sleuthkit - Debian Package Tracker

general

source: sleuthkit (main)
version: 4.11.1+dfsg-1
maintainer: Debian Security Tools (DMD)
arch: any
std-ver: 4.6.0.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.4.0-5
oldstable: 4.6.5-1+deb10u1
stable: 4.10.1+dfsg-1
testing: 4.11.1+dfsg-1
unstable: 4.11.1+dfsg-1

versioned links

4.4.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.6.5-1+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.10.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.11.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libtsk-dev
libtsk19
sleuthkit

action needed

Marked for autoremoval on 21 June due to libewf, nvidia-graphics-drivers-tesla-470: #1006393, #1011146 high

Version 4.11.1+dfsg-1 of sleuthkit is marked for autoremoval from testing on Tue 21 Jun 2022. It depends (transitively) on libewf, nvidia-graphics-drivers-tesla-470, affected by #1006393, #1011146. You should try to prevent the removal by fixing these RC bugs.

Created: 2022-05-09 Last update: 2022-05-25 22:40

4 security issues in sid high

There are 4 open security issues in sid.

4 important issues:

CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Created: 2021-02-19 Last update: 2021-12-05 06:30

4 security issues in bookworm high

There are 4 open security issues in bookworm.

4 important issues:

CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Created: 2021-08-15 Last update: 2021-12-05 06:30

Depends on packages which need a new maintainer normal

The packages that sleuthkit depends on which need a new maintainer are:

autopsy (#832370)
- Suggests: autopsy

Created: 2019-11-22 Last update: 2022-05-25 22:02

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-09-06 Last update: 2021-09-06 18:35

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2021-08-23 Last update: 2021-08-23 03:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0.1).

Created: 2022-05-11 Last update: 2022-05-11 23:24

No known security issue in buster wishlist

There are 4 open security issues in buster.

4 ignored issues:

CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Created: 2021-02-19 Last update: 2021-12-05 06:30

No known security issue in bullseye wishlist

There are 4 open security issues in bullseye.

4 ignored issues:

CVE-2018-11737: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
CVE-2018-11738: An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11739: An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
CVE-2018-11740: An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

Created: 2021-08-14 Last update: 2021-12-05 06:30

testing migrations

This package will soon be part of the auto-libewf transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2021-11-22] sleuthkit 4.11.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-11-16] Accepted sleuthkit 4.11.1+dfsg-1 (source) into unstable (Francisco Vilmar Cardoso Ruviaro) (signed by: Samuel Henrique)
[2021-08-28] sleuthkit 4.11.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-08-22] Accepted sleuthkit 4.11.0+dfsg-1 (source) into unstable (Francisco Vilmar Cardoso Ruviaro) (signed by: Samuel Henrique)
[2020-12-26] sleuthkit 4.10.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-12-20] Accepted sleuthkit 4.10.1+dfsg-1 (source) into unstable (Francisco Vilmar Cardoso Ruviaro) (signed by: Raphaël Hertzog)
[2020-10-16] Accepted sleuthkit 4.6.5-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Samuel Henrique)
[2020-10-14] sleuthkit 4.10.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-10-08] Accepted sleuthkit 4.10.0+dfsg-1 (source) into unstable (Francisco Vilmar Cardoso Ruviaro) (signed by: Samuel Henrique)
[2020-09-03] sleuthkit 4.9.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2020-08-28] Accepted sleuthkit 4.9.0+dfsg-2 (source) into unstable (Francisco Vilmar Cardoso Ruviaro) (signed by: Samuel Henrique)
[2020-08-04] Accepted sleuthkit 4.9.0+dfsg-1 (source amd64) into experimental, experimental (Debian FTP Masters) (signed by: Samuel Henrique)
[2020-03-09] Accepted sleuthkit 4.1.3-4+deb8u2 (source amd64) into oldoldstable (Utkarsh Gupta)
[2019-09-21] sleuthkit 4.6.7-1 MIGRATED to testing (Debian testing watch)
[2019-09-16] Accepted sleuthkit 4.6.7-1 (source) into unstable (Hilko Bengen)
[2019-01-27] sleuthkit 4.6.5-1 MIGRATED to testing (Debian testing watch)
[2019-01-22] Accepted sleuthkit 4.6.5-1 (source) into unstable (Hilko Bengen)
[2019-01-16] sleuthkit 4.6.4-2 MIGRATED to testing (Debian testing watch)
[2019-01-13] Accepted sleuthkit 4.6.4-2 (source) into unstable (Hilko Bengen)
[2018-12-30] sleuthkit 4.6.4-1 MIGRATED to testing (Debian testing watch)
[2018-12-24] Accepted sleuthkit 4.6.4-1 (source) into unstable (Hilko Bengen)
[2018-12-17] Accepted sleuthkit 4.1.3-4+deb8u1 (source amd64) into oldstable (Hugo Lefeuvre)
[2018-08-17] sleuthkit 4.6.2-1 MIGRATED to testing (Debian testing watch)
[2018-08-12] Accepted sleuthkit 4.6.2-1 (source) into unstable (Hilko Bengen)
[2018-08-11] sleuthkit 4.6.1-1 MIGRATED to testing (Debian testing watch)
[2018-08-05] Accepted sleuthkit 4.6.1-1 (source) into unstable (Hilko Bengen)
[2018-04-06] sleuthkit 4.6.0-1 MIGRATED to testing (Debian testing watch)
[2018-03-31] Accepted sleuthkit 4.6.0-1 (source) into unstable (Hilko Bengen)
[2017-09-25] sleuthkit 4.4.2-3 MIGRATED to testing (Debian testing watch)
[2017-09-19] Accepted sleuthkit 4.4.2-3 (source) into unstable (Joao Eriberto Mota Filho)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 2)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.11.1+dfsg-1