1) CVE-2020-11939 Description: "In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis." Patch: https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202 Advisory: https://securitylab.github.com/advisories/GHSL-2020-051_052-ntop-ndpi 2) CVE-2020-11940 Description: "In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library." Patch: https://github.com/ntop/nDPI/commit/3bbb0cd3296023f6f922c71d21a1c374d2b0a435 Advisory: https://securitylab.github.com/advisories/GHSL-2020-051_052-ntop-ndpi
@maintainer(s), please apply the supplied patches
https://github.com/pmacct/pmacct/pull/382#pullrequestreview-391883704
I've asked for an update on the dependent bugs. It looks like some patches could be applied but there may be complications with the rdeps given they seem fragile.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e26047940e7c08a5893799df90228a62b13eac57 commit e26047940e7c08a5893799df90228a62b13eac57 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2020-06-12 03:48:36 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2020-06-12 03:49:10 +0000 profiles/package.mask: mask net-libs/nDPI and friends Bug: https://bugs.gentoo.org/719084 Signed-off-by: Aaron Bauman <bman@gentoo.org> profiles/package.mask | 8 ++++++++ 1 file changed, 8 insertions(+)
(In reply to Larry the Git Cow from comment #4) > The bug has been referenced in the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=e26047940e7c08a5893799df90228a62b13eac57 > > commit e26047940e7c08a5893799df90228a62b13eac57 > Author: Aaron Bauman <bman@gentoo.org> > AuthorDate: 2020-06-12 03:48:36 +0000 > Commit: Aaron Bauman <bman@gentoo.org> > CommitDate: 2020-06-12 03:49:10 +0000 > > profiles/package.mask: mask net-libs/nDPI and friends > > Bug: https://bugs.gentoo.org/719084 > Signed-off-by: Aaron Bauman <bman@gentoo.org> > > profiles/package.mask | 8 ++++++++ > 1 file changed, 8 insertions(+) # maintainer ignored w/irrelevant comment. What irrelevant comment would that be? Is that really something you want to relay to a wider audience instead of inviting people to (supply patches to) fix software that is actually useful and used? Regarding the bit before the "w/", I want to say that I do not have much time for complex problems these days for various personal reasons, and fixing various upstream compatibility issues makes resolving nDPI-3.2 stabilisation rather complex, indeed.
(In reply to Jeroen Roovers from comment #5) > (In reply to Larry the Git Cow from comment #4) > > The bug has been referenced in the following commit(s): > > > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > > ?id=e26047940e7c08a5893799df90228a62b13eac57 > > > > commit e26047940e7c08a5893799df90228a62b13eac57 > > Author: Aaron Bauman <bman@gentoo.org> > > AuthorDate: 2020-06-12 03:48:36 +0000 > > Commit: Aaron Bauman <bman@gentoo.org> > > CommitDate: 2020-06-12 03:49:10 +0000 > > > > profiles/package.mask: mask net-libs/nDPI and friends > > > > Bug: https://bugs.gentoo.org/719084 > > Signed-off-by: Aaron Bauman <bman@gentoo.org> > > > > profiles/package.mask | 8 ++++++++ > > 1 file changed, 8 insertions(+) # removal in 30 days. bug #719084 You also didn't announce the removal as a "last rites", it seems.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c03f61f4f47219f18a44551cbc47531886ffc99b commit c03f61f4f47219f18a44551cbc47531886ffc99b Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-06-17 04:59:18 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-06-17 04:59:39 +0000 net-analyzer/pmacct: Update live ebuild Package-Manager: Portage-2.3.101, Repoman-2.3.22 Signed-off-by: Jeroen Roovers <jer@gentoo.org> Bug: https://bugs.gentoo.org/719084 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-analyzer/pmacct/pmacct-999999.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8a5d6411b0b856347c9a5ec72e162336fc16bb42 commit 8a5d6411b0b856347c9a5ec72e162336fc16bb42 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-06-17 04:56:22 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-06-17 04:59:39 +0000 profiles/package.mask: Unmask net-libs/nDPI, ntopng, pmacct Signed-off-by: Jeroen Roovers <jer@gentoo.org> Bug: https://bugs.gentoo.org/719084 Signed-off-by: Jeroen Roovers <jer@gentoo.org> profiles/package.mask | 8 -------- 1 file changed, 8 deletions(-)
