Bug#885183: stretch-pu: package ntopng/2.4+dfsg1-3+deb9u1

To: Ludovico Cavedon <cavedon@debian.org>, 885183@bugs.debian.org
Subject: Bug#885183: stretch-pu: package ntopng/2.4+dfsg1-3+deb9u1
From: Julien Cristau <jcristau@debian.org>
Date: Sat, 10 Feb 2018 10:25:47 +0100
Message-id: <[🔎] 20180210092547.xttat3ocwt5kqneq@betterave.cristau.org>
Reply-to: Julien Cristau <jcristau@debian.org>, 885183@bugs.debian.org
In-reply-to: <20171225202658.GA22055@palladio.local>
References: <20171225202658.GA22055@palladio.local> <20171225202658.GA22055@palladio.local>

Control: tag -1 confirmed

On Mon, Dec 25, 2017 at 21:26:58 +0100, Ludovico Cavedon wrote:

> I would like to submit to your consideration an update to ntopng in
> stretch.
> 
> The main bug that triggered this upload is #856048, which causes the
> user management and preferences section of the web interface to
> be unusuable.
> 
> The fix is already in version 2.4+dfsg1-4 in unstable.
> 
> There are three additional important issues from 2.4+dfsg1-4 that I
> think it would make sense to include:
> - #859653 which causes ntopng to crash if the mysql backend is selected.
>   This change only affects mysql users. On the other side it is an
>   obvious usage-after-free and out-of-bound memeory access issues.
> - #866721 and #866719, which are securirity-related issues. Do you want
>   me to reach out to the security team about these first? Do we need to
>   treat the whole update as a security one instead, or split it?
> 
Assuming this has been properly tested in a stretch environment, please
go ahead and upload.

Cheers,
Julien

Reply to:

Prev by Date: Processed: Re: Bug#885183: stretch-pu: package ntopng/2.4+dfsg1-3+deb9u1
Next by Date: Processed: Re: Bug#882821: stretch-pu: package cerealizer/0.8.1-2~deb9u1
Previous by thread: Processed: Re: Bug#885069: stretch-pu: package open-iscsi/2.0.874-3~deb9u1
Next by thread: Processed: Re: Bug#885183: stretch-pu: package ntopng/2.4+dfsg1-3+deb9u1
Index(es):
- Date
- Thread