Package: ettercap / 1:0.8.1-3+deb8u1

Metadata

Package Version Patches format
ettercap 1:0.8.1-3+deb8u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
debian changes | (download)

plug-ins/mdns_spoof/mdns_spoof.c | 3 2 + 1 - 0 !
plug-ins/nbns_spoof/nbns_spoof.c | 4 4 + 0 - 0 !
src/dissectors/ec_TN3270.c | 4 4 + 0 - 0 !
src/dissectors/ec_cvs.c | 6 3 + 3 - 0 !
src/dissectors/ec_dhcp.c | 2 1 + 1 - 0 !
src/dissectors/ec_gg.c | 16 16 + 0 - 0 !
src/dissectors/ec_imap.c | 9 5 + 4 - 0 !
src/dissectors/ec_postgresql.c | 2 1 + 1 - 0 !
src/dissectors/ec_radius.c | 2 1 + 1 - 0 !
src/ec_utils.c | 4 4 + 0 - 0 !
10 files changed, 41 insertions(+), 11 deletions(-)

 <short summary of the patch>
 TODO: Put a short summary on the line above and replace this paragraph
 with a longer explanation of this change. Complete the meta-information
 with other relevant fields (see below for details). To make it easier, the
 information below has been extracted from the changelog. Adjust it or drop
 it.
 .
 ettercap (1:0.8.1-3) unstable; urgency=high
 .
   * Patch a bunch of security vulnerabilities (closes: #773416)
     - CVE-2014-6395 (Length Parameter Inconsistency)
     - CVE-2014-6396 (Arbitrary write)
     - CVE-2014-9376 (Negative index/underflow)
     - CVE-2014-9377 (Heap overflow)
     - CVE-2014-9378 (Unchecked return value)
     - CVE-2014-9379 (Incorrect cast)
     - CVE-2014-9380 (Buffer over-read)
     - CVE-2014-9381 (Signedness error)
     See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
     Patches taken from repo CVE-patch, URL git://github.com/NickSampanis/ettercap.git
     - 88804bd3a900d273215855f7c567ec891d31e547 CVE-patch/589
     - 103f16582ee88341a6a610378011781cdc866b0c CVE-patch/602
     - 3f0c582826095c722ab6fbf91518282a765a0b68 CVE-patch/603
     - cb7b2028dc03c628aa0a1a5130ca41421ddebcb2 CVE-patch/604
     - edd337d5d4f37ab8e330c5e067344dd5b3f10435 CVE-patch/605
     - 37dcfdf79e1ac6dcacd565894cd7717aa0224164 CVE-patch/606
     - c2a3c99af956146570d7883e4b540b9d0c0a3c46 CVE-patch/607
     - 6b196e011fa456499ed4650a360961a2f1323818 CVE-patch/608
     - afe7061948e85f0a0fd417d5e4c681bfaf212f42 CVE-patch/609
     - 9e9fdc7ed1ee8eba01a5a05e000b6c55d2a70923 CVE-patch/610
     Thanks to Nick Sampanis <n.sampanis@obrela.com> who is responsible for
     both finding and repairing these issues.
626dc56686f15f2dda13c48f78c2a666cb6d8506.patch | (download)

utils/etterfilter/ef_compiler.c | 4 3 + 1 - 0 !
utils/etterfilter/ef_main.c | 10 7 + 3 - 0 !
utils/etterfilter/ef_output.c | 3 3 + 0 - 0 !
3 files changed, 13 insertions(+), 4 deletions(-)

 [patch] exit gracefully in case of corrupted filters (closes issue
 #782)


803.patch | (download)

include/ec_strings.h | 2 1 + 1 - 0 !
src/ec_encryption.c | 2 1 + 1 - 0 !
src/ec_strings.c | 25 15 + 10 - 0 !
src/interfaces/curses/ec_curses_view_connections.c | 2 1 + 1 - 0 !
src/interfaces/gtk/ec_gtk_view_connections.c | 2 1 + 1 - 0 !
utils/etterfilter/ef_encode.c | 18 12 + 6 - 0 !
6 files changed, 31 insertions(+), 20 deletions(-)

 [patch 1/4] add asan compiler flags in debug build type