Accepted ettercap 1:0.8.1-3 (source amd64) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 18 Dec 2014 09:07:40 +0000
Source: ettercap
Binary: ettercap-common ettercap-text-only ettercap-graphical ettercap-dbg
Architecture: source amd64
Version: 1:0.8.1-3
Distribution: unstable
Urgency: high
Maintainer: Barak A. Pearlmutter <bap@debian.org>
Changed-By: Barak A. Pearlmutter <bap@debian.org>
Description:
ettercap-common - Multipurpose sniffer/interceptor/logger for switched LAN
ettercap-dbg - Debug symbols for Ettercap
ettercap-graphical - Ettercap GUI-enabled executable
ettercap-text-only - Ettercap console-mode executable
Closes: 773416
Changes:
ettercap (1:0.8.1-3) unstable; urgency=high
.
* Patch a bunch of security vulnerabilities (closes: #773416)
- CVE-2014-6395 (Length Parameter Inconsistency)
- CVE-2014-6396 (Arbitrary write)
- CVE-2014-9376 (Negative index/underflow)
- CVE-2014-9377 (Heap overflow)
- CVE-2014-9378 (Unchecked return value)
- CVE-2014-9379 (Incorrect cast)
- CVE-2014-9380 (Buffer over-read)
- CVE-2014-9381 (Signedness error)
See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Patches taken from repo CVE-patch, URL git://github.com/NickSampanis/ettercap.git
- 88804bd3a900d273215855f7c567ec891d31e547 CVE-patch/589
- 103f16582ee88341a6a610378011781cdc866b0c CVE-patch/602
- 3f0c582826095c722ab6fbf91518282a765a0b68 CVE-patch/603
- cb7b2028dc03c628aa0a1a5130ca41421ddebcb2 CVE-patch/604
- edd337d5d4f37ab8e330c5e067344dd5b3f10435 CVE-patch/605
- 37dcfdf79e1ac6dcacd565894cd7717aa0224164 CVE-patch/606
- c2a3c99af956146570d7883e4b540b9d0c0a3c46 CVE-patch/607
- 6b196e011fa456499ed4650a360961a2f1323818 CVE-patch/608
- afe7061948e85f0a0fd417d5e4c681bfaf212f42 CVE-patch/609
- 9e9fdc7ed1ee8eba01a5a05e000b6c55d2a70923 CVE-patch/610
Thanks to Nick Sampanis <n.sampanis@obrela.com> who is responsible for
both finding and repairing these issues.
Checksums-Sha1:
035c4a4d0d7f99f7d103556564b3e48cc8812d19 2419 ettercap_0.8.1-3.dsc
782debc9af21f2c5ac2a84ae8da8629317060ea0 14088 ettercap_0.8.1-3.debian.tar.xz
36bd7b3b49d603b98013f53b1f1d272abdf316f3 566846 ettercap-common_0.8.1-3_amd64.deb
5a370b4b6d994280b0597bc07abd330e5bf4f03d 51572 ettercap-text-only_0.8.1-3_amd64.deb
43e7ed90bc49ee7bb97a49568bfe63c2a60856cc 176376 ettercap-graphical_0.8.1-3_amd64.deb
417983706125e17f686704925c34507bcaffc239 1544636 ettercap-dbg_0.8.1-3_amd64.deb
Checksums-Sha256:
cf7c4cd9ed1046146a030e1544b8452ad25012ffc001eec9e5d6204298fec44f 2419 ettercap_0.8.1-3.dsc
da47bba88577bca989d8a229c9aec16591815e3c1b4f39194ca95357347d100c 14088 ettercap_0.8.1-3.debian.tar.xz
e79d7e241d95725db03609781cb356795c59f2e04e7ad02861e300b2a134ae1d 566846 ettercap-common_0.8.1-3_amd64.deb
30c4dcb1c392e3aa823741f5da867ce0d71919a73863f2cc65e9e241e1e53a97 51572 ettercap-text-only_0.8.1-3_amd64.deb
8f000c9521ce1ac186460032e6eadacb8780abe9f6b434edd95292a85d91deb2 176376 ettercap-graphical_0.8.1-3_amd64.deb
3a83291c7536518c5d5edf5e6e952dbc219c95c97b7ea66fac51fbf67f6472c2 1544636 ettercap-dbg_0.8.1-3_amd64.deb
Files:
85be940f45d0b00cefce43e268c1eeb7 2419 net optional ettercap_0.8.1-3.dsc
0537d1f72670709cd021abedd9f02117 14088 net optional ettercap_0.8.1-3.debian.tar.xz
f1c33f2bdf393d2916223bfca97b7480 566846 net optional ettercap-common_0.8.1-3_amd64.deb
e8570bbd11555244e7222de23802446a 51572 net optional ettercap-text-only_0.8.1-3_amd64.deb
724c66bfbbfbd08fab3b9e04a385bb8e 176376 net optional ettercap-graphical_0.8.1-3_amd64.deb
112aa7ea7bec86c565b165bbb7e42d6b 1544636 debug extra ettercap-dbg_0.8.1-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUkpyaAAoJEBJbV0deGQ0YbgUP+wQONIe158mXbGduJZBytPNk
kP5Ehaa53gKUao69C4CRaHmXY/0XJFpP1cB6vT7ClE+3HUjFaRj4CJ9NDFVPDaAZ
DyW8pY3pqwDsdR88lTefep7iqJOAiSFpmNBboTyqSIBBtdgxyD0v6eVmQWwSzILT
E9jRM+qdJgEyoaoOvCWaH4eiuRMd71Jj5D6RDuUnTd98KzXSGo7Bpv/qqVv5Tfqp
QM21UVsDu2mlmV7/5d32/ZpggmoCTawrWBfIFro86Y+XwHgXWEq70Iy4RPkaGtPb
ABLuB75mMkX1jaUYYq83xa24dUWnhvHh5jvUh87359EgJKOlN0ti8MsTT3Yx2llQ
8w7rFC0GrPM4cltIIZrezch0+47p8p3sPxAE1WSA9si3YX0hiWPlUg2NcIuV1eGR
O0J+7EfZFDe+TENPK+DNMFlUftZKuShHGKuePBfoSOA8LX0anfG183EnkLe9aNAP
itzVt94Bv+PkaJynwJUxoAAG2UZba6+J3DHBAsy+5oiHwWZlNgD1bbQt3AfzeuP4
zlTi6/HDHem+Wjx1P3KmNlgrW+K13f9y4OuGcEXNz9lKpRTfymbxwFTqCW32XGU7
ROp0JuzsQiSrDI33OijKvdWlS4oJv9HoLGkXJtZKQxYMVwQPrOgNXGaL43I9Avyp
t8E7GdF8+BD2g56S3aWi
=sGom
-----END PGP SIGNATURE-----
Reply to: