CVE-2021-36082: ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello. Patch: https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3
Package list is empty or all packages have requested keywords.
Released in nDPI-4
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=39868efcc6779ea5e5272c3434e4a59f0bae9aa1 commit 39868efcc6779ea5e5272c3434e4a59f0bae9aa1 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-01-03 11:20:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-03 11:21:21 +0000 net-analyzer/ntopng: add 5.0 As with nDPI, aware of the ar-directly and other similar bugs, but am trying to address this first upstream & go from there. Bug: https://bugs.gentoo.org/799782 Bug: https://bugs.gentoo.org/830403 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/ntopng/Manifest | 1 + net-analyzer/ntopng/ntopng-5.0.ebuild | 92 +++++++++++++++++++++++++++++++++++ 2 files changed, 93 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa4c91dd460e1604ec58cc6b3531e8170812da3f commit fa4c91dd460e1604ec58cc6b3531e8170812da3f Author: Sam James <sam@gentoo.org> AuthorDate: 2022-01-03 10:50:06 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-03 11:21:20 +0000 net-libs/nDPI: add 4.0 Includes a patch which adds an API to allow ntopong to work too. (Working on ar/other build system patches upstream.) Bug: https://bugs.gentoo.org/799782 Bug: https://bugs.gentoo.org/625730 Closes: https://bugs.gentoo.org/830403 Thanks-to: Larry Sexton <sexton.larry048@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> net-libs/nDPI/Manifest | 2 ++ net-libs/nDPI/nDPI-4.0.ebuild | 59 ++++++++++++++++++++++++++++++++++++ net-libs/nDPI/nDPI-9999.ebuild | 68 ++++++++++++++++++++---------------------- 3 files changed, 93 insertions(+), 36 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=264f9235c9e09fa072e972c5587c4373d8c015f1 commit 264f9235c9e09fa072e972c5587c4373d8c015f1 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-08-16 21:23:11 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-16 21:23:11 +0000 net-libs/nDPI: drop 3.4 Bug: https://bugs.gentoo.org/799782 Signed-off-by: John Helmert III <ajak@gentoo.org> net-libs/nDPI/Manifest | 1 - .../files/nDPI-3.4-configure-fail-libcap.patch | 19 ------- .../nDPI-3.4-fix-oob-in-kerberos-dissector.patch | 16 ------ net-libs/nDPI/nDPI-3.4.ebuild | 65 ---------------------- 4 files changed, 101 deletions(-)
Tree is clean, all done