(In reply to Jeroen Roovers from comment #5) > (In reply to Larry the Git Cow from comment #4) > > The bug has been referenced in the following commit(s): > > > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > > ?id=e26047940e7c08a5893799df90228a62b13eac57 > > > > commit e26047940e7c08a5893799df90228a62b13eac57 > > Author: Aaron Bauman <bman@gentoo.org> > > AuthorDate: 2020-06-12 03:48:36 +0000 > > Commit: Aaron Bauman <bman@gentoo.org> > > CommitDate: 2020-06-12 03:49:10 +0000 > > > > profiles/package.mask: mask net-libs/nDPI and friends > > > > Bug: https://bugs.gentoo.org/719084 > > Signed-off-by: Aaron Bauman <bman@gentoo.org> > > > > profiles/package.mask | 8 ++++++++ > > 1 file changed, 8 insertions(+) > > # maintainer ignored w/irrelevant comment. > > What irrelevant comment would that be? Is that really something you want to > relay to a wider audience instead of inviting people to (supply patches to) > fix software that is actually useful and used? > > Regarding the bit before the "w/", I want to say that I do not have much > time for complex problems these days for various personal reasons, and > fixing various upstream compatibility issues makes resolving nDPI-3.2 > stabilisation rather complex, indeed. So, just reply on the bug and request assistance. Others have linked to upstream patches and you simply replied with an issue regarding API's. That doesn't really explain anything to anyone. Not having time for a volunteer project is understandable.
So, I think where we're at now, is we need the original patches to be applied?
(In reply to Sam James (sec padawan) from comment #9) > So, I think where we're at now, is we need the original patches to be > applied? ping.
(In reply to Sam James (sec padawan) from comment #10) > (In reply to Sam James (sec padawan) from comment #9) > > So, I think where we're at now, is we need the original patches to be > > applied? > > ping. ping. These are the only patches applied: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=86334337401778e20e86773179e40c4a323fb34d We need this: https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202. If there's a problem or something I'm not seeing, please let us know and we can help. Otherwise please apply the patches ASAP.
(In reply to Sam James (sec padawan) from comment #11) > (In reply to Sam James (sec padawan) from comment #10) > > (In reply to Sam James (sec padawan) from comment #9) > > > So, I think where we're at now, is we need the original patches to be > > > applied? > > > > ping. > > ping. > > These are the only patches applied: > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=86334337401778e20e86773179e40c4a323fb34d > > We need this: > https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202. > > If there's a problem or something I'm not seeing, please let us know and we > can help. Otherwise please apply the patches ASAP. I think we need this, actually: 1) https://github.com/ntop/nDPI/commit/3bbb0cd3296023f6f922c71d21a1c374d2b0a435 2) https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202 3) https://github.com/ntop/nDPI/commit/a70fd6ed3b33d9e2c89fe35c96102c156d39f1f9 4) https://github.com/ntop/nDPI/commit/c120cca66272646c4277d71fa769d020b1026b28 but there's a large number of other memory-safety commits, so a snapshot may be more appropriate if the reverse dependencies still build.
(In reply to Sam James (sec padawan) from comment #12) > I think we need this, actually: > 1) > https://github.com/ntop/nDPI/commit/3bbb0cd3296023f6f922c71d21a1c374d2b0a435 > 2) > https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202 > 3) > https://github.com/ntop/nDPI/commit/a70fd6ed3b33d9e2c89fe35c96102c156d39f1f9 > 4) > https://github.com/ntop/nDPI/commit/c120cca66272646c4277d71fa769d020b1026b28 Where you looking at the dev branch or the 3.2-stable branch? > but there's a large number of other memory-safety commits, so a snapshot may > be more appropriate if the reverse dependencies still build. Yes, it is starting to look like that, indeed.
