Bug#692734: marked as done (unblock: ettercap/0.7.5-4)

To: Neil McGovern <neilm@debian.org>
Subject: Bug#692734: marked as done (unblock: ettercap/0.7.5-4)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 09 Jan 2013 16:48:06 +0000
Message-id: <handler.692734.D692734.13577499152170.ackdone@bugs.debian.org>
References: <20130109164511.GP6894@halon.org.uk> <E1TWQZ7-0003h9-9x@port-kdr.hamilton.local>

Your message dated Wed, 9 Jan 2013 16:45:11 +0000
with message-id <20130109164511.GP6894@halon.org.uk>
and subject line Re: Bug#692734: unblock: ettercap/0.7.5-4
has caused the Debian Bug report #692734,
regarding unblock: ettercap/0.7.5-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
692734: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692734
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: unblock: ettercap/0.7.5-4
From: "Barak A. Pearlmutter" <barak@cs.nuim.ie>
Date: Thu, 08 Nov 2012 11:46:33 +0000
Message-id: <E1TWQZ7-0003h9-9x@port-kdr.hamilton.local>
Reply-to: "Barak A. Pearlmutter" <barak@cs.nuim.ie>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hello release team,

please unblock package ettercap.

A new upstream version 0.7.5 of ettercap (a network sniff/attack tool)
fixes a variety of security issues.  It does not seem practical to me
to backport the fixes, because many of them are made on top of
non-security-related changes, and teasing them apart etc would be a
great deal of work and also quite error-prone.

The upstream team is very eager to get the new version in place, and I
find their reasoning compelling.

This is briefly alluded to in BTS 691465.

Note that ettercap is a leaf package (nothing depends on it) so there
is no real down-side to allowing 0.7.5 to progress to testing and then
having a show-stopping problem pop up.  In that case it would likely
be pulled ... which I think we'd have to do anyway if 0.7.5 is not
allowed into testing, since in that case we'll have known latent
security issues.

On the other hand, with 0.7.5 we have an active (quite pro-active in
fact) and highly responsive upstream team eager to fix any issues that
we might bring to their attention.

					--Barak.
--
Barak A. Pearlmutter
 Hamilton Institute & Dept Comp Sci, NUI Maynooth, Co. Kildare, Ireland
 http://www.bcl.hamilton.ie/~barak/

--- End Message ---

--- Begin Message ---

To: "Barak A. Pearlmutter" <barak@cs.nuim.ie>, 692734-done@bugs.debian.org

Cc: glaubitz@physik.fu-berlin.de

Subject: Re: Bug#692734: unblock: ettercap/0.7.5-4

From: Neil McGovern <neilm@debian.org>

Date: Wed, 9 Jan 2013 16:45:11 +0000

Message-id: <20130109164511.GP6894@halon.org.uk>

In-reply-to: <87ehhuxr92.fsf@cs.nuim.ie>

References: <20130109152458.GN6894@halon.org.uk> <87ehhuxr92.fsf@cs.nuim.ie>
On Wed, Jan 09, 2013 at 04:20:25PM +0000, Barak A. Pearlmutter wrote:
> > So, can you please let me know if you're going to backport the fixes,
> > or if I should remove it from wheezy.
> 
> As I've already said repeatedly, I don't think backporting all and only
> the security-relevant patches is a realistic option.
> 

Noted, removal hint added.

Neil
-- 
Attachment: signature.asc
Description: Digital signature

--- End Message ---

Reply to:

Prev by Date: Bug#697782: marked as done (unblock: swami/2.0.0+svn389-2)
Next by Date: Bug#693550: unblock: mame/0.146-5
Previous by thread: Bug#697782: marked as done (unblock: swami/2.0.0+svn389-2)
Next by thread: Bug#693550: unblock: mame/0.146-5
Index(es):
- Date
- Thread