Hello, The ethereal project released 0.10.11 today which fixes even more security issues than the usual release, they are detailed in http://www.ethereal.com/appnotes/enpa-sa-00019.html and summarized in the Debian changelog entry: ethereal (0.10.11-1) unstable; urgency=high * New upstream release; urgency high since it fixes security issues in the following dissectors: * format string vulnerabilities: ANSI A, DHCP * segmentation faults: GSM MAP, AIM, TZSP, Bittorrent, SMB, GSM, SMB NETLOGON * buffer overflows: DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, NCP, ISUP, TCAP, Presentation * null pointer exception: KINK, WSP, SMB Mailslot, H.245, MGCP, RPC * infinite loops: LMP, EIGRP, MEGACO, L2TP * uncaught assertions: Telnet, 802.3, BER, IAX2, RADIUS, SMB PIPE, MRDISC * memory exhaustion: DICOM * unclassified: Fibre Channel, LDAP, NTLMSSP -- Frederic Peters <fpeters@debian.org> Thu, 5 May 2005 08:43:00 +0200 Can I upload this to testing-proposed-updates ? And is the correct way simply to change the changelog first line to: ethereal (0.10.11-1) testing-proposed-updated unstable; urgency=high ? Regards, Frederic
Attachment:
signature.asc
Description: Digital signature