[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Request for help with Kernel, Ethereal and Lesstif


We have a bunch of patches for libxpm which is also part of lesstif1-1
in woody that need to be applied and tested.  It needs to be
investigated whether the version in sarge needs patches as well.  This
refers to only a single bug (CAN-2004-0914) but results in quite a
large patch that does not cleanly apply.  A good C coder with a
lesstif test environment is required.


The test program, Red Hat and iDEFENSE discovered several (read 24)
flaws in various disssectors of Ethereal.  The patches need to be
reviewed and applied to the versions in woody, sarge and sid.  For sid
the maintainer could yuo some help, hence, I've mentioned it above.
The advisory text should be proposed as well.


I have prepared an updated kernel package for woody's 2.4.18 kernel
for a number of vulnerabilities (some 40).  This work needs to be
reviewed and ported to 2.4.16, 2.4.17 and 2.4.19 including testing.
The 2.4.18 kernel is running on a test machine and under a real
environment during LinuxTag and from time to time afterwards without

For all set of packages it needs to be documented which bugs exist in
which version.

All three issues have escaped the time frame of the security team in
the past, hence, I'm now calling for help.

The volunteer is required to be a registered Debian developer.

If you are interested and sure that you can work on one of these
issues, please get in touch with me.  If you are not 100% sure that
your skills are sufficient, please don't contact me, since I would
probably only waste time needed for other stuff.



Long noun chains don't automatically imply security.  -- Bruce Schneier

Please always Cc to me when replying to me on the lists.

Attachment: signature.asc
Description: Digital signature

Reply to: