-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: ettercap Binary: ettercap-common, ettercap-text-only, ettercap-graphical, ettercap-dbg Architecture: any Version: 1:0.8.1-3 Maintainer: Barak A. Pearlmutter <[email protected]> Uploaders: Murat Demirten <[email protected]>, Gianfranco Costamagna <[email protected]> Homepage: http://ettercap.sourceforge.net Standards-Version: 3.9.6 Vcs-Browser: http://github.com/barak/ettercap Vcs-Git: git://github.com/barak/ettercap.git Build-Depends: bison | bison++, check, chrpath, cmake, debhelper (>= 9), flex | flex-old, ghostscript, libbsd-dev, libcurl4-openssl-dev, libgtk2.0-dev, libltdl-dev, libluajit-5.1-dev [!hurd-i386 !kfreebsd-amd64 !s390x !arm64 !ppc64el !sparc !alpha !arm64 !hppa !m68k !ppc64 !sh4 !sparc64 !x32], libncurses5-dev, libnet1-dev, libpcap-dev, libpcre3-dev, libssl-dev Package-List: ettercap-common deb net optional arch=any ettercap-dbg deb debug extra arch=any ettercap-graphical deb net optional arch=any ettercap-text-only deb net optional arch=any Checksums-Sha1: 1179923d94954cd6e00117c3492c4ca3991bc401 1021449 ettercap_0.8.1.orig.tar.gz 782debc9af21f2c5ac2a84ae8da8629317060ea0 14088 ettercap_0.8.1-3.debian.tar.xz Checksums-Sha256: a0294f4c075c4c1d84c7a12370b9b1fa110956deae00c3dab2e89b235299926a 1021449 ettercap_0.8.1.orig.tar.gz da47bba88577bca989d8a229c9aec16591815e3c1b4f39194ca95357347d100c 14088 ettercap_0.8.1-3.debian.tar.xz Files: cdbbc13f86ba214b7068c9da6546ca95 1021449 ettercap_0.8.1.orig.tar.gz 0537d1f72670709cd021abedd9f02117 14088 ettercap_0.8.1-3.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUkpwLAAoJEBJbV0deGQ0YMZkP/3HbTU//T4zg/jF+wTVa/8e6 nRa4duHpKoxH62HZ28R0/jueFEPPGH5Q3+gX5O2u3auIv8Z462n7Wrhlw1hTmG5H OZOm4jy61xef306lbWNlxXqb9PV8oNYJVaF/Q9rYLsCfG9CfLIUDuQJ/xFBrjHwC ux2YgjDymjrCIGKyB1/rA/UMdJFjriqjGduO+GHz8Ng/SdsmAHMdCJ3yzYlKOX+h +tb4IREQdRURy6yvzxUBBJ8MenjfUXmETBJ5gBTmEUm7KB2DHnCcEGewJqOM+wAr 0gyUynuB069YHPPrkDEIK0Ox6AeqquH07TJPcFfTNTN8fh5D1+oZcVCExoJReeRc LA76jaFKqbXSH8ekvnhLf/1ePpnIz9MQzKpw+rSE8Egwcqj5b+Q7GnLa56V5gfuj aoK/V47UmGEtncjMqMo/E8hzrCBaFdCYT0o9KMDY3RSSYtCVcJJJTqt5qKcnMf8L 6Gx7xBX/vUaoq0Kn3O0SyN3wFcDaqIGW9m1tuXjgiU5z69qySNFXwTLuy52zcV/B LPrDruF/s/X20iLcxp3C6C7e42kOW0AX/HESiyjNdBPsmWc6d3rnzdncqVJN9SQQ QNkqw3/SNLLfHiD4vYsldXp7ZcEToQPnvrj8FfKOQFHqawBAOMTv5xpRa0Wv9X2t rZMn9Md6xmRYMDSfwhYN =PkQO -----END PGP SIGNATURE----- Changes: ettercap (1:0.8.1-3) unstable; urgency=high * Patch a bunch of security vulnerabilities (closes: #773416) - CVE-2014-6395 (Length Parameter Inconsistency) - CVE-2014-6396 (Arbitrary write) - CVE-2014-9376 (Negative index/underflow) - CVE-2014-9377 (Heap overflow) - CVE-2014-9378 (Unchecked return value) - CVE-2014-9379 (Incorrect cast) - CVE-2014-9380 (Buffer over-read) - CVE-2014-9381 (Signedness error) See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ Patches taken from repo CVE-patch, URL git://github.com/NickSampanis/ettercap.git - 88804bd3a900d273215855f7c567ec891d31e547 CVE-patch/589 - 103f16582ee88341a6a610378011781cdc866b0c CVE-patch/602 - 3f0c582826095c722ab6fbf91518282a765a0b68 CVE-patch/603 - cb7b2028dc03c628aa0a1a5130ca41421ddebcb2 CVE-patch/604 - edd337d5d4f37ab8e330c5e067344dd5b3f10435 CVE-patch/605 - 37dcfdf79e1ac6dcacd565894cd7717aa0224164 CVE-patch/606 - c2a3c99af956146570d7883e4b540b9d0c0a3c46 CVE-patch/607 - 6b196e011fa456499ed4650a360961a2f1323818 CVE-patch/608 - afe7061948e85f0a0fd417d5e4c681bfaf212f42 CVE-patch/609 - 9e9fdc7ed1ee8eba01a5a05e000b6c55d2a70923 CVE-patch/610 Thanks to Nick Sampanis <[email protected]> who is responsible for both finding and repairing these issues. -- Barak A. Pearlmutter <[email protected]> Thu, 18 Dec 2014 09:07:40 +0000
