP parser has a buffer over-read in print-bgp.c:bgp_attr_print().
  (CVE-2017-13046)
* The ISO ES-IS parser has a buffer over-read in
  print-isoclns.c:esis_print(). (CVE-2017-13047)
* The HNCP parser has a buffer over-read in print-hncp.c:dhcpv4_print().
  (CVE-2017-13044)
* The VQP parser has a buffer over-read in print-vqp.c:vqp_print().
  (CVE-2017-13045)
* The HNCP parser has a buffer over-read in print-hncp.c:dhcpv6_print().
  (CVE-2017-13042)
* The BGP parser has a buffer over-read in
  print-bgp.c:decode_multicast_vpn(). (CVE-2017-13043)
* The MPTCP parser has a buffer over-read in print-mptcp.c, several
  functions. (CVE-2017-13040)
* The ICMPv6 parser has a buffer over-read in
  print-icmp6.c:icmp6_nodeinfo_print(). (CVE-2017-13041)
* The RSVP parser has a buffer over-read in print-rsvp.c:rsvp_obj_print().
  (CVE-2017-13048)
* The Rx protocol parser has a buffer over-read in print-rx.c:ubik_print().
  (CVE-2017-13049)
* The IPv6 mobility parser has a buffer over-read in
  print-mobility.c:mobility_opt_print(). (CVE-2017-13024)
* The IPv6 mobility parser has a buffer over-read in
  print-mobility.c:mobility_opt_print(). (CVE-2017-13025)
* The ISO IS-IS parser has a buffer over-read in print-isoclns.c, several
  functions. (CVE-2017-13026)
* The LLDP parser has a buffer over-read in
  print-lldp.c:lldp_mgmt_addr_tlv_print(). (CVE-2017-13027)
* The VTP parser has a buffer over-read in print-vtp.c:vtp_print().
  (CVE-2017-13020)
* Several protocol parsers could cause a buffer over-read in
  util-print.c:tok2strbuf(). (CVE-2017-12900)
* The IKEv2 parser has a buffer over-read in print-isakmp.c, several
  functions. (CVE-2017-13690)
* The EIGRP parser has a buffer over-read in print-eigrp.c:eigrp_print().
  (CVE-2017-12901)
* The IPv6 mobility parser has a buffer over-read in
  print-mobility.c:mobility_opt_print(). (CVE-2017-13023)
* The ISO IS-IS parser has a buffer over-read in
  print-isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)
* The LLDP parser has a buffer over-read in
  print-lldp.c:lldp_private_8023_print(). (CVE-2017-13054)
* The RSVP parser has a buffer over-read in print-rsvp.c:rsvp_obj_print().
  (CVE-2017-13051)
* The RPKI-Router parser has a buffer over-read in
  print-rpki-rtr.c:rpki_rtr_pdu_print(). (CVE-2017-13050)
* The BGP parser has a buffer over-read in
  print-bgp.c:decode_rt_routing_info(). (CVE-2017-13053)
* The CFM parser has a buffer over-read in print-cfm.c:cfm_print().
  (CVE-2017-13052)
* The NFS parser has a buffer over-read in print-nfs.c:interp_reply().
  (CVE-2017-12898)
* The DECnet parser has a buffer over-read in print-decnet.c:decnet_print().
  (CVE-2017-12899)
* The SMB/CIFS parser has a buffer over-read in smbutil.c:name_len().
  (CVE-2017-12893)
* The ISAKMP parser has a buffer over-read in
  print-isakmp.c:isakmp_rfc3948_print(). (CVE-2017-12896)
* The ISO CLNS parser has a buffer over-read in
  print-isoclns.c:isoclns_print(). (CVE-2017-12897)
* Several protocol parsers could cause a buffer over-read in
  addrtoname.c:lookup_bytestring(). (CVE-2017-12894)
* The ICMP parser has a buffer over-read in print-icmp.c:icmp_print().
  (CVE-2017-12895)
* The PGM parser has a buffer over-read in print-pgm.c:pgm_print().
  (CVE-2017-13019)
* The PGM parser has a buffer over-read in print-pgm.c:pgm_print().
  (CVE-2017-13018)
* The BEEP parser has a buffer over-read in print-beep.c:l_strnstart().
  (CVE-2017-13010)
* tcpdump has a heap-based buffer over-read in the lldp_print function in
  print-lldp.c, related to util-print.c. (CVE-2017-11541)
* The White Board protocol parser has a buffer over-read in
  print-wb.c:wb_prep(), several functions. (CVE-2017-13014)
* The DHCPv6 parser has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
  (CVE-2017-13017)
* The ISO ES-IS parser has a buffer over-read in
  print-isoclns.c:esis_print(). (CVE-2017-13016)
* The IEEE 802.11 parser has a buffer over-read in
  print-802_11.c:parse_elements(). (CVE-2017-13008)
* The IPv6 mobility parser has a buffer over-read in
  print-mobility.c:mobility_print(). (CVE-2017-13009)
* tcpdump allows remote attackers to cause a denial of service (heap-based
  buffer over-read and application crash) via crafted packet data. The crash
  occurs in the EXTRACT_16BITS function, called from the stp_print function
  for the Spanning Tree Protocol. (CVE-2017-11108)
* The LMP parser has a buffer over-read in print-lmp.c:lmp_print().
  (CVE-2017-13003)
* The L2TP parser has a buffer over-read in print-l2tp.c, several functions.
  (CVE-2017-13006)
* The Juniper protocols parser has a buffer over-read in
  print-juniper.c:juniper_parse_header(). (CVE-2017-13004)
* The NFS parser has a buffer over-read in print-nfs.c:xid_map_enter().
  (CVE-2017-13005)
* The Zephyr parser has a buffer over-read in print-zephyr.c, several
  functions. (CVE-2017-12902)
* The telnet parser has a buffer over-read in print-telnet.c:telnet_parse().
  (CVE-2017-12988)
* The RESP parser could enter an infinite loop due to a bug in
  print-resp.c:resp_get_length(). (CVE-2017-12989)
* Several protocol parsers could cause a buffer overflow in
  util-print.c:bittok2str_internal(). (CVE-2017-13011)
* The Apple PKTAP parser has a buffer over-read in
  print-pktap.c:pktap_if_print(). (CVE-2017-13007)
* The ARP parser has a buffer over-read in print-arp.c, several functions.
  (CVE-2017-13013)
* The ICMP parser has a buffer over-read in print-icmp.c:icmp_print().
  (CVE-2017-13012)
* The EAP parser has a buffer over-read in print-eap.c:eap_print().
  (CVE-2017-13015)
* The IPv6 parser has a buffer over-read in print-ip6.c:ip6_print().
  (CVE-2017-12985)
* The IPv6 routing header parser has a buffer over-read in
  print-rt6.c:rt6_print(). (CVE-2017-12986)
* The IEEE 802.11 parser has a buffer over-read in
  print-802_11.c:parse_elements(). (CVE-2017-12987)
* The AODV parser has a buffer over-read in print-aodv.c:aodv_extension().
  (CVE-2017-13002)
* The IEEE 802.15.4 parser has a buffer over-read in
  print-802_15_4.c:ieee802_15_4_if_print(). (CVE-2017-13000)