(In reply to Aaron Bauman from comment #8) > and you simply replied with an issue regarding API's. Yes, upstream development has great trouble declaring stable APIs and doing their work in their stead cost me many hours. When you see mention of "issues with APIs" you should generally think "API breakage" and fear the worst.
Can we get a mask on this? I quite dislike a situation where a user runs a software vulnerable to RCE without knowing it.
(In reply to Jeroen Roovers from comment #13) > (In reply to Sam James (sec padawan) from comment #12) > > I think we need this, actually: > > 1) > > https://github.com/ntop/nDPI/commit/3bbb0cd3296023f6f922c71d21a1c374d2b0a435 > > 2) > > https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202 > > 3) > > https://github.com/ntop/nDPI/commit/a70fd6ed3b33d9e2c89fe35c96102c156d39f1f9 > > 4) > > https://github.com/ntop/nDPI/commit/c120cca66272646c4277d71fa769d020b1026b28 > > Where you looking at the dev branch or the 3.2-stable branch? > Sorry, yes, it's from dev. Bleh. (In reply to John Helmert III (ajak) from comment #15) > Can we get a mask on this? I quite dislike a situation where a user runs a > software vulnerable to RCE without knowing it. I'm going to do this unless there's a good reason not to. It's not with a view to removal, but I think it's fair so users can be aware of the risk. With regard to what you should do, Jer, I don't have any great suggestions here. This is a horrible situation because of the breakages on the reverse dependencies with so many of upstream's changes, so a snapshot isn't feasible. :/ So, my inclination is: mask + wait.
CVE-2020-15476 (https://nvd.nist.gov/vuln/detail/CVE-2020-15476): In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c. CVE-2020-15475 (https://nvd.nist.gov/vuln/detail/CVE-2020-15475): In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free. CVE-2020-15474 (https://nvd.nist.gov/vuln/detail/CVE-2020-15474): In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c. CVE-2020-15473 (https://nvd.nist.gov/vuln/detail/CVE-2020-15473): In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c. CVE-2020-15472 (https://nvd.nist.gov/vuln/detail/CVE-2020-15472): In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short. CVE-2020-15471 (https://nvd.nist.gov/vuln/detail/CVE-2020-15471): In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ac40f1280724fe6d38d3fdb53539a91975cfd23 commit 4ac40f1280724fe6d38d3fdb53539a91975cfd23 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-20 21:51:49 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-20 21:51:49 +0000 profiles/package.mask: security mask net-libs/nDPI (+ reverse deps) Mask net-libs/nDPI and its reverse dependencies (ntopng, pmacct) unless / until a sustainable fix is found for the multiple serious vulnerabilities reported in nDPI. Upstream have an unstable API which often breaks reverse deps, making applying patches an unworkable solution for now. There is no fixed release upstream, nor is there a clear timeline for one being published. This bug has been open for a significant amount of time, and this mask is not with a view to removal, but to ensure users are aware of the risks of using this package. Bug: https://bugs.gentoo.org/719084 Signed-off-by: Sam James <sam@gentoo.org> profiles/package.mask | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
(In reply to Larry the Git Cow from comment #18) > The bug has been referenced in the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=4ac40f1280724fe6d38d3fdb53539a91975cfd23 > > commit 4ac40f1280724fe6d38d3fdb53539a91975cfd23 > Author: Sam James <sam@gentoo.org> > AuthorDate: 2020-07-20 21:51:49 +0000 > Commit: Sam James <sam@gentoo.org> > CommitDate: 2020-07-20 21:51:49 +0000 > > profiles/package.mask: security mask net-libs/nDPI (+ reverse deps) > > Mask net-libs/nDPI and its reverse dependencies (ntopng, pmacct) > unless / until a sustainable fix is found for the multiple > serious vulnerabilities reported in nDPI. > > Upstream have an unstable API which often breaks reverse > deps, making applying patches an unworkable solution for now. > > There is no fixed release upstream, nor is there a clear > timeline for one being published. > > This bug has been open for a significant amount of time, > and this mask is not with a view to removal, but to > ensure users are aware of the risks of using this package. > > Bug: https://bugs.gentoo.org/719084 > Signed-off-by: Sam James <sam@gentoo.org> > > profiles/package.mask | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) Why did you mask pmacct? Its nDPI dependency is optional.
