slirp4netns - Debian Package Tracker

general

source: slirp4netns (main)
version: 1.0.1-2
maintainer: Reinhard Tartler (DMD) (LowNMU)
arch: any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.2.3-1
stable: 1.0.1-2
testing: 1.0.1-2
unstable: 1.0.1-2

versioned links

0.2.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

slirp4netns (1 bugs: 0, 1, 0, 0)

action needed

Debci reports failed tests high

unstable: neutral (log)
The tests ran in 0:00:24
Last run: 2020-05-17T00:00:27.000Z
Previous status: fail

testing: fail (log)
The tests ran in 0:06:39
Last run: 2020-05-15T18:00:24.000Z
Previous status: fail

stable: fail (log)
The tests ran in 0:00:29
Last run: 2019-08-27T04:46:18.000Z
Previous status: fail

Created: 2019-01-02 Last update: 2021-09-21 20:08

A new upstream version is available: 1.1.12 high

A new upstream version 1.1.12 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2021-09-21 19:02

lintian reports 1 error and 3 warnings high

Lintian reports 1 error and 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-08-22 Last update: 2021-04-11 10:20

4 low-priority security issues in buster low

There are 4 open security issues in buster.

4 issues left for the package maintainer to handle:

CVE-2019-15890: (needs triaging) libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
CVE-2020-10756: (needs triaging) An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.
CVE-2020-1983: (needs triaging) A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
CVE-2020-8608: (needs triaging) In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-08-15 00:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.3.0).

Created: 2019-01-02 Last update: 2021-08-18 14:03

news

[rss feed]

[2021-04-08] slirp4netns 1.0.1-2 MIGRATED to testing (Debian testing watch)
[2021-04-08] slirp4netns 1.0.1-2 MIGRATED to testing (Debian testing watch)
[2021-03-24] Accepted slirp4netns 1.0.1-2 (source) into unstable (Reinhard Tartler)
[2020-05-22] slirp4netns 1.0.1-1 MIGRATED to testing (Debian testing watch)
[2020-05-16] Accepted slirp4netns 1.0.1-1 (source) into unstable (Reinhard Tartler)
[2020-02-21] slirp4netns 0.4.3-1 MIGRATED to testing (Debian testing watch)
[2020-02-16] Accepted slirp4netns 0.4.3-2 (source) into experimental (Reinhard Tartler)
[2020-02-16] Accepted slirp4netns 0.4.3-1 (source) into unstable (Reinhard Tartler)
[2019-09-26] slirp4netns 0.4.1-1 MIGRATED to testing (Debian testing watch)
[2019-09-20] Accepted slirp4netns 0.4.1-1 (source) into unstable (Reinhard Tartler)
[2019-08-26] Accepted slirp4netns 0.2.3-1 (source) into proposed-updates->stable-new, proposed-updates (Reinhard Tartler)
[2019-08-20] slirp4netns 0.3.2-1 MIGRATED to testing (Debian testing watch)
[2019-08-14] Accepted slirp4netns 0.3.2-1 (source) into unstable (Reinhard Tartler)
[2019-07-31] Accepted slirp4netns 0.3.1-1 (source) into unstable (Reinhard Tartler)
[2019-03-31] Accepted slirp4netns 0.3.0-1 (source) into experimental (Reinhard Tartler)
[2019-02-02] slirp4netns 0.2.1-1 MIGRATED to testing (Debian testing watch)
[2019-01-27] Accepted slirp4netns 0.2.1-1 (source) into unstable (Reinhard Tartler)
[2019-01-07] slirp4netns 0.1~git20181119.5e4789b-1 MIGRATED to testing (Debian testing watch)
[2019-01-01] Accepted slirp4netns 0.1~git20181119.5e4789b-1 (source amd64) into unstable, unstable (Reinhard Tartler)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (1, 3)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.0.1-2