Accepted tcpick 0.2.1-3 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 14 Apr 2006 20:59:07 +0200
Source: tcpick
Binary: tcpick
Architecture: source i386
Version: 0.2.1-3
Distribution: unstable
Urgency: high
Maintainer: Cédric Delfosse <cedric@debian.org>
Changed-By: Cédric Delfosse <cedric@debian.org>
Description:
tcpick - TCP stream sniffer and connection tracker
Closes: 360571
Changes:
tcpick (0.2.1-3) unstable; urgency=high
.
* src/write.c: temporary patch to fix CVE-2006-0048 (Closes: Bug#360571)
As upstream is not responsive, I have written this one-line patch.
With the option -yP, tcpick shows data contained in the captured packets.
For some packets, tcpick computes a negative buffer length, which is used
in a while (buffer length) {} loop to display the packet content. When the
buffer length is negative, the loop never ends, and tcpick segfaults after
a while.
This patch tests if the computed buffer length is negative before using
it, and set it to 0 in this case.
Files:
0f68563f61fbc42b344a9bb2a4455c33 593 net optional tcpick_0.2.1-3.dsc
5008447b0492f666df27669f89d9b382 4895 net optional tcpick_0.2.1-3.diff.gz
6f1421ca851027121ec974e44b792219 36056 net optional tcpick_0.2.1-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFER/pubmmXPPfovGMRArtmAJ4qSflcuXb+ba3UKyKulq0vyKWqogCdEVIm
CNUwskcJxpf/JRaIg4o1bAs=
=FTbK
-----END PGP SIGNATURE-----
Accepted:
tcpick_0.2.1-3.diff.gz
to pool/main/t/tcpick/tcpick_0.2.1-3.diff.gz
tcpick_0.2.1-3.dsc
to pool/main/t/tcpick/tcpick_0.2.1-3.dsc
tcpick_0.2.1-3_i386.deb
to pool/main/t/tcpick/tcpick_0.2.1-3_i386.deb
Reply to: