On Tue, Jun 18, 2013 at 01:07:23PM +0200, Michael Prokop wrote: > we're lagging quite some versions behind with our sleuthkit > packaging in Debian. I tried to take care of it and just pushed > upstream and pristine-tar branches for new upstream version 4.1.0 of > sleuthkit to our git repos (I hope you don't mind, Christophe). > > I also pushed my changes related to Debian packaging into branch > mika/4.1.0 (to not mess with main 'debian' branch yet until it's > known to be fine). > > I'm a bit unsure how to handle the libtsk3 package though. > Our latest package libtsk3-3 shipped /usr/lib/libtsk3.so.3.4.0 > but upstream seems to have renamed 'tsk3' to just 'tsk' and I'm not > sure how to handle the resulting /usr/lib/libtsk.so.10.0.0 package > wise. > > Julien, you seem to have handled also the symbol files in the past > and know what you're doing. :) Any chance you could take a look at > the current situation and help us in getting a new package release > out?
Hello, I can't see sleuthkit 4.1.0 yet in unstable. What is the status with this? I can help with some smaller tasks and testing if needed. Without much checking security vulnerability[1] has been fixed in newer versions. In my opinion comment "Hardly a vulnerability" in tracker is understating this issue as per mailing list post[2] says: """ The vulnerability is already exploited, for example, by the Flame malware (possibly unintendedly). Flame uses an encrypted SQLite-DB named "." for extraction of confidential files and for update distribution. An analyst may miss the file as the Sleuth Kit does not appropriately show the file. http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/ http://blog.crysys.hu/2012/06/flame-usb-dot-file-confirmed/ """ 1: https://security-tracker.debian.org/tracker/CVE-2012-5619 2: http://www.openwall.com/lists/oss-security/2012/12/01/2 --- Henri Salo
signature.asc
Description: Digital signature