Your message dated Mon, 29 Dec 2014 19:03:26 +0000 with message-id <e1y5fbc-0000oa...@franck.debian.org> and subject line Bug#773416: fixed in ettercap 1:0.7.3-2.1+squeeze2 has caused the Debian Bug report #773416, regarding ettercap: CVE-2014-6395 CVE-2014-6396 CVE-2014-9376 CVE-2014-9377 CVE-2014-9378 CVE-2014-9379 CVE-2014-9380 CVE-2014-9381 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773416: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ettercap Severity: grave Tags: security Justification: user security hole Hi, please see https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ for details and patches. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: ettercap Source-Version: 1:0.7.3-2.1+squeeze2 We believe that the bug you reported is fixed in the latest version of ettercap, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 773...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Nguyen Cong <cong.nguyen...@toshiba-tsdv.com> (supplier of updated ettercap package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 25 Dec 2014 15:43:59 +0700 Source: ettercap Binary: ettercap-common ettercap ettercap-gtk Architecture: source i386 Version: 1:0.7.3-2.1+squeeze2 Distribution: squeeze-lts Urgency: medium Maintainer: Murat Demirten <mu...@debian.org> Changed-By: Nguyen Cong <cong.nguyen...@toshiba-tsdv.com> Description: ettercap - Multipurpose sniffer/interceptor/logger for switched LAN ettercap-common - Common support files and plugins for ettercap ettercap-gtk - Multipurpose sniffer/interceptor/logger for switched LAN Closes: 773416 Changes: ettercap (1:0.7.3-2.1+squeeze2) squeeze-lts; urgency=medium . * Non-maintainer upload. * Patch a bunch of security vulnerabilities (closes: #773416) - CVE-2014-9380 (Buffer over-read) - CVE-2014-9381 (Signedness error) See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ Patches taken from upstream - 6b196e011fa456499ed4650a360961a2f1323818 pull/608 - 31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609 Thanks to Nick Sampanis <n.sampa...@obrela.com> who is responsible for both finding and repairing these issues. Checksums-Sha1: 6c40fc591d18aeb8bec8920f46755349a143061b 1941 ettercap_0.7.3-2.1+squeeze2.dsc 0a6f1c7f14a63bdc15b7674c14f4c5b165e6d5b1 1148766 ettercap_0.7.3.orig.tar.gz e192944698c029921867f4e968b89ea066b0de9c 7308 ettercap_0.7.3-2.1+squeeze2.diff.gz 38948f0989354608c1c56fb76445f0546e5b6db4 303832 ettercap-common_0.7.3-2.1+squeeze2_i386.deb 8a9112eb34fc03f3398d36531dfb0403990ee54e 190786 ettercap_0.7.3-2.1+squeeze2_i386.deb e68d2cdc1a0378e3b2374c59415e2c0c1f8d39e6 226626 ettercap-gtk_0.7.3-2.1+squeeze2_i386.deb Checksums-Sha256: 15205df7151afffff0d1ef7ac8ede256adf80c2ca985e44eb6c4a34a7dc8619b 1941 ettercap_0.7.3-2.1+squeeze2.dsc 588f500bf42f006793320b9f7781ac8b13f480e320481a309658d346ff5a3cb3 1148766 ettercap_0.7.3.orig.tar.gz 49110fb5a4b24b7c0b6b96ccf5d40ee6998f2b38feb75bba9009e1109adc5e4a 7308 ettercap_0.7.3-2.1+squeeze2.diff.gz 3dad7b38273928364effc4050ab24e7bc57df9462ac643190f65a02021b0e33e 303832 ettercap-common_0.7.3-2.1+squeeze2_i386.deb 2ed6e776463e3c0fc94d5c8b92f54b20bc3069ce61989b9c8ed9e7af387e3514 190786 ettercap_0.7.3-2.1+squeeze2_i386.deb d9fc559999a9e4a85f84f4e442eacd1e5955fa0d017df238febc601b8d69c50d 226626 ettercap-gtk_0.7.3-2.1+squeeze2_i386.deb Files: dd9a93b464e8f399815a3b877515ced1 1941 net optional ettercap_0.7.3-2.1+squeeze2.dsc 3683c0512485cc1badc562815fbdd373 1148766 net optional ettercap_0.7.3.orig.tar.gz 08b0c7a2ecfe6681ef507c7b043e9124 7308 net optional ettercap_0.7.3-2.1+squeeze2.diff.gz f7987d5ae3b8d5c7f39f4a21e3a225cc 303832 net optional ettercap-common_0.7.3-2.1+squeeze2_i386.deb ef9900e8a7674d852ae9775996162588 190786 net optional ettercap_0.7.3-2.1+squeeze2_i386.deb 5013f78341f9630de2858a13eaf71b7c 226626 net optional ettercap-gtk_0.7.3-2.1+squeeze2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJUoaHnXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHySYP/j8uq1wX2jpswm8nhmwnm3Sk IALr5OF+wfkNfqGdSqduFqe0aHJjgObY+n19fzExEFx0GE1DCaFM+2uFZwee1Rd2 Hgo1cs9jGQb9g/UqWkWFUNNJ60e/4PRmNT4Ua2QdjqsUF0Ob7VP7QArkyHqkmd13 nZHCuJ4rogmGXwy54zSaSQky+/6HPsKL/Wj6imfN4JwYbhtyqMTY+OI0jWONTcfn 3Dqh4/4YvpX0sTs1HSmFkXptlccHI3dpfRplbHHWxHSG3kUr5dtHgKyCD8S+lzMx Nn9BcxOK4Nvu+9dkXfwfej0/cS/MJr5Tjq94myLuS28glm+QzCTW6JNgYok3mFLr U7f79j9UIUecmiWMjG6xstCmOkZdpx1FArf0nrALPgYNzYWwQqXbIrHTOnObhXGT RL4NnZvqSvR/stwJhEGggd9gfNiS/8V7E69FyFaqCsoVR7JVruwVEzM3NVtDRY9l uF979oJbwEMejFNH2bCbfXPqxEOXasK5y1i+qjjaSK6JZSOPvDyYVjFvLWP5W0Dz g5WlUXjLI5UCi0YAu4aFwZwhE4Z5Ps4bT8MBcif7mcJzhP5mJ4ah3yTDIfgSj/wF H7xb/lKd1Ri7R9XL/1yLdGrysIpV9IPLJwnXth7H1wSboCxosEjA1rnml2zWG0dx ffOtGRBam1v54+aECqK4 =w60e -----END PGP SIGNATURE-----
--- End Message ---
