Accepted mtr 0.63-1.1ubuntu2 (source)
Martin Pitt
martin.pitt at canonical.com
Sun Dec 12 14:20:02 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 12 Dec 2004 21:10:48 +0100
Source: mtr
Binary: mtr-tiny mtr
Architecture: source
Version: 0.63-1.1ubuntu2
Distribution: hoary
Urgency: low
Maintainer: Robert Woodcock <rcw at debian.org>
Changed-By: Martin Pitt <martin.pitt at canonical.com>
Description:
mtr - Full screen ncurses and X11 traceroute tool
mtr-tiny - Full screen ncurses traceroute tool
Changes:
mtr (0.63-1.1ubuntu2) hoary; urgency=low
.
* SECURITY UPDATE: fix potential local spoofing of ICMP packages
* curses.c: fix off-by-one errors on string buffer writing, which did not
leave space for the terminating zero. mtr drops its root privileges after
opening the raw socket, so this vulnerability only allows to hijack the
raw socket, but no root privilege escalation.
* References:
http://www.securityfocus.com/archive/1/384077
http://bugs.debian.org/285228
Files:
557cd4a20f04b92081a648ac26afbc92 603 net standard mtr_0.63-1.1ubuntu2.dsc
3c10b1bb89c5bee384e6cdd45ed98479 142491 net standard mtr_0.63-1.1ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBvKdfDecnbV4Fd/IRAtLVAJ9LRWlVxzmi3oM5Ebpua2A5V02LGQCg97rw
NozEBZyI6WgXWC+cgsrSKr8=
=Z0Y8
-----END PGP SIGNATURE-----
Accepted:
mtr_0.63-1.1ubuntu2.diff.gz
to pool/main/m/mtr/mtr_0.63-1.1ubuntu2.diff.gz
mtr_0.63-1.1ubuntu2.dsc
to pool/main/m/mtr/mtr_0.63-1.1ubuntu2.dsc
More information about the hoary-changes
mailing list