Summary: | <net-analyzer/ettercap-0.8.3: etterfilter: heap-based buffer overflow write (CVE-2017-8366) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ago, netmon, zerochaos |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.gentoo.org/ago/2017/04/29/ettercap-etterfilter-heap-based-buffer-overflow-write/ | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=net-analyzer/ettercap-0.8.3
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-05-09 18:28:37 UTC
Upstream patch: https://github.com/Ettercap/ettercap/commit/1083d604930ebb9f350126b83802ecd2cbc17f90 (not yet released Please confirm this, this might be fixed in ettercap-0.8.2-4.2 by RedHat 0.8.2 is stabilized in tree, and 0.8.2-r2 is going through stabilization. Arches please go ahead with =net-analyzer/ettercap-0.8.3 sparc stable ppc/ppc64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. Keywords for net-analyzer/ettercap: | a a a a i p p x h m s s s r m a x | e u s | r | l m r r a p p 8 p 6 3 h p i i m 8 | a n l | e | p d m m 6 c c 6 p 8 9 a s p d 6 | p u o | p | h 6 6 4 6 a k 0 r c s 6 | | i s t | o | a 4 4 4 c v 4 f | e | | | b | d | | f s | | | b d | | | s | | | d | | ---------+-----------------------------------+-------+------- 0.8.2-r2 | + + + o o + + + o o o o + o o o ~ | 6 o 0 | gentoo 0.8.3 | ~ ~ ~ o o + + + o o o o + o o o ~ | 7 o | gentoo 9999 | o o o o o o o o o o o o o o o o o | 6 o | gentoo amd64 stable arm stable dropped to ~alpha all arches done cleanup done Maintainer(s), Thank you for cleanup! Closing noglsa. |