Debian Package Tracker

general

source: sleuthkit (main)
version: 4.6.0-1
maintainer: Debian Security Tools [DMD]
uploaders: Joao Eriberto Mota Filho [DMD]
arch: any
std-ver: 4.1.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.2.3-2
o-o-bpo: 4.1.3-3~bpo70+1
oldstable: 4.1.3-4
stable: 4.4.0-5
testing: 4.6.0-1
unstable: 4.6.0-1

versioned links

3.2.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.1.3-3~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.1.3-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.2.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.4.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.4.2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.6.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libtsk-dev
libtsk13
sleuthkit

action needed

A new upstream version is available: 4.6.1 high

A new upstream version 4.6.1 is available, you should consider packaging it.

Created: 2018-05-10 Last update: 2018-06-20 02:08

4 security issues in sid high

There are 4 open security issues in sid.

4 important issues:

CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Please fix them.

Created: 2018-06-06 Last update: 2018-06-08 02:26

4 security issues in buster high

There are 4 open security issues in buster.

4 important issues:

CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Please fix them.

Created: 2018-06-06 Last update: 2018-06-08 02:26

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

libtsk-dev could be marked Multi-Arch: same
libtsk13 could be marked Multi-Arch: same

Created: 2017-03-05 Last update: 2018-06-20 02:23

Depends on packages which need a new maintainer normal

The packages that sleuthkit depends on which need a new maintainer are:

autopsy (#832370)
- Suggests: autopsy

Created: 2017-12-02 Last update: 2018-06-20 02:15

4 ignored security issues in jessie low

There are 4 open security issues in jessie.

4 issues skipped by the security teams:

CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Please fix them.

Created: 2018-06-06 Last update: 2018-06-08 02:26

4 ignored security issues in stretch low

There are 4 open security issues in stretch.

4 issues skipped by the security teams:

CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Please fix them.

Created: 2018-06-06 Last update: 2018-06-08 02:26

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.3).

Created: 2018-04-16 Last update: 2018-04-16 20:48

news

[rss feed]

[2018-04-06] sleuthkit 4.6.0-1 MIGRATED to testing (Debian testing watch)
[2018-03-31] Accepted sleuthkit 4.6.0-1 (source) into unstable (Hilko Bengen)
[2017-09-25] sleuthkit 4.4.2-3 MIGRATED to testing (Debian testing watch)
[2017-09-19] Accepted sleuthkit 4.4.2-3 (source) into unstable (Joao Eriberto Mota Filho)
[2017-09-19] Accepted sleuthkit 4.4.2-2 (source) into experimental (Joao Eriberto Mota Filho)
[2017-08-20] sleuthkit 4.4.2-1 MIGRATED to testing (Debian testing watch)
[2017-08-14] Accepted sleuthkit 4.4.2-1 (source) into unstable (Hilko Bengen)
[2017-08-14] sleuthkit 4.4.0-6 MIGRATED to testing (Debian testing watch)
[2017-08-08] Accepted sleuthkit 4.4.0-6 (source) into unstable (Hilko Bengen)
[2017-03-05] sleuthkit 4.4.0-5 MIGRATED to testing (Debian testing watch)
[2017-02-25] Accepted sleuthkit 4.4.0-5 (source) into unstable (Joao Eriberto Mota Filho)
[2017-02-19] Accepted sleuthkit 4.4.0-4 (source) into experimental (Joao Eriberto Mota Filho)
[2017-02-18] Accepted sleuthkit 4.4.0-3 (source) into experimental (Joao Eriberto Mota Filho)
[2017-02-05] sleuthkit 4.4.0-2 MIGRATED to testing (Debian testing watch)
[2017-01-25] Accepted sleuthkit 4.4.0-2 (source) into unstable (Joao Eriberto Mota Filho)
[2017-01-25] Accepted sleuthkit 4.4.0-1 (source) into experimental (Joao Eriberto Mota Filho)
[2017-01-16] Accepted sleuthkit 4.3.1-5 (source) into unstable (Joao Eriberto Mota Filho)
[2017-01-16] Accepted sleuthkit 4.3.1-4 (source) into experimental (Joao Eriberto Mota Filho)
[2017-01-13] Accepted sleuthkit 4.3.1-3 (source) into experimental (Joao Eriberto Mota Filho)
[2016-12-05] sleuthkit 4.3.1-2 MIGRATED to testing (Debian testing watch)
[2016-11-30] Accepted sleuthkit 4.3.1-2 (source) into unstable (Joao Eriberto Mota Filho)
[2016-11-29] Accepted sleuthkit 4.3.1-1 (source) into experimental (Joao Eriberto Mota Filho)
[2015-12-04] sleuthkit 4.2.0-3 MIGRATED to testing (Debian testing watch)
[2015-11-28] Accepted sleuthkit 4.2.0-3 (source) into unstable (Joao Eriberto Mota Filho)
[2015-11-26] sleuthkit 4.2.0-2 MIGRATED to testing (Britney)
[2015-11-20] Accepted sleuthkit 4.2.0-2 (source amd64) into unstable (Joao Eriberto Mota Filho)
[2015-11-13] Accepted sleuthkit 4.2.0-1 (source amd64) into experimental, experimental (Joao Eriberto Mota Filho)
[2015-09-19] sleuthkit 4.1.3-12 MIGRATED to testing (Britney)
[2015-09-13] Accepted sleuthkit 4.1.3-12 (source amd64) into unstable (Joao Eriberto Mota Filho)
[2015-09-06] sleuthkit 4.1.3-11 MIGRATED to testing (Britney)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.6.0-1