(In reply to Sam James from comment #16) > (In reply to Jeroen Roovers from comment #13) > > (In reply to Sam James (sec padawan) from comment #12) > > > I think we need this, actually: > > > 1) > > > https://github.com/ntop/nDPI/commit/3bbb0cd3296023f6f922c71d21a1c374d2b0a435 > > > 2) > > > https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202 > > > 3) > > > https://github.com/ntop/nDPI/commit/a70fd6ed3b33d9e2c89fe35c96102c156d39f1f9 > > > 4) > > > https://github.com/ntop/nDPI/commit/c120cca66272646c4277d71fa769d020b1026b28 > > > > Where you looking at the dev branch or the 3.2-stable branch? > > > > Sorry, yes, it's from dev. Bleh. I added those in 3.2-r1 but you seem to have ignored that in your review. I still don't see any correlation between the eight(!) CVEs and any commits or releases that purport to fix those. > With regard to what you should do, Jer, I don't have any great suggestions > here. This is a horrible situation because of the breakages on the reverse > dependencies with so many of upstream's changes, so a snapshot isn't > feasible. :/ It isn't feasible? You say this after 3.2-r1 was committed. Not sure whether that should have been expressly mentioned here or whether it should be regarded as due diligence to check commits relevant to bug reports before masking packages.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c02681fcb7839ac1829ec09394334ddbca1b0aea commit c02681fcb7839ac1829ec09394334ddbca1b0aea Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-07-22 07:21:32 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-07-22 07:22:17 +0000 net-libs/nDPI: Add fix for oob in kerberos dissector Package-Manager: Portage-3.0.0, Repoman-2.3.23 Bug: https://bugs.gentoo.org/719084 Signed-off-by: Jeroen Roovers <jer@gentoo.org> ...PI-3.2-0005-Fix-oob-in-kerberos-dissector.patch | 23 ++++++++ net-libs/nDPI/nDPI-3.2-r2.ebuild | 65 ++++++++++++++++++++++ 2 files changed, 88 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=75f0ee948825fc1dd8060a4480a0dd5872424313 commit 75f0ee948825fc1dd8060a4480a0dd5872424313 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-11-04 07:09:03 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-05 14:08:01 +0000 net-libs/nDPI: bump to 3.4 Bug: https://bugs.gentoo.org/719084 Package-Manager: Portage-3.0.9, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Signed-off-by: Sam James <sam@gentoo.org> net-libs/nDPI/Manifest | 1 + .../nDPI-3.4-fix-oob-in-kerberos-dissector.patch | 16 ++++++ net-libs/nDPI/nDPI-3.4.ebuild | 63 ++++++++++++++++++++++ 3 files changed, 80 insertions(+)
(In reply to GLSAMaker/CVETool Bot from comment #17) > CVE-2020-15476 (https://nvd.nist.gov/vuln/detail/CVE-2020-15476): > In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer > over-read in ndpi_search_oracle in lib/protocols/oracle.c. Patch included in 3.4: https://github.com/ntop/nDPI/commit/b69177be2fbe01c2442239a61832c44e40136c05 > CVE-2020-15475 (https://nvd.nist.gov/vuln/detail/CVE-2020-15475): > In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits > certain reinitialization, leading to a use-after-free. Patch included in 3.4: https://github.com/ntop/nDPI/commit/6a9f5e4f7c3fd5ddab3e6727b071904d76773952 > CVE-2020-15474 (https://nvd.nist.gov/vuln/detail/CVE-2020-15474): > In nDPI through 3.2, there is a stack overflow in extractRDNSequence in > lib/protocols/tls.c. Patch included in 3.4: https://github.com/ntop/nDPI/commit/23594f036536468072198a57c59b6e9d63caf6ce > CVE-2020-15473 (https://nvd.nist.gov/vuln/detail/CVE-2020-15473): > In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based > buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c. Included in 3.4: https://github.com/ntop/nDPI/commit/8e7b1ea7a136cc4e4aa9880072ec2d69900a825e > CVE-2020-15472 (https://nvd.nist.gov/vuln/detail/CVE-2020-15472): > In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based > buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as > demonstrated by a payload packet length that is too short. In 3.4: https://github.com/ntop/nDPI/commit/b7e666e465f138ae48ab81976726e67deed12701 > CVE-2020-15471 (https://nvd.nist.gov/vuln/detail/CVE-2020-15471): > In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based > buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c. In 3.4: https://github.com/ntop/nDPI/commit/61066fb106efa6d3d95b67e47b662de208b2b622 So, we should be good to cleanup and unmask here.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19d49e3700780ece993de9f0a7e418aa09d3a47f commit 19d49e3700780ece993de9f0a7e418aa09d3a47f Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-04-06 17:30:36 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-04-07 15:31:40 +0000 net-analyzer/ntopng: bump to 4.2 Bug: https://bugs.gentoo.org/719084 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: John Helmert III <ajak@gentoo.org> net-analyzer/ntopng/Manifest | 1 + .../ntopng/files/ntopng-4.2-PKG_CONFIG.patch | 129 +++++++++++++++++++++ .../ntopng/files/ntopng-4.2-mysqltool.patch | 19 +++ net-analyzer/ntopng/files/ntopng-4.2-nogit.patch | 44 +++++++ .../ntopng/files/ntopng-4.2-parallel-make.patch | 16 +++ net-analyzer/ntopng/ntopng-4.2.ebuild | 94 +++++++++++++++ 6 files changed, 303 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd3045ac30f53fd1d0330c6e46d581befefd9bc1 commit fd3045ac30f53fd1d0330c6e46d581befefd9bc1 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-04-13 13:09:19 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-04-13 13:13:47 +0000 package.mask: unmask net-libs/nDPI and friends The lua note is long obsolete (see the mentioned bug), and net-analyzer/pmacct, net-analyzer/ntopng, and net-libs/nDPI are all on their latest versions and have been cleaned up. Finally safe to drop this mask. Bug: https://bugs.gentoo.org/719084 Signed-off-by: John Helmert III <ajak@gentoo.org> profiles/package.mask | 16 ---------------- 1 file changed, 16 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9903b049920436006ca14c2b37ddde88e9ff55ca commit 9903b049920436006ca14c2b37ddde88e9ff55ca Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-04-13 12:51:43 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-04-13 12:51:43 +0000 net-libs/nDPI: security cleanup (drop <3.4) Bug: https://bugs.gentoo.org/719084 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: John Helmert III <ajak@gentoo.org> net-libs/nDPI/Manifest | 2 - ...L-strings-in-ndpi_serialize_string_string.patch | 23 --- ...3.2-0001-Added-fix-for-serialization-loop.patch | 28 --- ...02-Refresh-of-ndpi_netbios_name_interpret.patch | 74 -------- .../nDPI-3.2-0003-Fixed-invalid-allocation.patch | 22 --- ...ings-where-the-first-element-is-a-zero-le.patch | 208 --------------------- ...PI-3.2-0005-Fix-oob-in-kerberos-dissector.patch | 23 --- net-libs/nDPI/nDPI-3.0-r1.ebuild | 46 ----- net-libs/nDPI/nDPI-3.0-r2.ebuild | 53 ------ net-libs/nDPI/nDPI-3.2-r1.ebuild | 64 ------- net-libs/nDPI/nDPI-3.2-r2.ebuild | 65 ------- 11 files changed, 608 deletions(-)
Finally all done! \o/
(In reply to John Helmert III from comment #26) > Finally all done! \o/ Excellent work and thank you for seeing this through!
