In the ChangeLog for version 1.0.6, it says: - security fix for "change user" feature That is all of the information that we have about this vulnerability. See also http://secunia.com/advisories/12648/
squinky86, please bump to 1.0.6.
Stable x86, vulnerable versions removed, ready for GLSA. Thanks lewk :)
Hmmm... short of analyzing the changes in the new version and determine what has been fixed, I would say we can't issue a GLSA for that.
I'd drop a line to the maintainer (sla@users.sourceforge.net) and just ask him for clarification.
Dropped a line upstream to find out some more details of this "security fix" so we can decide if we want to issue a GLSA for this or not.
Upstream responded with these details: The idea of "change user" security fix consist in changing EUID in each thread independently of main thread. This is workaround for clone(2)-based threads (eg. Linux 2.4.x), where thread actually a lightweight process, so changing EUID in main thread doesn't influence on child threads. Therefore in previous version potential-vulnerable capture thread always works with EUID 0, without regard to '-u' parameter.
Security, vote on GLSA?
Closing without GLSA
