Debian Package Tracker

From: Barak A. Pearlmutter <bap@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted ettercap 1:0.8.1-3 (source amd64) into unstable
Date: Thu, 18 Dec 2014 10:03:59 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 18 Dec 2014 09:07:40 +0000
Source: ettercap
Binary: ettercap-common ettercap-text-only ettercap-graphical ettercap-dbg
Architecture: source amd64
Version: 1:0.8.1-3
Distribution: unstable
Urgency: high
Maintainer: Barak A. Pearlmutter <bap@debian.org>
Changed-By: Barak A. Pearlmutter <bap@debian.org>
Description:
 ettercap-common - Multipurpose sniffer/interceptor/logger for switched LAN
 ettercap-dbg - Debug symbols for Ettercap
 ettercap-graphical - Ettercap GUI-enabled executable
 ettercap-text-only - Ettercap console-mode executable
Closes: 773416
Changes:
 ettercap (1:0.8.1-3) unstable; urgency=high
 .
   * Patch a bunch of security vulnerabilities (closes: #773416)
     - CVE-2014-6395 (Length Parameter Inconsistency)
     - CVE-2014-6396 (Arbitrary write)
     - CVE-2014-9376 (Negative index/underflow)
     - CVE-2014-9377 (Heap overflow)
     - CVE-2014-9378 (Unchecked return value)
     - CVE-2014-9379 (Incorrect cast)
     - CVE-2014-9380 (Buffer over-read)
     - CVE-2014-9381 (Signedness error)
     See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
     Patches taken from repo CVE-patch, URL git://github.com/NickSampanis/ettercap.git
     - 88804bd3a900d273215855f7c567ec891d31e547 CVE-patch/589
     - 103f16582ee88341a6a610378011781cdc866b0c CVE-patch/602
     - 3f0c582826095c722ab6fbf91518282a765a0b68 CVE-patch/603
     - cb7b2028dc03c628aa0a1a5130ca41421ddebcb2 CVE-patch/604
     - edd337d5d4f37ab8e330c5e067344dd5b3f10435 CVE-patch/605
     - 37dcfdf79e1ac6dcacd565894cd7717aa0224164 CVE-patch/606
     - c2a3c99af956146570d7883e4b540b9d0c0a3c46 CVE-patch/607
     - 6b196e011fa456499ed4650a360961a2f1323818 CVE-patch/608
     - afe7061948e85f0a0fd417d5e4c681bfaf212f42 CVE-patch/609
     - 9e9fdc7ed1ee8eba01a5a05e000b6c55d2a70923 CVE-patch/610
     Thanks to Nick Sampanis <n.sampanis@obrela.com> who is responsible for
     both finding and repairing these issues.
Checksums-Sha1:
 035c4a4d0d7f99f7d103556564b3e48cc8812d19 2419 ettercap_0.8.1-3.dsc
 782debc9af21f2c5ac2a84ae8da8629317060ea0 14088 ettercap_0.8.1-3.debian.tar.xz
 36bd7b3b49d603b98013f53b1f1d272abdf316f3 566846 ettercap-common_0.8.1-3_amd64.deb
 5a370b4b6d994280b0597bc07abd330e5bf4f03d 51572 ettercap-text-only_0.8.1-3_amd64.deb
 43e7ed90bc49ee7bb97a49568bfe63c2a60856cc 176376 ettercap-graphical_0.8.1-3_amd64.deb
 417983706125e17f686704925c34507bcaffc239 1544636 ettercap-dbg_0.8.1-3_amd64.deb
Checksums-Sha256:
 cf7c4cd9ed1046146a030e1544b8452ad25012ffc001eec9e5d6204298fec44f 2419 ettercap_0.8.1-3.dsc
 da47bba88577bca989d8a229c9aec16591815e3c1b4f39194ca95357347d100c 14088 ettercap_0.8.1-3.debian.tar.xz
 e79d7e241d95725db03609781cb356795c59f2e04e7ad02861e300b2a134ae1d 566846 ettercap-common_0.8.1-3_amd64.deb
 30c4dcb1c392e3aa823741f5da867ce0d71919a73863f2cc65e9e241e1e53a97 51572 ettercap-text-only_0.8.1-3_amd64.deb
 8f000c9521ce1ac186460032e6eadacb8780abe9f6b434edd95292a85d91deb2 176376 ettercap-graphical_0.8.1-3_amd64.deb
 3a83291c7536518c5d5edf5e6e952dbc219c95c97b7ea66fac51fbf67f6472c2 1544636 ettercap-dbg_0.8.1-3_amd64.deb
Files:
 85be940f45d0b00cefce43e268c1eeb7 2419 net optional ettercap_0.8.1-3.dsc
 0537d1f72670709cd021abedd9f02117 14088 net optional ettercap_0.8.1-3.debian.tar.xz
 f1c33f2bdf393d2916223bfca97b7480 566846 net optional ettercap-common_0.8.1-3_amd64.deb
 e8570bbd11555244e7222de23802446a 51572 net optional ettercap-text-only_0.8.1-3_amd64.deb
 724c66bfbbfbd08fab3b9e04a385bb8e 176376 net optional ettercap-graphical_0.8.1-3_amd64.deb
 112aa7ea7bec86c565b165bbb7e42d6b 1544636 debug extra ettercap-dbg_0.8.1-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUkpyaAAoJEBJbV0deGQ0YbgUP+wQONIe158mXbGduJZBytPNk
kP5Ehaa53gKUao69C4CRaHmXY/0XJFpP1cB6vT7ClE+3HUjFaRj4CJ9NDFVPDaAZ
DyW8pY3pqwDsdR88lTefep7iqJOAiSFpmNBboTyqSIBBtdgxyD0v6eVmQWwSzILT
E9jRM+qdJgEyoaoOvCWaH4eiuRMd71Jj5D6RDuUnTd98KzXSGo7Bpv/qqVv5Tfqp
QM21UVsDu2mlmV7/5d32/ZpggmoCTawrWBfIFro86Y+XwHgXWEq70Iy4RPkaGtPb
ABLuB75mMkX1jaUYYq83xa24dUWnhvHh5jvUh87359EgJKOlN0ti8MsTT3Yx2llQ
8w7rFC0GrPM4cltIIZrezch0+47p8p3sPxAE1WSA9si3YX0hiWPlUg2NcIuV1eGR
O0J+7EfZFDe+TENPK+DNMFlUftZKuShHGKuePBfoSOA8LX0anfG183EnkLe9aNAP
itzVt94Bv+PkaJynwJUxoAAG2UZba6+J3DHBAsy+5oiHwWZlNgD1bbQt3AfzeuP4
zlTi6/HDHem+Wjx1P3KmNlgrW+K13f9y4OuGcEXNz9lKpRTfymbxwFTqCW32XGU7
ROp0JuzsQiSrDI33OijKvdWlS4oJv9HoLGkXJtZKQxYMVwQPrOgNXGaL43I9Avyp
t8E7GdF8+BD2g56S3aWi
=sGom
-----END PGP SIGNATURE-----
News for package ettercap
