Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 618018 (CVE-2017-8366)

Summary: <net-analyzer/ettercap-0.8.3: etterfilter: heap-based buffer overflow write (CVE-2017-8366)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: ago, netmon, zerochaos
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://blogs.gentoo.org/ago/2017/04/29/ettercap-etterfilter-heap-based-buffer-overflow-write/
Whiteboard: B3 [noglsa cve]
Package list:
=net-analyzer/ettercap-0.8.3
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2017-05-09 18:28:37 UTC
Details at $URL.



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-04 23:11:47 UTC
Upstream patch: https://github.com/Ettercap/ettercap/commit/1083d604930ebb9f350126b83802ecd2cbc17f90 (not yet released
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2019-03-27 00:33:57 UTC
Please confirm this, this might be fixed in ettercap-0.8.2-4.2 by RedHat
0.8.2 is stabilized in tree, and 0.8.2-r2 is going through stabilization.
Comment 3 Agostino Sarubbo gentoo-dev 2019-08-26 12:53:06 UTC
Arches please go ahead with =net-analyzer/ettercap-0.8.3
Comment 4 Rolf Eike Beer archtester 2019-08-26 18:47:09 UTC
sparc stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2019-08-27 23:03:32 UTC
ppc/ppc64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-08-28 09:51:55 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2019-08-28 11:17:02 UTC
Keywords for net-analyzer/ettercap:
         | a a a a i p p x h m s s s r m a x | e u s | r
         | l m r r a p p 8 p 6 3 h p i i m 8 | a n l | e
         | p d m m 6 c c 6 p 8 9   a s p d 6 | p u o | p
         | h 6   6 4   6   a k 0   r c s 6 | | i s t | o
         | a 4   4     4           c v   4 f |   e   |
         |                               | b |   d   |
         |                               f s |       |
         |                               b d |       |
         |                               s   |       |
         |                               d   |       |
---------+-----------------------------------+-------+-------
0.8.2-r2 | + + + o o + + + o o o o + o o o ~ | 6 o 0 | gentoo
0.8.3    | ~ ~ ~ o o + + + o o o o + o o o ~ | 7 o   | gentoo
9999     | o o o o o o o o o o o o o o o o o | 6 o   | gentoo
Comment 8 Agostino Sarubbo gentoo-dev 2019-08-30 07:58:04 UTC
amd64 stable
Comment 9 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-09-13 18:05:42 UTC
arm stable
Comment 10 Matt Turner gentoo-dev 2019-10-14 01:08:51 UTC
dropped to ~alpha

all arches done
Comment 11 Agostino Sarubbo gentoo-dev 2019-11-01 19:58:26 UTC
cleanup done
Comment 12 Yury German Gentoo Infrastructure gentoo-dev 2020-01-26 05:14:32 UTC
Maintainer(s), Thank you for cleanup!

Closing noglsa.