Your message dated Sun, 15 Feb 2026 20:34:44 +0000
with message-id <[email protected]>
and subject line Bug#1124381: fixed in libpcap 1.10.6-1
has caused the Debian Bug report #1124381,
regarding libpcap: CVE-2025-11961
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1124381: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124381
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libpcap
Version: 1.10.5-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for libpcap.
CVE-2025-11961[0]:
| pcap_ether_aton() is an auxiliary function in libpcap, it takes a
| string argument and returns a fixed-size allocated buffer. The
| string argument must be a well-formed MAC-48 address in one of the
| supported formats, but this requirement has been poorly documented.
| If an application calls the function with an argument that deviates
| from the expected format, the function can read data beyond the end
| of the provided string and write data beyond the end of the
| allocated buffer.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-11961
https://www.cve.org/CVERecord?id=CVE-2025-11961
[1]
https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libpcap
Source-Version: 1.10.6-1
Done: Peter Wienemann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libpcap, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Peter Wienemann <[email protected]> (supplier of updated libpcap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 15 Feb 2026 19:18:22 +0100
Source: libpcap
Architecture: source
Version: 1.10.6-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <[email protected]>
Changed-By: Peter Wienemann <[email protected]>
Closes: 1124381
Changes:
libpcap (1.10.6-1) unstable; urgency=medium
.
* Team upload.
* New upstream version 1.10.6
- Fixes CVE-2025-11961 (Closes: #1124381)
* Switch watch file format to version 5
* Update signing key E089DEF1D9C15D0D (extended until 2026-05-10)
* Add d/upstream/metadata
* d/control:
- Remove redundant "Rules-Requires-Root: no"
- Remove redundant "Priority: optional"
- Bump Standards-Version to 4.7.3 (no changes required)
* Overhaul d/copyright, rewrite in machine-readable format
Checksums-Sha1:
9a6fafa230236afaae63d4b9b4ded1ef3aa31c53 2449 libpcap_1.10.6-1.dsc
af309b536b514cb12a02657edbfa729f1b451009 682312 libpcap_1.10.6.orig.tar.xz
8b0b6f353eeb317821cb690bee15350fa0258699 667 libpcap_1.10.6.orig.tar.xz.asc
914558853092566b2abe54201b4b504059b37790 23292 libpcap_1.10.6-1.debian.tar.xz
055a5852d022fa6d513bb367bd500b05f9b43e1d 6974 libpcap_1.10.6-1_amd64.buildinfo
Checksums-Sha256:
32b0ef9273f801a210a16a3865720d579a1fee1a55a4fa4f061bacd5d24b4688 2449
libpcap_1.10.6-1.dsc
ec97d1206bdd19cb6bdd043eaa9f0037aa732262ec68e070fd7c7b5f834d5dfc 682312
libpcap_1.10.6.orig.tar.xz
7705eca5ea9a489bc8217128934a6de6cbde0f77e3bc162d3b2c7eda3a13b8e7 667
libpcap_1.10.6.orig.tar.xz.asc
e9eec78fc8858c2fceb95fa2390815f963f93e795cc0f9536cf6c79d469ccd2e 23292
libpcap_1.10.6-1.debian.tar.xz
aaa3847585c39d421ff31ab92b7032c705c5fc475f30ca5bb5f5ab439a86c052 6974
libpcap_1.10.6-1_amd64.buildinfo
Files:
864299f705a8ca1a0aa194c7ead5c87d 2449 devel optional libpcap_1.10.6-1.dsc
e46b62dbe89611e03712fe79c5743245 682312 devel optional
libpcap_1.10.6.orig.tar.xz
b91b2ecdbb43cb124cf95c872a8a3479 667 devel optional
libpcap_1.10.6.orig.tar.xz.asc
bb26188a287b20a46f4747dd098a7143 23292 devel optional
libpcap_1.10.6-1.debian.tar.xz
e0ee59c7202a864d5696b182fadf431b 6974 devel optional
libpcap_1.10.6-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEBrYs08CqJ6RHEajlAuXO5wyFLHsFAmmSKkVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDA2
QjYyQ0QzQzBBQTI3QTQ0NzExQThFNTAyRTVDRUU3MEM4NTJDN0IACgkQAuXO5wyF
LHuc7w//TfzbAdEbFHNQc3z5GuxuHg2/WiixsRvO1q8wZaHNMOcMvu++oA0v5BDA
tVy9OpBuIFLwBxZph1SYdM5u3xgDn99tIYMMN6aKR6A7HtJBeBQFp4pcjUDIlUjk
oXAwsRzDuXL1RKnXgeyeSeftYK0Iul7lYdXkWc+wk2vzrvjDpbPiPXoJpiaJ00Zn
eEe2J9KGYkASGXZR2iq06ccClSTZx9J/JeEO/2o5aHqHDR8YWwe9Ilf36nuOD0BK
pPSxHMYqf1QWIljOfTJE2gi/Gfo002Kjb5W52pHMCIxkhkRm8tHKj/Jgkhm7D8ay
TwRkPrpF8yPrkOYMBF17nKNiPkP/50VoKQ9pQu1EjntsWXbZgZRFUByaR8OBZEQQ
Pq7JhHBRGznF62SV5iTbD0XMfTSeF2KQFdsMgc15Bo7HBY5D9oKTL5GDeZFYU2KJ
CFgbS5dR7OfXU5kej+s6GukLpk881CQY7GD7AgYAYYKvnT2SJoDhogxjmCFmG4sT
JKqEHRQ0RLxJGf07UJu4JxsWMsKJzB4rC2eiSO/bHQY2LvspLKXtrYqiBhEVpOc2
GOo66FC8oCSAl+uam92eH2YjPJvpv8mHOBAS+WKOJR+iSvTDjkpR0/41HFTyjRmA
uWTQZt4z/kMrmHXYm4bYYh0bxoV8IQbsgI7RJ5nupCfnr9YDBg4=
=mOx8
-----END PGP SIGNATURE-----
pgpphJG4BH2YL.pgp
Description: PGP signature
--- End Message ---
