ndpi - Debian Package Tracker

general

source: ndpi (main)
version: 4.0-2
maintainer: Ludovico Cavedon (DMD)
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8-1
o-o-sec: 1.8-1+deb9u1
oldstable: 2.6-3
unstable: 4.0-2

versioned links

1.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.4-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libndpi-bin
libndpi-dev
libndpi-wireshark
libndpi4.0

action needed

4 security issues in buster high

There are 4 open security issues in buster.

4 important issues:

CVE-2020-15472: In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short.
CVE-2020-15473: In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.
CVE-2020-15475: In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
CVE-2020-15476: In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c.

Created: 2021-02-19 Last update: 2021-09-03 22:37

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2021-36082: ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.

Created: 2021-07-01 Last update: 2021-07-26 14:01

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2021-09-09 Last update: 2021-09-24 19:35

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

libndpi-dev could be marked Multi-Arch: same

Created: 2021-09-04 Last update: 2021-09-24 18:08

Depends on packages which need a new maintainer normal

The packages that ndpi depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2021-09-24 18:07

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2021-04-11 Last update: 2021-09-06 18:33

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2019-08-10 Last update: 2021-09-03 15:37

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.5.0).

Created: 2020-01-21 Last update: 2021-09-03 22:38

testing migrations

excuses:
- Migration status for ndpi (- to 4.0-2): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating ndpi introduces new bugs: #993627
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/n/ndpi.html
- 21 days old (needed 5 days)
- Not considered

news

[rss feed]

[2021-09-03] Accepted ndpi 4.0-2 (source) into unstable (Gianfranco Costamagna)
[2021-09-03] Accepted ndpi 4.0-1 (source amd64) into unstable, unstable (Debian FTP Masters) (signed by: Gianfranco Costamagna)
[2021-07-30] ndpi REMOVED from testing (Debian testing watch)
[2021-02-11] ndpi 3.4-3 MIGRATED to testing (Debian testing watch)
[2021-02-09] Accepted ndpi 3.4-3 (source) into unstable (Raphaël Hertzog)
[2021-02-03] ndpi 3.4-2 MIGRATED to testing (Debian testing watch)
[2021-01-18] Accepted ndpi 3.4-2 (source) into unstable (Gianfranco Costamagna)
[2020-12-18] Accepted ndpi 3.4-1 (source amd64) into unstable, unstable (Debian FTP Masters) (signed by: Gianfranco Costamagna)
[2020-08-29] Accepted ndpi 1.8-1+deb9u1 (source amd64) into oldstable (Thorsten Alteholz)
[2020-06-22] ndpi REMOVED from testing (Debian testing watch)
[2019-12-29] Accepted ndpi 3.0-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2019-09-22] ndpi 2.6-5 MIGRATED to testing (Debian testing watch)
[2019-09-17] Accepted ndpi 2.6-5 (source) into unstable (Gianfranco Costamagna)
[2019-09-17] ndpi 2.6-4 MIGRATED to testing (Debian testing watch)
[2019-09-12] Accepted ndpi 2.6-4 (source) into unstable (Gianfranco Costamagna)
[2019-01-21] ndpi 2.6-3 MIGRATED to testing (Debian testing watch)
[2019-01-16] Accepted ndpi 2.6-3 (source amd64) into unstable (Ludovico Cavedon)
[2019-01-15] Accepted ndpi 2.6-2 (source amd64) into unstable (Ludovico Cavedon)
[2019-01-14] Accepted ndpi 2.6-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2017-12-30] Accepted ndpi 2.2-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2016-12-23] ndpi 1.8-1 MIGRATED to testing (Debian testing watch)
[2016-12-11] Accepted ndpi 1.8-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2016-03-19] ndpi 1.7.1~git20151130.6f3d5a7-1 MIGRATED to testing (Debian testing watch)
[2016-03-14] Accepted ndpi 1.7.1~git20151130.6f3d5a7-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2015-10-03] ndpi 1.6-1 MIGRATED to testing (Britney)
[2015-09-22] Accepted ndpi 1.6-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2014-08-25] ndpi 1.5.0-1 MIGRATED to testing (Britney)
[2014-08-19] Accepted ndpi 1.5.0-1 (source amd64) into unstable, unstable (Ludovico Cavedon)
[2013-11-28] ndpi 1.4.0+svn6932-1 MIGRATED to testing (Debian testing watch)
[2013-11-17] Accepted ndpi 1.4.0+svn6932-1 (source amd64) (Ludovico Cavedon)

bugs [bug history graph]

all: 4
RC: 1
I&N: 3
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, checks, clang, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.0-2